Sr. Cyber Security Engineer - SME

• May 2021 - Present

Sr. Cybersecurity Engineer

• Jun 2018 - Jan 2021

• Assisted in preparation for the DHS CDM “Defend E” contract. • Took over as Lab Administrator for the “DEFENDE E” lab environment. • Administered the four lab domains, including Active Directory, Group Policy, and DNS. • Evaluated the lab environment and troubleshot issues. • Recommended that the lab environment be rebuilt and engineered a plan to rebuild the four domains with minimal disruption to the work efforts. • Acted as Senior Engineer and Subject Matter Expert (SME) for the installation, configuration, integration, and testing of the Venafi Trusted Protection Platform (TPP) application for proof of concept evaluation. • Deployed Venafi TPP in the Development Lab environment for evaluation of the necessary functionalities, such as certificate discovery, and reporting. • Tuned and maintained the Venafi TPP application as needed. • Troubleshot configuration issues with the Venafi TPP application. • Created the necessary configuration documentation (Installation and Configuration Guide) for the Venafi TPP application. • Created the necessary pre-deployment and post-deployment checklists. • Trained other engineers on the configuration of the Venafi TPP application. • Evaluated the Venafi TPP application for the required functionality. • Acted as Senior Engineer and SME for the installation, configuration, integration, and testing of Microsoft System Center Configuration Manager (SCCM) for evaluation of functionality within multiple agencies CDM environments. • Assisted with creating and updating the required “DEFEND E” documentation including, but not limited to, the: Concept of Operations (CONOPS), Architecture and Back Out Plan, and the response to the Request for Services (RFS). • Assisted other engineers on the contract with a variety of issues as needed. • Assisted on other Perspecta projects as requested. • Assisted with the procurement of hardware for the Perspecta Air Force Enterprise Logging Contract. Show less

Sr. System Security Engineer

• May 2018 - Jun 2018

The division of DXC Technology that I worked for split from the company to form Perspecta. The division of DXC Technology that I worked for split from the company to form Perspecta.

Cleared Consultant - Cyber Security & Digital Forenesics

• Nov 2016 - May 2018

Enterprise Security Engineer / Architect - Security & Electronic Systems Division

• Oct 2017 - Jan 2018

• Planned upgrades of client’s current infrastructure, both hardware and software. • Configured and tested systems in a lab environment, in order to identify any possible compatibility issues. • Documented the configuration of all planned system upgrades and installations. • Performed forensic analysis on systems and files. • Tested systems for performance related issues. • Implemented industry best practices in order to achieve high levels of stability, performance, and security, in operating systems, applications and SQL databases. • Assisted in Certification and Accreditation efforts, as needed. • Applied DISA STIGs and NIST 800-53 controls to systems. • Verified that systems met the requirements for DISA, NIST, DIACAP, and RMF policies. • Provided top tier engineering support for junior engineers, technicians, and system administrators. • Supported other engineers and technicians with issues that needed resolved. • Troubleshot and engineered solutions for system issues, using existing and new technologies. • Researched, evaluated, and recommended new hardware and software that could provide improvements in system stability and performance. • Supported proposal efforts for new contracts. • Evaluated and updated current SOP and SOW documentation, as needed. • Developed new SOP and design documentation. • Served as a Senior Systems Engineer on the Pentagon Force Protection Agency (PFPA) contract. • Ensured test lab equipment was maintained, and managed the VMWare lab environment. • Participated in planning and engineering meetings. Show less

