Data Center Information Services
Resume:
Edward Mundondo
**********@*****.***
SUMMARY:
Qualifications for information Services Management:
• I am a pragmatic, results-oriented IT professional with 20+ years of industry experience, including 8 years in data center facilities. Thrives in high-pressure environments. Expertise spans across various security domains, including Google Security, AWS, and Azure. Skilled in guiding and leading teams through project lifecycles
• Exceptional at cultivating positive relationships with IT teams, business partners, and vendors. Possesses strong analytical and problem-solving abilities. Persistent and resourceful in introducing processes, monitoring techniques, and tools for enhanced efficiency and productivity
Technical Competencies:
• PowerShell, Python, Ansible and Bash Scripting
• IP addressing; subnetting, VLSM, and route summarization
• Design, installation, and configuration of Cisco routers and Catalyst switches
• Complete configuration, maintenance, redistribution/troubleshooting of routing protocols RIP, IGRP, OSPF, BGP, and EIGRP
• Creation of Access lists, Context-Base Access Control (CBAC), route maps, route policy, security, firewalls, filters, and sniffers
• Configuration of VLANs, STP, VTP, trunking, NTP, and Dial on Demand Routing
(DDR)
• Hands-on work with PIX, Net screen, VPN (IPSEC/ISAKMP), MPLS, IOS, CatOs Catalyst switches, Cisco wireless controllers, and AP
• Hands-on experience with Microsoft Defender Advanced Threat Protection, Office 365 Advanced Threat Protection, Azure Active Directory Premium, and Microsoft Endpoint Manager (Intune)
• Set Up Proxy Servers: Install and configure your proxy servers. Popular proxy server software includes Squid, Nginx, and Apache. Cloud-based services like AWS, Azure, or proxy-specific providers can also be used
• Additional: Windows, OSX, Linux, Network+, Dell, SolarWinds, Cisco, Symantec, CrowdStrike, McAfee, FIPS, AS400, Navis, SCCM, VMware, Hyper V. Edward Mundondo
**********@*****.***
PROFESSIONAL EXPERIENCE:
SitusAMC, NY April 2024- Current
InfoSec Governance Manager
• Reported to SVP for InfoSec compliance and Vendor and Tool Research Assessment
• Audit Facilitation: Support internal and external cybersecurity audits and assessments
• Implemented Delinea from an Infosec aspect for integrity and compliance
• Disaster Recovery: Develop and maintain a plan for data and system availability in case of disruptions
• Stakeholder Engagement: Engage with customers, clients, and stakeholders to showcase the organization’s cybersecurity commitment
• Monitor and optimize cloud infrastructure performance
• Develop automation scripts for infrastructure management
• Design and implement security measures
• Configure and maintain AWS services (EC2, S3, RDS, VPC)
• Troubleshoot and resolve cloud infrastructure issues Starr Companies, NY January 2023-December 2023
IT Governance Manager
• Reported to IT Governance and PMO VP for IT compliance documentation processes and Vendor management
• Strategic Planning: Create and execute a cybersecurity strategy in line with organizational objectives and industry best practices
• Team Leadership: Supervise a cybersecurity team, including recruitment, training, and performance oversight
• Policy Enforcement: Establish and uphold security policies, protocols, and standards safeguarding digital assets thru IT Governance
• Risk Management: Identify and evaluate security risks, vulnerabilities, and threats, and develop mitigation strategies
• Incident Management: Lead security incident responses, encompassing containment, investigation, and resolution
• Regulatory Compliance: Ensure compliance with relevant regulations and standards like GDPR, HIPAA, and industry-specific requirements
• Awareness and Training: Promote cybersecurity awareness and employee training to bolster security posture
• Technology Assessment: Stay current with emerging cybersecurity tech and assess their suitability for the organization
Edward Mundondo
**********@*****.***
• Budget Oversight: Develop and manage the cybersecurity budget, covering resource allocation and cost management
• Vendor Relations: Manage relationships with cybersecurity vendors and service providers
