Loss Prevention It Manager

RUSSELL L. MARS

Cary, NC 275**-***-*** **** *******.*.****@*****.*** www.linkedin.com/in/russell-mars-945bb01a2

SENIOR CYBERSECURITY ENGINEER

An innovative Cybersecurity IT Manager/Supervisor with extensive experience in designing, establishing, and overseeing network Data Loss Prevention (DLP) security projects aimed at detecting and preventing cyber threats to organizational environments. Demonstrates a progressive career history across Cyber Governance Risk, Compliance, Audit, Security Solution Architecture, Project management, as well as Configuration, Change, and Release Management. Recognized for improving cyber enterprise and cloud operations product delivery and enhancing hardware/software platform security postures. Possesses advanced skills in vulnerability management, enterprise risk reduction, implementing organizational security plans, strategy and policy certification documentation.

Core Competencies include:

Security Architecture Design Security Infrastructure Architecture Cloud Operations; SaaS, PaaS, IaaS Cloud Security hardening Windows / Unix Server Security Administration Virtualization Security Management-VMware Security Configuration consultations and evaluations Incident Response Management-IR Business Continuity Planning Disaster Recovery-DR Planning/Test IDS / IPS Identity and Access Management-IAM; MFA, SSO, SSL, Token, RSA DevOps / DevSecOps, CI/CD SDLC Governance and implementation Information Security Governance and Assurance Excellent Communications; Staff or Executive level Cross-Functional Operational and Security SME NIST Regulatory Compliance and Management Financial Security, GRC, Audit LOD1-3, Tech Risk DLP-Endpoint Security / Solutions Application Security Development- OWASP Operating and Application System Hardening – Testing Cybersecurity Risk Assessment-RA Data Loss Prevention DLP Strategies SIEM Provider Management and Continuous Monitoring Team Collaboration and Build-up Security Assessments / 3rd Party - Auditing, scanning, survey/inspect Security Issues Management Security Policy/Docs. Development Vulnerability Assessment and Analytics reporting (KRI/KPI) IoT Security Best Practices Network Security (OSI) CSF / RMF / EMASS / POAM / HIPPA-SORN

PROFESSIONAL EXPERIENCE

Wells Fargo Bank-Contractor, Charlotte, NC May 2024 – Present

Senior Cybersecurity DLP Analyst

Developed and Implement Web, Email Security DLP control policy and technical documentation. Enhance and modify Web content filtering and DLP governance to prevent external and internal risk via proxy boundary protection system configurations. Analyze categorization of websites, and list or remediate potential individual enterprise risk.

●Design and implement Security frameworks for operational web content filtering internal strategy. Support daily security governance-GRC processes and procedures.

●Analyze Netskope cloud monitoring reports and review output compliance assessments.

●Allow / Block web and email security access and permissions. Review SaaS web content filtering, exceptions, and approvals.

●Monitor web gap discovery and prevention; DLP, risk assessment and regulatory controls and operational compliance and test validations.

●Monitor and advise of change and configuration management to proxies and email servers. Research system tools for automation and risk reduction by implementing security best practices from CIS CSF/NIST/ISO 27001 controls and countermeasures.

●Map security controls with security policy documentation, standards, and procedures.

Truist Bank, Raleigh, NC September 2019 – February 2024

Senior Cybersecurity Engineer

Reduced cyber-attack incidents by developing and enforcing robust security policies, and validation procedures.

●Increased enterprise network security policy coverage over 60% bringing total Truist network security OS/APPs and Cyber Domains to first-ever 90%+ risk reduction in Vulnerability Management VM / Data Loss Prevention division DLP.

●Sustained governance and compliance validations for multiple initiatives involving policy audit and controls or CIS Benchmarks compliance; FFIEC, FRB, FDIC, GDPR, NYDFS, GLBA, SOX, PCI-DSS, ISO 27001, CSF.

Truist Bank, Raleigh, NC April 2018 – September 2019

Cybersecurity Solution Architect

Improved solution efficiency by designing [Security Blueprints] and implementing scalable architectures for enterprise clients.

●Reduced systems and Enterprise downtime by proactively monitoring all systems and networks intelligence data. Integrated security maintenance, analysis, and optimized IT infrastructure parameters with security controls on a periodic routine basis.

● RUSSELL L. MARS PAGE TWO

●Enhanced customer satisfaction by collaborating closely with stakeholders to define business requirements and translate them into technical solutions. Repeated continued success with customers by improving efficiency with individual technical (Patterns).

TEKsystems, Roanoke, VA August 2013 – April 2018

Information Assurance Officer - (ISSO), US Army Arsenal

Enhanced network security by conducting regular vulnerability assessments and implementing or recommending necessary patches, and or updates. Earned distinguished Army PEO EIS Accolade for 1st RMF NIST Program Cloud Datacenter 3yr A&A ATO-2016.

●Developed comprehensive information assurance policies, resulting in improved data protection and compliance with industry standards. Implemented Organization and customer’s Risk Management Framework (RMF), HighTrust, DIACAP packages and processes following DoDI 8510.1, DoDD 8500.01, 8530.1 and NIST 800-37/53A, or the like guidance.

●Collaborated with IT teams to design secure system architectures, effectively reducing potential cyber threats and collecting data for high availability systems and sensitive intelligence information.

●Performed risk analyses to identify appropriate security countermeasures. Monitored pentesting teams [Red, Blue, and Purple].

