Security Analyst Electronics Technician

David F. Scott, III

Laurel, MD ***** 240-***-****

*************@*****.***

Computer Systems Security Engineer

Program Management Computer Incident Response Emergency Preparedness Investigations

Technically sophisticated digital security systems professional with solid history of supervising complex investigations and security systems solutions. Broad knowledge and success in security engineering, identifying security vulnerabilities, data and system analysis, implementing security plans, and deploying future security threat prevention. More than twenty years of experience managing enterprise implementations of healthcare information and EMR systems. Skilled trainer and project leader; able to direct multiple tasks effectively and readily master innovative software and tools.

Security Engineering

System Implementation

Strategic Planning

Network Security

Data Analysis

Communication & Coordination

Investigation Process

Emergency Action Plan

Staff Training

Risk Management

Issue Resolution

Disaster Recovery

Professional Experience

LEIDOS, Washington, DC January 10,2022 to Present

Information Security Engineer – ATF – ESA V Program

Experience with McAfee ePolicy Orchestrator (ePO)

oReviewing and Responding to antivirus alerts

oCreating custom reports

oInstalling and updating ePO agents and dat files

oConfiguring ePO policies for endpoint systems and servers (On-perm and in the Cloud)

McAfee ePolicy Orchestrator Certification

Past experience with the Department of Justice

DOJ or DOD Active Clearance

Network knowledge and experience

ITSM knowledge and experience, particularly with ServiceNow

Experience with DOJ compliance environment and related tools (CSAM, Tenable Security Center, and BigFix)

Ability to review, compile and update artifacts for system accreditation packages

Direct experience or solid familiarity with cloud computing and applicable security practices (e.g. FedRAMP, SAAS, IAAS)

Ability to recognize security risks, document risk, and clearly communicate findings and recommendations.

Experience supporting Incident Response events

Experience supporting review and certification of systems and applications

LEIDOS, Washington, DC May 04, 2020 to January 9, 2022

Cyber Security Analyst – US Mint, Information Security Division

Serves as a Tier 2 cyber security analyst supporting incident response, monitoring/detection and cyber intelligence analysis.

Has professional experience in cybersecurity, information risk management, or information systems risk assessment. Knowledgeable in many areas such as: Vulnerability Assessments, Intrusion Prevention and Detection, Access Control and Authorization, Policy Enforcement, Application Security, Protocol Analysis, Firewall Management, Incident Response, Data Loss Prevention, Encryption, Two Factor Authentication, Web filtering, and Advanced Threat Protection.

Responds to information system security incidents utilizing the DHS furnished toolset to identify and determine root causes of incidents and provide any required documentation and possible evidence to authorized personnel who carry legal or investigative authorities.

Provides cyber intelligence analysis regarding incident detection and response.

Supports maintaining certification of trusted entities as a Certificate Authority (CA) - the Treasury Operational Certificate Authority (TOCA). The part of Security Manager that ensures the trustworthiness of electronic identities. It issues electronic identities in the form of public key certificates, policy certificates, cross-certificates, certificate revocation lists and authority revocation lists, and signs the certificates with its signing key to ensure the integrity of the electronic identity.

VariQ, Washington, DC February 2018 – Oct 2019

Lead Security Engineer for Treasury Dept.-Office of the Comptroller

Coordinated and provided security integration engineering support for the O&M of the CDC's monitoring infrastructure and security tool suite to include McAfee SIEM, firewall, McAfee NSM IDS/IPS, and Symantec DLP.

Oversaw and trained new security builds; troubleshooting performance issues; performing operating-system upgrades and patches; performing application updates; and adding, removing, and/or modifying rules and signatures in the CDC’s infrastructure tools.

Prepared comprehensive reports regarding appropriate utilization of tool application programming interfaces (APIs) to integrate the CDC's asset management, scanning, and analytical tools with monitoring tools (e.g.: the McAfee SIEM) and reporting tools/portals to optimize response times and workflow.

Evaluated and disseminated the integration results of the CDC's data elements with the OCC's enterprise governance, risk, and compliance (GRC) solution.

LOCKHEED MARTIN / LEIDOS, Baltimore, MD March 2009 – January 2018

Cybersecurity Systems Analyst for Centers for Medicare & Medicaid Services (CMS)

Cybersecurity Systems Analyst responsible for the life cycle management of client cyber security suite of hardware and software in support 24/7 cyber defense.

Responsible for submitting and receiving approval to Change Management Approval Board for cyber security tools updates, upgrades, and hardware replacement using BMC Remedy.

Responsible for documenting cyber security tools Standard Operating Procedures (SOPs) to codify daily health checks, policies (storage, database, data retention), procedures and configuration builds.

Responsible for installation, configuration and administration of Sourcefire suite for LAN/WAN segments. Work closely with vendor product support staff to provide product feedback, research product vulnerability and remediation’s, and feature requests.

Responsible for installation, configuration and administration of Checkpoint Endpoint Security suite. Provide policy support to client teams directly managing agent updates for DLP and encryption in development and production environments.

