Data Center Security Engineer
Resume:
John Gamblin
** ***** ***** ***** ***** Royal, VA 22630
*******@*****.***
Profile
Over 20 years of experience as an IT professional
Ability to direct complex projects from concept to fully operational status.
Goal-oriented individual with strong leadership capabilities.
Organized, highly motivated, and detail-directed problem solver.
Proven troubleshooter, problem solver.
Education/
Certificates
CISSP 04/2009 – current
CompTIA A+ 02/2006
Relevant Experience & Accomplishments
Data Center/Operations Center/TIC
Maintained multiple systems on multiple networks concurrently
Successfully integrated and built the security side of data center with 160+ servers
Interfaced with developers and engineers to ensure security of software was not compromised
Created multiple System Security Plans and COOP documents
Built and maintained TIC and monitored the proxy for unauthorized content
Readjusted proxy to maintain access to authorized websites
Scanned the network for unauthorized access points
Maintained compliance on all network switches/routers/firewalls
Experience
Splunk – Trend Micro Deep Security - Tenable - RiskVision – Bash – Powershell - VMWare - Wireshark - Exacta - ManageEngine - McAfee EPO - Arcsight - Veritas Backup Software - Winbatch (scripting) - Symantec/McAfee Antivirus - Tripwire (HIDS) - Raytheon High Assurance Guard – Cross Domain Solutions (CDS) - Microsoft Exchange - Microsoft Visio - Cisco LMS/VMS - Symantec Ghost - Risk Management System - Trusted Agent FISMA Tool - Windows – Linux – NIST 800-53, 800-171, 800-60 – RMF - SOPHOS
Employment
Senior ISSE Gemini Industries 09/2024 – Present
Developed strategies to address potential solutions to complex problems. Developed and documented requirements from project inception to conclusion.
Provided strategic advice, technical guidance, and expertise to program and project staff.
Provided expertise in application of security controls and all technical mechanisms required by DoD RMF/JSIG and building security assessment procedures and body of evidence
ISSE DCI Solutions 11/2023 – 09/2024
Analyzed security findings and made recommendations for remediations.
Reviewed network/security designs and made recommendations.
Reviewed security settings for compliance.
Security Engineer Protégé Technologies 11/2021 – 06/2023
Installed and maintained 3 environments of Splunk with 400+ clients. built and maintained 1 Trend Micro Deep Security deployment.
Built and maintained 1 Trend Micro Deep Security deployment.
Maintained 2 Trend Micro Client installations.
Maintained 1 McAfee EPO client installation.
Built and maintained 4 different Tenable Security Center Installations.
SIEM Engineer Swishdata 05/2021 – 11/2021
Setup Elasticsearch, Logstash, ECE and BEATS components.
Systems Security Engineer SalientCRGT 10/2020 – 05/2021
Setup Security Center Vulnerability Scanning. Reviewed Policy and Technical documents pursuing and ATO. Reviewed the System Security Plan for a new system. Setup Splunk and SCCM. Experience with Windows, Linux and MAC OS’s, VLANS, VPN, SOPHOS.
Senior Information Systems Security Engineer Mantech 01/2019 – 06/2020
Converted/upgraded Splunk environment from Windows to Linux without any loss of data or uptime. Maintained Linux and Splunk product and security updates/configurations and troubleshot backend issues. Converted syslog servers to Splunk heavy forwarders without loss of data or uptime, improving the reliability of the capture of syslog devices. Maintained, upgraded and troubleshot Tenable products in an enterprise environment. Experience with Windows, Linux and Cisco switches and firewalls, Symantec Bluecoat proxy.
Information Systems Security Engineer Engility 02/2018 – 01/2019
Installed/maintained Solarwinds, Tenable and other security products. Ensured that the security software and configurations met DoD compliance and regulatory specifications. Experience with Windows, Linux and Cisco.
ISSO SME/Task Lead KCG/Mantech 07/2014 – 02/2018
Lead a team of Information System Security Officers to assess and evaluate multiple System Security Plans and associated systems. Provided feedback to the government and other companies on their security posture and deficiencies. Wrote Standard Operating Procedures based on NIST guidance and best practices. Ensure system security requirements are addressed during all phases of the IS lifecycle. Perform leadership responsibilities to mentor and provide direction to more junior-level ISSO team members. Experience with Windows, Linux and Cisco.
Create and update multiple System Security Plans and tailor according to NIST 800-53 r4 standards. Create, update and track multiple POA&Ms. Maintain security posture for multiple systems. Enforce FBI security policy and standards.
Create and update multiple System Security Plans and tailor according to ICE/DHS/NIST 800-53 standards. Create, update and track multiple POA&Ms. Maintain security posture for multiple systems. Local scanning for policy compliance using Nessus. Enforce ICE and DHS security policy and standards.
Assessed Management and Operational controls for NIRT at Federal Reserve Banks. Wrote Security Assessment Reports in accordance with NIRT guidelines.
Information System Security Engineer L-3 01/2013 – 07/2014
Reviewed multiple System Security Plans and converted security requirements from DCID to NIST. Helped remediate multiple POA&Ms. Maintained security posture for multiple systems. Scanned systems using Nessus for vulnerabilities and security policy compliance.
Information System Security Officer KCG 01/2008 – 01/2013
Create and update multiple System Security Plans and tailor according to TSA/DHS/NIST 800-53 standards. Create, update and track multiple POA&Ms. Interface between Headquarter Security Office and local Chief Information Office. Maintain security posture for multiple systems. Local scanning for rouge Access Point and Bluetooth devices. Enforce TSA and DHS security policy and standards.
Systems Security Engineer DSA 03/2004 – 01/2008
Support the Veterans Administration by providing Security Certification & Accreditation (SCA) services support in accordance to NIST 800-53 and NIST 800-26 and to ensure compliance with various federally mandated laws such as the Federal Information Security Management Act (FISMA), Government Information Security Reform Act (GiSRA) to include: System Security Plan Review and Analysis, Security Control Assessments, and Security Certification Documentation. Specifically, perform Windows 2000/XP/Server 2000/2003 audits, Computerized Patient Record System (CPRS), Veterans Health Information Systems & Technology Architecture (VistA)\, VMS, and LAN Audits. Develop Windows and UNIX/ Linux Red Hat SCA Test Plans, collection forms and readiness checklists. Perform follow-on analysis and SCA report development.
Network Administrator II Northrop Grumman 03/1995 – 03/2004
Continuing systems administration for all in-house computers and network equipment to include the following hardware and software: IBM servers, desktops and laptops; Intel servers; Gateway desktops; HP servers; Micron desktops and laptops; Windows NT, 2000, 95 and 98; Raid hardware and software; Microsoft Office 97 and 2000; Sun and Solaris; Lucent network switch; Veritas Backup Exec; Hummingbird Exceed.
Helped in the network and system design of new projects, to include hardware specifications and costing.
Supported development networks to include the following hardware and software: IBM servers, desktops and laptops; Intel servers; Gateway desktops; Micron desktops and laptops; Windows NT, 2000; Cisco switches and routers; Microsoft Exchange 5.5; Symantec Ghost; Hummingbird Exceed; Rational ClearCase and ClearQuest; Microsoft IIS
Field support for many delivered products to include US and overseas travel
Contact this candidate