Subject Matter Expert (SME) – System Security / Digital Forensics

• Dec 2013 - Nov 2016

• Performed forensic imaging, data extraction and forensic analysis on hard drives, as needed for clients. • Kept notes on the processes and steps taken to perform each forensic analysis, and created reports based on the findings. • Researched and recommended forensic solutions (Hardware and Software) for clients. • Researched and recommended Security Information and Event Management system (SIEM) products and solutions for client. • Provided Subject Matter Expert (SME) support to clients during research phase. • Tested SIEM solutions in client environment for proof of concept (POC) and functionality. • Prepared formal recommendation of LogRhythm SIEM solution to present to client’s management. • Presented recommendations to client’s engineering control board as necessary (ECB). • Prepared concept of operations (CONOPS) documentation for client as needed. • Prepared implementation and deployment plans for clients as needed for security and forensic solutions. • Deployed and implemented a $1.5 million LogRhythm SIEM solution in client’s pre-production and production environments. There was a total of 5 environments globally, with 500+ servers. • Provided SME and administration support to client before, during, and after the deployment of LogRhythm SIEM Solution in pre-production and production environments. • Worked with the FISCAM audit team to implement custom auditing and reporting within the LogRhythm SIEM solution, for the required FISCAM controls. • Worked with the IA team to ensure that the LogRhythm SIEM solution was configured to meet the controls and provide the reports which are required for both the DIACAP (DoD 8500.2) and the RMF (NIST 800-53) controls. • Worked with the necessary team members to verify POA&M items were addressed, updated and closed as required. • Worked with the necessary team members to verify all systems were compliant with the DISA STIGs and Security Check-lists. Show less

Senior Associate

• Aug 2011 - Oct 2013

Performed 12 forensic investigations, on Microsoft Windows systems, as need for the IAM office. A few examples of the investigations performed are below: • Investigated systems for the viewing of pornography. • Investigated systems for cases of specific misuse. • Investigated systems for proof of inappropriate relationships. • Investigated systems to prove connection to unauthorized networks. • Investigated system to prove infection by viruses, as well as how and when the infection took place. Verified that the research data on the system was clean, and recovered the data for management. • Performed forensic imaging, data extraction, and forensic analysis on hard drives, using a Forensic Recovery of Evidence Device (F.R.E.D) system. • Performed forensic investigations, based on provided scope, on storage media. • Used COTS tools, such as: EnCase, and Forensic Toolkit (FTK). • Analyzed metadata for different types of files for evidence in investigations. • Analyzed the Windows Registry for possible evidence for cases. • Kept notes on the processes and steps taken to perform each forensic analysis, and created reports for management based on the findings of the investigation. • Assisted other investigators by reviewing their processes and reports in order to verify the methods used to find forensic evidence. • Performed network investigations using tools such as: NMAP and WireShark. • Assisted the IAM office with day-to-day IA related tasks. • Developed a process for the review, testing and approval of non-standard software packages. • Developed a system to track all software packages in the environment so that they could be managed for needed updates and patches. • Worked on a system to track software licensing and system life-cycle. • Supervised all of the IASOs within the USARL chain of command. • Worked to define all necessary requirements for the IASOs and set policies for them moving forward. Show less

Senior Security Administrator - Supporting IRS Chief Counsel Office

• Mar 2010 - Jul 2011

* Setup, configure and maintain WSUS 3.0 Server in Production and Test environments. * Evaluate monthly Microsoft patches before release to IRS Counsel Systems. * Test all Microsoft patches in Lab and on test computers and servers in the Production environment. * Releases all approved patches to the production environment and monitor them for progress. * Troubleshoot connection issues between clients and WSUS Server. * Troubleshoot patch installation errors. * Create custom scripts to repair client connection issues. * Monitor WSUS and keep database up to date and purged of old systems. * Maintain IRS Security / Information Awareness (IA) requirements on all assets in accordance with IRS IRM requirements. * Ensure all assets are compliant with all IRS CSIRC Advisories. * Review server audit logs regularly for possible security issues. * Create policies for patch management and security and send them to management for approval. * Assist with Systems Administration duties wherever I am needed. * Create technical recommendations for new products or technologies and submit them to the project manager for presentation to client. * Run in house custom tool WPC (Windows Policy Checker) against systems and interpret results for Systems Administrators. * Assist in the remediation of findings from the WPC tool. * Assist with needed documentation for C&A Procedures. * Document the release or decline of all Microsoft Patches. * Test and evaluate new products and software. (Ex. Office 2010, Windows 2008) Show less

IASO – Information Assurance Security Officer - Supporting US Army MRMC Headquarters

