• Created a Social Engineering Program that consisted of constructing and sending phishing emails to all employees, contractors, and interns and performing random USB drop attacks.
• Performed simulated campaigns for the following social engineering attacks: Phishing, Baiting, Vishing and Tailgating.
• Devised and implemented an Information Security Program around Security Operations Center 2 (SOC2) and National Institute of Standards and Technology (NIST) Security Frameworks.
• Defined standards, strategies, programs, policies and procedures where required to span all areas of the company that impact Information Security.
• Revamped the Employee Handbook and Human Resource Policies and promoted the need to perform background checks on all employees, contractors, interns, and vendors.
• Provided oversight and leadership of corporate efforts to gain industry certifications such as SOC2 Type II.
• Partnered with Leadership, IT, and other Business Units (e.g., Legal, HR, Support, Procurement) to ensure programs are executed in adherence to corporate standards.
• Managed Information Security projects that spanned multiple teams.
• Provided guidance and counsel while building relationships and goodwill.
• Managed company-wide Information Security governance processes.
• Provided oversight and guidance regarding data and consumer privacy laws such as California Consumer Privacy Act (CCPA) and General Data Protection Regulation (GDPR).
• Owned the Information Security readiness and knowledge of company’s employee base, provided training and communication that promoted a “security first” mindset and practice across the organization.
• Prepared and conducted regular Information Security briefings with the executive team.
• Conducted internal audits, assessments, and after hours walkthroughs for policy and procedure violations.
• Developed a company-wide strategy for Information Security/IT audits and coordinate and track those audits where required.
• Acted as key point of contact across corporate shared services for internal/external audits, including those that support certifications and compliance.
• Provided guidance and advocacy on audit responses at the corporate level.
• Established security compliance goals, reporting, and a roadmap for continual improvement.
• Recognized, assessed, and addressed changes that have the potential to introduce increased Information Security risk at the company-wide level.
• Participated in data breach incident response. Provided leadership for breach response and notice actions, owning the corporate data breach responses to customers, regulators, and other stakeholders.
• Engaged with customers and prospects as an Information Security subject matter expert and advocate.
• Partnered with Accounting and Legal teams to review customer contracts for security, privacy, and technical requirements.

• Risk Management, System/Network Security, Information Security Policies and Procedures;
• Conducted information security audits and assessments in regards to Federal Financial Institutions Examination Council (FFIEC), Gramm- Leach-Bliley Act (GLBA), Sarbanes Oxley (SOX), Health Insurance Probability and Accountability Act (HIPAA), and Health Information Technology for Economic and Clinical Health (HITECH) guidelines along with National Institute of Standards and Technology (NIST SP 800 series), Payment Card Industry Data Security Standard (PCI DSS), International Organization for Standardization (ISO 2700x) and security best practices.
• Performed simulated campaigns for the following social engineering attacks: Phishing, Baiting, Vishing, Spear Phishing, Dumpster diving, Tailgating, Pretexting, Quid Pro Quo and USB drop attacks in areas that were restricted to bank customers.
• Audit/Consulting activities/duties include but are not limited to policy review; general controls/configuration reviews; security controls/configuration reviews; security awareness training; social engineering; penetration testing; vulnerability assessments; IT security risk assessments; web compliance assessments; writing white papers/blogs/weekly security tips (WST); and preparing draft and final reports.
• Security audit and analysis, intelligence gathering, risk assessments and provided a detailed report with a list of findings as well as recommendations to the President, CEO, Board of Directors and other bank executives.
• Team Lead/Project Manager; participated in the entire engagement delivery process, from assisting sales with technical questions through final report delivery, follow-up and closeout calls.

