Security Information

Location:

Vail, AZ

Posted:

March 22, 2021

Contact this candidate

Resume:

Jose Hernandez Arroyo, DIT, MBA, BS

787-***-**** ****.***************@*******.*** 10751 S. Fiery Dawn Ct. Vail Arizona, AZ 85641

Results-driven Veteran in Senior Cyber Security Engineer with a DoD Current Secret/SBBI,

Pending Adjunction T5-Top Secret/SCI Clearance & Honorable Discharge

Enthusiastic and highly qualified manager with over ten years of hands-on experience:

oManaging multiple large-scale daily IT operations while deploying/using VMware ESXi

oPerforming CASP & CISSP principals; Analyzing and resolving technical issues, tasks, and priorities effectively and in a timely manner

Swiftly comprehends the “big picture” and executes the boldest of organizational visions

Thrives in demanding operational environments

Superior communicator: easily interacts with executives, regulatory agencies, clients, vendors and staff

Certifications

CompTIA Security +ce, CEH, CNDA, CASP+, CISSP (Exp. Date March 2020)

Core Competencies

Information Technology

SOL, BOSS

System Security/Reliability

System/Data Architecture

Software Domain Knowledge

System Integration/Design

Storage Area Networks (SAN)

Network Attached Storage (NAS)

Testing/Troubleshooting

Team Building/Leadership

Project Management

Excellent People Skills

Analytical Skills

Superb Presentation Skills

Planning & Scheduling

Problem Solving

Business/Revenue Growth

Healthcare & Operations Management

Sales Strategies

Collaboration

Project Management

Business Administration

Conflict/Issue Resolution

Blueprint Analysis

Material & Labor Estimating

Bilingual: English/Spanish

Conversational: French & Italian

Technical Skillsets

Networking UNIX, Linux, VMware ESXi, MS Server 2012, Solaris, Active Directory

Software Applications JAMF, MS Office Suite, MS Project, MS SharePoint, Visio, Database Management System, ArcSight, Wire Shark, NetWitness 10.6.2

Programing Languages A+, C++, Java, JavaScript, HTML, T-SQL

Database Systems MS Access, MS SQL Server 2012, MySQL, ORACLE, Casper

Education and Training History

Capella University · Minneapolis, MN

D.I.T Information Assurance and Security Expected December 2022

M.S. Information Technology Expected January 2022

ECPI University · North Charleston, SC

B.S. Computer Information Science/Network Security July 2015

A.A.S. Computer Information Science/Network Security September 2014

American InterContinental University · Hoffman Estates, IL

M.B.A. Healthcare Management, 3.5/4.0 GPA July 2010

B.B.A. Healthcare & Operations Management, 3.0/4.0 GPA March 2008

A.A. Business Administration with Honors, 3.58/4.0 GPA March 2006

United States Army SGM Academy –Structure Self Development

SSD1 TO SSD4 August 2012

United States Army Signal Corps, Fort Gordon, GA

CCNA & CCENT September 2009

Information Technology Specialist September 2009

Human Resources Specialist June 2014

Jose Hernandez Arroyo, DIT, MBA, BS Page 2/10

787-***-**** ****.***************@*******.*** 10751 S. Fiery Dawn Ct. Vail Arizona, AZ 85641

Relevant Experience

Allele Consulting, LLC· Riverview, FL April 2018 – Present

Founder/CEO

Allele Consulting, LLC is an experienced and highly motivated IT professionals with a demonstrated history of success working with Small, Medium, and Enterprise Companies. Allele Consulting, LLC works with clients to improve workflows and reduce any expenses from diverse areas (DevOps Program, Cyber Security, Cloud, Virtual, Infrastructure, Data Assurance, Networking, Healthcare) in Information Technology and Healthcare by implementing cutting edge and proven solutions. Focus on delivering outstanding customer satisfaction, meeting timelines before its due date or on the its due date;

Allele Consulting, LLC focuses on On-Demand Cybersecurity Leadership to commercial and government entities to help them solve their toughest security challenges by aiding on radically reducing your organizational risk, by closing cyber security holes and helping to meet cyber security compliance needs; responsible for establishing and maintaining an enterprise and or cloud security vision, strategy, and programs to ensure information assets and technologies are appropriately protected; Allele Consulting, LLC offers a long term partnership or works with you to implement a specific project.