P3I, Inc-Planning Performance Process and Innovation, Hopkinton, MA April 2010 – January 2013

Information Assurance Test Manager

Enhanced system security by implementing comprehensive risk management strategies and protocol processes throughout DevOps/DevSecOps. Directly supervised IA teams in achieving Air Force’s Enterprise Systems (Type Accreditation ATO, for 3 years, 20+ individual AF Operational sites).

●Demonstrated leadership skills in managing projects from concept to completion. Increased Air Force Site remediation times by over 50% by correcting communication and technical gaps in OPS audit processes. Teams gained cross-examination data access.

●Used strong analytical and problem-solving skills to develop effective solutions for challenging situations and malware detection.

●Demonstrated creativity and resourcefulness through the development of innovative solutions which increased AOC Test productivity by over 80-100%.

ADDITIONAL PROFESSIONAL EXPERIENCE

●Dynamics Research Corporation (DRC), Computer Security Analyst II - Analyzed monthly security documentation/plans for over 100 remote and local connections to the NATO core Enterprise network in direct support to CIAO and the Risk Mgmt. NATO Security Accreditation Board. (Achieved NATO and DoD A&A compliance for over 100 Systems/Network connections. Reviewed multiple network Rules of engagement-ROE for NATO network penetration testing in legacy and new NATO/DoD datacenters.

oMonitored a team of 3, in day-to-day HBSS/IDS/IPS logging of Ip traffic. Implemented security processes, playbooks, SOPs to govern daily task and processes. Performed annually Disaster Recovery testing. Sustained Enterprise risk management practices and continuous monitoring activities.

●NATO Communication Service Agency, System Network Engineer (U.S. Navy) - Implemented a cross-training program and a ITSM knowledge database for collection of technical solutions. Direct contributions and ITIL implementation improved overall Help Desk Tier 1 through 3 incident response and resolution capability by over 50% percent. As a result, implemented ITIL processes throughout all organizational workflows to include Admin, Configuration Management, Hardware/Software Change and Release Management, and for everyday Remedy service site operations.

●U.S. NAVY NAVSEA Shipbuilding Newport News and Overseas Duty stations, IT Supervisor INFOSEC Administrator - Supervised 5+ network security technicians in daily operations of Network Security and Configuration Control Resource Management; Monitored 3,200+ system users and 4,000+ computer workstations with webtrends, logging analytics and internet engineering activities/auditing. Collaborated and developed Cyber judiciary investigative results with Navy Legal by providing systems data intelligence, surveillance or forensics information when warranted for litigation processing.

oPrimary IT technician to restore, connect all CO/Mayor/Governor/Sheriff of Newport News, VA “NAVSEA” Shipyard direct communications in times of operational disaster recovery or the annual testing of systems for Naval shipyard operations, [Primary and secondary, evacuation and emergency communication systems].

EDUCATION

●Bachelor of Science (B)S, Cybersecurity (Pursuing)

●Associate of Arts (A)A, Information Technology Management Concentration, Saint Leo University, Saint Leo, FL

● RUSSELL L. MARS PAGE THREE

CERTIFICATIONS

●Top Secret Secret SCI Clearances (Expired)

●CompTIA Security+ CE

●Information Systems Security (INFOSEC) Professional-(NSTISSI No. 4011)

●Senior Information Assurance Systems Manager-(CNSSI No. 4012)

●Contracting Officer Technical Representative, COTR-(2952.201-70)

PROFESSIONAL DEVELOPMENT

●Cloud Security Profession (CSP)

●Qualys / Cloud View / Rapid7, CIS-CAT Pro, Nessus, Tenable/ACAS, Baseline Security / Policy Administration

●GitLab/GitHub

●Systems Risk Analysis and Methodology, FAIR, NATO CRAMM/PILAR implementation tools, Business Impact Analysis and Assessments

●Continuity Management, Disaster and Recovery

●Certified Information Systems Security Professional (CISSP)

●Network +, Hardware A+, Cisco Certified Network Associate (CCNA), Introduction to Cisco Networking Technologies (ICND)

●Help Desk Manager (HDI-ITIL foundation workflow process)

●Implementing MS Windows; Professional & Server, Administering Windows Active Directory Services, LDAP, Windows 2022 Server Security configurations

●VERITAS Backup Exec. SharePoint, Archer, Big Data, Hadoop/ Cloudera, Hive

●Contracting Officer Technical Rep. (COTR) / Source Selection (Plans and Process, RFPs, SOW)

●IT Project Mgmt. – Strategy and Project Planning, Monitoring, PMP, Agile, Version One, Rally, Remedy, Service Now [CMDB]

●Host-Based Security System (HBSS/McAfee. Epo), IDS/IPS, (SIEM Monitoring/Auditing)

●SPLUNK / SOAR – (Threat Model-Hunting) / Monitoring

●Microsoft Azure, AWS, Application Program Interface-(API), O/M365

●System Architecture (SA), VISIO Design

●ASA, Checkpoint, VMWare vCenter, CISCO firewall, switching, routers, Fabric configuration.

Familiar with Cloud-Netskope, Blockchain-Shelter Harbor, Terraform, Prometheus, Proofpoint, CrowdStrike, Trellix/ePO, Chef, Puppet, Ansible, Slack, Jira, CyberArk, Guardium, Tanium, and Actimize, Akamai, Fore scout, and DLP/ Zero Trust / MITRE ATT&CK, CASB, RADIUS/TACACS, AAA, Blue Coat proxy, Juniper, F5, Datacenter/on-prem/Cloud/Hybrid & Private networks. / FISMA, FedRAMP, FIPS 140-2/3, NIST 2.0 operations and processes

Contact this candidate