Cyber Security Project Management
Resume:
Ernest Mills Sr.
Phone# 571-***-****
Email ************@*****.***
Information Assurance / Cyber Security Specialist
Education and Certification
● Waynesburg College Business, Management, Waynesburg, PA.
● Allegheny Community College, AS Information Science, Pittsburgh, PA.
● CAP 2008
● Security + 2006
● MCP 1999
Security Subscriptions, Users Groups, and Organizations
● OWASP, CIS, AKO, ISC2, GIAC, CERT, DC Cybersecurity Pros, ServiceNow Community Exchange
Technology Skills
● Cloud Technology AWS, Azure, Google, Gov Cloud
● Project Management Tools Agile, Scrum, JIRA, MS Project
● Audit Tool Repositories NCAT, CSAM, EMASS
● Web filtering Websense, Blue Coat, Palo Alto
● Firewalls Checkpoint, PIX, Rapture, Symantec, Palo Alto
● Antivirus ePolicy (HBSS), Symantec System center, SEP, AVG suite
● Security tools Snort, Burp, Air Snort, TCP Dump, and NMAP
● Security Hardening STIG Viewer, CIS Benchmarks
● Wireless Tools Flying Squirrel, Air defense, Wifi Analyzer
● Compliance Framework 800-53, NIST RMF, DIACAP, AR-25, SOX, PCI, FedRAMP, CIS, HIPAA
● Scan Tools Qualys, Retina, Tenable SC, Web Inspect, DB-protect, Tripwire
● Network Monitoring EMC Smarts, HP OpenView,
● SIEM Log Management Log logic, Splunk, Qradar
Training & Career Developing
3/24 to Present ServiceNow Training on the Now Platform
● Leveraging my cybersecurity and information assurance background on the most popular ITSM platform ServiceNow
● Participate in forums like ServiceNow Community Exchange to share ideas and showcase expertise.
● Contribute to use cases integrating ServiceNow with cybersecurity tools
● Streamlining my skills on training modules like Security Incident Response, Governance Risk- Compliance, and Vulnerability Response
● ·
● Taking relevant micro-certifications and advanced learning paths on the Now Learning platform using my Personal Development Instance (PDI).
● Foundational Certification Training
● Security-Focused Certifications
Work Experience
7/18 to 3/24 CDWG DBW USCB Greenbelt, MD Solution Architect A&A Specialist
● As part of the CDW Program Management Team I lead the security side of the program for the Census 2020 DaaS solution which consist of the following systems: ITMS, VMware Workspace One, and Apple MDM, all taking place in GovCloud East. Moreover, this solution consists of over 500k IOS devices for census personnel to completely automate the total census 2020 program. In addition, I lead throughout the ATO process security CM, vulnerability management, system document management, baseline management, and life cycle management for this program with a strong background in VMware and IOS technologies. Proven track record of designing, implementing, and managing solutions for customers.
● Harden all servers/server applications using CIS Benchmarks
● Collaborated with infrastructure tech team to streamline security with system development
● Provided 800-53 r4 and FedRAMP guidance to leverage the hybrid systems for ATO
● Agile/Jira project management concepts
● Managed 4 parallel system assessments at same time for dDaaS components
● Stood up a working session meeting to provide a workshop environment to build the ATO documents
● Established and provided requirements for secure devices/server applications baselines and images
● Promoted to System Security Architect after dDaaS program, then provide CDWG per-sales efforts on all Gov’t cloud service offerings and new business 10/17 to 7/18 IBM DBW NARA Rocket Center, WV Security Manager
● Managed multiple projects via Agile framework
● Preformed Risk Management Framework guidance for NARA operational team 3 sites
● Harden all on prem servers/server applications using CIS Benchmarks
● Managed 8 SSP’s including new FedRAMP system
● Reviewed gap analysis then worked with the operational team to make best security decisions. Moreover, if approved streamline their processes to ensure improved security 4/14 to 10/17, DIGICON DBW NIH, Rockville, MD Security Analyst
● Development of security policies, procedures, SOPs, risk acceptance, device deviation for device baseline and Vulnerability management program
● Patching and vulnerability remediation, audit log review/alerting, reporting, vulnerability scan data quality management.
● Harden all servers/server applications using CIS Benchmarks and/or DISA STIGS depending on customer
● Conduct on-going internal audits as appropriate; coordinate organizational compliance with customer security training requirements; provide timely customer support (policy questions, admin account waivers, encryption waivers, scientific equipment waivers, etc. 02/13 to 04/14 E-Global Tech DBW Dept. of Labor, Washington, DC, Security Consultant
● I provided independent security assessment support for the United States Department of Labor
(DOL), through NIST 800-53 Rev4 and FedRAMP assessments.
● I provided ongoing continuous monitoring for a system moving toward the end-of-life cycle
● Develop Configuration Management, Incident Response, Training, and COOP planning for OFCCP.
● Validate 800-53 r4 assessment packages for over 28 organizations in DOL.
● Remediated POA&M items then, updated the findings in CSAM
● Work with ISO to update their organizations assessment packages in CSAM
● Closed out or provided milestones for POAM items, and OIG Notice of Findings
● Provide Information Security policy and OIG finding validation Early In My Career Contract Work
11/11 to 06/12, Itility DBW, DAU Fort Belvoir, VA, Information Security Engineer 12/10 to 11/11, Carson & Associates Inc. DBW NIH, Bethesda, MD, Security Analysis 2/10 to 11/10, Syneren Technologies, Landover, MD, System/Security Engineer 2/09 to 2/10, EF Johnson DBW, US NAVY, Washington, DC, IA Engineer 5/08 to 2/09, Intermedia Group DBW GDIT and US Army ISEC, Various Remote Sites, Security Engineer
5/07 to 5/08, Phillips Defense Systems INC. DBW DTIC, Fort Belvoir, VA., Security Analyst 11/06 to 5/07, Automation Technologies Inc, Tyson Corner, VA., Infrastructure Manager 9/05 to 11/06, Compu Systems DBW Client IBM AOD, Secaucus, NJ., System Engineer 11/04 to 9/05, Alcoa Tech Center, Pittsburgh, PA, System Engineer 6/03 to 11/04, IT Solutions DBW Client: EDS Various Remote Sites, US Air Force, System Engineer 5/02 to 6/03, Network Etc., Washington, DC, Consultant / Engineer 6/01 to 5/02, Computer High-tech Management, DBW U.S. Navy Washington, DC, Sr. Network Engineer
9/00 to 6/01, Strategist Group, Washington, DC, Network / Systems Manager 11/99 to 09/00, Compex Corp. Client DISOP DBW Pentagon, Analysis System Engineer 10/97 to 11/99, Decision 1 Contract Services DBW US Navy, Washington, DC, System Engineer
Contact this candidate