Cyber Security Access Management
Resume:
RONALD MITCHELL
Silver Spring, Md 202-***-**** ******@*****.***
Active DHS & DOD Top Secret SCI Clearance
PROFILE
Cyber Security Specialist offering over 14 years of solid contributions and blended background in Security Engineering and Operations, Identity and Access Management. In-depth understanding of project lifecycle, including all phases of system development. SKILLS
ITIL Methodology Access Control Models FedRAMP
Cloud Migration Identity & Access Mgmt. Zero Trust
Authentication Protocols Vulnerability Assessments SIEM
Disaster Recovery Security Risk Mgmt.
PROFESSIONAL EXPERIENCE
SDLC
SOFTEK INTL– EDISON, NJ 01/22 – Present
DHS –HSEN/Security Engineering -Security Engineer
Developed and maintained installation, configuration, and security procedures for CrowdStrike, SkyHigh (CASB) on the unclassified network as well as McAfee ePO Trellix and Splunk on classified networks.
Installed and configured ePO on specified endpoints and validated communication between endpoints and ePO and closed tickets related to endpoint communication from the SOC.
Remediated CrowdStrike tickets for whitelisting, maintenance tokens, hosts not responding and sensor upgrades.
Submitted change requests and collaborated with the SCCM and VDI teams to test and push CrowdStrike sensor upgrades throughout the enterprise.
Issued Service Now tickets to various teams within Security Engineering for Splunk account creation and issues, CrowdStrike, Tenable, Swimlane, Venafi, and SourceFire.
Provided support to ISSO’s and host owners on CrowdStrike host tagging project to remove Falcon tag and add Sensor tag to provide more detailed host status and vulnerability results. PKH ENTERPRISES– CHEVY CHASE, MD 10/20 – 01/22
DoD-OCIO-ICAM / Identity & Access Management Analyst
• Provided consulting support services to government client related to the architecture and policy of enterprise ICAM deployment.
• Led the Authorization Attribute Working Group (AAWG) to review proposed enterprise attributes from multiple DoD components and military services to enable the implementation of Attribute Based Access Control (ABAC) and Dynamic Access.
• Supported the Exception to Policy (E2P) team reviewing proposals from various DoD services proposing alternative authentication methods to the existing DoD PKI framework.
• Drafted and coordinated multiple official DoD CIO level communication leveraging the Correspondence and Task Management System (CATMS)
• Coordinated activities with DoD services, multiple US government and foreign partners to mitigate the impact of privilege escalation vulnerabilities and its’ impact to Smart Card logon. GUIDE POINT SECURITY– WASHINGTON, D.C 7/17 – 01/20 Client DHS- Customs and Border Patrol – (CBP)
Identity & Access Management Analyst
Provided Identity and Access Management system evaluation and onboarding support for the development and migration from Active Directory user management to Okta.
Assessed current environment and made continuous improvements to stay aligned with future state architecture.
Collaborated with application and infrastructure architects to provide security overlays for IAM development and deployment patterns.
Map, Configure and migrate user profiles from Azure AD to Okta production.
Developed and maintained IAM artifacts (strategy, decisions, solution design, etc.)
Setup testing environment within AWS and VMware to test user scenarios for SAML authentication and Oath authorization.
GUIDEPOINT SECURITY– WASHINGTON, D.C 11/14 – 07/17 Client DHS- Federal Emergency Management Agency (FEMA) Cyber Security Analyst
Continually reviewing adherence to various NIST, DHS and PKI policy
Implement FISMA, NIST, DHS policies and FIPS requirements for Security Authorization (SA) activities.
Led a team in the process of implementing the process of mandatory PIV card usage.
Developed and operationalize program performance metrics and reporting mechanisms in support of Identity Management Programs
Provided consulting support services to government clients related to Privileged Access Management (PAM) leveraging Centrify, CyberArk and enterprise ICAM deployment.
Provided support during the migration of IT systems leveraging AWS, VMware, and Azure cloud platforms for Office 365 and Identity Management System cloud migration. GITG LLC – WASHINGTON, D.C 01/11 – 11/14
DHS- Headquarters
SOC Analyst
Configured and monitored security solutions; (SIEM) Splunk, firewall appliances, intrusion prevention systems, data loss prevention systems, analysis and log aggregation tools for alerts.
Performed periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.
Provided first level response for security events including intrusion detection, malware infections, denial of service attacks, privileged account misuse and network breaches.
Created and maintained system documentation for security event processing. DC COMMISSION ON AFRICAN AFFAIRS– WASHINGTON, D.C 12/09– 01/11 Network Security Analyst
Responsible for submitting all monthly error logs and virus removals to management.
Worked across several platforms to detect significant network issues and breaches.
Helped to develop security protocols when the network was being outfitted for remote access.
Regularly trained network users on best ways to prevent security breaches.
Responsible for monthly reports on all network security issues and their resolutions.
Monitored and analyzed network traffic investigated, and documented security incidents. TECHNICAL SKILLS
Hardware Apple, Dell, IBM
Software/Tools IBM AppScan, HP WebInspect, Nexpose, Splunk, Nessus, HP Fortify, McAfee SECURE, McAfee Virus Scan, Enterprise, ArcSight Sourcefire, Nagios, Saint, Solarwinds, Remedy, Primavera, Xacta, CSAM, CrowdStrike, Thales, CASB Applications Google vault, G suite dashboards, Palo alto Tenable security center, Cisco, SCCM Counteract, ServiceNow, SourcFire, FireEye, Gitlab-Confluence, Okta Cloud Microsoft Azure, AWS, VMware, Google Cloud
Platforms Windows Server, Apache HTTP Server, MS Exchange Server 2019 & 2022, MS Server 2022, MS Active Directory, ADDS
Networks LAN/WAN, VPN/Remote Connectivity, Windows Server, TCP/IP Operating Systems Windows, UNIX, Linux, AIX Server EDUCATION & CERTIFICATIONS
Bachelor of Science in Technology Management / Project Management DeVry University 2013 ITIL V3 Foundations (March 2, 2012), Comp TIA Security + (August 15, 2020), Certified Ethical Hacker (CEH) (September 14, 2020), Okta Professional (December 29, 2020), Microsoft Azure Fundamentals AZ-900 (September 6, 2024), Microsoft Security, Compliance, and Identity Fundamentals SC-900 (September 28, 2024)
Contact this candidate