Post Job Free
Sign in

Information Security Manager

Location:
Aurora, CO, 80013
Posted:
July 10, 2020

Contact this candidate

Resume:

TRACY BIRTS

Aurora, CO Email: *********@*****.***

INFORMATION SECURITY PERSPECTIVE

Being a life-longer learner who is passionate about data privacy and information security, I thrive in situations that allow me to use my knowledge, experience and skills to contribute to cyber security projects. I am calm in chaotic situations and able to make assessments when things may not be obvious. I enjoy cyber security because it allows me to apply critical thinking to investigations compliance scenarios. My previous experience includes incident response investigations, data analysis and reporting, risk assessments, compliance and attestation, technical facilitation and training, curriculum development, software testing and project management.

EDUCATION & QUALIFICATIONS

Member of Mile Hi Project Management Institute, Denver Chapter, Denver, CO Member of Info Systems Security Association, Denver Chapter, Denver, CO Colorado Technical University, Denver, CO – BS – Healthcare Administration Management EC Council University, Albuquerque, NM – MS – Cyber Security (Digital Forensics) AREAS OF EXPERTISE

Consulting & Project Planning

System & Data Analysis

Program Review and Assessments

Vendor Relationship Management

Compliance and Risk Analysis

Incident Response Investigations

Reporting & Network Analysis

Quality Assurance and Process Improvements

Multiple OS Analysis (Windows, Linux, Mac, and mobile: Android, iOS) Regulatory Regimes (e.g. NIST, HIPPA, PCI, FISMA, GDPR) Analytical and problem-solving skills and the ability to think creatively BUSINESS & INFO SECURITY SKILLS

Proficient in computer software: Strong Computer Skills (Office365 & Teams), Smartsheet, ServiceNow, Salesforce, IT-Glue, QuickBooks Pro.

Proficient in computer support: Tier 1 and 2 level end user support for software and IT related issues. Operational knowledge of scripting languages: SQL, Python and PowerShell. Vulnerability Assessment: Network scanning of missing patches and outdated protocols and certificates. Network Security Analysis: Network monitoring for threats, log auditing for anomalies and IDS analysis. Pen-Testing: Identify weak security processes and weak security settings, and other vulnerabilities. Governance, Risk and Compliance: Knowledge of the changing threat landscape (advanced persistent threats and cybercrime). Knowledge of monitoring various US-CERT threat portals and other credible sources for cyber threat information. Knowledge of IT regulation and compliance standards such as NIST 800-53, FISMA A-123, ISO 27001/27002.

INFO SECURITY TOOLS

Digital Forensics: Belkasoft Live RAM Capturer, EaseUS Data Recovery Wizard Tool, Oxygen Forensics, AccessData FTK Imager Tool, The Sleuth Kid and Passware Kit Forensics. Computer Defense: Kali Linux – Nmap, Metasploit, Nessus), Wireshark, Cain & Abel, and Burp Suite. TRACY BIRTS

Aurora, CO Email: *********@*****.*** Page 2

PROFESSIONAL EXPERIENCE

DaVita IT Project Mgr./Telecom Provisioning Analyst 2014 – Present Working on Team Genesis projects is challenging and a learning experience. Seeing this side of the DaVita story is teaching me more about what the operations side of the “giving life” business is all about. Drawing from my previous work experience, I successfully complete my portion of the construction projects I contribute to. I support six construction program managers in the opening of new medical facilities by meeting my deadlines. This includes ordering and coordinating the installation of the phone lines, data/internet circuits and television service for the clinic and its patients. My work also includes managing any unforeseen issues that arise. I make good use of my time with the vendor relations, billing reconciliation and task completion for each project. I manage 18 to 25 projects at any given time. My business acumen, professionalism and negotiating and soft skills ensure my outcomes.

Manage provisioning portion of Team Genesis projects by ordering telecom, data and television services for DeNovos, expansions, acquisitions, and renovations throughout North American.

Maintain stellar customer relations with vendors, architects and general contractors that provide services and construction fulfillment to my managed projects.

Provide IT support to facilities by providing Tier 2 support on all telecom, data and TV service-related issues by working assigned tickets opened through ServiceNow through the help desk.

Successfully manage various assigned projects by tracking and completing tasks, reporting progress and updating statuses in a timely manner.

