Uploaded File
add photo
Jose
jose.hernandezarroyo@outlook.com
787-564-9243
10751 S. Fiery Dawn Ct. VailArizona AZ 85641 Results-driven
Santa Rita, AZ 85641
Senior RMF Engineer/Senior Cyber Security Engineer/SCA-R
6 years experience W2
0
Recommendations
Average rating
28
Profile views
Summary

Experience
Senior RMF Engineer/Senior Cyber Security Engineer/SCA-R
Information Technology
Nov 2019 - present
  • Assisting other senior consultants/SCA-R, SCA-V and Circuits team with analysis package's along with circuits furthermore, the evaluation and with the preparation of recommendations for system improvements, optimization, development, and/or maintenance efforts in the following specialties: information systems architecture networking telecommunications automation risk management software life-cycle management software development methodologies modeling and simulation
  • Managing security systems such as antivirus, patches, intrusion prevention and proactive threat monitoring Conducting performance reviews and contribute to performance feedback for all levels of staff Monitoring regulatory compliance with enterprise security policies and educating business unit leaders and service managers on compliance efforts
  • Providing direction to staff to ensure risk is minimized through the development and maintenance of information security processes
  • Performing Certification & Accreditation (C&A), System Assessment & Authorization (SA&A) as part of NIST SP 800-37 Risk Management Framework (RMF) system and application accreditation Preparing Vulnerability Scanning test plans, coordinate testing, and conduct scans using Nessus and other scan applications Analyzing vulnerability scan results for validation and root cause Provided Cybersecurity testing and security control validation and assessment of technical and non-technical security features implemented on a system or network in support of the DoD RMF A&A process and legacy DIACAP Assisted diverse HQ and supported sites personnel in completing relevant documentation to support accreditation decisions Interpreting DIACAP/RMF controls accurately with regard to system security posture, policy updates and configuration of information systems
  • Conducting comprehensive assessments of the management, operational, and technical security controls employed within or inherited by an IS to determine the overall effectiveness of the controls
  • Reviewing relevant artifacts (System Security Plans (SSP), Security Assessment Report (SAR), Privacy Impact Analysis / Assessment (PIAA), etc.) to ensure they provide accurate information to support the issuance of an accreditation decision
  • Working with A&A team members and government customer to resolve issues while performing other associated tasks in parallel ensuring the forward movement of an accreditation package Working knowledge of A&A package electronic staffing tools (Telos XACTA or AFRL eMAAS)
  • Performing security system event analysis, investigation, and validation providing incident response to classification spills, malware infection, misconfiguration exposure, internal inappropriate behavior and technical issue
  • Participating in Lifecycle Management (LCM) Technical Change Control Boards (TCCB) providing technical guidance for security control compliance
  • Performing Security Technical Implementation Guide (STIG) and Federal Information Security Management Act (FISMA) assessments and annual reporting Performing Security control assessments as part of Continuous Monitoring NIST SP 800-53 V4 compliance sustainment for application, infrastructure, and network
  • Task, track and mitigate Plan of Action & Milestones (POA&M) vulnerability scan and security assessment findings requiring mitigation Privileged User Account Management and Role Based Access assignment
  • Designed, built and coordinate an automated build & release CI/CD process using Gitlab, Jenkins and Puppet on hybrid IT infrastructure Coordinate/assist developers with establishing and applying appropriate branching, labeling /naming conventions using GIT source control Branching, Merging, Release Activities on Version Control Tool GIT Jose Hernandez Arroyo, DIT, MBA, BS Page 3/9 (787) 564-9243 | jose.hernandezarroyo@outlook.com | 10751 S. Fiery Dawn Ct. VailArizona, AZ 85641
Compliance Cyber Security DIACAP Enterprise Security FISMA Gitlab Information Security Jenkins Network Support NIST Puppet
Remove Skill
Network Security Engineer Manager/ISSO
Information Technology