Experienced executive with a demonstrated history of working in the defense/government, logistics, transportation, intelligence, law enforcement, retail, legal industries. Skilled in Security Incident Response, Security Operations, Digital Forensics, Vulnerability Management, Networking, Security Architecture, NIST CSF, COBIT 2019 and Intelligence acquisition/application

SOS International LLC/NETCOM· FT.Huachuca, AZ November 2019 – March 2020

Information System Security Manager (ISSM)

Assisting other senior consultants/SCA-R, SCA-V and Circuits team with analysis package’s along with circuits; furthermore, the evaluation and with the preparation of recommendations for system improvements, optimization, development, and/or maintenance efforts in the following specialties: information systems architecture; networking; telecommunications; automation; risk management; software; life-cycle management; software development methodologies; modeling and simulation

Managing security systems such as antivirus, patches, intrusion prevention and proactive threat monitoring; Conducting performance reviews and contribute to performance feedback for all levels of staff; Monitoring regulatory compliance with enterprise security policies and educating business unit leaders and service managers on compliance efforts

Researching and developing statistical models for analysis; devise possible solutions by collaborating with product management and engineering departments; Communicating results and statistical concepts to key business leaders and making use of appropriate databases and project designs to optimize joint development efforts; Developing custom data models and algorithms; Procedure and tools use to help monitor and analyze performance and data accuracy; using a predictive modeling to enhance and optimize customer experiences, revenue generation, ad targeting, and more; Developed company A/B testing framework and test model quality

Providing direction to staff to ensure risk is minimized through the development and maintenance of information security processes

Performing Certification & Accreditation (C&A), System Assessment & Authorization (SA&A) as part of NIST SP 800-37 Risk Management Framework (RMF) system and application accreditation; Preparing Vulnerability Scanning test plans, coordinate testing, Intrusion Detection, Security Operations, Digital Forensics, Networking, Security Architecture, NIST CSF, COBIT 2019, Encryption,Vulnerability Management and conduct scans using Nessus and other scan applications; Analyzing vulnerability scan results for validation and root cause Provided Cybersecurity testing and security control validation and assessment of technical and non-technical security features implemented on a system or network in support of the DoD RMF A&A process and legacy DIACAP

Jose Hernandez Arroyo, DIT, MBA, BS Page 3/10-787-***-**** ****.***************@*******.*** 10751 S. Fiery Dawn Ct. Vail Arizona, AZ 85641

Relevant Experience Continues

Assisted diverse HQ and supported sites personnel in completing relevant documentation to support accreditation decisions; Interpreting DIACAP/RMF controls accurately with regard to system security posture, policy updates and configuration of information systems

Conducting comprehensive assessments of the management, operational, and technical security controls employed within or inherited by an IS to determine the overall effectiveness of the controls

Reviewing relevant artifacts (System Security Plans (SSP), Security Assessment Report (SAR), Privacy Impact Analysis / Assessment (PIAA), etc.) to ensure they provide accurate information to support the issuance of an accreditation decision

Working with A&A team members and government customer to resolve issues while performing other associated tasks in parallel ensuring the forward movement of an accreditation package

Working knowledge of A&A package electronic staffing tools (Telos XACTA or AFRL eMAAS)

Performing security system event analysis, investigation, and validation; providing incident response to classification spills, malware infection, misconfiguration exposure, internal inappropriate behavior and technical issue

Participating in Lifecycle Management (LCM) Technical Change Control Boards (TCCB) providing technical guidance for security control compliance

Performing Security Technical Implementation Guide (STIG) and Federal Information Security Management Act (FISMA) assessments and annual reporting; Performing Security control assessments as part of Continuous Monitoring NIST SP 800-53 V4 compliance sustainment for application, infrastructure, and network