• Provided cyber security consulting services for a private company located in the Knoxville, TN area.
• Responsible for developing, evaluating and implementing sound cyber security policies/principles and best practices; conducted audits and risk assessments; malware remediation and offered guidance securing and optimizing critical and private IT systems and networks.
• Conducted Anti-Phishing, Baiting and Vishing campaigns.
• Performed penetration testing/vulnerability assessments across the network scanning for application and system vulnerabilities.
• Identified vulnerabilities and findings and recommended risk-reduction/mitigation solutions.
• Provided metrics and detailed information of outstanding vulnerabilities and the risk they pose to the network.

Contractor to Hexagon Manufacturing Intelligence - North Kingstown, RI

• Developed a security strategy/roadmap for security best practices and compliance with the National Institute of Standards and Technology Special Publications (NIST SP 800-53r4, NIST SP 800-171 and NIST SP 800-18).
• Conducted audits and assessed the security program and network for improvements and made recommendations to resolve any security vulnerabilities and findings.
• Recommended hardware and software solutions, tools and best practices that would help improve and strengthen the Hexagon Cyber Security Program and security posture.
• Provided guidance and stressed the importance of security policies and standards; including, but not limited to an effective security awareness training and education program; continuous monitoring; vulnerability scanning and penetration testing, etc.
• Evaluated security environment; identified security gaps; and made recommendations for enhancements.

Contractor to Hewlett-Packard Enterprise (HPE) f/k/a Hewlett-Packard (HP)

• Collaborated with Hewlett-Packard’s (HP) Global Cyber Security Compliance team supporting the System Security Plan (SSP)/Compliance initiative in preparation of HP's corporate split (HPE and HP).
• Developed and assessed SSPs and system profiles for HP's mission critical and entity essential applications, systems and networks across all business units and global functions.
• Team Lead/Project Manager; conducted audits/risk assessments of IT systems for compliance in a diverse technology environment across varying infrastructures, applications and networks.
• Advised senior management by identifying critical security issues, vulnerabilities and findings and recommended risk- reduction/mitigation solutions.
• Assessed applications and systems for compliance against aligned security policies and standards; industry and regulatory controls; IT computing controls and conducted gap analyses as required.
• Assisted in the demonstration of system security operational objectives by contributing information and provided recommendations to strategic plans and reviews.
• Prepared and completed associated remediation action plans; assisted with resolving cyber security issues; identified trends; determined system improvements and drove needed change.
• Recorded SSP information in the eGovernance, Risk and Compliance (eGRC) application (RSA Archer eGRC Platform) to promote and develop security strategies; identify compliance obligations (e.g., HIPAA, PCI-DSS, SOX, etc.); direct system control development and access management, monitoring, control and evaluation.

Contractor to the USDA Forest Service Natural Resource Manager (NRM)

• Revamped the Natural Resource Manager (NRM) Cyber Security Program to reflect the National Institute of Standards and Technology Special Publications (NIST SP) 800 series; OMB Circular A-130; Federal Information Security Management Act (FISMA); Federal Information Processing Standards (FIPS) 199, 200 and 140-2; U.S. Gov’t FedRAMP guidelines for Cloud and Virtualization infrastructure technologies as well as the U.S. Forest Service’s policies and standards
• Recommended and procured software solutions, tools and best practices that would help improve and strengthen the NRM Cyber Security program and security posture with the goal of protecting the confidentiality, integrity and availability of NRM’s data
• Provided security guidance and oversight for various IT projects and evaluated systems and documentation for federal compliance requirements.
• Educated users in sound cyber security principles and best practices
• Represented the NRM Cyber Security Organization during project meetings to assist stakeholders and provided recommendations regarding cyber security as required by federal guidelines and regulations
• Created security guidance documents to assist NRM in producing organizational standard operating procedures (SOPs)
• Ensured all regulations, guidelines, directives, policies and procedures are being followed and that security checklists/hardening guides are being employed to establish a standard baseline and to satisfy federal cyber security requirements
• Proposed solutions, tools and best practices to strengthen NRM’s web/application/database security as well as establish an effective configuration/change management system (CMS)
• Assisted in the process to reduce the current number of Plan of Action and Milestones (POA&Ms) identified by NRM Cyber Security as well as previous Office of Inspector General (OIG) audits and to propose solutions to prevent future POA&Ms from reoccurring
• Worked with NRM federal and contract personnel to address security incidents and issues involving users, information systems and data
• Identified current NRM security-related issues due to vulnerabilities, access, deficiencies, separation of duties/least privilege (SOD/LP), insufficient controls, etc. and offered recommendations and viable solutions to correct problems and ensure all federal regulation, guidelines and directives are followed accordingly.