Mar 2019 - Nov 2019
  • Performed Pre-JRSS Network Baseline, in-depth network analysis, packet captures on OptiView XG device, network path analysis, and network discovery of sites before migration to JRSS. Assisting other senior consultants with analysis and evaluation of capture data with the preparation of recommendations for system improvements, optimization, development, and/or maintenance efforts in the following specialties: information systems architecture networking telecommunications automation risk management software life-cycle management software development methodologies modeling and simulation
  • Prepared and/or ensured that appropriate network documentation exists, including operational instructions Provided regular monitoring and network analysis regarding short-and long-range planning for in-house systems Coordinating third-party maintenance for network equipment
  • Installed and maintained cloud-based applications, systems, or associated infrastructure Designing AWS Cloud Formation templates to create custom sized VPC, subnets, NAT to ensure successful deployment of Web applications and database templates Initiating alarms in CloudWatch service for monitoring the server's performance, CPU Utilization, disk usage etc
  • Analyzed and defined business requirements to determine specifications and standards propose and develop solutions in order to deploy and oversee implementation and integration of web-based applications, ensuring that appropriate information security standards are met in NETCOM
  • Maintained reports, logs, or other records of security audits. Monitor system uptime and performance, troubleshooting and resolved errors. Staying informed of emerging cloud technologies and evaluate their value to the NETCOM's operations
  • Created automated pipelines in AWS CodePipeline to deploy Docker containers in AWS ECS using services like CloudFormation Configured AWS Multi Factor Authentication in IAM to implement 2 step authentication of user's access using Google Authenticator and AWS Virtual MFA
  • Amazon IAM service enabled to grant permissions and resources to users. Managed roles and permissions of users with the help of AWS IAM Integrated services like AWS Elastic Beanstalk to create a deployment pipeline
  • Performed Certification & Accreditation (C&A), System Assessment & Authorization (SA&A) as part of NIST SP 800-37 Risk Management Framework (RMF) system and application accreditation Prepared Vulnerability Scanning test plans, coordinate testing, and conduct scans using Nessus, Foundstone, WebInspect, Hailstorm and other scan applications Analyzing vulnerability scan results for validation and root cause Jose Hernandez Arroyo, DIT, MBA, BS Page 4/9 (787) 564-9243 | jose.hernandezarroyo@outlook.com | 10751 S. Fiery Dawn Ct. VailArizona, AZ 85641
AWS AWS CloudFormation AWS EC2 Cloudwatch Docker Containers Elastic Beanstalk IAM Information Security NAT Network Analysis Network Security NIST Project Management Risk Management Security Engineer
Remove Skill
Senior Cyber Security Engineer/ISSO/Policy Manager
Information Technology
Mar 2018 - Mar 2019
* Assisted other senior consultants with analysis and evaluation and with the preparation of recommendations for system improvements, optimization, development, and/or maintenance efforts in the following specialties: information systems architecture networking telecommunications automation risk management software life-cycle management software development methodologies modeling and simulation Jose Hernandez Arroyo, DIT, MBA, BS Page 5/9 (787) 564-9243 | jose.hernandezarroyo@outlook.com | 10751 S. Fiery Dawn Ct. VailArizona, AZ 85641
Cyber Security Project Management Risk Management
Remove Skill
Security Engineer RSA
Information Technology
Aug 2017 - Dec 2017
Atlanta, GA
  • Responsible for development from a project's inception to its conclusion as a SME for moderately complex systems Implementing reviews for Application-level Access/review Procedures for Highly Critical Applications, reviews for Domain Access, review for Sensitive and Administrative Access by implementing individual user access credential procedures by aligning them with account policies
