Chamita Griffin
PKI Engineering Consultant at Cerebra Consulting Inc- Claim this Profile
Click to upgrade to our gold package
for the full feature experience.
-
English -
Topline Score
Bio
Credentials
-
CISM
-Dec, 2016- Nov, 2024 -
Security+
-Feb, 2011- Nov, 2024 -
A+
Network Support Specialist -
CEH
-
Experience
-
Cerebra Consulting Inc
-
United States
-
IT Services and IT Consulting
-
100 - 200 Employee
-
PKI Engineering Consultant
-
Feb 2023 - Present
• Supporting the design, build, and deployment of enterprise PKI systems. • Ensuring PKI systems comply with the relevant data privacy and protection frameworks and adhere to industry best practices. • Assessing and remediating the design and implementation of PKIs to mitigate risk. • Providing engineering and integration support, administering, maintaining, and deploying various PKI and multifactor authentication systems based primarily on Entrust and RSA solutions. • Developing automation approaches to solve PKI lifecycle challenges. • Analyzing legacy PKI solutions for security gaps and developing new approaches/capability to mitigate. • Developing standards and approaches to enable seamless integration across technical stacks. • Responsible for secrets management certificate discovery, organization, and allocating certificate ownership. • Design, deliver, and fully Automate certificate procedures across multiple channels within the organization. • Mitigate any Certificate threat issues by following remedial process based off research, investigations, and best practices. • Provisioning Venafi certificate management within console based on checking team information against CMDB portal, F5 status page, and confirming team ownership from multiple sources. • Encouraging team participation company wide during Decommissioning or following process concerning Certificate revocation. Show less
-
-
-
-
Information Technology Application Analyst
-
Sep 2020 - Dec 2022
• Responsible for daily system health checks and troubleshooting compatibility issues. • Performs system testing on various applications to maintain System functionalities. • Work with vendors to handle complex issues that are unable to be changed by team. • Liaison with multiple City Departments and 3rd party vendor for multiple projects. • Work with CSR associates, Managers, and multiple departments to perform upgrades as well as updates to various system applications. • Identify complex errors via CSR feedback, testing, and technical issues. • Onboarding new hires by managing accounts, adding roles, RBAC, profiles, templates, and groups. • Offboarding or stop dating employees who have left the company. • Taking Ownership of various applications and designing process paths. • Perform system administration on various applications, servers, and non-emergency applications. • Handling new installations and upgrades to system by working with multiple departments and vendors. • Utilizing Devops tools such as Github/GitLab, CI/CD, AWS code Build, Pipeline, Elastic Beanstalk. • Perform system administration on various AWS, CRM, EC2, and server applications. • Experience with Managing AWS services such as IAM, EC2, S3, NAT Instances, RDS, CloudFront, Cognito, Cloud watch Backups, AMI,’s, VPN, and AWS Direct Connect. • Adhering to Standardnization Policies, Procedures, and Global standards. • Responsible CRM system configuration via admin panel • Configuring User accounts via CRM System. • Performing system Updates for Mobile apps, CRM Patches, and working with various projects as well as vendors. • Performing Quarterly testing and updates Monthly. • Responsible for on call rotations for system issues. • Investigating any Customer relationship management system incidents and classifying them by Severity. • Collaborating with various departments to gather updates, new projects, Standardization, and various modifications to Motorola CRM systems. Show less
-
-
-
BB&T
-
United States
-
Financial Services
-
700 & Above Employee
-
100% Remote PKI Security Engineer
-
Apr 2019 - Aug 2020
Delivered Public Key Infrastructure (PKI) implementation and operations support, providing general technical support to PKI development, testing and on-going operations activities. Provided Tier II and III support for internal and external network and application Public Key Enablement (PKE). Utilized Venafi, Apperture, and service now to process, create, and renew certificates. Utilized PKI credential and loading of banking software certificates onto CMDs; provisioning CMDs with venafi software certificates. Utilized Certificate key applications like Venafi, ITIL, and Symantics to troubleshoot various incidents and vulnerabilities. Experience with Full cycle Certificates, Wildcard certs. Ownerless certs, Certificate Mismatch,2-Year-old Certs, Revocated certificates, Expired Certificates, and bad Algorithms. Experienced approved certificate outage due to Ownerless certificate after working with multiple departments during a company merger. Experience with creating and installing certificates with correct naming conventions and documenting the process via System protocols such as ITIL, Excel, Venafi. Providing Certificate troubleshooting support. Attended key meetings with various departments in regards to new projects requiring Certificate functions. Liaison across multiple Enterprise platforms to handle Escalated events, Project approvals and speaking with vendors such as Venafi. Collaborate with Splunk and Ops team to build a certificate inventory Analyze and identify all the data feeds that are needed for the certificate inventory. Collaborate with different teams to automate the certificate feed on a monthly basis. Work with Qualys team to include scans. Work with application owner to clean up non-compliant certificates. Assisted key management team in coming with training material for App managers and developers on certificate management Show less
-
-
-
MARICOPA COUNTY COMMUNITY COLLEGE DISTRICT
-
United States
-
1 - 100 Employee
-
Information Technology Security Consultant
-