Task, track and mitigate Plan of Action & Milestones (POA&M) vulnerability scan and security assessment findings requiring mitigation; Privileged User Account Management and Role Based Access assignment; Designed, built and coordinate an automated build & release CI/CD process using Gitlab, Jenkins and Puppet on hybrid IT infrastructure; Coordinate/assist developers with establishing and applying appropriate branching, labeling /naming conventions using GIT source control; Branching, Merging, Release Activities on Version Control Tool GIT

Privacy Threshold Assessment (PTA) and Privacy Impact Assessment (PIA) as part of Personal Identifiable Information (PII) Management; As a hands-on technical specialist, handle complex and detailed technical work necessary to establish and maintain secure cloud (AWS & Azure) & data center security

Maintaining Change Management Plans (CMP), Incident Response Plans (IRP) Information System Contingency Plans (ISCP), and System Security Plans (SSP); Preparing and conducting training, exercises, and functional testing of IRP and ISCP

Assisting with the development of IA policies and procedures as required; Created and provided updates customer facing metrics and presentations designed to provide situational awareness of status of A&A packages and products; Prepared and evaluated activity reports for areas of concern and presents to management

Global Dimensions Solutions LLC/NETCOM· FT.Huachuca, AZ March 2019 – November 2019

Network Security Engineer Manager/ISSO

Performed Pre-JRSS Network Baseline, in-depth network analysis, packet captures on OptiView XG device, network path analysis, and network discovery of sites before migration to JRSS. Assisting other senior consultants with analysis and evaluation of capture data with the preparation of recommendations for system improvements, optimization, development, and/or maintenance efforts in the following specialties: information systems architecture; networking; telecommunications; automation; risk management; software; life-cycle management; software development methodologies; modeling and simulation

Jose Hernandez Arroyo, DIT, MBA, BS Page 4/10-787-***-**** ****.***************@*******.*** 10751 S. Fiery Dawn Ct. Vail Arizona, AZ 85641

Relevant Experience Continues

Prepared and/or ensured that appropriate network documentation exists, including operational instructions; Provided regular monitoring and network analysis regarding short-and long-range planning for in-house systems; Coordinating third-party maintenance for network equipment, Preparing Vulnerability Scanning test plans, coordinate testing, Intrusion Detection, Security Operations, Digital Forensics, Networking, Security Architecture, NIST CSF, COBIT 2019, Encryption,Vulnerability Management

Installed and maintained cloud-based applications, systems, or associated infrastructure; Designing AWS Cloud Formation templates to create custom sized VPC, subnets, NAT to ensure successful deployment of Web applications and database templates; Initiating alarms in CloudWatch service for monitoring the server's performance, CPU Utilization, disk usage etc

Analyzed and defined business requirements to determine specifications and standards; propose and develop solutions in order to deploy and oversee implementation and integration of web-based applications, ensuring that appropriate information security standards are met in NETCOM

Maintained reports, logs, or other records of security audits. Monitor system uptime and performance, troubleshooting and resolved errors. Staying informed of emerging cloud technologies and evaluate their value to the NETCOM’s operations

Created automated pipelines in AWS CodePipeline to deploy Docker containers in AWS ECS using services like CloudFormation; Configured AWS Multi Factor Authentication in IAM to implement 2 step authentication of user's access using Google Authenticator and AWS Virtual MFA

Amazon IAM service enabled to grant permissions and resources to users. Managed roles and permissions of users with the help of AWS IAM; Integrated services like AWS Elastic Beanstalk to create a deployment pipeline

Performed Certification & Accreditation (C&A), System Assessment & Authorization (SA&A) as part of NIST SP 800-37 Risk Management Framework (RMF) system and application accreditation; Prepared Vulnerability Scanning test plans, coordinate testing, and conduct scans using Nessus, Foundstone, WebInspect, Hailstorm and other scan applications; Analyzing vulnerability scan results for validation and root cause

