Resume

Sign in

Digital Forensics, Cyber Security, Risk Assessment, Compliance Audit

Location:
Alvin, TX
Salary:
130000
Posted:
April 28, 2021

Contact this candidate

Resume:

D. Pat Estis

Alvin, Texas

***. ***.**** adl0qr@r.postjobfree.com

Text or email for Signal and Discord

Additional Publications and Presentations: https://www.linkedin.com/in/d-pat-estis-ceh-gpen-39b7926/

Personal Details:

Houston, TX United States

Male Married

Cyber Security Operations

Transition Planning & Delivery – Business Operations Management – Cyber Project Leadership

Risk Assessment & Mitigation

Strategic Planning & Execution

Staff Training & Development

Stakeholder Engagements

Data Integrity

Cost Reduction & Control

Cross-Team Collaboration

Continuous Process Improvements

Risk & Vulnerability Management

Cyber Operations

Digital Forensics & Incident Response

Resourceful and accomplished IT professional with 15+ years of national and international experience leading IT and Cyber security operations/ initiatives, directing multifaceted teams, managing cross-functional projects, and providing executive-level leadership.

Demonstrated success designing testing tools, implementing vulnerability assessments, and performing risk assessments for protecting digital assets and ensuring network security.

Proven track record of planning, executing, monitoring, managing and upgrading security measures for protecting organizational data, systems and networks.

Instrumental in evaluating processes, identifying underperforming areas and delivering strategic solutions for organizational development and growth.

Collaborative communicator and negotiator capable of building and maintaining positive collaborations/partnerships with clients, key stakeholders, and senior management to realize organizational goals.

PROFESSIONAL EXPERIENCE

Independent Cyber Security and Risk Analysis Consultant 2/2020-Present

Contract

Provide security related consulting to business partners and work with asset teams to ensure systems are designed with optimized risk mitigation.

Completed risk assessments on software/hardware upgrades and new organization assets and technologies as well as cloud migrations.

Develop digital forensics programs and provide guidance on tool selection and use for incidents which require digital forensic analysis and reporting (including risk assessment determining software acquisition).

Configured automated reporting for various compliance benchmarks and draft usage guidelines and best practices for the organizations as well as oversee migration of corporate assets and corporate data to cloud based infrastructures.

Provide auditing to meet federal and industry compliance standards and certifications.

Developed and monitored trends in information security threats and incidents, evaluate performance of security/threat management systems

Provide penetration testing and monitoring of enterprise information security systems to determine training needs establish professional development goals for personnel.

Alliant Group 12/2018-01/2020

Senior IT Security Analyst, Contract

Lead analyst in charge of installing and configuring Tenable Nessus. Installed local Nessus servers and brought up and configured Nessus cloud services for remote business interests. Configured automated reporting for various compliance benchmarks and also drafted usage guidelines and best practices for the organization, to include what to scan when in order to implement the strongest security posture in regards to Nessus services while not impacting the daily corporate business operations.

Lead vulnerability management and risk mitigation efforts ensuring security analysts are appropriately identifying, tracking, mitigating and reporting on information system vulnerabilities and threat vectors.

Lead analyst on SOC2 compliance program. Responsible for identifying, tracking and implementing SOC2 controls as well as interfacing with third-party SOC auditors and reporting to C-level personnel on current compliance status and progress and milestones.

Lead analyst on FISMA compliance driven by NIST 800-53

Develop digital forensics program and provide guidance on tool selection and use for incidents which require digital forensic analysis and reporting.

Manage company CSIRT team; including drafting company response policies and procedures and actively mitigating threats.

Penetration testing lead: interface with third-party pen testers to ensure accurate scoping and rules of engagement are drafted properly so the penetration tests do not interfere with production systems causing down time. Review results and draft mitigation and patching efforts to ensure all possible threat vectors are attended to, as well as drafting reports for C-level personnel and after-action reports.

Lead analyst on Alliant Group cloud migrations. Performed risk assessments and provided guidance to junior analyst on the migration of corporate assets to cloud infrastructure (AWS and Azure) while maintaining adherence to corporate security policies. This includes routine scanning of corporate address space within the cloud and maintaining records of access/use of corporate data sets in order to maintain compliance with corporate security policies.