• Reporting: Provide regular reports to senior management and stakeholders on cybersecurity status
• Incident Planning: Create and maintain an incident response plan, coordinating readiness exercises
• Security Architecture: Define and sustain the organization’s security architecture, encompassing network, endpoint, and cloud security. Leading an extensive EDR
(endpoint detection and response) evaluation for multiple vendors
• Threat Intelligence: Monitor and analyze cyber threat intelligence for proactive defense against emerging threats. Manage Endpoint and alerting tools (agent deployment/setup, correlation, and rule/policy tuning) such as Symantec Endpoint Management Console/Microsoft Defender ATP and CrowdStrike
• Continuous Enhancement: Implement ongoing improvements to adapt to evolving cybersecurity challenges and best practices
• Legal and Ethical Compliance: Stay informed about legal and ethical aspects of cybersecurity, including privacy laws and ethical hacking using Qualys, Nessus, Spunk, Dynatrace
• Business Continuity: Collaborate with other departments to ensure business continuity during security incidents
• Audit Facilitation: Support internal and external cybersecurity audits and assessments
• Disaster Recovery: Develop and maintain a plan for data and system availability in case of disruptions
• Stakeholder Engagement: Engage with customers, clients, and stakeholders to showcase the organization’s cybersecurity commitment
• Monitor and optimize cloud infrastructure performance
• Develop automation scripts for infrastructure management
• Design and implement security measures
• Configure and maintain AWS services (EC2, S3, RDS, VPC)
• Troubleshoot and resolve cloud infrastructure issues Edward Mundondo
**********@*****.***
NIH November 2020-October 2022
Cyber Security Specialist, Remote
• Maintained, mitigated, and consolidated IAM services reported to the Security IT Director
• Baselined and maintained virtual infrastructure to comply with PCI DSS, HIPAA, FISMA, NIST, OCIO, STIG and CISA
• Collaborated vulnerability remediation with developers to improve on efficiency and risk mitigation
• Monthly patching with SCCM and EMC SMARTS for windows, JAMF for Macs, and business workflow SNOW
• Maintenance CrowdStrike, Fire eye, McAfee and Defender endpoints and cloud environments Azure, AWS, Google, and IBM PowerShell and Python scripts
• Designed, Installed, Configured, Integrated, and maintained IAM, PAM and PIM tools viz: CyberArk, SailPoint, BeyondTrust, One Identity, Proofpoint, PingFederate, SSO, SAML, Terraform
• Implemented cloud-based solutions, CI/CD pipelines using python, ansible, docker, TeamCity
• Baselined and provisioned Windows, Mac, Centos, Ubuntu, Linux servers with BigFix 8, Splunk, FireEye, Sysmon, Trip-wire, Force scout, Nessus and Secure Connector, Power BI
• User and Entity Behavior Analytics (UEBA) in identifying and mitigating security risks using Rapid7 insightDR, Qradar and Forcepoint
• Deploys Microsoft 365 products (Defender for Endpoint, Defender for Office 365, Defender for Identity, and Cloud App Security) onto the Client’s environment to protect against attacks
• Installed and maintained Docker environment and Microsoft Office 365
• Develop best practices and tools for biannual DR test, management and execution using RPO, RTO, and MTD for in business continuity
• Monitor and optimize cloud infrastructure performance
• Develop automation scripts for infrastructure management
• Linux
• Installed, mitigated, managed and integrated Linux Infrastructure and endpoints included, using best industry standards security practices to protect against threats and vulnerabilities using ClamAV, Sophos, ESET NOD32, Symantec Endpoint Protection and McAfee Endpoint Security for Linux
• Security Information and Event Management (SIEM) Systems:
• Elasticsearch, Kibana (ELK), Splunk
• Vulnerability Assessment and Scanning Tools
Edward Mundondo
**********@*****.***
• OpenVAS (Open Vulnerability Assessment System),Nessus
• Disk Encryption:
• LUKS (Linux Unified Key Setup),dm-crypt, VeraCrypt
• Security Patch Management:
• Spacewalk, Red Hat Satellite, Landscape by Canonical (for Ubuntu)