Developing custom data models and algorithms; Procedure and tools use to help monitor and analyze performance and data accuracy; using a predictive modeling to enhance and optimize customer experiences, revenue generation, ad targeting, and more

Provided Cybersecurity testing and security control validation and assessment of technical and non-technical security features implemented on a system or network in support of the DoD RMF A&A process and legacy DIACAP; Assisting diverse HQ and supported sites personnel in completing relevant documentation to support accreditation decisions; Interpreting DIACAP/RMF controls accurately with regard to system security posture, policy updates and configuration of information systems

Conducted comprehensive assessments of the management, operational, and technical security controls employed within or inherited by an IS to determine the overall effectiveness of the controls;

Reviewed relevant artifacts (System Security Plans (SSP), Security Assessment Report (SAR), Privacy Impact Analysis / Assessment (PIAA), etc.) to ensure they provide accurate information to support the issuance of an accreditation decision; Conducting comprehensive assessments of the management, operational, and technical security controls employed within or inherited by an IS to determine the overall effectiveness of the controls

Conducted comprehensive assessments of the management, operational, and technical security controls employed within or inherited by an IS to determine the overall effectiveness of the controls

Jose Hernandez Arroyo, DIT, MBA, BS Page 5/10-787-***-**** ****.***************@*******.*** 10751 S. Fiery Dawn Ct. Vail Arizona, AZ 85641

Relevant Experience Continues

Worked with A&A team members and government customer to resolve issues while performing other associated tasks in parallel ensuring the forward movement of an accreditation package; Working knowledge of A&A package electronic staffing tools (Telos XACTA or AFRL eMAAS)

Performed security system event analysis, investigation, and validation; providing incident response to classification spills, malware infection, misconfiguration exposure, internal inappropriate behavior and technical issue; Participating in Lifecycle Management (LCM) Technical Change Control Boards (TCCB) providing technical guidance for security control compliance

Maintaining Change Management Plans (CMP), Incident Response Plans (IRP) Information System Performed Security Technical Implementation Guide (STIG) and Federal Information Security Management Act (FISMA) assessments and annual reporting

Performed Security control assessments as part of Continuous Monitoring NIST SP 800-53 V4 compliance sustainment for application, infrastructure, and network; Task, track and mitigate Plan of Action & Milestones (POA&M) vulnerability scan and security assessment findings requiring mitigation; Privileged User Account

Management and Role Based Access assignment; Privacy Threshold Assessment (PTA) and Privacy Impact Assessment (PIA) as part of Personal Identifiable Information (PII) Management

Contingency Plans (ISCP), and System Security Plans (SSP); Preparing and conducting training, exercises, and functional testing of IRP and ISCP

Assisted with the development of IA policies and procedures as required; Creating and providing updates customer facing metrics and presentations designed to provide situational awareness of status of A&A packages and products; Providing weekly activity report to the program manager; Support additional duties in support of the J62 section as required by customer and/or program manager

C4 Planning Solutions/ SOUTHCOM· Doral, FL March 2018 – March 2019

Senior Cyber Security Engineer/ISSO/Policy Manager

Managed security systems such as antivirus, patches, intrusion prevention and proactive threat monitoring; Conducted performance reviews and contribute to performance feedback for all levels of staff; Monitoring regulatory compliance with enterprise security policies and educating business unit leaders and service managers on compliance efforts; Provided direction to staff to ensure risk is minimized through the development and maintenance of information security processes

Performed Certification & Accreditation (C&A), System Assessment & Authorization (SA&A) as part of NIST SP 800-37 Risk Management Framework (RMF) system and application accreditation; Preparing Vulnerability Scanning test plans, coordinate testing, and conduct scans using Nessus and other scan applications; Analyzing vulnerability scan results for validation and root cause

Provided Cybersecurity testing and security control validation and assessment of technical and non-technical security features implemented on a system or network in support of the DoD RMF A&A process and legacy DIACAP; Assisted diverse HQ and supported sites personnel in completing relevant documentation to support accreditation decisions; Interpreting DIACAP/RMF controls accurately with regard to system security posture, policy updates and configuration of information systems