Y-12 National Security Complex (Nuclear Weapons and Highly Enriched Uranium Facility) Prime Contractor to the U.S. Department of Energy/National Nuclear Security Administration

• Executed site-related security functions and job duties from the Security Operations Center (SOC) which provided 24x7x365 continuous monitoring and cyber security support.
• Deployed and managed several defense-in-depth technologies on the classified and unclassified network environments to augment the site's cyber security posture and to help prevent/detect Advanced Persistent Threats (APTs) and other internal/external threats
• Performed Quid Pro Quo attacks (via making false promises of free gift cards, money, t-shirts, or vacation).
• Performed Tailgating employees, Spear Phishing and Baiting campaigns.
• Evaluated information systems and security documentation for compliance with federal oversight requirements including FISMA compliance, NIST 800-53, OMB A-130, FIPS 140-2 and NAP 14.1D (National Nuclear Security Administration Policies).
• Participated and contributed in biweekly U.S. Department of Energy (DoE) Cyber Security meetings to discuss cyber- related events, activities, incidents and to share cyber intelligence within the DoE community. Topics included malware analysis/research; APTs and other malicious actors and targeted threats/attacks such as spear-phishing, hostile attachments, watering hole attacks, drive-by attacks, command and control (C2), etc.
• Conducted an ongoing threat analyses to determine the site security posture due to vulnerabilities, APTs and other malicious actors as well as the latest Situational Awareness Reports (SARs)/intelligence released by federal agencies (e.g., JC3, IARC, DoE, DoD, DHS, FBI, NSA, US CERT, etc.) and the open source community
• Worked closely with Y-12 internal organizations (e.g., Helpdesk, Network Support, Desktop Support, Software Support, Email Support, etc.) and other U.S. Department of Energy (DoE)/National Nuclear Security Administration (NNSA) sites to resolve user, network and security-related issues
• Responsible for oversight of network traffic. Conducted log analyses for tracking suspicious network activity due to malware, intrusions, internal threats, APTs and other malicious actors; failed/blocked websites; waste, fraud and abuse and for troubleshooting purposes related to software, hardware and network issues
• Responsible for site web proxies and anti-virus servers. Duties included but are not limited to Internet policy and web content filtering enforcement; creating and managing proxy policies and categories; reviewing user requests and applying or creating policies which grants/denies access accordingly and reviewing and categorizing unidentified sources and websites
• Responsible for the deployment and management of the site-wide network intrusion prevention system (IPS). Successfully configured and deployed the IPS in a test environment to monitor and understand its functionality in real-world situations and to observe its response to simulated attacks via penetration testing methodologies. IPS duties included but are not limited to managing the IPS central manger; network implementation of IPS sensors; software upgrades; emergency signature installs released by the vendor; creating custom Snort rules and attack signatures; creating custom firewall rules and exceptions; creating and managing policies; managing the IPS quarantine and analyzing attacks
• Configured, deployed and maintained strategically placed network IPS sensors to maximize visibility within the infrastructure while operating within budget constraints
• Tracked security-related events, incidents and alerts in the Y-12 cyber security event management system. This included but is not limited to tracking malware/Indicators of Compromise (IoC)/APTs; phishing emails; government issued Situational Awareness Reports (SARs) and intelligence, security alerts/bulletins and threat advisories published from various federal agencies and the private sector and technical advisories regarding the latest security vulnerabilities associated with hardware, software, mobile, wireless as well as Industrial Control Systems (ICSs)
• Maintained a custom blacklist that downloaded malicious URLs, domain names and IPs from internal and external sources that was automatically imported into the network proxies to deny users and systems from accessing malicious domains
• Developed a process for malware remediation by isolating/blocking infected or compromised hosts from internal and external resources until a strategy could be implemented to remediate its impact on the network
• Scanned and reviewed external and 3rd party media for malware and other discrepancies
• Configured, deployed and maintained the network data loss prevention (DLP) appliance. Activities included day-to-day maintenance, analyzing/tracking incidents and incident remediation.
• Created and deployed IDS/IPS rules and signatures into the network sensors
• Monitored networked systems for compliance with current policy standards (SCAP, USGCB, FDCC)
• Experience with incident response procedures such as chain of custody and documentation; detecting and identifying that an incident has occurred; containing and isolating the incident and preserving evidence; adding the IoC to a custom block list and/or creating and deploying attack signatures; eradicating the incident by removing/blocking the affected system from the network and monitoring the network to observe for similar or new abnormal activity
• Assisted with the implementation of the Security Information & Event Management (SIEM) system. Consolidated the site’s security controls (host-based and network-based IDSs/IPSs, proxies, firewalls) to a single platform for central management, alerting, correlation, profiling, and logging using a SIEM.
• Experience with network forensics; Conducted proxy and firewall log analyses and IDS/IPS alert correlation due to malware; waste, fraud and abuse and APTs and other malicious actors. Analyzed logs and alerts via network security controls to verify if an intrusion, compromise or misuse has taken place and determine if an additional investigation or further action is required such as a packet capture analysis (PCAP), media inspection and/or sanitization, notifying senior-level management, etc.
• Conducted penetration tests/vulnerability assessments to identify security weaknesses and potential threats; established baselines and tested new and existing systems after new software installations, upgrades or when configurations/changes were implemented.
• Contributed to the certification and accreditation (C&A) process by performing network, system and software vulnerability assessments via security tools and walk-downs. Analyzed results to determine the level of risk they pose, both internally and externally, and contacted system owners to propose recommendations to resolve or lower the security level or to mitigate or accept the risks associated with the vulnerabilities.

