Administrative Assistant
Resume:
Edith Kerch
Cell: 323-***-****
Email: *****.*****@*****.***
EDUCATION
**/**** ****** ** ******* in Cybersecurity
University of Maryland University College US-MD-Adelphi
**/**** ******** ** Science in Computer Information Systems
California State University – Los Angeles US-CA-Los Angeles
09/2009 Bachelor of Science in Business Administration
California State University – Los Angeles US-CA-Los Angeles
CERTIFICATIONS / QUALIFICATIONS
Certified Information Systems Security Professional (CISSP) #405238
EC-Council Certified Ethical Hacker v8 Beta (CEHv8)
CompTIA Security+
CompTIA A+
CompTIA Network+
ITIL v4
TWIC
EXPERIENCE
6/2022 – 02/2024 INFORMATION SYSTEM SECURITY OFFICER – DEPARTMENT OF COMMERCE – National Security Systems - MISSING LINK SECURITY WASHINGTON, DC
-Held meetings to discuss relevance and technical updates required to address NIST800-53 Rev 5 controls
-Reviewed vulnerability scans, STIGs and system test and evaluation reports to draft POA&Ms. Drafted POA&Ms and reviewed supporting artifacts to address opening, maintaining, closing or recommending risk acceptance.
-Updated system of record to include all relevant RMF required documents for risk assessment and authorization.
05/2020 – 03/2022 SENIOR CYBER SYSTEMS ENGINEER – DEPARTMENT OF THE ARMY – OFFICE OF THE CHIEF INFORMATION OFFICER – US ARMY AKO/ICAM CYBERSECURITY
OPEN SYSTEMS TECHNOLOGIES CORPORATION FT BELVOIR, VA
-Conducted Interviews with system administrators and cybersecurity professionals to prepare them for the upcoming system assessment and audit.
-Reviewed system documentation and provided feedback to the AKO team to provide an accurate representation of the system to the SCA-V team
-Developed a spreadsheet of common questions to be asked by the assessors per control in preparation for the system assessment.
07/2019 – 05/2020 SENIOR SECURITY CONTROL ASSESSOR – DEPARTMENT OF EDUCATION – OFFICE OF THE CHIEF INFORMATION OFFICER – INFORMATION ASSURANCE SERVICES DIRECTORATE
INTEPROS FEDERAL WASHINGTON, D.C.
-Performed between 10-12 Security Control Assessments (SCAs) per month and ensuring the Department government officials were fully aware of the various system risks and their potential impact to the organization.
-Conduct SCAs in accordance with NIST and Department policies and coordinated with ISSOs, ISOs, and other system stakeholders to prepare them for system SCAs
-Review and interpret and/or assist in running vulnerability scans on systems and applications using HP WebInspect, HP Fortify, Tenable Nessus, McAfee Vulnerability Manager, McAfee ePolicy Orchestrator and McAfee Data Loss Prevention Discover
-Translate vulnerability scan results into findings aligned to NIST security controls
-Create, maintain and close Plan of Actions and Milestones (POA&Ms)
-Research, publish and maintain continuous monitoring metrics and data relevant to customer cybersecurity risk posture and RMF implementation
-Perform full scope, limited scope and continuous security assessments as well as continuous monitoring and ongoing security assessments and authorizations
-Coordinate with Security Operations Center (SOC) personnel to develop, publish, and maintain system security status and risk information
-Develop, maintain, and post documentation, information, templates and other materials produced to SharePoint and CSAM
-Assist customers with identifying, defining and implementing cybersecurity strategies, policies, tactics, techniques and procedures
-Render concise reports, summaries, training materials, and formal presentations
-Experience using CSAM workflow and modules to manage assessment work artifacts and progress
-Knowledge of Department of Education LCM and FISMA processes
-Experience researching, publishing and maintaining continuous monitoring metrics and data relevant to customer cybersecurity risk posture and RMF implementation
-Experienced in performing Ongoing Security Authorizations aligned to NIST SP 800-53 and 800-137
07/2017 – 07/2019 SECURITY ANALYST/ PENETRATION TESTER – DEPARTMENT OF HOMELAND SECURITY – SCIENCE AND TECHNOLOGY DIRECTORATE
ERP INTERNATIONAL WASHINGTON, D.C.
