Cyber Analyst

Thomas Humphrey III

*********@*****.*** 571-***-**** Saint Cloud, FL

SUMMARY

Seeking Cybersecurity Analyst role with 14 years of experience in Information Assurance and Computer Network Defense. Proven expertise in Risk Management Framework, security tools, and cybersecurity assessments, including Blue Team exercises. Strong background in cybersecurity policy development and stakeholder engagement, enhancing mission-critical systems' security posture. Familiarity with security tools such as SIEM, IDS/IPS, endpoint protection, firewalls, and encryption. EDUCATION

ECPI College of Technology Manassas, VA

Bachelor of Computer and Information Science, Network Security Management SECURITY CLEARANCE

Top Secret/SCI (Active) Expiry 01/2027

MILITARY SERVICE

United States Marine Corps Honorably Discharged

CERTIFICATIONS

Certified Ethical Hacker, EC-Council (ECC0157963842) Expiry 11/29/2025 Certified Network Defense Architect, EC-Council (ECC3829147065) Expiry 11/29/2025 CompTIA Security + CE, CompTIA (COMP001020607299) Expiry 10/15/2025 WORK EXPERIENCE

Marine Corps Operational Test and Evaluation Activity (MCOTEA) Quantico, VA Lead Cyber Analyst Nov 2021 - Apr 2025

• Executed comprehensive testing initiatives to ensure the operational effectiveness, suitability, and survivability of new equipment, enhancing warfighter capabilities.

• Spearheaded cybersecurity integration and planning, serving as the principal entity for security outreach activities and enhancing stakeholder awareness through strategic briefings.

• Supervised and directed cybersecurity policy development, evaluated security authorization packages, and provided recommendations for system implementation and continuous monitoring.

• Ongoing DIACAP into the Risk Management Framework (RMF) migration as an eMASS administrator. Dual toggle support for legacy DIACAP and current RMF.

• Led Blue Team exercises and conducted various cybersecurity assessments, including OT-CTT, CVPA, and Adversarial Assessments, employing tools such as Nmap and Metasploit for effective threat modeling.

• Maintaining security policies and standards.

• Ensuring compliance throughout the organization.

• Provide Risk Management Framework, circuit/system accreditation, and certification policy services.

• Participate in the development or modification of the computer environment IA security program plans and, requirements.

• DoD Component

• Ensure IA security requirements are appropriately identified in computer environment operation procedures and collect and maintain data needed to meet system IA reporting requirements.

• Work with system owners to close IAVMs/ICVMs and open plans of action and milestones (POA&Ms) Project Manager

• Directed technical projects from design through testing, serving as the primary liaison for stakeholders to ensure alignment with project objectives and achieve critical milestones.

• Managed project scope, objectives, work plans, schedules, and estimates, while conducting comprehensive risk assessments and leading effective project meetings.

• Ensured adherence to quality standards by reviewing deliverables and providing expert technical and analytical guidance to project teams.

Pentagon Force Protection Agency (PFPA) Antiterrorism Force Protection

(ATFP) Division

Falls Church, VA

Information Operations Specialist Jun 2019 - Nov 2021

• Oversaw Network Infrastructure and Cybersecurity Operations, ensuring compliance with the Cybersecurity Framework and NIST 800 series guidelines.

• Conducted Antiterrorism Risk Vulnerability Assessments, Program Reviews, and Self-Assessment Vulnerabilities across the National Capital Region.

• Familiar with NERC-CIP standards CIP-006-6 Physical Security of BES Cyber Systems and CIP-007-6 on System Security Management and CIP-007.6.

• Ensured alignment with USNORTHCOM and Interagency Security Committee standards to enhance cybersecurity measures.

• Develop procedures to ensure system users are aware of their IA responsibilities before granting access to DoD information systems

• Provide analytical support to identify possible security risks or violations.

• Ensure IA requirements are integrated into the Continuity of Operations Plan (COOP) for that system or

• in accordance with DoD.

Open Systems Technologies Corp. Falls Church, VA

Information Operations Specialist Jul 2018 - May 2019

• Led communications and network infrastructure cybersecurity operations for the Pentagon Force Protection Agency's Antiterrorism Force Protection Division, enhancing mission continuity in the National Capital Region.

• Conducted Antiterrorism Risk Vulnerability Assessments, Program Reviews, and Self-Assessment Vulnerabilities, ensuring the protection of mission-critical assets and components.

• Evaluated and validated life-cycle management and design basis threats, assessing asset vulnerability to undesirable events.

IP Keys Technologies, Marine Corps Cyberspace Operations Group Quantico, VA Cyber Security Manager Jun 2017 - Jun 2018

• Optimized the McAfee Policy Catalog in collaboration with analysts to enhance the accuracy of compliance data and the legitimacy of reported alerts and events.

• Administered DISA STIG compliance and utilized IASE SCAP tools to ensure domain server security, maintaining adherence to organizational security regulations.

• Supported continuous Cyber Network Defense (CND) operations, managing service requests and incident handling via a ticketing system in coordination with network administrators. JSI Telecom Chantilly, VA

Network Security Support Nov 2010 - May 2017

• Led and coordinated a team of two, acting as a primary liaison for technical support in a deployed environment.

• Served as a technical lead for multiple groups within the camp, collaborating with a diverse team of around ten individuals, including technical members and international liaisons.

• Provided critical Title III and NIST support, acting as an escalation point for network developers and patch management teams.

• Delivered network support for collection management solutions, resolving configuration issues and managing upgrades and deployments of Windows 2008/2012 R2 servers for the law enforcement and intelligence community.

SKILLS

Testing and Evaluating Military Systems • Development and Implementation of System Security Plans (SSP) • Standard Operating Procedures (SOP) • Risk Management Framework (RMF) Guidelines/eMASS • Determining Operational Survivability (OS) in a Cyber-Contested Environment • Cybersecurity Cooperative Vulnerability and Adversarial Testing/Assessments • Facilities/Building Security Assessments • SIEM Functions Threat Hunting

• Project Management • Leadership • Metasploit Framework Applications • Pen Tests • Security Technical Implementation Guides(STIGs) • Nmap • Tenable Nessus • Wireshark • TCP/IP Networking • Cybersecurity Analysis

• Systems/Network Maintenance • Knowledge With System Accreditation Requirements and NIST Framework Security Controls • Excellent Written Understanding of System Vulnerabilities and Exploitation • Understanding of Vulnerability Mitigation and Verbal Communication Skills • Microsoft 365 • IAM Certification • Analytical Skills • Technical Writing • Communication Skills • Problem Solving

Contact this candidate