Providing Cyber Security Advisory services to organizations nationwide.

Laid off... Information Security Program dissolved due to COVID-19. Devised and implemented an Information Security Program around AICPA Security Operations Center 2 (SOC2) and National Institute of Standards and Technology (NIST) Cyber Security Frameworks. Defined standards, strategies, programs, policies and procedures where required to span all areas of the company that impact Information Security. Provided oversight and guidance regarding data and consumer privacy laws such as California Consumer Privacy Act (CCPA) and General Data Protection Regulation (GDPR). Recognized, assessed, and addressed changes that have the potential to introduce increased Information Security risk at the company-wide level. Engaged with customers and prospects as an Information Security subject matter expert and advocate. Partnered with Accounting and Legal teams to review customer contracts for security, privacy, and technical requirements.

Reviewed Information Security Programs for clients in financial, healthcare, and other regulated industries from coast-to-coast. Responsible for review of policies, controls, firewalls, etc. to determine the effectiveness of program to keep critical client and institution data safe. Communicated findings and recommendations to Board and other key players. Coordinated with team to ensure technical reviews and other security engineering engagements performed seamlessly for our clients.

• Information Security Audit
• Social Engineering
• Risk Assessments
• Web Compliance Assessments
• FFIEC, GLBA, SOX, NIST, CCPA, GDPR, NYDFS, HIPAA, HITECH, NIST, PCI, ISO

• Provided cyber security consulting services for a private company located in the Knoxville, TN area.
• Responsible for developing, evaluating and implementing sound cyber security policies/principles and best practices; conducted audits and risk assessments; malware remediation and offered guidance securing and optimizing critical and private IT systems and networks.
• Conducted Anti-Phishing, Baiting and Vishing campaigns.
• Performed penetration testing/vulnerability assessments across the network scanning for application and system vulnerabilities.
• Identified vulnerabilities and findings and recommended risk-reduction/mitigation solutions.
• Provided metrics and detailed information of outstanding vulnerabilities and the risk they pose to the network.

view more

view less

Contractor to Hexagon Manufacturing Intelligence - North Kingstown, RI

• Developed a security strategy/roadmap for security best practices and compliance with the National Institute of Standards and Technology Special Publications (NIST SP 800-53r4, NIST SP 800-171 and NIST SP 800-18).
• Conducted audits and assessed the security program and network for improvements and made recommendations to resolve any security vulnerabilities and findings.
• Recommended hardware and software solutions, tools and best practices that would help improve and strengthen the Hexagon Cyber Security Program and security posture.
• Provided guidance and stressed the importance of security policies and standards; including, but not limited to an effective security awareness training and education program; continuous monitoring; vulnerability scanning and penetration testing, etc.
• Evaluated security environment; identified security gaps; and made recommendations for enhancements.

Contractor to Hewlett-Packard Enterprise (HPE) f/k/a Hewlett-Packard (HP)

• Collaborated with Hewlett-Packard’s (HP) Global Cyber Security Compliance team supporting the System Security Plan (SSP)/Compliance initiative in preparation of HP's corporate split (HPE and HP).
• Developed and assessed SSPs and system profiles for HP's mission critical and entity essential applications, systems and networks across all business units and global functions.
• Team Lead/Project Manager; conducted audits/risk assessments of IT systems for compliance in a diverse technology environment across varying infrastructures, applications and networks.
• Advised senior management by identifying critical security issues, vulnerabilities and findings and recommended risk- reduction/mitigation solutions.
• Assessed applications and systems for compliance against aligned security policies and standards; industry and regulatory controls; IT computing controls and conducted gap analyses as required.
• Assisted in the demonstration of system security operational objectives by contributing information and provided recommendations to strategic plans and reviews.
• Prepared and completed associated remediation action plans; assisted with resolving cyber security issues; identified trends; determined system improvements and drove needed change.
• Recorded SSP information in the eGovernance, Risk and Compliance (eGRC) application (RSA Archer eGRC Platform) to promote and develop security strategies; identify compliance obligations (e.g., HIPAA, PCI-DSS, SOX, etc.); direct system control development and access management, monitoring, control and evaluation.