-Lead in deploying host based monitoring and alerting tools across the component networks to standardize and secure assets across the networks resulting in the streamlined incident response analysis and procedures.
-Transitioned various tools and systems into Azure and AWS gov cloud environments in anticipation of departmental requirements of being completely virtualized. This included ensuring stakeholders were aware of the technologies to be offered by the organization, requirements, challenges and expected timelines set for migrating.
-Developed automation scripts to handle and track vulnerability data provided by the scanning tools in order to provide the authorizing official and his team members actionable reports and data.
-Ongoing task of automating systems to alert and monitor network. Tasks include, deploying tools to network and configure logs to be sent to a SIEM. Write, tune and configure SIEM and IDS signatures to report on interesting and significant events. Updating tools, agents and sensors deployed on host systems.
-Reviewed code using Fortify to ensure that the code is written to coding best practices, standards, guidelines and naming conventions are followed
-Conducted vulnerability assessments and penetration tests customized to the system function and technical requirements. Completed bi-weekly walk throughs and monitored for rogue access points. Reviewed logs to ensure that no unauthorized networking devices connected to the network
-Performed triage in security incidents and investigations to include data gathering, network analysis and forensics
-Performed penetration tests on computer systems and networks, evaluated systems security utilizing Kali Linux. Metasploit, Nessus and other commercial tools, reviewed and documented findings as well as provided recommendations for security improvements
-Assessed system information security policies and their comprehensiveness against DHS policies
-Evaluated configurations and implementations of firewalls, proxy servers, routers, VPNs, IDS, wireless networks against legal requirements, departmental/local policy, as well as industry best practices and vendor recommendations.
2/2016— 07/2017 INFORMATION SYSTEM SECURITY OFFICER (ISSO) – DEPARTMENT OF HOMELAND SECURITY - SCIENCE AND TECHNOLOGY DIRECTORATE
SILOSMASHERS/ MISSING LINK SECURITY WASHINGTON, D.C.
-Provided guidance, oversight and expertise in ensuring the implementation and maintenance of security controls in accordance with the systems security plans and Department of Homeland Security (DHS) policies, DHS Management Directives (MDs), Information Technology (IT) Security Policies and handbooks (DHS 4300A) as well as the procedures and tools to implement them
-Tracked, updated, maintained and compiled artifacts in the Information Assurance Compliance System (IACS)
-Drafted and submitted the following documentation as part of the accreditation of various systems, while standardizing processes and procedures for future accreditations.
Plans of Actions and Milestones Hardware list
Privacy Threshold Analyses Software list
Rules of Behavior (ROB) Standard Operating Procedures
Privacy Impact assessment Waivers of Exception to policy
E-Authentication Asset vulnerability and compliance scans
Memorandums of Agreements System architecture and interconnection diagrams
Memorandums of Understandings Interconnectivity Service Agreement
Ports Protocols and Services Contingency plan
Incident Response plan Information Security Vulnerability Management (ISVM)
-Created scripts to optimize analysis, report processes and certifying accurate FISMA compliance reporting
-Evaluated system change requests and critiqued changes from a security point of view informing the system owner and Chief Information Security Officer the impact of the changes for evaluation and decision making.
-Oversaw security implementations on mixed operating systems and multiplatform environments, to include virtual machine and externally facing architectures.
