Compliance Specialist and Security Architect
Resume:
ANGELO SISNEROS II
ads154@r.postjobfree.com
Overview: Highly qualified Cyber Professional with over 23 years of proven experience in the complex technical roles. Proven knowledge of Cybersecurity concepts, technologies, regulatory compliance, endpoint and network security monitoring. Proven problem solver with skills acquired through exposure to a variety of military and highly classified dynamic communications environments. Supported military and government entities in a variety of complex environments.
Summary of Qualifications:
Active Secret security clearance
Proficient in NIST SP 800-30/37/40/37/53/60/137/160/171, Risk Management Framework (RMF), Enterprise Mission Assurance Support Service (eMASS), CNSSI 1253, FIPS 199/200, Cybersecurity Maturity Model Certification (CMMCv2), Health Insurance Portability and Accountability Act of 1996 (HIPAA) and Federal Risk and Authorization Management Program (FedRAMP)
Experience with Jira, Microsoft Azure, O365, Defender, Microsoft Project, VMware, and Microsoft SharePoint/Teams.
Experience with LDAP, SSO, SAML, MFA and MDM.
Experience with Cloud security architecture and deployment models for securing highly sensitive data
Experience with CI/CD pipelines and Agile methodologies
Education and Certifications:
BA in Information Systems Homeland Security Management from Strayer University (2017)
Currently enrolled in the SANS STI Defensive Cyber Operations Graduate Certificate Program.
Certified Information Systems Security Professional (CISSP)
GIAC GMON
ITILv3
Certified CompTIA Security+
Experience:
Cyber Architect Sep 2021-Present
Cyber Compliance Experts LLC, Denver, CO
Compliance Preparation Support to include all artifacts related to:
Created organizational policies that align to NIST SP 800-53r5
Created customized a spreadsheet to manage SLAs and control tailoring.
Developed compliance-based artifacts that align with industry best practices, regulatory requirements, and government security standards such as FedRAMP and Controlled Unclassified Information (CUI) standards, along with best practices such as NIST Cybersecurity Framework (CSF), NIST 800-171, NIST 800-53, ISO 270**-***** and other applicable security and privacy laws.
Cyber Architect Jul 2020 – Sep 2021
Broadnet Teleservices Highlands Ranch, CO
Developed processes for a FedRAMP accreditation including Incident Response, Compliance Dashboards, NIST Policies and Artifacts.
Conducted a Cyber Risk Assessment for Broadnet Teleservices in order to satisfy government contracts.
Contract included artifact and process creation for the gaps identified during the assessment. Artifacts included PPSM (Ports, Protocols & Services Matrix), Network Architecture Diagram, HW/SW Lists (Hardware and Software). Processes included Incident Response Plan/Testing and Vulnerability Management.
Authored 18 policies and 5 core artifacts required.
Senior Cybersecurity Engineer Jun 2019 – Mar2020
ITS Aerospace LLC, Colorado Springs, CO
Developed processes for the DCO (Defensive Cyber Operations) suite including Incident Response, Compliance Dashboards, Threat Hunting and IoC (Indicator of Comprise) identification.
Conducted a Cyber Risk Assessment for L3Harris on their SENSOR (System Engineering and Sustainment Integrator) contract. Contract included artifact and process creation for the gaps identified during the assessment. Artifacts included PPSM (Ports, Protocols & Services Matrix), Network Architecture Diagram, HW/SW Lists (Hardware and Software). Processes included Incident Response Plan/Testing and Vulnerability Management.
Worked with a team of Engineers to establish and develop test automations methods and techniques to plan, develop, implement and conduct tests to satisfy functional requirements.
Performed analysis and dispositions of requirements to improve rework procedures and process controls when necessary.
Senior Cybersecurity Engineer Dec 2018 – Apr2019
Odyssey Systems Consulting, Peterson AFB, CO
Managed 5 Accreditation packages for BMEWS (Ballistic Missile Early Warning System) and PAVE (Precision Acquisition Vehicle Entry) PAWS (Phase Array Warning System) (BMEWS/PAVE PAWS) (BPP)
Represented the Cybersecurity division during a PCE (Process Compliance Evaluation) Board for SMORS (Sustainment and Modification of Radar Sensors) contract deliverables.
Cybersecurity Engineer (Security Control Assessor) Aug 2017- Dec 2018
Booz Allen Hamilton, Peterson AFB, CO
Conducted Risk Assessments for the U.S Air Force Space Command’s systems using various tools, Vulnerability Scans and STIGs.
Assessed Enterprise, DevOps and Stand-Alone Information Systems using NIST SP 800-53 Controls and CCIs (Correlation Control Identifiers by leveraging the RMF (Risk Management Framework).
Senior Field Engineer Dec 2004 – Jun 2016 Globalinfotek Inc. Ottawa, Canada
Advised the JIIFC (Joint Information and Intelligence Fusion Capability) Project Manager on CPOF architecture, disaster recovery, training and system implementation. Consultation was in support of the Foreign Military Sales Case to the Canadian DND (Department of National Defense).
Supported the SDLC (Software Development Lifecycle) process for the development of interfaces to several Canadian Command and Control applications by creating a standard data mapping schema for current and future system integration.
Senior Field System Engineer Feb 2012-May 2013
Camp Vance, Afghanistan
Provided Tier I and Tier II Level Helpdesk support for the TMC Tactical Server Suite and 70 systems geographically dispersed throughout Afghanistan. Effort included system hardening, upgrades and disaster recovery procedures.
Senior Field System Engineer (2nd Infantry Division Team Lead) Jun 2009-Sep 2011 Uijeongbu, South Korea
Assisted in the development of 2nd Infantry Division’s operational workflows and processes for the employment of CPOF, PASS (Publish and Subscribe Services), and Command Web products.
Field System Engineer Feb 2005 - Oct 2008 MND-B, MNF-W, MND-N and MNC-I, Iraq
Deployed to Iraq in support of OIF (Operation Iraqi Freedom II, III and IV) (3 years total). Provided administrator and end-user level training for CPOF.
Provided installation of servers and clients for classroom instruction as well as providing the operational instruction to include best practices, TTPs (Tactics, Techniques and Procedures) and custom workflows.
Information Systems Analyst Jan1999-2005
U.S Army (Active Duty)
Contact this candidate