Contractor to the USDA Forest Service Natural Resource Manager (NRM)

• Revamped the Natural Resource Manager (NRM) Cyber Security Program to reflect the National Institute of Standards and Technology Special Publications (NIST SP) 800 series; OMB Circular A-130; Federal Information Security Management Act (FISMA); Federal Information Processing Standards (FIPS) 199, 200 and 140-2; U.S. Gov’t FedRAMP guidelines for Cloud and Virtualization infrastructure technologies as well as the U.S. Forest Service’s policies and standards
• Recommended and procured software solutions, tools and best practices that would help improve and strengthen the NRM Cyber Security program and security posture with the goal of protecting the confidentiality, integrity and availability of NRM’s data
• Provided security guidance and oversight for various IT projects and evaluated systems and documentation for federal compliance requirements.
• Educated users in sound cyber security principles and best practices
• Represented the NRM Cyber Security Organization during project meetings to assist stakeholders and provided recommendations regarding cyber security as required by federal guidelines and regulations
• Created security guidance documents to assist NRM in producing organizational standard operating procedures (SOPs)
• Ensured all regulations, guidelines, directives, policies and procedures are being followed and that security checklists/hardening guides are being employed to establish a standard baseline and to satisfy federal cyber security requirements
• Proposed solutions, tools and best practices to strengthen NRM’s web/application/database security as well as establish an effective configuration/change management system (CMS)
• Assisted in the process to reduce the current number of Plan of Action and Milestones (POA&Ms) identified by NRM Cyber Security as well as previous Office of Inspector General (OIG) audits and to propose solutions to prevent future POA&Ms from reoccurring
• Worked with NRM federal and contract personnel to address security incidents and issues involving users, information systems and data
• Identified current NRM security-related issues due to vulnerabilities, access, deficiencies, separation of duties/least privilege (SOD/LP), insufficient controls, etc. and offered recommendations and viable solutions to correct problems and ensure all federal regulation, guidelines and directives are followed accordingly.

view more

view less

Y-12 National Security Complex (Nuclear Weapons and Highly Enriched Uranium Facility) Prime Contractor to the U.S. Department of Energy/National Nuclear Security Administration