-Utilized security tools, servers, gateways, applications and system for analysis, incident response and audit review
McAfee Antivirus Symantec Antivirus Clam Antivirus
Tripwire Imperva WebInspect
SIEM Tenable Nessus Encase
CISCO SourceFire McAfee ePO Cisco FirePower
Carbon Black Response Carbon Black Protection Fidelis
1/2014— 2/2016 INFORMATION ASSURANCE SUBJECT MATTER EXPERT /ASSIGNED INFORMATION ASSURANCE SECURITY OFFICER (IASO) – U.S. ARMY PM DOD BIOMETRICS
IP PLUS CONSULTING, INC. ALEXANDRIA, VA
-Expert knowledge of Department of Defense Risk Management framework (RMF) formerly known as the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) to include the DIACAP Knowledge Service, Enterprise Mission Assurance Support Service (eMass), and the US Army Certification and Accreditation Tracking Database (C&A TdB).
-Expert in Army Security regulations (AR25-2, Certificates of Net worthiness); Provided solid assistance to PM and IAM on DIACAP comprehensive and executive packages and their associated documentation to include the System Identification Profile (SIP), DIACAP Implementation Plan (DIP), DIACAP Scorecard, IT Security Plan of Action and Milestones (POA&Ms) and supporting certification documentation in the transfer, maintenance and addition of 8 systems to reach one of the following Accreditation decisions: ATO – Authorization to Operate; IATO – Interim Authorization to Operate; IATT – Interim Authorization to Test.
-Reviewed network scans to ensure that systems are STIG and vulnerability mitigation compliant; Utilized VMS to track the status of network IAVMs in order to ensure that listed vulnerabilities are tested and mitigated and that POA&Ms are updated accordingly.
-Familiar with NISPOM chapter 8, JAFAN 6/3, DCID 6/3, ICD 503, NIST 800-53R4A, DISA STIGS, DJSIG, NISPOM Overprint, and RMF security regulations
-Part of a team of 2 in review of FISMA, NIST compliance readiness for the Defense Information Systems Authority (DISA) Cyber Command Readiness Inspection (CCRI)
-Reported and maintained security architecture, policies and compliance, identified and documented security vulnerabilities, system status; maintained records of incidents, hardware/software, etc.
-Provided a comprehensive compliance mapping of all security controls that comply with the Federal Information Security Management (FISMA), Office of Management and Budget (OMB) guidance, and applicable National Institute of Standards and Technology (NIST) guidelines.
-Updated the Army Portfolio Management System (APMS) and the Asset Vulnerability Tracking Resource (AVTR)
-Reviewed risk and vulnerability assessments of planned and installed systems
-Reviewed security evaluations; performed and reviewed security audits
1/2012-1/2014 INFORMATION SYSTEMS SECURITY ENGINEER III/ TASK MANAGER AND LEAD ANALYST - AIR FORCE NETWORK OPERATIONS SECURITY CENTER - INFORMATION ASSURANCE CYBER SECURITY OPERATIONS CENTER
L-3 COMMUNICATIONS SHAW AFB, SC
-Led a team of eight in the analysis and detection of cyber threats and incidents for 18 sites. Analysis to include network intrusion detection systems, intrusion prevention systems, vulnerability assessments, trend analysis, firewall, anti-virus, event log analysis, security audits, assisted in investigations and coordinated handling and resolution of incidents.
-Reduced potential security risks by performing security tool administration, providing risk analysis of vulnerability scanners, security event logging and monitoring analyzers, IDS/ IPS and firewall logs, performed system and network security audits, and IAVA/B/T reporting to CENTCOM and other government entities.
-Communicated with supervisors and peers by presentation, telephone, in written form, and by e-mail, the analytical and technical security recommendations based upon need or because of a security issue violation or notification.
-Provided IT security policies and procedures training briefs, power point presentations and continuing education to supervisors, peers and deployable personnel by means of available multimedia equipment and dependent upon the audience size.
