Post Job Free
Sign in

IT Security Audit and Compliance Officer

Location:
Spotsylvania County, VA
Salary:
Open
Posted:
October 25, 2020

Contact this candidate

Resume:

ERNEST BAYLIS

**** ***** ***** **** ************, VA 22553 · 202-***-****

*********@*****.*** · LinkedIn Profile Ernest Baylis

Dedicated and dependable information security and audit compliance officer with over 10 years of experience and a proven record of developing and managing information technology and security programs in a mid and large scale enterprise environment in compliance with NIST framework and ISO 27001 for the Federal Department of Justice with responsibilities for implementing a comprehensive IT Security program that includes IT Audits, Assessments and compliance using IT security tools Tenable, Splunk, ArcSight, DbProtect and CSAM

EXPERIENCE

06/07/2009 – PRESENT

IT SECURITY AUDIT AND COMPLIANCE OFFICER, FEDERAL DEPARTMENT OF JUSTICE

Experience with performing IT auditing and evaluative work of the organization, performing analytical, evaluative and planning work for government mandated IT Audits in accordance with NIST framework, compliance, vulnerability test and scans using software tools such as Tenable, Splunk, ArcSight, and CSAM.

Responsible for the identification, analysis and assessment of information risk and compliance.

Managed the work of Security Awareness, physical security, crisis management and Business continuity for the Federal Department of Justice.

Developed and managed information security program and strategies that align with business goals and protect the C.I.A of Federal assets

Experience with security software for virus scanning (DbProtect), software auditing (CSAM), identifying vulnerability (Tenable) and data management (Splunk).

Experience with NIST framework, Sarbanes-Oxley (SOX), HIPPA and ISO/IEC 27001.

Experience in Network security, performance and capacity and disaster recovery

Certified Federal FAC-Program and Project manager that ensured the effective execution of security projects and programs.

In-depth knowledge of workstation/server hardware and software troubleshooting

Analyze and monitored the network and network security.

Responsible for ZEN images and Scripting.

Responsible for implementing data access security measures by identifying, analyzing, and resolving system problems.

Experience in the Agile process as Program manager for IT security, audit and compliance program.

Implemented and assessed Azure Cloud controls for migration to the cloud.

05/15/2004 – 06/01/2008

TECHNICAL WRITER, amsec llc

Responsible for organizing material, completing technical writing assignments for Naval Engineering Program for the rebuild of Naval Carrier group by implementing changes to the Ships information book.

Develop comprehensive End-User documentation that meets organizational standards

Manage, organize, and maintain the knowledge base for accuracy, usability, search ability, and end-user experience

04/05/1993 – 12/15/2003

INTERIOR COMMUNICATIONS SPECIALIST, UNITED STATES NAVY

IC Specialist responsible for operating, coordinating and performing organizational and intermediate maintenance on physical security systems including alarms, warning and indicating systems, CCTV systems, PBX systems and fiber optics.

Advanced troubleshooting and multi-tasking skills

EDUCATION

NOVEMBER 2020

MASTER OF SCIENCE INFORMATION TECHNOLOGY, grantham university

I have completed 18 of 36 credit hours in my master’s degree program that has covered emerging technologies, data systems, networks, strategic planning and IT support in a professional setting.

MAY 2016

BACHELOR OF ARTS LIBERAL SCIENCE, excelsior college

Degree program emphasized critical analysis, effective communications skills, ethical decision making, and collaboration with diverse thinkers. With a focus in Information Technology with 9 credit hours in It Security, Networking, and Database management

CERTIFICATIONS

EC-COUNCIL CERTIFIED ETHICAL HACKER (CEH)

COMPTIA CYBERSECURITY ANALYST (CySA+)

Professional Scrum Master (PSM1)

ITILv4 FOUNDATION CERTIFICATION

FEDERAL ACQUISITION CERTIFIED PROGRAM AND PROJECT MANAGEMENT

ISACA CERTIFIED INFORMATION SECURITY MANAGER (CISM)

CERTIFIED LEAN SIX SIGMA BLACK BELT (CLSSBB)

SPLUNK FOUNDATION 1,2&3

SKILLS

Identify critical flaws in applications and systems that cyber attackers could exploit.

Conduct vulnerability assessment for networks, applications and operating systems

Conduct network security audits and scans on predetermined basis

Use automated tools (Splunk, CSAM, ArcSight, Tenable} to pinpoint vulnerabilities and reduce time-consuming task

Write and present a comprehensive Vulnerability Assessments



Contact this candidate