Information Security Professional

Resume posted by jerome.exum in Information Technology & Services.

Desired position type: Full-Time

[email protected]
Tel:
Mobile:
2027706682

Summary

Information Technology Professional and Security Analyst with more than ten years’ experience in computer software systems, classified and unclassified networks, troubleshooting and the identification of system vulnerabilities. Background includes successful assignments with the Department of Defense, Department of State, Federal Bureau of Investigation systems. Honorably discharged U. S. Navy veteran.

Education

Education:

Bachelor of Science in Computer and Information Science | University of Maryland University College | Adelphi, Maryland | Graduated 2014

Associates of Science in Information Technology | Northern Virginia Community College | Alexandria, Virginia | Graduated 2011

Associates in General Studies | Central Texas College | Killen, Texas | Graduated 2007

Certifications: 

Comptia CASP+, CE
CompTIA A+ CE
CompTIA Network+ CE
CompTIA Security+ CE
ITIL v4 Foundations
Certified Ethical Hacker (CEH)
DOD ACAS
DOD HBSS

Certified Network Defense Architect (CNDA)
IT Infrastructure Library Foundation v3 (ITIL)
Microsoft Windows 7
Amazon Web Services (AWS) Certified Cloud Practitioner

Experience

Vulnerability Analyst | Vectrus Corporation | US Army Southwest Asia Cyber Center | Camp Arifjan, Kuwait | 02/2018 – present

 

  • Responsible for providing key government personnel with policy coordination and interpretation support, general information security support, and assisting with the development and implementation of a defensive security program that protects information systems and documents.

 

  • Ensure and document that all systems are regularly scanned and audited in accordance with applicable DoD policy and procedures, and that incidents are documented. Employ network scanning tools such as ACAS, SCCM, AV, and others to detect system and network vulnerabilities/deficiencies, as part of a proactive network security policy.

 

  • Determine if requisite cyber security patches and remediation procedures have been applied per IAVA requirements. Provide daily status on findings and recommendations and provide follow-on written technical analyses. Provide 24/7 Anti-Virus and IAVA reporting, including review of logs, open tickets, and recommended process for remediation. Submit POAMs to EMASS, assisting work section with creating SITGs for compliance according to DOD policies and regulations.

 

 

Security Operations Center Administrator | Consolidated Networks Corp. | Army National Training Center | Fort Irwin, CA | 06/2017 – 02/2018

 

  • Monitored and maintained IT systems used in security operation center. Performed daily monitoring of HBSS components to ensure a stable and secure customer network environment. Conducted weekly maintenance on HBSS ePO Servers on both classified and unclassified Networks. Performed weekly data backups.

 

 

Computer Network Defense Analyst | Phacil Inc. | Army Research Laboratory | Adelphi, Maryland | 03/2015 – 05/2017

 

  • Monitored USCYBERCOM, ARCYBER, and other CND agencies at all levels of government and open sources to determine potential threats to Pentagon networks. Developed and maintained close liaison with counterparts and colleagues throughout the CND community. Discovered, analyzed, and exploited zero-day vulnerabilities on software through manual and automated processes. Conducted various types of testing to detect faults and vulnerabilities such as fault injection, fuzzing, binary code scanning, and other static analysis.

 

  • Utilized the Common Weakness Scoring System (CWSS) to score discovered software vulnerabilities. Used various testing, social engineering, and penetration testing approaches for vulnerability identification, enumeration, and purposeful exploitation to determine the value and effectiveness of a network, system, or application’s security configuration. Validated if security objectives and goals were being met, and where applicable, compliance IAW FISMA, DODI 5200.40, 8500.2, NIST SP 800-115, and best practices.

 

 

Information Security System Engineer | CPSI | Department of State | Washington, DC | 12/2014 – 02/2015

 

  • Designed and developed cyber security architecture and plans for Department of State future requirements. Conducted network vulnerability assessments using tools to evaluate attack vectors, identify system vulnerabilities and develop remediation plans and security procedures. Utilized Windows Server Update Services (WSUS) to deploy patches to end host machines.

 

  • Managed and mitigated threats, risks, and vulnerabilities within Department of State’s system hardware and software using ArcSight, WireShark, Snort, and other tool-sets to identify and investigate anomalies. Implemented regulations and mandated standards for governance and compliance: International Organization for Standardization (ISO) 27001, and Federal Information Security Management Act (FISMA), NIST 800-53.

 

 

Vulnerability Management Analyst | Northrop Grumman | Department of Defense | Crystal City, VA| 12/2013 – 12/2014

 

  • Requested vulnerability scan results from the agency’s computer network defense systems on a weekly basis and validate VMS and VMS-S IAVM compliance reports. Ensured that all vulnerability scan tools were tested and evaluated to validate tool effectiveness and safety for use on production networks.

 

  • Identified firewall configuration errors, conflicting rules, security gaps, firewall security issues, optimize rule-sets, and enhanced the overall firewall security posture and performance according to policy and procedures. Developed standard methodologies to support, identify and detect threats to the agency’s infrastructure and application environment.

 

 

Junior Security System Administrator/User Support Technician | STG, Inc. | Army Research Laboratory | Adelphi, MD | 06/2011 – 12/2013

 

  • Provided information management, help desk and computer technician support for ARL including 1000 users across 3 domains and classified networks. Managed Active Directory network, created and modified accounts & groups, modified group memberships, established permissions, reset passwords, and ensured proper access to network resources such as file shares and printers. Facilitated domain migration and asset management projects during integration into 2 new domains.

 

 

Deployment Computer Technician | Clovis Group | New Generation Workspace (FBI) | Washington, DC | 01/2011 – 06/2011

 

  • Supported various levels of desktop and helpdesk environment. Removed and upgraded over 5000 legacy systems at over 50 FBI sites domestically and internationally. Performed desktop configurations and executed a host of other IT related functions and responsibilities.

 

 

Cable Technician Installer | American Systems Corporation | Chantilly, Virginia | 01/2009 – 01/2011

 

  • Installed telephone jacks, and Category 5/Coax cables to newly constructed houses and commercial buildings. Verified fiber optic, coax and satellite cables connection with cable test equipment. Installed and terminated 66 and 110 punchdown blocks. Tested circuits and components of malfunctioning telecommunications equipment to isolate sources of malfunctions, using test meters, and other hand tools. Inspected equipment on a regular basis in order to ensure proper functioning.

Skills

  • ACAS 8 Years
  • HBSS 1 Year
  • EMASS 4 Years
  • Account Validation 3 years

Spoken Languages

    English