2/2008—12/2011 1ST RADIO ELECTRONICS TECHNICIAN – LOCAL AREA NETWORK ADMINISTRATOR / INFORMATION SYSTEMS SECURITY OFFICER / ELECTRONIC KEY MANAGEMENT SYSTEM LOCAL ELEMENT CUSTODIAN
MILITARY SEALIFT COMMAND NORFOLK, VA
-Ensured awareness and compliance with IT policies by serving as the sole shipboard representative for all contractor and customer issues. Coordinated implementation and maintenance issues and repair schedules in relation to 10 Classified and unclassified servers and over 400 users.
-Utilized Retina software, Intrusion Detection Systems, Intrusion Prevention Systems, Firewalls, Sniffers and network analyzers to ensure data integrity and availability. Drafted, updated and documented standard operating procedures (SOPS), Emergency response plans (ERP), and Business Continuity plans (BCP) for all shipboard communications equipment.
-Implemented security policies and maintained various networked applications as assigned. Identified vulnerabilities and recommended software configuration changes by following technical advisories, reviews, announcements, periodicals and notices.
-Recommended processes for remediation based on findings and provided technical follow-on analysis reports with visual and graphical supportive documentation.
-Communicated and documented errors and explained steps to avoid similar problems in the future providing demonstrations and hands-on training on computer, server and networked applications.
-Troubleshot technician-confirmed un-repairable fiber cabling and pier-side connectivity by interpreting blueprints and project documentation resulting in the repair of the fiber cabling and enabling shipboard T1 connectivity while at pier side ports enhancing crew morale.
-Plank Owner- Inauguration of USNS Carl Brashear (T-AKE5) Certification and Accreditation of shipboard communications systems.
1/2006 - 9/2008 INFORMATION SYSTEMS TECHNICIAN 2ND CLASS
U.S. NAVY RESERVE – MOBILE INSHORE UNDERSEA WARFARE UNIT 106 IMPERIAL BEACH, CA
-Trained and mentored employees in many job descriptions regarding security and system basics, best practices, and security essentials. Documented existing and in-development policies, procedures, and systems.
-Responsible for the IT department budget; Maintained classified and unclassified servers, PC’s and laptops’ software and hardware deployable and operational.
-Applied computer software and hardware updates as required; single unit point of contact for NMCI tech support.
-Ensured quality assurance, by training and mentoring over 30 personnel in network security, customer service and specialized program usage.
-Assisted in the hardware set up of VTC’s. Operated, configured, and maintained vital circuits and communications-based equipment for Naval Coastal Warfare Community.
-Drafted operational and administrative messages such as daily SITREPS, CASREPs, SORTS, SID requests and Special Incident Reports.
8/2001 – 1/2006 INFORMATION SYSTEMS TECHNICIAN 2ND CLASS
U.S. NAVY SEOUL, S. KOREA; AGANA, GUAM; LEMOORE, CA
-Supervised 15 personnel in the management of 4 Windows Servers providing data for over 5,000 users.
-Maintained a running inventory of all assets and associated peripherals valued at over $250,000.
-Designed, implemented and maintained databases for the Supply Automated Data Processing System and Integrated Barcode System using Microsoft Access resulting in the large reduction of operator errors and expanding documentation.
-Responsible for over $10,000 in funds and over 19,000 ship-board line items maintained with 100% accuracy.
AWARDS / SELF-DEVELOPMENT / MISCELLANEOUS
-Bilingual: Fluent Spanish – Read/Write/speak
-Certification and Accreditation C&A / DIACAP and RMF experience (October-December 2008 and Jan 2014-Present)
-Armed forces expeditionary medal
-National defense service medal
-Overseas service ribbon
-Sea service ribbon
-Navy commendation medal
-Good conduct medal
-Global war on terrorism service medal
-Global war on terrorism expeditionary medal
-Korean defense service medal
-Navy Qualified Validator
-Transportation Workers Identification Card
-DISA ACAS Version 5.3(2016) - Certificate of Completion
-eMASS Computer-Based training – Certificate of completion
Contact this candidate