Jun 2018 - Dec 2018
• Generated security documentation, including: security assessment reports, system security plans, contingency plans and disaster recovery plans. • Leveraged Foresight Sourcefire for indications of events or incidents. • Partnered with cross-functional departments and vendors to block, unblock, recategorize and troubleshoot various events. • Instrumental in the implementation and buildout on the incident response applications and foundation. • Performed information security assessment of one or more centralized endpoint information • security technologies (device management, malware protection, application whitelisting/blacklisting, patch management, software deployment, etc.). • Utilized Nmap to determine vulnerabilities such as ports open and to scan IP addresses. Used McAfee to determine the source of traffic, virus attack, and location. • Experience with Third Party Certificate Vendors such as Sectigo and Entrust • Experience with Certificate Lifecycle Managers such as Venafi • General understating of Public Key Infrastructure (PKI) • Can perform Discovery and Analysis on environments related to Certificates and Encryption, such as inventory, processes to issue/renew, current standards for strengths, lifecycle, etc. • Understanding of Cloud Key Management solutions such as AWS Key Management Service and Azure Vault • Support transition planning for interim state as well as final state in regards to migrations for Certificate Management and Encryption Key Management • Self-Motivated and able to drive tasks forward with little assistance • Strong Documentation skills • Utilized active Directory for setting up a root stand alone certificate authority, Verify PKI Health for issued certificates, and creating self-signed certificates. • Used Active Directory to create and install SSL Certificates on an IIS 10 from internal CA’s. • Utilized Windows system administration for day to day task. Show less
-
-
-
Box
-
United States
-
Technology, Information and Internet
-
700 & Above Employee
-
IT Security Analyst Incident investigative Response
-
Apr 2017 - Apr 2018
• Led threat modeling best practice efforts, improving quality, consistency, and efficiency with processes that continue to yield reproducible and defensible results. • Conducted thorough vulnerability risk assessments and investigated potential security incidents and exposures of systems. • Analyzed network and host-based security logs to determine remediation actions and escalation paths. • Subject matter expertise in isolating systems and creating policies in Carbon Black while removing malicious files via Carbon Black Live. • Developed and created Policy based practical procedures for remediation of threats and possible/probable vulnerabilities for current and future exposure of internal resources. • Researched and made recommendations regarding improvement and acquisition of network and security infrastructure. • Work as the technical administrator responsible for the engineering, implementation, installation, operation, and maintenance of Red Hat Enterprise Linux. Supporting a system modernization effort that encompasses maintaining and standing up a Linux platform, and development of a new application if required Show less
-
-
-
EZCORP
-
United States
-
Financial Services
-
700 & Above Employee
-
Network Analyst
-
Jun 2016 - Jul 2017
• Evaluated security on various systems and recommended changes to improve network integrity and prevent excessive access and potential risk. • Conducted log analysis, proactive monitoring, mitigation, and response to network and security incidents within a 24x7 Security Operations Center. • Proactively engaged and maintained strong working relationships with security vendors, which enhanced communication, eliminated redundancy and improved efficiency. • Utilized network sniffer tools to perform packet analysis, as well as IDS/IPS, SIEM, and web filtering solutions. Show less
-
-
-
Entergy
-
United States
-
Utilities
-
700 & Above Employee
-
Information Technology Security Specialist
-
Apr 2013 - Jun 2016
• Developed, implemented, and evaluated security programs designed to anticipate, assess, and minimize system vulnerabilities such as access requests, password changes, and turning profiles on and off. • Trained and supported internal and external users one FERC; ensuring applicant keeps with guidelines of FERC processes and procedures. • Analyzed, reviewed, approved and gathered documents pertaining to Access request process. Configured User Accounts and group Policies. • Accountable for removing access in a timely manner after firing or Hiring in accordance with CIP demands. Show less
-
-
-
Tenaris
-
United States
-
Oil and Gas
-
700 & Above Employee
-
IT Specialist
-
Feb 2009 - Apr 2013
• Provided system support to 5000+ users; consistently exceeded key performance metrics such as call volume, handle time, and quality. • Troubleshot and resolved advanced questions regarding issues with computer hardware, network/internet connectivity, and cyber security concepts. • Addressed customer complaints and pre-sales questions at first point of contact with minimal escalations. • Displayed vast experience with NIST 800-53 , and ISO 27001/27002 security frameworks. • Provided system support to 5000+ users; consistently exceeded key performance metrics such as call volume, handle time, and quality. • Troubleshot and resolved advanced questions regarding issues with computer hardware, network/internet connectivity, and cyber security concepts. • Addressed customer complaints and pre-sales questions at first point of contact with minimal escalations. • Displayed vast experience with NIST 800-53 , and ISO 27001/27002 security frameworks.
-
-
Education
-
2022 - 2023
Cloud Technology Experts
AWS Certifications, Cloud Technology -
2016 - 2016
New Horizons Computer Learning Centers - Englewood
Certificate, IT Security -
2011 - 2011
cybertex institute of technology
certification, Network Support Specialist -
1993 - 1997
smithville high school
diploma, diploma
Community
