Security Officer Manager
Resume:
CARY DEAVER
+1-254-***-**** adawcw@r.postjobfree.com
A highly analytical and results-driven Information Security Analyst with broad-based experience in Information Systems Auditing, Vulnerability.
● A goal-oriented and conscientious with strong multi-tasking abilities in a competitive, multi-faceted and fast-paced environment;
● Confident, dependable and dedicated to operational excellence;
● Loyal with uncompromising ethics/character;
● Called by management to handle high-pressure situations and deliver quality work on time and budget.
Security Analysts II
AWARDS, RECOGNITIONS, and NOTABLE ACCOMPLISHMENTS
Nominated for the Employee of the Year Award in 2009 by PDX-NHS management for displaying remarkable management skills;
Implemented and automated a full Qualys application to manage vulnerabilities for the entire organization; automated all scans and reports generation; Set up Policy compliance module for HIPAA, NIST 800 & CIS scans;
Innovated and developed the company's Internal Auditing Program implementing ISACAs control self-assessments using risk scenarios;
Wrote security software testing procedures based on Open Web Application Security Project (OWASP) leading to future DevSecOps implementation development;
Facilitated training of all newly hired employees on UNIX operating systems;
Google hacked the company's major domain to evaluate vulnerabilities; discovered a weakness and reported findings to CISO; received pay increase;
Met customer deadlines to ensure all service-level agreement (SLAs) are met.
IT Recruiters, Talent Acquisition Specialists, cybersecurity HR Managers, Hiring Managers, Enterprise IT Solution VPs, CALL ME +1-254-***-**** or EMAIL deav @ earhlink.net to discuss full-time employment or consulting opportunities.
Professional skills
QUALYS
NESSUS
CONTROL SELF-ASSESSMENT
AUDITING
GOOGLE HACKING
RECONNAISSANCE
VULNERABILITY MANAGEMENT
OWASP testing
Valiant Solutions - May 2018 - present
Job title: Regional Information Systems Security Officer
Dallas/Fort Worth
Audit tickets against the Government Service Administration (GSA) Credential & Identity Management System;
Track lost or stolen GSA assets to ensure all required information has been entered in before closing the ticket;
Entrusted by the Disaster Recovery Manager with the BUSINESS IMPACT ASSESSMENT (BIA) for all systems within the GSA universe;
Track noncompliance users for the password change policy by creating a deletion list for those that are > 90 days old;
Track noncompliance users that have not completed mandatory training and disable those that have not provided certification;
Reviewing System Security Plans
Telos - September 2016 – May 2018
Job title: Regional Information Systems Security Officer
Dallas/Fort Worth
Audit tickets against the Government Service Administration (GSA) Credential & Identity Management System;
Track lost or stolen GSA assets to ensure all required information has been entered in before closing the ticket;
Entrusted by the Disaster Recovery Manager with the BUSINESS IMPACT ASSESSMENT (BIA) for all systems within the GSA universe;
Track noncompliance users for the password change policy by creating a deletion list for those that are > 90 days old;
Track noncompliance users that have not completed mandatory training and disable those that have not provided certification;
PDX-NATIONAL HEALTH SYSTEMS (NHS) - WHITE SETTLEMENT, TX
Security Analysts II - August 2012 - September 2016
● Prepared schedules, established processes handled asset discovery, completed vulnerability reports, and providing innovative solutions to resolve issues;
● Oversaw the configuration of the policy compliance scans to drive its future implementation. Conducted extensive review of results and delivered an informative presentation to product owners for remediation;
● Handled information gathering/reconnaissance through Google and other hacking tools to pen-test internal assets;
● Innovated and developed the company's Internal Auditing Program implementing ISACAs control self-assessments using risk scenarios;
● Google hacked into the company's major domain to evaluate vulnerabilities; discovered a weakness and reported findings to CIO; received pay increase;
PDX-NATIONAL HEALTH SYSTEMS (NHS) - WHITE SETTLEMENT, TX:
Job title: PDX Operations – Computer Operator 1994–2014
● Trained new employees on the basics of Unix;
● Provided high-level technical support and managed sensitive data transfers to pharmacy systems for multiple chains with 10,000+ stores, with some of the largest retailers in the USA;
● Provided expert oversight to mission-critical data updates for the customer s
● Nominated for "Employee of the Year" by the management at PDX-NHS in 2009;
● Honored as "Employee of the Year" in 1995 in recognition of exemplary performance, dedication, and efficiency;
● Met customer deadlines to ensure all service-level agreement (SLAs) was met;
EDUCATION
BACHELOR OF SCIENCE IN INFORMATION SYSTEMS SECURITY, GPA: 3.76: 2012
ITT Technical Institute, Arlington, TX
Graduated with honors
National Technical Honor Society (NTHS), The National Society of Leadership and Success, Cambridge Who’s Who, and Academic President Scholarship
ASSOCIATE OF APPLIED SCIENCE IN COMPUTER NETWORKING: 2010
ITT Technical Institute, Arlington TX
Graduated with honors
ASSOCIATE OF APPLIED SCIENCE IN ELECTRONIC ENGINEERING TECHNICIAN
ITT Technical Institute, Arlington TX
PROFESSIONAL DEVELOPMENT
ISACA Certified Information Systems Auditor (CISA) Certification 16131807
IACRB Certified Cyber Threat Hunting Professional (CCTHP)
Partners in Leadership Accountability Training based on The Oz Principle
PROFESSIONAL AFFILIATION
Information Systems Audit and Control Association (ISACA)
Information Assurance Certification Review Board (IACRB)
COMMUNITY INVOLVEMENT
Serve as an active volunteer to Hood County and perform auditing to their infrastructure
Red Hat Enterprise Linux (RHEL) Red Hat Fedora Windows Operating System Windows Server 2003 Qualys AIX Xenix UNIX LAN/WAN Cisco HTML SQL Microsoft Office Suite LogRhythm LightCyber Service Now NetIQ Kali Linux NetIQ RiskIO
Contact this candidate