Senior Information Security Engineer
Resume:
M.S., Information Technology
Cybersecurity Focus
Thomas Edison State University
B.A., Communication Studies
Richard Stockton University
A.S., Electronic Systems
Technology
Community College of the Air Force
2014 - 2015
• Information Technology professional with 15 years of experience in interdisciplinary telecommunication systems with past 6 years focused in the practice of cybersecurity across multiple industries and operating environments
• Vehemently dedicated to evaluating, analyzing and improving an organization's information security program to reduce attack surface areas, create cyber resiliency and strengthen the security posture of a firm throughout the implementation of foundational and emerging security principles.
• Passionate about shifting an organization's security culture by empowering human firewalls through awareness, training and education. Philadelphia, PA
Relocating to San Diego, CA
adb4iw@r.postjobfree.com
Linkedin.com/in/rebecca-fricker
Senior Information Security Engineer // Brandywine Global Investment Management Group December 2018 - February 2020
• Orchestrated firm's Vulnerability Management Program by delegating the remediation of backlogged and newly published vulnerabilities to network, compute, and end user teams that encompassed all internally managed and cloud hosted systems within appropriate Service Level Agreement (SLA) timelines.
• Owned end-to-end delivery of technology projects such as Privileged Access Management, Single Sign On, Multi-Factor Authentication, Cloud Security Tools (CASB, CSPM, CWPP, CI/CD Integrations) and Secure System Development Lifecycle (SSDLC) managing the scope, quality, research, evaluation, vendor management and delegation of task work to team members to completion by management imposed deadlines.
• Drastically improved the security posture of information systems by implementing CIS Compliance Benchmarks and consistently reduced failure rates of checks by 15% - 20% each quarter.
• Coordinated the execution of vulnerability scans and penetration testing from third party vendors on enterprise network assets followed by facilitating the remediation of all identified improvement areas to include the implementation of proposed security controls, technology, processes and procedures.
• Identified technical and procedural security gaps and defined security requirements and controls for technology solutions across a hybrid of operating environments (e.g., traditional on-premises, data centers, PaaS, SaaS and IaaS).
• Monitored reports, dashboards and communications from security systems to identify potential security events and investigated any suspected information security incidents and/or breaches to the event's closure.
• Analyzed relevant and current attack and incident trends, breaches, technologies and methodologies to include the dissemination of timely and applicable communications to the organization.
• Assessed emerging technologies against existing security architecture to identify areas of improvement, overlap with existing solutions, extend current capabilities of security tool portfolio and contributed program objectives to the Infrastructure and Security roadmap.
• Managed, monitored, and engineered the firm's portfolio of information security tools, systems, services, and vendors to add protections and defense for the firm's infrastructure, systems and data.
• Provided guidance and direction on best practices for the protection of data in alignment with company data classification procedures.
• Mentored other members of the IT Department and the firm to help better understand the relationship between their roles and responsibilities and the success of the firm by raising awareness of security principles and methodologies.
• Influenced and led the first Cybersecurity Awareness Month that included informative and interactive presentations, panels, guest speakers, communications and security challenges to improve the firm's security culture and Security Awareness and Training Education.
• Advocated for industry information sharing and continuous professional development by actively participating in organizations such as ISSA, Infragard, CISO Executive Network, CISO Inner Circle, Cloud Security Alliance, Brandywine Young Professional Network, Philadelphia Women and Cyber Security and Women Hackerz.
• ACAS
• AFEMS
• AWS
• CIS Benchmarks
• Cisco Firepower
• Cloud Security Tools (CASB,
CSPM, CWPP)
• Cylance
• Dell SecureWorks
• DUO
• GDPR
• IBM Big Fix
• ISO 27001 Controls
• Mimecast
• McAfee ePo
• NIST SP 800-53 Series
• Okta
• OneDrive
• O365
• Palo Alto Panaroma
• Red Cloak
• Remedy
• SIEM
• Slack
• Tenable Nessus
• Thycotic
• Varonis
• Vectra Cognito
• VMWare Carbon Black
• Webex
• Windows Server 2012, 2016, 2019
• Windows 10
• Zoom
Installation Spectrum Manager // NJ Air National Guard 177th Fighter Wing August 2015 – April 2019
• Reviewed, analyzed, and resolved complex technical problems involving system compatibility, both installation-wide and external interoperability, circuits, switches, distribution, satellite linkages, and networking to provide unbroken frequency support and vital communication links for fighter jets and ground operations.
