William ‘Lamar’ Herndon

CompTIA Network+, A+

Hollywood, MD 20636

202-***-**** ● aduev1@r.postjobfree.com

IT Security Specialist

Network Systems and Communications ● Cybersecurity Best Practices ● NIST RMF ● PCI-DSS

Over 10 years of information technology work experience ranging from help desk, engineering, integration, monitoring, analysis, computer security, system and application security, system and network administration to security engineering and operations support, user support and training.

IAT Level I: CompTIA Network+ and A+ certified professional with strong help desk security experience – provide software, hardware, client/server, cloud, and networking technical support.

Corporate system/enterprise network security configuration and analysis. Demonstrated strengths in rapidly diagnosing, troubleshooting, and resolving security (CIA+S) related issues and incidents.

Dell Service Technician Certification: Authorized to work on Dell computing equipment

IAT Level II: CompTIA Sec+CE (Currently Studying, Tentative Exam - TBD)

KEY SKILLS

Process and Procedure Oriented

Documenting

Collaborating

Attention to Detail

Technical Troubleshooting and Problem Solving

24/7 Operations Support

Secure Configurations Compliance

Customer Service

Communications

Presentation

Privacy and Safety Continuing Education

On-Premise/Hybrid Cloud Secure Engineering, Operations and Management

TECHNOLOGY PROFICIENCIES

Security Technical Controls and Tools:

ESET, Access Control, Systems and Integrity, Auditing, Systems Communications; Kali Linux, NMAP, STIGS and SCAP

Software:

Linux CLI; Windows PowerShell; firewall; email; browsers; anti-virus, Office 365 Compliance, syslogs, security event audit logs, DASH Ticketing, BC Wipe, Pulse VPN, VMWare (Sandbox), Active Directory (AD)

Hardware:

PC’s; laptops; printers, scanners, routers, switches

Platforms:

Windows; Mac OS; Linux; Azure; Barracuda Backup Cloud

Security Frameworks:

NIST RMF; NIST CSF; PCI-DSS; CIS Critical Security Controls; CMMC (NIST SP 800-171); MITRE ATT&CK

PROFESSIONAL EXPERIENCE

Hire Power – Lexington Park, MD (Temporary)

Customer Service Technician – Government Services (Client: KBR Incorporated), August 1, 2022 – November 1, 2022

Ticket (Service Task): New Hire IT Equipment Fulfillment and RSA Tokens Issuing (approximately 140 tickets fulfilled)

Ticket (Incident Task): Microsoft365, Adobe, Privia(HR), Cisco VOIP, MS Teams, SharePoint, Custom Applications: Aviation Flight Simulator (approximately, 250qty weekly tickets fulfilled)

Ticket (Return of Asset): Wiping hard drives

Ticket (Asset Clean-up Management): Re-image with Windows 10

Reporting: Personal Ticket management, updates, and closures (customer acceptance, survey, and feedback)

PAIS Consulting LLC – Edgewater, MD

Point of Sale (POS) system Security Field Engineer and Tester (Part-time), August 2020 to Present

Support small cloud security projects utilizing Azure Active Directory and Microsoft Sentinel

Conduct PCI-DSS Level 4 & 3 compliance assessments and scans as required using MS Excel and Kali Linux

Provide merchants/vendors with preliminary risk analysis and mitigation strategies

Support preparation of formal risk analysis and reporting documentation

Developed Kali Linux standard operating procedures and configuration manual to support PCI-DSS Level 4 & 3 compliance self-assessments

Supported the development of COVID-19 safety measure for providing onsite field POS support

Compliance Corporation – Lexington Park, MD

System and Network Administrator/Engineer, April 2014 to August 2020

Responsible for maintaining legacy HR and Finance applications for corporate directors and application/data owners.

Provided organizational and information system security control technical configuration, implementation and assessment support for the following NIST 800-171r2 security requirement families: Access Control (AC), Audit and Accountability(AU), Identification and Authentication(IA), System and Communications Protection(SC), and System and Information Integrity(SI)

Supported the Information System Security Officer (ISSO) with security control documentation for system security plan and plan (SSP) of action and milestones (POAM) supporting a CMMC Level 2 compliance strategy.

Provided daily operational administration and maintenance enterprise (80-users, onsite and remote) for the following network resources and services:

oRemote access administration and management

oOffice 365 administration and security compliance (MS 365 Security and Compliance Center)

oMigrations and technology refresh (MS Server 2003 to 2012 and Exchange to O365)

oServer rack builds (Migration from tower configurations to rack-mount configurations)

oStorage administration and management (Barracuda Back-up)

oInventory management

oVendor Research

oEmail administration

oActive Directory Administration

oUser training

oSecurity best practices management and secure configurations

oSystem backups

oSoftware installations

oFirewall administration and management

oSystem patches and vulnerability management

oServer, desktop, and Laptop build, maintenance and repair

oSystem disposals

oSystem and network device monitoring (syslogs, audit logs)

Responsible for staying current and recommending enterprise technology security best practices focusing on the three security principles of Confidentiality, Integrity, and Availability triad.

EDUCATION AND CREDENTIALS

Certifications:

2019: CompTIA Net+; 2017: CompTIA A+; Dell Service Technician

College:

College of Southern Maryland Community College: 2017, Computer Certified Technician, CompTIA Network+ Training

Anne Arundel Community College: 2008, Intro to Computer Science: JavaScript, Adobe Acrobat, Python Beginners and MS Office

High School:

King Christian Academy, 2007

Continuing Education:

CompTIA Security+ (Self-Study); www.cisecurity.org, www.pci-dss.org, www.sans.org, learn.microsoft.com

Contact this candidate