• File Integrity Monitoring (FIM):Tripwire, AIDE (Advanced Intrusion Detection Environment)
• Security Hardening Tools: Lynis, Bastille Linux, CIS-CAT (Center for Internet Security Configuration Assessment Tool)
• Secure Shell (SSH) Configuration Tools: sshd_config (built-in SSH server configuration),Fail2ban,SSHGuard
• Host-Based Intrusion Detection and Prevention Systems (HIDS/HIPS):Rootkit Hunter
(rkhunter),chkrootkit
• Network Monitoring and Analysis: Wireshark,tcp dump, ntopng
• Container Security: Docker Bench for Security, Clair (for container vulnerability scanning), Podman (for rootless containers)
• User Access Control and Authentication:
• PAM (Pluggable Authentication Module) configuration
• Multi factor authentication tools (e.g., Google Authenticator)
• Sudo configuration for privilege management
• Container Orchestration Security:
• Kubernetes RBAC (Role-Based Access Control)
• Kubernetes Pod Security Policies
• CIS Kubernetes Benchmark
• Remote Access and VPN Tools:
• OpenVPN, Wire Guard, Strong Swan
• Security Auditing and Compliance Tools:
• OpenSCAP, SCAP Security Guide, CIS-CAT
• Open Web Application Security Project (OWASP)
• ModSecurity Core Rule Set (CRS), Amass, ZAP (Zed Attack Proxy),OWTF (Offensive Web Testing Framework):
• Application Security Verification Standard (ASVS), Security Knowledge Framework,
• Web Security Testing Guide
Edward Mundondo
**********@*****.***
TIAA, Parsippany, NJ August 2018-July 2020
Cyber Security and Infrastructure Security Specialist
• Reported on IT application systems and security operations to the Infrastructure Protection Services IT Director
• Utilized Service Now to handle client support tickets and meet SLAs
• Managed vendors and partners to address client issues and compliance
• Successfully migrated ERPM and Observe IT the legacy full stack to front back ends compliant environment to incorporate asymmetric encryption. Managed Cyber Security, Splunk, BigFix 8.2, Qualys and Google applications namely observe IT, Stealth AUDIT
• Identity and Enterprise Random Password Manager for Windows, Mac, and Linux systems
• Endpoint and Network Data Loss Prevention for network, databases and all operating systems using Cisco
• Umbrella, Palo Alto, Forcepoint, DbProtect, McAFee, Proofpoint
• User and Entity Behavior Analytics (UEBA) in identifying and mitigating security risks using Rapid7 insightDR, Qradar and Splunk,
• Created and Maintained Systems SIEM, NIST, SOAR, FISMA, SME with Splunk, BigFix 8.2, Google Security OIT, Cyberark, Stealth AUDIT, One Identity automated reporting monitoring scripts
• Designed, Installed, Configured, Integrated, and maintained IAM, PAM and PIM tools viz: CyberArk, SailPoint, Be-yond Trust, One Identity, Proofpoint, PingFederate, SSO, SAML
• Implemented cloud-based solutions, CI/CD pipelines using python, ansible, docker, TeamCity
• Cyber security blocking on Cisco WSA and Umbrella to increase efficiency
• Configured and maintained VDI, AWS and Azure Pool and Google Environments in PowerShell and python scripts using terraform
• Deployed Antivirus and Firewall policies to Windows 10 devices, using Defender for Endpoint
• Installed upgraded and configured AsyncOS 9,10 and 11 Design and implement security measures
• Configure and maintain AWS services (EC2, S3, RDS, VPC)
• Troubleshoot and resolve cloud infrastructure issues
• Maintained VMWare and EMC SMARTS environments used for monitoring
• Windows 7 to 10 Migrations and Office 365 upgrades SCCM image migrations automation in PowerShell
• PowerShell scripted Network and SEP Asset management, reconciliation, consolidation Security for compliance
Edward Mundondo
**********@*****.***
• Develop best practices and tools for biannual DR test, management and execution using RPO, RTO, and MTD for in business continuity
• Utilized Microsoft 365 Defender to activity monitor and respond to all malicious emails on the company network
• Set up Broadcom proxy and reverse proxy servers, to configure Nginx, or Apache, or use cloud-based services. Con-figure network settings, implement access control, enable logging and monitoring, secure with SSL/TLS, test, scale if needed, maintain, and provide troubleshooting and support
• Maintenance:
• Update MS Exchange Server: Regularly apply updates, patches, and service packs to keep the server secure and up to date
• Backup and Recovery to Implement a robust backup strategy to ensure data recovery in case of failures. Monitored to track server performance, mailbox usage, and other relevant metrics
• Security Measures to Implement security best practices. Managed user accounts, permissions, and distribution lists as needed. Mailbox Management for sizes, archive policies, and implement retention policies
• Linux
• Installed, mitigated, managed and integrated Linux Infrastructure and endpoints included, using best industry standards security practices to protect against threats and vulnerabilities using ClamAV, Sophos, ESET NOD32, Symantec Endpoint Protection and McAfee Endpoint Security for Linux
• Web Application Firewalls (WAF) Firewalls: iptables, UFW (Uncomplicated Firewall, MoD Security, NAXSI (Nginx Anti-XSS & SQL Injection)
• Intrusion Detection and Prevention Systems (IDS/IPS):
• Snort, Suricata, OSSEC
• Security Information and Event Management (SIEM) Systems:
• Elasticsearch, Kibana (ELK), Splunk
• Vulnerability Assessment and Scanning Tools:
• OpenVAS (Open Vulnerability Assessment System),Nessus
• Disk Encryption: LUKS (Linux Unified Key Setup),dm-crypt, VeraCrypt
• Security Patch Management: Spacewalk, Red Hat Satellite, Landscape by Canonical
(for Ubuntu)
• File Integrity Monitoring (FIM):Tripwire, AIDE (Advanced Intrusion Detection Environment)
• Security Hardening Tools: Lynis, Bastille Linux, CIS-CAT (Center for Internet Security Configuration Assessment Tool)
Edward Mundondo
**********@*****.***
• Secure Shell (SSH) Configuration Tools: sshd_config (built-in SSH server configuration),Fail2ban,SSHGuard
• Host-Based Intrusion Detection and Prevention Systems (HIDS/HIPS):Rootkit Hunter
(rkhunter),chkrootkit
• Network Monitoring and Analysis: Wireshark, tcpdump, ntopng
• Container Security: Docker Bench for Security, Clair (for container vulnerability scanning), Podman (for rootless containers)
• User Access Control and Authentication:
• PAM (Pluggable Authentication Module) configuration
• Multi factor authentication tools (e.g., Google Authenticator)
• Sudo configuration for privilege management
• Container Orchestration Security:
• Kubernetes RBAC (Role-Based Access Control)
• Public Key Infrastructure (PKI) Setup:
• Identify the scope and requirements for your PKI, considering factors like the number of users, devices, and the type of applications involved
• Certificate Authority (CA) to deploy a CA server to issue and manage digital certificates. Configure CA settings and policies
• Registration Authority (RA) if needed for identity verification before certificate issuance
• Certificate Templates specifying the information and usage policies for different types of certificates
• Public and Private Key Generation for entities requiring certificates. Safeguard private keys securely
• Certificate Distribution to Implement mechanisms for distributing digital certificates to end-users or devices securely
• Revocation Mechanism to set up a Certificate Revocation List (CRL) or Online Certificate Status Protocol (OCSP) for revoking compromised certificates
• LDAP to Integrate with directories for storing and retrieving certificates and related information
Edward Mundondo
**********@*****.***
KPMG, Montvale, NJ November 2016-July 2018
Senior Security Associate
• Reported on endpoint and infrastructure services to the IT Director. Utilized Service Now to handle client support tickets and meet SLAs
• Worked with third-party vendors and partners to resolve client issues
• Identified issue root cause and applied preventive fixes for Dell Data Protection. Successfully resolved double encryption issues with DOD by adding priority interval logical scripts
• Endpoint and Network Data Loss Prevention (DLP) Encryption Server and Endpoint, McAfee Endpoint Security, Syman-tec Endpoint Protection, Group Policy Implementation, SCCM Patching, Office 365, Skype, Jamf, Intune, MobileIron, Virtual Server, and desktop support using VMware and Citrix XenApp and XenDesktop