Monitor enterprise information security systems and provide leadership and guidance to junior analysts on identifying, ranking, correlating, mitigating and reporting of security events.

Communicate to a variety of audiences (IT support, IRM community & IT Management, C-level personnel) related to current corporate IT Security posture and emerging information security trends and incident tracking.

Monitor external information sources (information security/technical media & “hacker” groups) to identify current IT security landscape, threat vectors, emerging technology and trends for inclusion and consideration in the corporate IT security processes/policies for threat identification, defense and mitigations.

Provide training and guidance on IT security tools for junior analysts and track analysts continuing education goals and certifications.

Provide guidance on corporate IT security training for company personnel and track annual training and milestones for personnel.

Chevron 08/2017-11/2018; 7/2012-2014

Senior IT Security Analyst, Contract

Performed risk assessments on Office 365, leading the effort in migrating all of Chevron’s business units from MS Office 2012 to MS0365; involving the use of private cloud technology (MS Azure) while maintaining adherence to Chevron security policies and compliance benchmarks (NIST/SOC2 Type II).

Provide risk assessments on cloud related infrastructure and implementations on all instances and applications that cross more than one Chevron business unit, therefore qualifying as a global effort and involving my team. This includes multiple risk assessments for different underlying technologies using both MS Azure and Google AWS cloud services.

Participated in design, engineering and implementation of new infrastructure for security solutions.

Provided security related consulting to business partners and work with asset teams to ensure systems are designed with optimized risk mitigation.

Completed risk assessments on software/hardware upgrades and new organization assets and technologies as well as cloud migrations.

Lead auditor on PCI compliance activities and control implementations and associated frameworks.

Participated in asset roadmap planning in conjunction with asset planning teams and TMA to design next generation infrastructure and security applications.

Provided business and OE focused leadership to projects that implement next generation infrastructure & applications.

Monitored Enterprise information security systems; correlate, review, rank and follow up on high-priority security events for log collection/correlation and persistent threat/malware analysis.

Monitored external information sources (information security/technical media & “hacker” groups) to identify events which might alter the risk of security incidents.

Developed and monitored trends in information security threats and incidents, evaluate performance of our security/threat management systems on a continuous basis.

Led or participated as a SME on security projects.

Communicated to a variety of audiences (IT support, IRM community & IT Management) related to InfoSec incidents and trends.

NASA 10/2007-10/2011

Senior Systems Analyst

Administrated information system firewalls and intrusion detection system.

Conducted security audits, risk assessments, automated vulnerability assessments, and systems monitoring (IDS, vulnerability scanners & penetration testing) to mitigate risks to security vulnerabilities.

Guided and administered penetration testing of information system in order to ensure all applicable controls are in place and configured correctly and IDS systems are alerting properly.

Coordinated the implementation of security tools and formalized processes/procedures consistent with NASA standards and regulations, Federal guidance and requirements, and applicable Industry Best Practices (IBP).

Identified compensating security controls, mitigate vulnerabilities, reduce attack vectors, and efficiently quantify overall risks in order to assist the system owner in the decision to accept, transfer, or mitigate risks to systems, data, and resources.

Participated and led project and product design reviews as well as engineering review teams to initiate proper implementation of IT security measures and devices.

Coordinated the implementation of IT security measures with end-users (Government, contractor & foreign national personnel) and IT security administration team incorporated of the preparation of impact and risk analysis reports.

Developed and maintained the NIST (National Institute of Standards & Technology) required documentation in response to FISMA for the NASA SDIL facility which consisted of Test Plans for the implementation and monitoring of the required IT security tools, IT Security Plan, Gap Analysis, Plan of Actions & Milestones, and Contingency Plan.

Prepared and supported routine NASA required Certification and Accreditation (C&A) audits and documentation packages on all IT resources in the Software Development Integration Laboratory (SDIL) facility in support of Boeing International Space Station Contract.

Used tools and formalized processes/procedures to verify and monitor compliance with NASA/Federal procedures and regulations for end-user, system/process, and privileged access to SDIL systems, data, and resources.

SkyPort International Inc. 05/2005-10/2007

IT Security Manager

Administrated security systems; utilized the StillSecure interface for system Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS) and Network Access Control (NAC) administration as well as incident response (log investigation & digital forensics).