  • Assisted other senior consultants with analysis and evaluation and with the preparation of recommendations for system improvements, optimization, development, and/or maintenance efforts in the following specialties: information systems architecture networking telecommunications automation risk management software life-cycle management software development methodologies Administrated RSA Security Analytics platform, SECURID, Governance, and NetWitness 10.6.2 Providing timely support to Incident Response and Research & Forensics teams, worked network engineering teams and adhere to ITIL framework methodologies
  • Worked in maintaining the RMF framework categorize the IS, Select, implementing, assessing security controls, Authorize & Monitor information systems Producing, maintain technical documentation and network diagrams as well as providing ad-hoc technical training on the Security Analytics platform
  • Developed and designs AWS architecture for new secure cloud computing systems or existing systems migrating to cloud architectures Provided thought leadership on cloud (AWS & Azure) usage strategy, monitoring, alerting, reporting on key cloud security
  • Automate cloud (AWS & Azure) security solutions and controls Assess and reviews cloud network configurations from a security angle as well as fix any issues assisting with the implementation, modification, improvement of the Sponsor's Risk Management Framework (RMF) workflow
  • Performing deep package inspection, reviewing system logs and correlate network data to identify security incidents reviewing incident data and provide root cause analysis and recommendations on how to prevent future occurrences build and prepare executive dashboards to communicate risks and incidents across the organization
Cloud Architecture Security Engineer
Remove Skill
Cyber Security Analyst Lead
Jan 2017 - Jun 2017
Tampa, FL
  • Responsible for incident handling response while developing analysis of threat's at CENTCOM AOR and leading the threat intelligence program and conducting advanced threat analysis and correlation to identify and report on strategic, tactical, and operational that is relevant to the organization Leading and prioritizing threat collection, analysis and ensure intelligence is delivered in a timely manner in accordance with SLAs and program needs
  • Lead and develop people through effectively supervising, coaching, and mentoring all levels of staff Directed security initiatives and strategies for various for projects and budgets Ensuring security measures are aligned with and support the Company's business objectives
  • Providing strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls Ensures that international, national and local Information Security and Privacy regulations are being followed
  • Collaborating with Risk, Compliance, and Legal function to develop a high level of consistent, comprehensive and effective practices Improved and implemented specific security policies, procedures, and processes relevant to the security program Jose Hernandez Arroyo, DIT, MBA, BS Page 8/9 (787) 564-9243 | jose.hernandezarroyo@outlook.com | 10751 S. Fiery Dawn Ct. VailArizona, AZ 85641
Compliance Cyber Security Information Security Security Analyst
Remove Skill
Through HBSS
Dec 2016 - Jan 2017
FIREEYE and ArcSight, compiled reports of IP Address, Specific User's this enable me to create reports and update management and command on critical threats or new intelligence found that could negatively impact the infrastructure done through research reviewed analyst reports for timely, relevant, actionable information, identify new threat intelligence capabilities and enhance current capabilities Create and review productized threat intelligence for technical and management consumption
  • Managed threat intelligence portal/platform to store, update, IOC's that can be useful for monitoring and response needs Conducted advanced intelligence analysis and conduct counterintelligence assessments in cooperation with the Advanced analytics team to identify gaps in the organization's security posture
  • Support organization information assurance program operations and maintenance Perform data analysis of data derived from system traces of malware & system compromiseCorrelated data from multiple sources (IPS, HIDS, HIPS, Splunk, HBSS, and log data acquired through computer forensics & associated toolkits, packet capture, situational awareness data sources, vulnerability repositories, cyber threat reports) & prioritize events for incident handling
  • Conducting incident handling & provide required reporting in accordance with Policy Communicating incident handling requirements, procedures, & directives to all CNDSP subscribers. Perform security audits, provide incident investigation support, & initiate corrective actions to minimize & prevent security breaches