• IT/Network Administrator responsible for managing the corporate WAN with offices located in Knoxville, TN, Cookeville, TN and Orlando, FL. Supported users in a Microsoft Windows environment who was responsible for all corporate hardware and software. This included but was not limited to the corporate WAN optimizer, firewall, proxy, switches, domain controllers, file servers, Exchange server, backups, workstations, laptops, mobile devices, printers/plotters, etc.

• Other responsibilities included but are not limited to maintaining the corporate Intranet; diagnosing hardware, software and connectivity issues; testing backups and data recovery methods; malware remediation; documenting and tracking all network inventory; deploying new/existing software, updates, patches and configurations; building and repairing computer systems; monitoring and reviewing network activity and logs; maintaining software licenses; managing domain user accounts, groups and policies; automating network tasks via batch scripts; training users regarding proper usage of company resources as well as the corporate computer policies, procedures and standards and staying up-to-date with the latest security threats and practices.

• Backup IT Administrator responsible for managing and supporting a LAN in Knoxville, TN. Supported a small group of users in a Microsoft Windows environment who was responsible for company servers, workstations, firewall/IPS, printers/plotters and software, etc.

• Other duties included but are not limited to deploying new/existing software updates, patches and configurations; training users regarding computer usage and new software; building and repairing new computer systems; installing and managing new computer systems, applications and network appliances; malware remediation; reviewing system configurations and logs; conducting vulnerability scans to determine system and network risk levels and mitigation strategies; staying up-to-date with the latest security threats and practices and CAD application development (created and maintained custom-made AutoCAD menus and toolbars to establish standards and to improve productivity). Design Engineer duties available upon request.