Created documentation, consistent with U.S. Federal IT Security requirements such as NIST Special Publication 800-53 and relevant Industry Best Practices, for the purposes of identifying threat sources, creating gap analysis, enumerating vulnerabilities, rating vulnerabilities, and tracking mitigation of those vulnerabilities which resulted in the first formalized Certification & Accreditation (C&A) package for SkyPort International, which is provided to clients upon request in order to assist clients with their C&A efforts.

As security team manager, compared current information system posture to risk assessment and compiled gap analysis and produced Plan of Action & Milestones (POA&M) consistent with NIST requirements identifying corrective actions, responsible parties, milestones, and the current state of each corrective action.

Based upon requirements and guidance set forth by NIST, Federal Information Processing Standards (FIPS), the Payment Card Industry Standard (PCI), and Sarbanes-Oxley, created documentation such as administration manuals, policy and procedure guidelines, standard operating procedures, and standardized request for service forms for both client and internal use.

As a member of the global Computer Security Incident Response Team (CSIRT) for an Internet Service Provider, utilized skills of vulnerability identification, risk management, event correlation, and log investigation to identify, rate/quantify according to U.S. Federal guidance/requirements security risks, and provide recommended mitigations to clients.

As IT Security Manager of SkyPort, performed and directed others in the execution of those same tasks for internal systems.

Experience in project management; such as those projects related to the implementation of Federal IT Security guidelines, new security devices such as network IDS/IPS devices, and Anti-virus software.

Created report documentation.

Tasks were also incorporated of task scheduling and assignment, event organization, and status reporting to C-level company employees and clients.

Applied experience with multiple IT Security technologies such as VPN, IDS, firewalls, Windows and Linux event logging, automated vulnerability scanners such as Nessus/Internet Scanner, Web Application vulnerability scanners (nikto), database security scanners (Scuba) and a variety of other tools, hardware, and software.

Led the design, implementation, and deployment of Symantec Anti-Virus Corporate Edition, providing virus protection for laptops, workstations, and servers for all corporate systems.

Conducted troubleshooting and testing of services for continuity and quality of service for client communications

Acted as a team member of the CSIRT group in order to ensure client systems and connectivity were maintained according to pertinent IT Security requirements which involved device/site security (physical security), server security, power/UPS for availability, and HVAC systems to ensure operational conditions existed in extreme environments.

Monitored and maintained transmission services for proper frequency, signal levels, and bit-error-rates.

Monitored Cisco based networking core and conduct troubleshooting and configurations on the Cisco network.

Configured and installed Cisco 2950 switches, 827 and 2801 routers and maintenance routines for teleport devices.

Network repair and maintenance included both RF and IF devices, multiplexers, and end-to-end device management.

Monitored M&C (Monitoring & Control) Systems -document corrective action involving the maintenance of U.S. Federal Communication Commission (FCC) and operational logs for equipment status.

Additional Experience: Senior IT Security Specialist Enbridge Inc, Senior IT Risk Analyst T- Systems, IT Security Analyst IV Kelsey Seybold, Lead Systems Technician at Newton Grisham LIbrary, Technician at E4 INTERNETWORKS, Systems Technician at Sam Houston State University, United States Marine Coprs Infantry Squad Leader - Sea Service Deployment Ribbon with Star, Armed Forces Expeditionary Medal, Armed Forces Service Medal, Marine Corps Good Conduct Medal, Meritorious Unit Commendation, Meritorious Mast

EDUCATION AND CREDENTIALS

Sam Houston State University Huntsville, United States

Digital Forensics, Master (MS)

Sam Houston State University Huntsville, United States

Industrial Technology, Bachelor (BS)

Minor in Computer Science

Certifications

GIAC Certified Penetration Tester, GIAC GPEN 2010

Certified Ethical Hacker, InfoSec Institute 2009

CCNA – 2002

Technical Proficiencies

Cyber Defense and Operations Industrial Controls Systems (ICS)

Open Source Intelligence (OSINT) Intranet Security

Threat Intelligence & Attribution

CISSP Incident Response Firewall Intrusion Malware Vulnerability & Risk Management Information Security



Contact this candidate