Jose Hernandez Arroyo, DIT, MBA, BS Page 6/10-787-***-**** ****.***************@*******.*** 10751 S. Fiery Dawn Ct. Vail Arizona, AZ 85641

Relevant Experience Continues

Conducted comprehensive assessments of the management, operational, and technical security controls employed within or inherited by an IS to determine the overall effectiveness of the controls

Performed security system event analysis, investigation, and validation; providing incident response to classification spills, malware infection, misconfiguration exposure, internal inappropriate behavior and technical issue; Preparing Vulnerability Scanning test plans, coordinate testing, Intrusion Detection, Security Operations, Digital Forensics, Networking, Security Architecture, NIST CSF, COBIT 2019, Encryption,Vulnerability Management

Participated in Lifecycle Management (LCM) Technical Change Control Boards (TCCB) providing technical guidance for security control compliance

Performed Security Technical Implementation Guide (STIG) and Federal Information Security Management Act (FISMA) assessments and annual reporting; Performing Security control assessments as part of Continuous Monitoring NIST SP 800-53 V4 compliance sustainment for application, infrastructure, and network

Designed, built and coordinate an automated build & release CI/CD process using Gitlab, Jenkins and Puppet on hybrid IT infrastructure; Coordinate/assist developers with establishing and applying appropriate branching, labeling /naming conventions using GIT source control; Branching, Merging, Release Activities on Version Control Tool GIT

Conducted systems design, feasibility and cost studies and recommend cost-effective cloud solutions such as Amazon Web Services (AWS); Involved in designing and developing Amazon EC2, S3, SWF, SQS, and other web services of the AWS infrastructure; Maintained the reliability, availability, and performance of Amazon Elastic Compute Cloud (Amazon EC2) instance

Maintained Change Management Plans (CMP), Incident Response Plans (IRP) Information System Contingency Plans (ISCP), and System Security Plans (SSP); Preparing and conducting training, exercises, and functional testing of IRP and ISCP

Assisted with the development of IA policies and procedures as required; Created and provided updates customer facing metrics and presentations designed to provide situational awareness of status of A&A packages and products; Prepared and evaluated activity reports for areas of concern and presents to management

Develop algorithms, write scripts, build predictive analytics, use automation, apply machine learning, and use the right combination of tools and frameworks to turn that set of disparate data points into objective answers to help senior leadership make informed decisions

Jose Hernandez Arroyo, DIT, MBA, BS Page 7/10-787-***-**** ****.***************@*******.*** 10751 S. Fiery Dawn Ct. Vail Arizona, AZ 85641

Relevant Experience Continues

Managed the financial aspects of client engagements communicate significant issues, fees, and estimates-to-complete to partners and client; Managed program of application assessment, defect tracking, and remediation; Lead and develop people through effectively supervising, coaching, and mentoring all levels of staff

Directed security initiatives and strategies for various for projects and budgets; Ensuring security measures are aligned with and support the Company’s business objectives

Worked in the migration of environment from a Microsoft WSUS, GPO administration, Windows 7.0, and Windows 10. Assisting other technicians & consultants with analysis and evaluation and with the preparation of recommendations for migration of Windows 7.0, and Windows 10; Assisted in the troubleshooting of PC equipment, deployment of images in both PC computers

Configured software as well as profile computers according to the user’s name and work area, assisting in set up workstations on site and assisted end users in resolving hardware and software issues; providing resolutions to issues that may arise

Assured Compliance Assessment Solution (ACAS/NESSUS), DISA Security Content Automation Protocol (SCAP), Continuous Monitoring and Risk Scoring (CMRS) cybersecurity applications and tools; Performed standard System Center administration duties at including but not limited to the design, deployment, monitoring, and diagnostic of SCCM, SCOM and related subsystems; Determining the best influence of HBSS to meet the strategic goals by defining “use cases”