No skills were added
Remove Skill
Systems Administrator Tier 4-5
Information Technology
Feb 2016 - Dec 2016
Charleston, SC
INC/SPAWAR
  • JB Charleston/North Systems Administrator Tier 4-5
  • Assisting in the troubleshooting of PC equipment, deployment of images in both PC computers Configuring software as well as profile computers according to the user's name and work area Assisted in set up workstations on site and assisted end users in resolving hardware and software issues
  • Assured Compliance Assessment Solution (ACAS/NESSUS), DISA Security Content Automation Protocol (SCAP), Continuous Monitoring and Risk Scoring (CMRS) cybersecurity applications and tools
  • Worked in the migration of environment from a Microsoft WSUS, GPO administration, Windows Server 2012, Server 2008, Windows 7.0, and Windows 10, SCCM 2012 SP1 site to a SCCM 2012 R2 site in a new AD forest Implementation of System Center OrchestratorCreated custom SQL queries and reports to assist with Microsoft licensing reconciliation Development, deployment, testing of NIPR & SIPR images and prepping deployment thought SCCM for Windows 10
  • Performed standard System Center administration duties at including but not limited to the design, deployment, monitoring, and diagnostic of SCCM, SCOM and related subsystems Determining the best influence of HBSS to meet the strategic goals by defining "use cases"
  • Established specific content necessary to meet the organization's security operations goals, to include: the formation of content
  • specific queries, templates, reports, rules, alerts, dashboards, and workflows
  • Integrated data and event feeds with Organizational Security Information Event Management Systems Policies and exceptions review for the various HBSS modules and provide best practice recommendations
  • Training customer personnel on the McAfee solutions Acted independently to resolve tickets, manage multiple priorities, and follow through on customer engagement
  • Engaged with IT external partners to ensure SLAs are met and company processes and policies are adhered to Able to escalate critical issues and situations to management
  • Following DISA STIG guidelines in order to have assets complaint by installing, updating, running security scripts and maintained modules where up to date and complainant for several OS's such as Windows XP to 10, Linux CENTOS, Mac OS X Jose Hernandez Arroyo, DIT, MBA, BS Page 9/9 (787) 564-9243 | jose.hernandezarroyo@outlook.com | 10751 S. Fiery Dawn Ct. VailArizona, AZ 85641
No skills were added
Remove Skill
Computer Operator/Helpdesk Tier 1-2
Dec 2015 - Jan 2016
North Charleston, SC
PROSOFT/ SPAWAR * Joint Base Charleston
No skills were added
Remove Skill
Sep 2015 - Dec 2015
Daniel Island, SC
No skills were added
Remove Skill
Helpdesk Support/PC
Sep 2015 - Sep 2015
Johnson Service Group/Benefitfocus Technician
No skills were added
Remove Skill
Helpdesk Support/PC
Aug 2015 - Sep 2015
North Charleston, SC
- Apple Technician
No skills were added
Remove Skill
Edit Skills
Non-cloudteam Skill
Education
History
Capella University 2022
Information Technology
ECPI University 2022
Computer Information Science/Network Security
ECPI University 2015
Computer Information Science/Network Security
American InterContinental University 2014
SSD1 TO SSD4
United States Army Signal Corps 2012
Healthcare Management
American InterContinental University 2010
Healthcare & Operations Management
American InterContinental University 2008
Business Administration
United States Army SGM Academy -Structure Self Development 2006
DIT
not provided
Page
not provided
Certifications
CompTIA Security +ce, CEH, CNDA, CASP+, CISSP (Exp
Programing Languages A+
CCNA & CCENT
Skills
AWS
2019
3
Network Engineer
2020
3
Security Engineer
2019
3
Cyber Security
2021
2
Compliance
2021
1
DIACAP
2021
1
Enterprise Security
2021
1
FISMA
2021
1
Gitlab
2021
1
Information Security
2021
1
Jenkins
2021
1
Network Support
2021
1
NIST
2021
1
Project Management
2019
1
Puppet
2021
1
Risk Management
2019
1
AWS CloudFormation
2019
1
AWS EC2
2019
1
Blue Coat
0
1
CentOS
0
1
Cisco FirePOWER
0
1
Cloud Architecture
2017
1
Cloudwatch
2019
1
Docker Containers
2019
1
Elastic Beanstalk
2019
1
IAM
2019
1
Linux
0
1
NAT
2019
1
Network Analysis
2019
1
Network Security
2019
1
Printers
2015
1
Security Analyst
2017
1
Splunk
0
1
SQL
0
1
System Administration
0
1
Windows Server
0
1
WSUS
0
1