• Developed Runbooks based on ITIL, Security Technical Implementation Guide (STIG) and SOPs documentation on client systems/processes. Installed, configured, tested, managed, monitored, and maintained Linux operating systems, infrastructure software, and system management tools
• Administered security, backup, and redundancy strategies
• Set up and Configured Windows Defender ATP policy for certain systems in Intune
• Maintenance of Anti-virus\Anti-malware\Endpoint protection platform, threat hunting, and compliance
• Proactively ensured the highest levels of systems and physical and virtual infrastructure availability
• Wrote and maintained custom PowerShell, Python, Bash scripts to boost virtual and cloud systems efficiency and minimize human intervention time on various tasks
• Proposed changes in client environments and educated clients on how to optimize their system usage and avoid problems
• DLP by Forcepoint, DbProtect, Proofpoint, RSA, PingFederate, SSO, SAML
• Created and Maintained Qualys, Cyber Security, Splunk and Google applications namely Observe IT, One Identity and Enterprise Random Password Manager for Windows, Mac, and Linux system
• Implemented cloud-based solutions, CI/CD pipelines using python, ansible, docker
• Deployed Microsoft Defender for Identity, and installed sensors in Domain Controllers
• Configured advanced threat protection features (ATP) such as safe link and diagnostic reporting via Windows Defend-er ATP. User and Entity Behavior Analytics
(UEBA) in identifying and mitigating security risks using Rapid7 insightDR, Qradar and Symantec. Configuring Windows Defender to filter malware within the network Edward Mundondo
**********@*****.***
• Set up Broadcom proxy and reverse proxy servers, to configure Nginx, or Apache, or use cloud-based services. Con-figure network settings, implement access control, enable logging and monitoring, secure with SSL/TLS, test, scale if needed, maintain, and provide troubleshooting and support
• Created and Maintained Systems SIEM, NIST, FISMA, SME with Splunk, BigFix 8.2 Qualys, OIT, Cyberark, Proofpoint, SolarWinds, One Identity automated reporting monitoring scripts Enterprise Random Password Manager support for windows, Mac, and Linux systems
• Migrated Windows 7 to 10, Office365, created a DDPE runbook and upgraded from 7.2 to 9.6, and set up Skype Busi-ness using SOAR and UEBA. Researched and evaluated AWS services and technologies, resulting in the adoption of a new service that improved system reliability by 30% and reduced infrastructure costs by 10%
• MS Exchange: Installed MS Exchange Server on a dedicated server, following the installation wizard. Configurations for mail flow, client access, mailbox databases and mailbox Creation
• Configure Virtual Directories for Outlook Web App (OWA), MS Exchange ActiveSync, and other services. SSL Certificate installs to secure validity communication with the MS Exchange server. MX Record Configuration to update DNS records to point to the MS Exchange server for email delivery
• Linux: Installed, mitigated, managed, and integrated Linux Infrastructure and endpoints included, using best industry standards security practices to protect against threats and vulnerabilities
• Security Information and Event Management (SIEM) Systems: Elasticsearch, Kibana
(ELK), Splunk
• Vulnerability Assessment and Scanning Tools: OpenVAS (Open Vulnerability Assessment System),Nessus
• Security Patch Management: Spacewalk, Red Hat Satellite, Landscape by Canonical
(for Ubuntu)
• File Integrity Monitoring (FIM):Tripwire, AIDE (Advanced Intrusion Detection Environment)
• Security Hardening Tools: Lynis, Bastille Linux, CIS-CAT (Center for Internet Security Configuration Assessment Tool) Secure Shell (SSH) Configuration Tools: SSHD_config (built-in SSH server configuration),Fail2ban,SSHGuard
• Host-Based Intrusion Detection and Prevention Systems (HIDS/HIPS):Rootkit Hunter
(rkhunter), chkrootkit
• Network Monitoring and Analysis: Wireshark, tcpdump, ntopng
• Container Security: Docker Bench for Security, Clair (for container vulnerability scanning), Podman (for rootless containers)
Edward Mundondo
**********@*****.***
• User Access Control and Authentication: PAM (Pluggable Authentication Module) configuration, Multi factor authentication tools (e.g., Google Authenticator), Sudo configuration for privilege management
