Security Officer Cyber
Resume:
Christopher J. Wesley
Senior-level Cyber Security Analyst
*****************@***.*** • 678-***-****
LinkedIn • Atlanta, GA, 30331
Technically astute and detail-oriented professional with TS SCI clearance and extensive experience leading all aspects of computer information system security, system administration, network operations and threat hunting within top-tier organizations. Expert at analyzing key data and threat information from multiple sources, disciplines, and agencies across the Intelligence Community concerning foreign all-source collection capabilities and activities, i.e., human intelligence (HUMINT) and signals intelligence (SIGINT) to develop effective plans and communicating solution to stakeholders. Possess strong expertise in system security, vulnerability scanning, penetration testing, risk assessment, and cyber security analysis. Demonstrated history of leading projects and system implementation of government systems, medical, telecommunications, and other sizable computer networks. Instrumental leader and communicator both verbally and written; ability to build and direct cross-functional teams to ensure attainment of all set objectives. Proficient at fostering and maintaining relationships with team members and stakeholder at all levels.
Technical Proficiencies
Operating Systems:
Windows 3.0 – Windows 11 Macintosh (OS 7.x – OS 13.x) SUSE, Red Hat Linux, Kali Windows Server
Networking Protocols:
TCP/IP PPP FTP DHCP IPX/SPX NetBEUI DNS VPN IDS/IPS
Software and Tools:
SQL SharePoint MS Office Bluecoat Retina Q-Tip HBSS SCAP VMWare Hyper-V HBSS SMS PowerShell SCCM AWS Azure Active Directory Python
Threat Intel Tools:
Security Standards:
Splunk SolarWinds Exabeam Rapid 7 FireEye IBM X-Force
NIST 800-xx RMF PCI DSS HIPAA ISO27001 COBIT 2019
Career Experience
Envistacom – Duluth, GA 2018 – 2023
Sr Cyber Security Engineer/Architect
Collaborated with network operations team to assure security services are being delivered. Assisted government agencies to keep cyber threats at bay, safeguarding their information, and ensured that employee and client data is secure. Created and implemented distinctive, efficient security strategies for software systems, networks, data centers, and hardware by utilizing NIST 800 according to DISA and DoD standards. Explored optimal methods for safeguarding IT infrastructure of entire company. Configured and installed firewalls to protect network infrastructures. Produced technical reports, proposals, contracts, and white papers by managing accumulated information. Led investigations efforts as required to ensure compliance with privacy/security policies. Formulated and executed annual risk assessments as well as developed appropriate action plans to minimize risk potential and coordinate periodic reporting on remediation activities until formal closure.
Conducted assessments of software/hardware to detect potential security weaknesses by utilizing ACAS/Nessus Vulnerability Scanners.
Identified threat's scope and effect on business to suggest best plan of action for containing and resolving situation.
Provided continuous monitoring and incident response of network environments, while acting as first responder during security events.
Designed and integrated/build-in security systems to software, hardware, and components.
Analyzed and mitigated thousands of threats to government systems.
Creating cloud-based packages while enforcing IAM and securely configuring cloud environments and IoT devices.
Managed, maintained, and monitored the IAM application environment and tools; ensured all systems stayed current and were running efficiently.
Served as a key IAM audit and compliance contact, explained the internal assessment processes and scopes, keeping IAM management apprised of IAM key risks and issues.
Participated in planning, scoping, and driving the execution of IAM related assessments and advisory reviews.
Performed assessments within Information and Operation Technology IT/OT environments. Identifying where systems/networks deviate from acceptable security configurations.
Secured cross-domain IT/OT communications and pathways to/from Business Networks, third parties, and wide-area ICS/OT and DoD networks.
Defense Forensics Science Center – Fort Gillem, GA 2015 – 2018
Sr. Cyber Security Engineer/IT Business Manager
Provided technical support for all contracts and government purchases for information management department, including supplies and services. Accountable for all provisioning, installation/configuration, operation, and maintenance of systems hardware and software related to DFSC infrastructure. Managed technical support for all contracts and government purchases pertaining to all hardware and software purchases procured within DFSC, including, performing market research, Independent Government Cost Analysis, and price analysis. Conducted market research, independent government cost analysis, and price analysis. Collaborated closely with branch leads and project teams identifying requirements, assisting with Performance Work Statements (PWS) and Request for Proposals (RFPs). Utilized identity and access management (IAM) framework to control user access to critical information within DFSC organization by enforcing two-factor authentication and privileged access management.
