Security Analyst Systems Operator

Joshua Ross

Sacramento, CA ***** 775-***-**** **********@*****.***

Career Objective

Diligent professional with 10+ years of communication experience in complex and highly secure DOD information systems; in-depth knowledge and ability to provide technical assistance and training on switches, routers, signal communications, supported electronic equipment, satellite radios, and telecommunication equipment; strong expertise in installing, maintaining, and troubleshooting signal support equipment, host/client devices, radio and data distribution systems; clear and concise knowledge of PC hardware, desktop operating systems options and settings, and network functionality; proficient in setting up and maintaining a business sized network; skilled in running, splicing, polishing, and terminating fiber optic and Ethernet cables; and thoroughly trained in network security protocols and routing protocols. Aiming to leverage my expertise to successfully become an asset to your company.

Employment History

Teksystems – Centene Corporation 2/2021 – 4/2021

Junior Cyber Security Analyst

•Performed security monitoring and reporting, analyze security alerts and escalate security alerts to local support teams.

•Created tickets, SECTask for security events to be further investigated.

•Lead and respond to security incidents and investigations and targets reviews of suspect areas

•Consult on teams to resolve issues that are uncovered by various internal and third-party monitoring tools

•Identify and resolve root causes of security related problems

•Develop and deliver security awareness and compliance training programs. Conduct knowledge transfer training sessions to security operations team upon technology implementation

•Ongoing review of SIEM dashboards, system, application logs, and custom monitoring tools and endpoint tools

•Malware and threat analysis

•Leading team meetings as Queue Master

•Made sure everyone is taking and returning from Lunch and breaks on time

•Updating SOP’s and Run Books

•Host team meetings for turnover shift

•Verify everyone is logged into their Avaya phones

•Taking Phone calls for Report to Cyber phone line

•Used ticketing system ServiceNow.

•Documented procedures and processes as they were needed and updated existed documentations.

Advantor Systems 11/2019 – 4/2020

Electronic Technician III

•Perform routine systems maintenance and service repairs for customers with technical, application and service-related aspects of integrated alarm intrusion systems, access control systems, CCTV and GBR.

•Perform systems preventative maintenance inspections per manufacturer’s recommendation on integrated alarm intrusion systems, access control systems, CCTV and GBR.

•Provide system performance analysis on the IDS operational platform.

Apex Systems – Centene Corporation 4/2018 – 8/2018

Information Technology Analyst

•Functioned as Tier 1 support for internal IT support.

•Administered mobile applications MAAS 360 and DUO mobile.

•Used ticketing system ServiceNow.

•Documented procedures and processes as they were needed and updated existed documentations.

The Kemtah Group – Aerojet Rocketdyne 2014 – 2017

Cyber Security Analyst - Remote

•Analyzed offenses generated in QRadar (SIEM) and determined courses of action; whether to escalate as an attack or create Service Requests to other IT groups for resolutions of misconfigured devices.

•Preformed QRadar admin work of Rule creation and changed system rules to suite our environment. Maintained configuration logs of those changes.

•Managed QRadar connected hosts for firmware and software upgrades issued by IBM for both appliances and VMs

•Completed part of process creation for offenses received in QRadar, as well as updated documentation and processes as changes arose.

•Used various methods, including but not limited to, FireEye, to clear websites for whitelisting; then added sites to defined categories (Cisco SMA).

•Monitored tasks in LANDesk ticketing system for requests, including whitelisting, and accounted lockout investigations in QRadar and device scanning in Rapid7.

Information System Security Officer (ISSO)

•Performed weekly and monthly continuous monitoring checks (ref. Risk Management Framework) and physical security checks (closed area inspections and protected distribution system (PDS) checks).

•Performed initial in-person training prior to closed area access, account creation, or special removable media permissions; track and document subsequent annual online refresher training and required forms verifying need to know (NTK), security classification guide training and/or removable media procedures and policies.

•Sanitized, imaged, configured, and hardened Windows 7 systems to compliance in accordance with DSS Baseline Technical Security Configuration Guide in preparation for classified use. (Ref. National Industrial Security Program Operating Manual (NISPOM) Chapter 8 and DD 254).

•Used NIST Security Configuration Checklist Repository to follow DOD Security Technical Implementation Guides (STIGs)

•Closed area custodian and point of contact of two closed areas, six security containers (Ref. Defense Security Service (DSS) and Industrial Security Field Operations (ISFO) Manual).

•Installed, maintained, and repaired hardware and software issues for all workstations, performed routine hardware upgrades and software updates/upgrades as needed.

•Coordinated and deployed quarterly Security Patches for Multi-User Stand Alone (MUSA) and Peer to Peer (P2P) systems, as well as assisted with Microsoft System Center Configuration Manager (SCCM) deployment for client/server systems.

•Maintained responsibility for System Continuous Monitoring, Plan of Action and Milestones (POA&M).