Integrated data and event feeds with Organizational Security Information Event Management Systems; Policies and exceptions review for the various HBSS modules and provide best practice recommendations;

Trained customer personnel on the McAfee solutions; Acted independently to resolve tickets, manage multiple priorities, and follow through on customer engagement; Investigated and established server administration standards and provide ownership of server technical expertise of server back-ups, recovery, monitoring standards, storage administration, batch processing and virtualization

Softworld/Dept. of Human & Health Services · Atlanta, GA August 2017 – December 2017

Security Engineer RSA

Responsible for development from a project's inception to its conclusion as a SME for moderately complex systems; Implementing reviews for Application-level Access/review Procedures for Highly

Critical Applications, reviews for Domain Access, review for Sensitive and Administrative Access by implementing individual user access credential procedures by aligning them with account policies

Assisted other senior consultants with analysis and evaluation and with the preparation of recommendations for system improvements, optimization, development, and/or maintenance efforts in the following specialties: information systems architecture; networking; telecommunications; automation; risk management; software; life-cycle management; software development methodologies; Administrated RSA Security Analytics platform, SECURID, Governance, and NetWitness 10.6.2; Providing timely support to Incident Response and Research & Forensics teams, worked network engineering teams and adhere to ITIL framework methodologies

Worked in maintaining the RMF framework categorize the IS, Select, implementing, assessing security controls, Authorize & Monitor information systems; Preparing Vulnerability Scanning test plans, coordinate testing, Intrusion Detection, Security Operations, Digital Forensics, Networking, Security Architecture, NIST CSF, COBIT 2019, Encryption,Vulnerability Management; Producing, maintain technical documentation and network diagrams as well as providing ad-hoc technical training on the Security Analytics platform

Jose Hernandez Arroyo, DIT, MBA, BS Page 8/10-787-***-**** ****.***************@*******.*** 10751 S. Fiery Dawn Ct. Vail Arizona, AZ 85641

Relevant Experience Continues

Developed and designs AWS architecture for new secure cloud computing systems or existing systems migrating to cloud architectures; Provided thought leadership on cloud (AWS & Azure) usage strategy, monitoring, alerting, reporting on key cloud security

Automate cloud (AWS & Azure) security solutions and controls; Assess and reviews cloud network configurations from a security angle; as well as fix any issues assisting with the implementation, modification, improvement of the Sponsor's Risk Management Framework (RMF) workflow

Performing deep package inspection, reviewing system logs and correlate network data to identify security incidents; reviewing incident data and provide root cause analysis and recommendations on how to prevent future occurrences; build and prepare executive dashboards to communicate risks and incidents across the organization

CACI/CENTCOM · Macdill AFB/ Tampa, FL January 2017 – June 2017

Cyber Security Analyst Lead

Responsible for incident handling response while developing analysis of threat’s at CENTCOM AOR and leading the threat intelligence program and conducting advanced threat analysis and correlation to identify and report on strategic, tactical, and operational that is relevant to the organization; Leading and prioritizing threat collection, analysis and ensure intelligence is delivered in a timely manner in accordance with SLAs and program needs

Lead and develop people through effectively supervising, coaching, and mentoring all levels of staff; Directed security initiatives and strategies for various for projects and budgets; Ensuring security measures are aligned with and support the Company’s business objectives

Providing strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls; Ensures that international, national and local Information Security and Privacy regulations are being followed

Collaborating with Risk, Compliance, and Legal function to develop a high level of consistent, comprehensive and effective practices; Improved and implemented specific security policies, procedures, and processes relevant to the security program

Through HBSS, FIREEYE and ArcSight, compiled reports of IP Address, Specific User’s this enable me to create reports and update management and command on critical threats or new intelligence found that could negatively impact the infrastructure done through research reviewed analyst reports for timely, relevant, actionable information, identify new threat intelligence capabilities and enhance current capabilities; Create and review productized threat intelligence for technical and management consumption

Managed threat intelligence portal/platform to store, update, IOC

Contact this candidate