• Executed site-related security functions and job duties from the Security Operations Center (SOC) which provided 24x7x365 continuous monitoring and cyber security support.
• Deployed and managed several defense-in-depth technologies on the classified and unclassified network environments to augment the site's cyber security posture and to help prevent/detect Advanced Persistent Threats (APTs) and other internal/external threats
• Performed Quid Pro Quo attacks (via making false promises of free gift cards, money, t-shirts, or vacation).
• Performed Tailgating employees, Spear Phishing and Baiting campaigns.
• Evaluated information systems and security documentation for compliance with federal oversight requirements including FISMA compliance, NIST 800-53, OMB A-130, FIPS 140-2 and NAP 14.1D (National Nuclear Security Administration Policies).
• Participated and contributed in biweekly U.S. Department of Energy (DoE) Cyber Security meetings to discuss cyber- related events, activities, incidents and to share cyber intelligence within the DoE community. Topics included malware analysis/research; APTs and other malicious actors and targeted threats/attacks such as spear-phishing, hostile attachments, watering hole attacks, drive-by attacks, command and control (C2), etc.
• Conducted an ongoing threat analyses to determine the site security posture due to vulnerabilities, APTs and other malicious actors as well as the latest Situational Awareness Reports (SARs)/intelligence released by federal agencies (e.g., JC3, IARC, DoE, DoD, DHS, FBI, NSA, US CERT, etc.) and the open source community
• Worked closely with Y-12 internal organizations (e.g., Helpdesk, Network Support, Desktop Support, Software Support, Email Support, etc.) and other U.S. Department of Energy (DoE)/National Nuclear Security Administration (NNSA) sites to resolve user, network and security-related issues
• Responsible for oversight of network traffic. Conducted log analyses for tracking suspicious network activity due to malware, intrusions, internal threats, APTs and other malicious actors; failed/blocked websites; waste, fraud and abuse and for troubleshooting purposes related to software, hardware and network issues
• Responsible for site web proxies and anti-virus servers. Duties included but are not limited to Internet policy and web content filtering enforcement; creating and managing proxy policies and categories; reviewing user requests and applying or creating policies which grants/denies access accordingly and reviewing and categorizing unidentified sources and websites
• Responsible for the deployment and management of the site-wide network intrusion prevention system (IPS). Successfully configured and deployed the IPS in a test environment to monitor and understand its functionality in real-world situations and to observe its response to simulated attacks via penetration testing methodologies. IPS duties included but are not limited to managing the IPS central manger; network implementation of IPS sensors; software upgrades; emergency signature installs released by the vendor; creating custom Snort rules and attack signatures; creating custom firewall rules and exceptions; creating and managing policies; managing the IPS quarantine and analyzing attacks
• Configured, deployed and maintained strategically placed network IPS sensors to maximize visibility within the infrastructure while operating within budget constraints
• Tracked security-related events, incidents and alerts in the Y-12 cyber security event management system. This included but is not limited to tracking malware/Indicators of Compromise (IoC)/APTs; phishing emails; government issued Situational Awareness Reports (SARs) and intelligence, security alerts/bulletins and threat advisories published from various federal agencies and the private sector and technical advisories regarding the latest security vulnerabilities associated with hardware, software, mobile, wireless as well as Industrial Control Systems (ICSs)
• Maintained a custom blacklist that downloaded malicious URLs, domain names and IPs from internal and external sources that was automatically imported into the network proxies to deny users and systems from accessing malicious domains
• Developed a process for malware remediation by isolating/blocking infected or compromised hosts from internal and external resources until a strategy could be implemented to remediate its impact on the network
• Scanned and reviewed external and 3rd party media for malware and other discrepancies
• Configured, deployed and maintained the network data loss prevention (DLP) appliance. Activities included day-to-day maintenance, analyzing/tracking incidents and incident remediation.
• Created and deployed IDS/IPS rules and signatures into the network sensors
• Monitored networked systems for compliance with current policy standards (SCAP, USGCB, FDCC)
• Experience with incident response procedures such as chain of custody and documentation; detecting and identifying that an incident has occurred; containing and isolating the incident and preserving evidence; adding the IoC to a custom block list and/or creating and deploying attack signatures; eradicating the incident by removing/blocking the affected system from the network and monitoring the network to observe for similar or new abnormal activity
• Assisted with the implementation of the Security Information & Event Management (SIEM) system. Consolidated the site’s security controls (host-based and network-based IDSs/IPSs, proxies, firewalls) to a single platform for central management, alerting, correlation, profiling, and logging using a SIEM.
• Experience with network forensics; Conducted proxy and firewall log analyses and IDS/IPS alert correlation due to malware; waste, fraud and abuse and APTs and other malicious actors. Analyzed logs and alerts via network security controls to verify if an intrusion, compromise or misuse has taken place and determine if an additional investigation or further action is required such as a packet capture analysis (PCAP), media inspection and/or sanitization, notifying senior-level management, etc.
• Conducted penetration tests/vulnerability assessments to identify security weaknesses and potential threats; established baselines and tested new and existing systems after new software installations, upgrades or when configurations/changes were implemented.
• Contributed to the certification and accreditation (C&A) process by performing network, system and software vulnerability assessments via security tools and walk-downs. Analyzed results to determine the level of risk they pose, both internally and externally, and contacted system owners to propose recommendations to resolve or lower the security level or to mitigate or accept the risks associated with the vulnerabilities.

• IT/Network Administrator responsible for managing the corporate WAN with offices located in Knoxville, TN, Cookeville, TN and Orlando, FL. Supported users in a Microsoft Windows environment who was responsible for all corporate hardware and software. This included but was not limited to the corporate WAN optimizer, firewall, proxy, switches, domain controllers, file servers, Exchange server, backups, workstations, laptops, mobile devices, printers/plotters, etc.

• Other responsibilities included but are not limited to maintaining the corporate Intranet; diagnosing hardware, software and connectivity issues; testing backups and data recovery methods; malware remediation; documenting and tracking all network inventory; deploying new/existing software, updates, patches and configurations; building and repairing computer systems; monitoring and reviewing network activity and logs; maintaining software licenses; managing domain user accounts, groups and policies; automating network tasks via batch scripts; training users regarding proper usage of company resources as well as the corporate computer policies, procedures and standards and staying up-to-date with the latest security threats and practices.

view more

view less

• Backup IT Administrator responsible for managing and supporting a LAN in Knoxville, TN. Supported a small group of users in a Microsoft Windows environment who was responsible for company servers, workstations, firewall/IPS, printers/plotters and software, etc.

• Other duties included but are not limited to deploying new/existing software updates, patches and configurations; training users regarding computer usage and new software; building and repairing new computer systems; installing and managing new computer systems, applications and network appliances; malware remediation; reviewing system configurations and logs; conducting vulnerability scans to determine system and network risk levels and mitigation strategies; staying up-to-date with the latest security threats and practices and CAD application development (created and maintained custom-made AutoCAD menus and toolbars to establish standards and to improve productivity). Design Engineer duties available upon request.