•Controlled user accounts with Microsoft Active Directory.

•Accredited systems with vulnerability scan procedures to include SCAP tools, kept step-by-step accreditation documentation.

•Performed routine security audits, account creation/maintenance, vulnerability scans, operating system troubleshooting and repair for Linux (Red Hat Enterprise) and QNX systems (UNIX-like).

•Maintained active membership of Incident Response Team with the responsibility of collecting hardware, performing local system scans/analysis, and hardware sanitization as needed.

Flex-Tech, Service Center Technician

•Provided prompt initial response to all assigned service requests either in-person or remotely utilized phones, and other remote tools (RDP, LANDesk Remote Control).

•Troubleshot the system problem and completed repairs in a timely and efficient manner insuring minimal recurrence of problems.

• Appropriately documented all required information into the ticket tracking system.

US Army Reserve 2013 – 2018

Corporal – MOS 88K – Communications Chief

•Operated as a network administrator, system administrator, trainer, and maintainer for a Harbor Master Command and Control Center.

•Maintained inventory of 20 workstations, 40 user accounts, and 4 VIOP phones.

Nevada Army National Guard – 422nd Signal Battalion (Afghanistan) 2011 – 2012

Specialist – MOS 25Q – Multichannel Transmission System Team Chief

•Monitored the southern WAN of Afghanistan from the HUB via different Simple Network Management Protocols (SNMPc) tools and Bit Error Rates (BER).

•Troubleshot transmission problems and network problems that hindered optimal data transmission.

•Installed, operated, and maintained multichannel line-of-site and tropospheric scatter.

•Configured and maintained telecommunications equipment such as multiplexers and trunk groups.

•Established familiarity with Microsoft Server 2008.

•Maintained existed Cisco routers and switches via Command Line Interface.

Specialist – MOS 25B – Network Administrator

•Maintained a MAN-sized network compromised of 3 routers and 47 total switches over 3 levels of mandatory access control.

•Used a combination of Cat 5, fiber, and line of sight to establish communications for over 200 users.

•Setup network printers and workstations with Dynamic Host Configuration Protocol (DHCP) over 3 levels of mandatory access control.

•Configured Cisco switches and routers using Command Line Interface.

•Installed image of registered US Army version of Windows 7 to workstations.

•Installed and supported Microsoft Office 2007.

•Configured Cisco Unified Communications Manager (Call Manager) for about 50 VOIP phones.

•Maintained existing Cisco switches and routers.

TEKsystems 2009 – 2010

Multichannel Vehicular Radio Installer

•Removed multi-channel radios from California’s state vehicles and replaced them with upgraded Motorola versions.

•Performed complete break-down and set-up of radios on an array of state vehicles.

•Safely wired vehicle’s electrical systems to minimize the chance of shorts or electrical fire.

California Army National Guard – 168th MEDEVAC (Afghanistan) 2007 – 2010

Specialist – MOS 25U – Signal Communications Chief

•Maintained communication and encryption devices on ground and in Blackhawk helicopters

•Inventoried and distributed encrypted material to supported units

•Destroyed encryption based on time and suspected security risks

•Installed, configured, operated, and maintained tactical radios for Flight Operations to communicate with aircraft for tracking purposes

•Operated and maintained FBCB2 Blue Force Tracker (troop and vehicle movement tracker overlaid on a digital chart)

•Provided helpdesk duties for Task Force (roughly 1,000 end users) for unclassified and classified networks.

•Worked as helpdesk and desktop support for Task Force while supporting their operating systems that consisted of Windows XP, Windows 7, and Windows 10.

•Became familiar with Unix, Red Hat Linux, Solaris, Microsoft Server 2003, and Microsoft Office Suite 2007

•Escalated and verified privileges in Active Directory.

Experienced Technologies

•Microsoft Office Suite

•Unix

•Microsoft Active Directory

•Red Hat Linux

•Microsoft Server 2003/2008

•Virtual Local Area Networks (Vlans)

•Microsoft Operating Systems: XP/VISTA/7/8/10

•Unix: Vi Editor

•LANDesk / SCCM / ServiceNow

•Solaris System

•Cisco Command Line Interface

•QRadar

•Cisco Call Manager, Switches, and Routers

•Rapid 7

•Maas360 / Duo Mobile

•Carbon Black Defense

•Microsoft Defender ATP

•Microsoft Azure

•Absolute

•Splunk

•Proof Point

•Global Threat Insight

Certifications and clearance

•DoD Security Clearance – Active Secret

• CompTIA: Security+ (Expired)

•US Army 25U Signal Support Systems Specialist

•US Army 25Q Multichannel Transmission Systems Operator

•US Army 25B Information Technology Specialist

•US Army 88K Watercraft Operator, Harbormaster

EDUCATION

American InterContinental University

oStudying for Bachelor of Science in Information Technology. With a concentration in cyber security.

Contact this candidate