Pathfinder Systems Inc. Technical Trainer & Writer 2014 (4mo) This locally small business is one that offered me a deeper exposure to dealing with international clients. I was hired to do one thing but in a small business you must wear many hats. Being able to juggle competing tasks is not something I shy away from. My clients were mainly members of the military with extensive service to their designated departments of defense; both domestic and international. Although my primary tasks were to perform technical writing and technical facilitation on the weapons simulation systems, the role morphed into so much more. I found each day to be busy and exciting as I was able to work on special projects alongside the CFO, the owners as well as the highly skilled and highly educated aeronautic engineers.

Wrote training materials for domestic and international clients for customized weapons simulation training systems. Delivered training to military personnel on simulated weapons software.

Wrote and co-authored RFP presentations for submitted bids to government projects.

Worked with aerospace engineers, mechanical engineers and electrical engineers in creating curriculum about the weapons training for specific defense clients.

Wrote test procedures, implementation guides and training curriculum for software for weapons-based simulator training. (This was flight simulated software created by aerospace and mechanical engineers.) Onsite Consulting Self-Employed / Business Manager 2010 - 2013 My strong business skills and technical knowledge allowed me to work as an independent consultant for a Denver based computer repair company. The owner hired me to run his business while he and his family were on vacation. The owner is very cautious and enjoys controlling every aspect of his business, so relinquishing control at that time was extremely hard for him. I saw this as an opportunity to prove that I am competent, capable and trustworthy to run his business as though it were my own. Over the course of the first few days he was able to relax and enjoy his vacation because he realized his business was in great hands. We laugh about this today.

Designed and implemented business policies by writing operating procedures; measuring results against previous standards; analyzing outcomes and executed necessary adjustments.

Managed all aspects of accounts payable, accounts receivable, creating invoices, billing, check and credit card processing, and bank reconciliations.

Managed special projects as assigned and performed tutoring and client software training. TRACY BIRTS

Aurora, CO Email: *********@*****.*** Page 3

PROFESSIONAL EXPERIENCE - CONTINUED

The Newberry Group Incident Response Manager 2007 – 2008 As a contractor, I worked in the Cyber Security Division of the USDA. Originally hired to do network investigations on security incidents, my role quickly morphed into the Incident Response Manager because we had a CEO that took incident occurrences seriously and the agency had a rising numbers of incidents. I went from investigating to reporting because this CEO wanted detailed reporting of incident’s numbers and trends. Since there was no formal reporting too at that time, I became the reporting tool because of my knack for numbers and analytical data. As a Network Analyst/Investigator

Performed oversight as second line notification of network incidents. (Removing and denying network access and canceling services as needed.).

Provided formal responses of information security incidents. (Filing mitigation reports and corrective actions taken by the “offender”.).

Worked with other NITC (National Info Tech Ctr) IS staff on network outages and identifying hardware that may have been considered compromised network assets. (Computers, laptops, cell phones, mobile devices, etc.).

Assisted in any audits by providing documentation and reports.

Collaborated with compliance officials, agency management and any outside agencies to manage vulnerabilities and exposures.

Assisted in updating and publishing (internally) security control documentation as it pertained to updates that affected PPI, network security and agency assets. (We used NIST guidelines.). As the Incident Response Manager

Managed a small staff of analysts/investigators who managed content filtering, firewalls, IPS/IDS, end protection, and one analyst doing CEH; Penetration testing. (I hired a guy that had done white-hat in the Navy.).

Participated in annual end user security awareness training; assisted in creating documentation and training schedules.

Assisted in implementing security policies (for reporting, mitigation from risks/vulnerabilities and compliance) for the division and stayed current using NIST guidelines.

Supported security escalation procedures and monitored anomalies to security controls.

Created, maintained and conducted security reporting for all incidents being tracked by the division by creating daily, monthly, quarterly and annual reports.

This role required 75% being spent IS on reporting.

Participated in annual, semi-annual and quarterly security audits performed by OIG and internal oversight (OCIO); Office of Chief Info Officer.

Participated with limitation on internal investigations being performed by other agencies (FBI, NSA or Secret Service) as I was a contractor.

Participated in annual Federal Information Security Management Act (FISMA) audits.

Implemented and administered reporting proficiencies that increased reporting capabilities by 50%.

Participated in compliance reviews of certification and accreditation documentation reviews. VOLUNTEER WORK & COMMUNITY INVOLVEMENT

2019 – Association of Volunteers at Children’s Hospital, Aurora, CO. 2016 – 2019 – Board of Directors at The Gathering Place, Denver, CO – Served as Executive Treasurer 2018 thru 2019, Chair of the Resource Development Committee and Chair of the Finance and Audit Committee and Chair of the Assessment Committee.



Contact this candidate