Responsible for installation, configuration and administration of the Access Data eDiscovery suite in support of client Privacy Office. Provide investigative data support as requested from Privacy Office in support of Fraud, Waste, and Abuse employee investigations.

Provided secondary support for operations and maintenance of Websense, Palo Alto, and McAfee Endpoint (HBSS).

Provided support to Cyber Defense staff by providing knowledge management transfer of incident management process flow. Provide guidance on how to assess the impact of security incidents to formulate corrective actions.

Collateral corporate responsibility to support emergency preparedness management and disaster recovery for over Lockheed/Leidos 65,000 employees.

Developed curriculum and conduct training on the emergency action plan for all employees

Prepared and present reports, briefs, and other communications to management

Received the 2012 Lockheed Martin Cyber Security Team Excellence Awards in recognition of exceptional achievements and contributions to Lockheed Martin’s Cyber Security mission.

McAfee Inc., Baltimore, MD January 2005 – February 2009

Lead Sales Engineer

Responsible for technical aspects of McAfee operations including intrusion detection, new incident tracking, documentation, analytical investigation, problem closure and future security threat countermeasures

Assisted with the development and implementation of security plans, products, and control techniques

Managed complex tracking systems to identify security concerns, such as live computer attacks and probes

Analyzed data to assess security deficiencies and formulate strategies to prevent similar occurrences

Directed the development of security policies and procedures for McAfee products, including configuration management of over 100 McAfee products implementations

Reviewed and enhanced policies and processes to ensure effective, efficient performance

Investigated and provided reports on more than 200 data security incidents

Provided recommendations for corrective actions and to ensure operational continuity

Increased McAfee sales by 320% by pinpointing network “choke points” previously not monitored

AGENCY FOR HEALTHCARE, RESEARCH AND QUALITY, Rockville, MD May 2002 – January 2005

Network Security/LAN Engineer

Managed security for LAN system, including daily examines and reports.

Installed, configured, and maintained organization’s LAN servers and workstations.

Supervised and oversaw MS Exchange and Internet Information Server to meet employee and customer requirements.

Ensured systems were secure by analyzing and tacking of potential malicious intrusions and viruses.

Assessed vulnerabilities and risks utilizing NIST 800 practices, DITSCAP and NIACAP procedures.

FEDERAL OCCUPATIONAL HEALTH SERVICES, Bethesda, MD December 1999 – April 2002

Network Engineer

Responsible for overseeing all program management activities regarding planning, implementing and supporting the computer networks.

Served as Internet Mail Database Director and assisted with the migration to MS Outlook

Strategically planned and converted five major offices across the country from WAN to firewall private network.

Installed various configurations ranging from employee assistance program system to networked POIS primaries to law enforcement configurations at customer site throughout the area.

DC Fire & Emergency Medical Services Department (DCFEMS) 1989 – 1998

FIRST RESPONDER - HAZMAT Unit, Battalion Chief’s Aide (8th & 2nd Battalion), Engine 30/Truck 17/EMS Unit 10

Tools

Platform/Software:

McAfee ESM Security Information Event Manager (SIEM)

McAfee Network Security Manager (NSM)

oIntrusion Detection Sys (IDS)

oIntrusion Protection Sys (IPS)

Imperva SecureSphere Web Application Firewall (WAF)

Symantec Data Loss Protection (DLP)

FireEye HX

ForeScout

Symantec EndPoint Protection Manager (SEPM)

SPLUNK

Stealthbits Audit, Defend and Intercept

SourceFire FireSIGHT

AccessData eDiscovery Tool

McAfee ePO

Symantec SIM

Cyfin Reporter – Wavecrest

Druva InSync Private Cloud Elite

Sourcefire 3D – Snort II

SecureVantage Enterprise Operating System

Netscreen Security Appliance

Aventail VPN

Checkpoint Firewall

Webscence Enterprise reporting tool

Symantec Norton Corporate-McAfee/NetShield Anti Virus Protection Utilities

NetBackup and Backup Exec

Platform/Hardware:

Sourcefire 3D sensors (3D500, 3D1000, 3D2100)

Dell PowerEdge 1955 Ten Blade Server

Pogo-Linux 1450 Server

SAN-EMC Clarion CX600 (2 TB capacity Fiber channel)

Proventia – Internet Security Systems (ISS)

Cisco 2600/3600 Routers, Cisco 2950/3550 Catalyst Switches

Netscreen 204

Aventail EX-1500

Dell PCs and HP printers

Compaq DL360/380/1850R Servers

Education & Credentials

Computer Electronics Technician Diploma, Computer Learning Center, Laurel MD, 10-1998

Certified Information Privacy Professional (CIPP), IAPP

Certified Information Systems Security Professional (CISSP), (ISC) - EST March 2020

Security Essentials Certification (GSEC), GIAC

Sourcefire 3D Systems I & II

Snort I & II

Security +, MCP and A+ Certified

Contact this candidate