Security Engineer Cyber
Resume:
Samuel V Micheal Sanders
*** ********** **, **, ********, VA 20176
571-***-****/703-***-**** email ***********@*****.***
OBJECTIVE
Dedicated Cyber Security Engineer who is always willing to fill in the team gaps.
Clearance: Top Secret
SKILLS SUMMARY
Five years experience as a System Security Engineer developing and maintaining Cyber program standards and processes.
Maintain and audit Security networks and vulnerabilities while providing solutions for issues. Track changes through XACTA.
Fifteen years as a Network Engineer providing solutions to meet customer requirements.
Eight years as a System Integrator for a critical joint disaster recovery program, while coordinating with Senior Directives and Management.
Eleven years as a Satellite Communications Engineer and Technician for voice, data and video.
SKILLS AND EXPERIENCE
Cyber Systems Engineer Technical Specialist
Peraton Chantilly VA Jan 2018 – January 2024
Develop and maintain a Cyber Security program that identifies Cyber architecture; IA requirements; IA objectives and policies; Cyber personnel; and processes and procedures in accordance with NIST Standard 800-30 and 800-53
Coordinating security measures including analysis, periodic testing, evaluation, verification, accreditation, and review of information system installations.
Ensure the development, review, endorsement, and maintenance of Information Assurance (IA) certification and accreditation documentation. Ensure that XACTA is updated as needed; Plan of Actions & Milestone (POA&M) are documented and other aspects of XACTA/Iac360 are updated.
Ensure procedures are developed and implemented in accordance with Configuration Management policies and practices for authorizing the use of software on information systems.
Using Vulnerator and Emaster to create POA&M to track STIG/vulnerability compliance
Update Quarterly STIGs for both OS and Application via the SCC tool by reviewing STIG for applicable changes.
Analyzing ACAS, Burp, X-ray, Checkmarx, and Sonar Cube scans and advise on remediating vulnerabilities
Create stories task stories within Jira
Create a Change Request using Service Now
Ensure audit trails (System logs) are reviewed periodically and audit records are archived and maintained via Splunk and ArcSight.
Maintain security compliance and mitigate vulnerabilities for the following applications --Puppet, Hadoop, Elasticsearch, Logstash, Kibana, Kubernetes, OpenShift, Jenkins, Ansible(playbooks), Python, Gitlab, Artifactory
Information System Security Officer (ISSO), Principal
Parson Inc Centreville, VA June 2013 - Jan 2018
Utilize the NIST 800-53 Controls and the RMF 7-step process to move systems, functions, and applications into existing enterprise system authorization boundary via approval of the CIO
Utilize formal policies and procedures for securing and protecting information systems such as Director of Central Intelligence Directive (DCID) 6/3, Intelligence Community Directive (ICD) 503, or NIST Special Publications 800-30/37/39/53.
Develop documentation (System Security Plans (SSPs), Security Requirements Traceability Matrices (SRTMs), Certification Test Plans (CTPs), Risk Management Matrix (RMM), Security
Test and Evaluation Plans, etc.) that support the Assessment and Authorization process
Use security evaluation tools (e.g., Nessus, Retina, and Windows Gold Disk) on classified and unclassified networks to identify points of vulnerability, and non-compliance with established IA standards and regulations, and recommend mitigation strategies.
Review technical security assessments.
Validate system security requirements definitions and analysis.
Verify security requirements.
Participate in assessment testing.
Review and approve Software Review Requests (SRRs)
Input system documentation into a central repository.
Prepare and present information assurance briefings.
Represent COMM ISSM at various security meetings.
Proactively monitor Xacta workflow and document for accuracy
Monitor Xacta activities to ensure timely completion of each task and step
The KEYW Corporation/Everest Technology Solutions
Network Engineer / System Integrator 2004-2013
Engineer communication solutions for customers through the engineering process
Created technical review and engineering orders to provide an approved solution
Perform site survey and customer visits to confirm cable requirements.
Participate in requirements Technical Exchange Meetings (TEMs) to execute the business side of customer solution
Interface with technical point of contact at customer site to refine customer network solution
Integrated old and new networks (including the hardware, software, and transport).
Acted as the Program Manager, managed people, equipment, and other resources for a high visibility on-going project.
Coordinated, facilitated, and planned meetings to ensure maximum efficiency during execution of the project.
Participated in network architecture project reviews which proved to be a great informal learning experience.
Conducted annual testing to ensure network fitness and availability when needed.
EDUCATION AND TRAINING
AWS Cloud Practitioner May 2024
Security + Certification December 2011
Titan 532L/5500 Fundamental and Asynchronous Interfaces
FORE ATM Switch Operation/Maintenance Technician
Continuing Education classes in Microsoft Office, Cloud Computing and, Internet Fundamentals.
Juno MPLS and VPNS April 2013
Cloud Computing Essentials Jul 2012
Integrating Juniper Network Firewall/IPSec VPN Products (IFVH May 2012
Attack Prevention with Juniper Networks Firewall (APJF) May 2012
Juno Routing Essential April 2012
Juno Automation (JAUT) April 2012
CCNA Bootcamp (CCNAX) April 2012
Advanced SRX (AJSEC) February 2012
SRX Firewall (JSEC) February 2012
Advanced Enterprise Switching (AJEX) January 2012
Basic Electronics & Satellite Communication Specialist September 1991
Phillips Jr. College Associate of Science Electronic Technology April 1988
Information System Management Specialist July 1988
Inventory Management Specialist November 1984
REFERENCES
Available Upon Request
Contact this candidate