William ‘Lamar’ Herndon
CompTIA Network+, A+
Hollywood, MD 20636
202-***-**** ● aduev1@r.postjobfree.com
IT Security Specialist
Network Systems and Communications ● Cybersecurity Best Practices ● NIST RMF ● PCI-DSS
Over 10 years of information technology work experience ranging from help desk, engineering, integration, monitoring, analysis, computer security, system and application security, system and network administration to security engineering and operations support, user support and training.
IAT Level I: CompTIA Network+ and A+ certified professional with strong help desk security experience – provide software, hardware, client/server, cloud, and networking technical support.
Corporate system/enterprise network security configuration and analysis. Demonstrated strengths in rapidly diagnosing, troubleshooting, and resolving security (CIA+S) related issues and incidents.
Dell Service Technician Certification: Authorized to work on Dell computing equipment
IAT Level II: CompTIA Sec+CE (Currently Studying, Tentative Exam - TBD)
KEY SKILLS
Process and Procedure Oriented
Documenting
Collaborating
Attention to Detail
Technical Troubleshooting and Problem Solving
24/7 Operations Support
Secure Configurations Compliance
Customer Service
Communications
Presentation
Privacy and Safety Continuing Education
On-Premise/Hybrid Cloud Secure Engineering, Operations and Management
TECHNOLOGY PROFICIENCIES
Security Technical Controls and Tools:
ESET, Access Control, Systems and Integrity, Auditing, Systems Communications; Kali Linux, NMAP, STIGS and SCAP
Software:
Linux CLI; Windows PowerShell; firewall; email; browsers; anti-virus, Office 365 Compliance, syslogs, security event audit logs, DASH Ticketing, BC Wipe, Pulse VPN, VMWare (Sandbox), Active Directory (AD)
Hardware:
PC’s; laptops; printers, scanners, routers, switches
Platforms:
Windows; Mac OS; Linux; Azure; Barracuda Backup Cloud
Security Frameworks:
NIST RMF; NIST CSF; PCI-DSS; CIS Critical Security Controls; CMMC (NIST SP 800-171); MITRE ATT&CK
PROFESSIONAL EXPERIENCE
Hire Power – Lexington Park, MD (Temporary)
Customer Service Technician – Government Services (Client: KBR Incorporated), August 1, 2022 – November 1, 2022
Ticket (Service Task): New Hire IT Equipment Fulfillment and RSA Tokens Issuing (approximately 140 tickets fulfilled)
Ticket (Incident Task): Microsoft365, Adobe, Privia(HR), Cisco VOIP, MS Teams, SharePoint, Custom Applications: Aviation Flight Simulator (approximately, 250qty weekly tickets fulfilled)
Ticket (Return of Asset): Wiping hard drives
Ticket (Asset Clean-up Management): Re-image with Windows 10
Reporting: Personal Ticket management, updates, and closures (customer acceptance, survey, and feedback)
PAIS Consulting LLC – Edgewater, MD
Point of Sale (POS) system Security Field Engineer and Tester (Part-time), August 2020 to Present
Support small cloud security projects utilizing Azure Active Directory and Microsoft Sentinel
Conduct PCI-DSS Level 4 & 3 compliance assessments and scans as required using MS Excel and Kali Linux
Provide merchants/vendors with preliminary risk analysis and mitigation strategies
Support preparation of formal risk analysis and reporting documentation
Developed Kali Linux standard operating procedures and configuration manual to support PCI-DSS Level 4 & 3 compliance self-assessments
Supported the development of COVID-19 safety measure for providing onsite field POS support
Compliance Corporation – Lexington Park, MD
System and Network Administrator/Engineer, April 2014 to August 2020
Responsible for maintaining legacy HR and Finance applications for corporate directors and application/data owners.
Provided organizational and information system security control technical configuration, implementation and assessment support for the following NIST 800-171r2 security requirement families: Access Control (AC), Audit and Accountability(AU), Identification and Authentication(IA), System and Communications Protection(SC), and System and Information Integrity(SI)
Supported the Information System Security Officer (ISSO) with security control documentation for system security plan and plan (SSP) of action and milestones (POAM) supporting a CMMC Level 2 compliance strategy.
Provided daily operational administration and maintenance enterprise (80-users, onsite and remote) for the following network resources and services:
oRemote access administration and management
oOffice 365 administration and security compliance (MS 365 Security and Compliance Center)
oMigrations and technology refresh (MS Server 2003 to 2012 and Exchange to O365)
oServer rack builds (Migration from tower configurations to rack-mount configurations)
oStorage administration and management (Barracuda Back-up)
oInventory management
oVendor Research
oEmail administration
oActive Directory Administration
oUser training
oSecurity best practices management and secure configurations
oSystem backups
oSoftware installations
oFirewall administration and management
oSystem patches and vulnerability management
oServer, desktop, and Laptop build, maintenance and repair
oSystem disposals
oSystem and network device monitoring (syslogs, audit logs)
Responsible for staying current and recommending enterprise technology security best practices focusing on the three security principles of Confidentiality, Integrity, and Availability triad.
EDUCATION AND CREDENTIALS
Certifications:
2019: CompTIA Net+; 2017: CompTIA A+; Dell Service Technician
College:
College of Southern Maryland Community College: 2017, Computer Certified Technician, CompTIA Network+ Training
Anne Arundel Community College: 2008, Intro to Computer Science: JavaScript, Adobe Acrobat, Python Beginners and MS Office
High School:
King Christian Academy, 2007
Continuing Education:
CompTIA Security+ (Self-Study); www.cisecurity.org, www.pci-dss.org, www.sans.org, learn.microsoft.com