• PKI Maintenance:
• Regular Audits to review certificate usage, expiration, and compliance with security policies
• Key Rotation periodically to enhance security and mitigate risks associated with long- term key use
• Security Updates to keep the PKI components, including CA servers, updated with the latest security patches
• Backup and Recovery for a robust backup strategy for key material, certificates, and configuration settings to facilitate recovery in case of failures
• Monitored to track the health, performance, and security of the PKI infrastructure
• Regularly review and update Certificate Policies (CP) and Certificate Practice Statements (CPS) to align with organizational changes
• User Training on the importance of certificates, private key protection, and adherence to security policies
• Container Orchestration Security: Kubernetes RBAC (Role-Based Access Control),Kubernetes Pod Security Policies, CIS Kubernetes Benchmark
• Security Auditing and Compliance Tools: OpenSCAP, SCAP Security Guide,CIS-CAT
• Open Web Application Security Project (OWASP): ModSecurity Core Rule Set (CRS), Amass, ZAP (Zed Attack Proxy),OWTF (Offensive Web Testing Framework),Application Security Verification Standard (ASVS), Security Knowledge Framework, Web Security Testing Guide
GCT USA, Staten Island, NY January 2014-October 2016 IT Security Associate
• Reported on IT systems and operations to the IT Director. Initiated and executed infrastructure evaluation. Generated documentation with Runbooks based ITIL and SOPs
• Managed system automation and virtualized environment
• Created OS images to be deployed. Administered Windows OS platform with Citrix XenApp and XenDesktop in PowerShell automation scripts
• Provided support for issues escalated by level one and two system administrators
• Utilized Remedy, Web helpdesk, Outlook, Skype, Intune, Jamf and Office365
• Performed RFID systems analysis and terminal information systems support. Served as a Linux systems administrator responsible for daily operations and Maintenance Edward Mundondo
**********@*****.***
• Conducted system monitoring analyzed and documented performance and executed trend analysis as required
• Completed implementation of SolarWinds Monitoring Reporting System two months before deadline and under budget. Installation, configuration, and day-to-day management of Symantec Endpoint Protection
• Initiated a central managed system that was industry compliant
• Boosted productivity through creation of separate departmental VLANs
• Instituted a new procedure for employee intake
• Setup and configured with Cyber Security, Splunk, Azure and Google applications namely Terraform, ObserveIT, One Identity and Enterprise Random Password Manager for Windows, Mac, and Linux systems
• Installed, maintained, and upgraded RedHat Centos, Ubuntu, Linux and Solaris Servers using kickstart based network installation. Configured and administered multiple production Red hat servers across multiple platforms Linux
• Installed, mitigated, managed and integrated Linux Infrastructure and endpoints included, using best industry standards security practices to protect against threats and vulnerabilities using ClamAV, Sophos, ESET NOD32, Symantec Endpoint Protection and McAfee Endpoint Security for Linux
• Security Information and Event Management (SIEM) Systems: Elasticsearch, Kibana
(ELK), Splunk
• Vulnerability Assessment and Scanning Tools: OpenVAS (Open Vulnerability Assessment System),Nessus
• Security Patch Management: Spacewalk, Red Hat Satellite, Landscape by Canonical
(for Ubuntu)
• File Integrity Monitoring (FIM):Tripwire, AIDE (Advanced Intrusion Detection Environment)
• Security Hardening Tools :Lynis, Bastille Linux, CIS-CAT (Center for Internet Security Configuration Assessment Tool
Edward Mundondo
**********@*****.***
EDUCATION:
Bulawayo Technical College, ZIMBABWE
Bachelor of Science in Computer Science
CERTIFICATIONS:
FDCC Information Management Awareness
Information Security Awareness
Security Posture
CIT IAM GS
CISSP
Foundations of Project Management
Microsoft Azure IAM Management
Contact this candidate