Ensured that all system hardware, operating systems, software applications, mobile devices and related procedures adhere to US Army and DoD standards in regards to compliance and life cycle management.
Designed and implemented DFSC virtualization and cloud strategy utilizing Hyper-V, VMware, AWS and Azure.
Tested and created virtualized infrastructure, storage, networking, web-based many other cloud services using AWS Elastic Computer Cloud (EC2), Elastic Container Service (ECS) and Elastic Block Store (EBS).
Performed technical research and development to enable continuing innovation within DFSC infrastructure.
Utilized vulnerability compliance scanning tools for web and cloud security in the DFSC infrastructure.
Reduced IT budget up to 40% by developing and executing robust cloud strategies in AWS and Azure.
Reviewed software/hardware purchase request, receive, and track software licenses for purchased software.
Automated updates and patches by configuring logon/logoff batch files using PowerShell.
Utilized Python API to communicate, debug and add enhancements to DoD network systems and computer applications.
Defense Forensics Science Center – Fort Gillem, GA 2009 – 2015
IASO/Sr. Network Security Engineer
Analyzed threat intelligence (actors, tools, exploits, etc.) and determine techniques, tactics, and procedures (TTPs) of Threat Actors, including detailed technical analysis of the TTPs. Ensured enterprise information security standards were in line with DoD regulations. Developed and implemented information security procedures in according to DOD protocol. Carried out security analyses and risk/vulnerability assessments by checking all servers for security breaches and application failures. Evaluated Nitro Security IPS/IDS system and Fortinet Firewall system for vulnerabilities to take appropriate action. Utilized eEye Retina, Q-Tip, SCAP analyzer, and AirTight to scan entire network for vulnerabilities and assured that all patches and zero-day attacks were alleviated properly.
Responsible for ensuring enterprise information security standards were current in accordance NIST Risk Management Framework (RMF).
Analyzed insider events/ data feeds for event detection, correlation from monitoring solutions, triage and classify the output using automated systems for further investigation.
Contributed to insider threat processes to identify and develop insider threat leads for possible referral to investigators.
Utilized DoD’s security system AirTight to capture weaknesses in the wireless LAN and initiate appropriate action.
Managed cryptographic keys, including generation, exchange, storage, use, revocation, and replacement.
Identified weaknesses in security systems, algorithms, wireless networks, DoD phones, and emails.
Applied DISA STIGS and document omissions and reported to NEC as part of ATO requirement.
Utilized NAC devices to ensure that unused LAN ports are locked and monitor for anomalies.
Created, modified, and implemented effective GPO's for DFSC’s network security posture.
Oversaw and managed user group and account administration in Active Directory.
Developed test procedures and/or documented recommendations for test plan modifications that improve validation of cybersecurity controls.
Perform daily review of cyber threat warnings, bulletins, alerts, and incident reporting documentation and databases.
Utilized Splunk to analyze, assess, and generate multifaceted threat reports for high-ranking officers in the DoD.
Additional Experience
IASO (Information Assurance Security Officer), UCG, Inc./Defense Forensics Science Center – Ft. Gillem, GA
SIPRNet Network Security Eng./Information Assurance CTO Security Engineer, LMR, Inc. /US Army Reserve – Peachtree City, GA
IT Director, ENT Facial Plastics, PC – Atlanta, GA
Cable Broadband Vendor Manager, EarthLink, Inc. – Atlanta, GA
Technical Support Systems Trainer, EarthLink, Inc. – Atlanta, GA
Network Operations Center Technician, EarthLink, Inc. – Atlanta, GA
Education
MS: Cyber Security and Information Assurance Western Governors University – Millcreek, UT
BS: Electrical Engineering /Mathematics North Carolina A&T State University – Greensboro, NC
Certifications
CISSP A+ NET+ Security+ CASP C CISO Project+ CEH CHFI CySA PMP ITIL TS SCI Clearance IA - Network Manager Security IA – Computer Network Defense NESSUS/ACAS Azure Basic Training Shipley Proposal Writing MCITP Server MCITP Windows eEye Retina CIW Web Design COR 202/222 MSP
Contact this candidate