• Facilitated customer frequency requirements for UHF, VHF, and SATCOM while maintaining consistent frequency support and updating the Federal Reserve Regulatory Service (FRRS) Central Data Repository for the wing and geographically separated units.
• Resolved electromagnetic interference reports utilizing troubleshooting experience and knowledge of spread spectrum bandwidths.
RF Transmission Systems Specialist // NJ Air National Guard 177th Fighter Wing September 2005 – April 2019
• Implemented base-wide Personal Wireless Communication Systems program through the creation and deliverance of customer training instruction, reconciliation of annual inventories, and management of assets in the Air Force Equipment Management System and additional databases.
• Improved radio systems procedures in order to fulfill compliance requirements as dictated by Air Force Instructions and manuals.
• Deployed, sustained, troubleshot, and repaired standard frequency wireless, line-of- sight, wideband, ground-based satellite, and encryption transmission devices and intrusion detection systems in fixed and deployed environments. Network Security Engineer // Cooper University Health Care September 2016 - December 2018
2019 Launched firm's first Cybersecurity
Awareness Month
2018 Formal recognition from external
audit firm, Baker Tilly
2016 Active member of CISO Executive
Network Philadelphia Chapter
2015 Security+ Certificate
2015 Formal recognition from ANG
Inspection Team on Spectrum
Management Program
2014 Obtained Top Secret DoD Security
Clearance
2014 President of Airman's Council
2013 Superior Performer during Unit
Compliance Inspection
2013 Air Force Commendation Medal
2011 Airman of the Quarter
2011 Air Force Achievement Award
2009 Founder and President of Richard
Stockton Veterans Organization
2005 Obtained Secret DoD Security
Clearance
2005 Awarded Congressional Nomination
Available on Request
Teo Nedev
Brandywine Global Investment
Management
Senior Cloud Engineer
Stephanie Bachovin
Brandywine Global Investment
Management
Senior IT GRC Analyst
Angela Hennessey
Brandywine Global Investment
Management
Vice Presient of GRC
Eric Spangler
Brandywine Global Investment
Management
Privacy Officer
Joe Collins
Cooper University Health Care
Chief Technology Officer
Rob Riveria
Cooper University Health Care
Senior Security Engineer
Nick Falone
UPenn
Chief Information Security Officer
Dan Reddy
Professor and Security Consultant for
Defense Analyses
• Spearheaded the creation of the organization's information security program governance as recommended by NIST and HIPAA regulations to provide a secure network while maintaining the confidentiality, integrity and availability of information systems.
• Developed, implemented, conducted and managed the procedure of medical device and software risk technical evaluations.
• Oversaw department's vulnerability management program by routinely scanning network traffic, responding to alerts, performing incident response procedures, applying firewall rules, patch management, configuration management, and conducting mitigation efforts through all applicable networking and compute teams.
• Facilitated internal and external audits by retrieving evidence and documentation for the organization while providing solutions to open items in order to close vulnerability gaps in the security program.
• Innovated system hardening and vulnerability detection by utilizing tools from various software platforms to provide solutions for the most secure posture with consideration of company available resources.
• Partnered with Compliance and Privacy Offices for close collaboration of annual enterprise Risk Assessments and all functional elements of the Risk Management Program. Installation Security Systems Manager // NJ Air National Guard 177th Fighter Wing July 2014 - September 2016
• Managed, destroyed, inventoried, and procured customer keying material and Controlled Cryptographic Item Equipment (CCI) utilizing databases through all applicable federal controlling authorities.
• Conducted risk and vulnerability assessments leveraging vulnerability scans on the network and ensured all information Assurance (IA) regulations and policies were applied to pre-existing and new IT systems.
• Championed programs including Emission Security (TEMPEST), Communications Security
(COMSEC) and Computer Security (COMPUSEC) up to DoD and DISA standards and compliance.
• Established procedures into real-time reporting on all released Time Compliance Network Orders (TCNO's), Notices of new Air Force Networking Operating Instructions (NOTAM's), Mission Tasking Orders (MTO's), and Authorized Service Interruptions (ASI's) for the wing by communicating enforcement to squadrons and coordinating compliance across all applicable information systems.
Contact this candidate