• Nov 2008 - Feb 2010

* Maintain DoD level Security / Information Awareness (IA) requirements on all assets in accordance with AR 25-2. * Maintain user training records in Army Training and Certification Tracking System. (ATCTS) * Track and consolidate command responses to MEDCOM and Army taskers. * Ensure all assets are Information Assurance Vulnerability Alert (IAVA) compliant and report weekly to MEDCOM. * Act as POC between USAMRMC subordinate activities and MEDCOM for distribution and clarification of information. * Represent USAMRMC and subordinate activities in meetings with USAMITC and MECOM. * Coordinated the rollout of Host Based Security System (HBSS) to all USAMRMC assets and subordinate activities. * Keep the Deputy Chief of Staff of Information Management (DCSIM) / Chief Information Officer (CIO) informed of all IA related issues. * Compile reports for all activities to be passed up to CIO and MEDCOM IA. * Process user requests for access to all resources. * Worked to coordinate compliance with FRAGO 4 initiative. * Make recommendations to CIO on procedures and processes. * Make recommendations to CIO on software and hardware acquisitions. * Review requests to IA department for software or hardware procurements. * Run regular Retina scans on all assets and compile reports for compliance. * Review requests for exemptions to Security Technical Implementation Guides (STIG) implementation and make recommendations to management. * Run Q-Tip scans on systems as needed. * Respond to Regional Computer Emergency Response Team (RCERT) incidents in a timely manner. * Act as technical advisor to CIO and Information Assurance Manager (IAM) for IA related issues. * Research MEDCOM, Army and DoD policies as needed, and provide them to staff. * Assist in disaster recovery and Continuity of Operations (COOP) exercises and planning. * Act as POC for subordinate activity IASO questions. * Prepare POA&Ms as needed for tasker compliance. Show less

Systems Administrator

• Sep 2007 - Oct 2008

• Provided on-site support for all back-end server operations. • Managed and maintained servers assigned to me and acted as a backup for other administrators as needed. • Installed and tested new software packages for enterprise use. • Setup and configured software for network monitoring and security. • Participated in a rotating on-call schedule for any issues that arose with servers. • Maintained DoD level Security and IA requirements for all servers. • Monitored Tivoli backup reports for servers. • Assisted in disaster recovery plans. • Completed charts and reports for require system metrics. • Managed Active Directory (AD) Users, Groups, Group policy, Etc. • Managed user group assignments. • Performed server software & hardware maintenance, management & configuration (Domain Controllers, Files Servers, and Clusters). • Researched, priced and recommended the purchase of affordable IT solutions for the enterprise. • Administered McAfee Corporate Edition on all servers. • Completed all monthly maintenance and patching of servers, including IAVA patches. • Assisted DOIM help desk personnel with troubleshooting issues when needed. • Provided Tier 3 support for users on the base and abroad. Including E-mail, CAC, permissions, Etc. • Managed Exchange Server for NAE (ARMY) Domain. • Managed File Server folder permissions. • Worked with outside clients to complete projects that were housed and monitored by myself and the DOIM. • Managed projects by coordinating with outside clients and internal management. • Kept servers in compliance with all IAVA and IA standards set by the DoD. • Ran Retina scans on servers to ensure compliance of vulnerability levels. • Ran Gold Disk to ensure STIGs were applied to servers. • Managed HP Blade servers. • Monitored HEAT Help Desk tickets and assisted with closing Level 3 call tickets. • Designed and developed the local SIPR domain for connection to the ARMY AD Forest. Show less

Systems Administrator

• Sep 2005 - Sep 2007

• Provided on-site support for all back-end server operations. • Managed and maintained about 45+ servers across two domains. • Installed and tested new software packages for enterprise use. • Setup and configured software for network monitoring and security. • Was on-call 24/7 for any issues that arose with servers. • Maintained NIH level requirements on all servers. • Managed backup jobs and media. • Managed all Microsoft Virtual Servers. • Assisted in disaster recovery plans and drills regularly. • Completed daily paperwork to comply with monthly server audits. • Prepared for and completed high level audits from the Inspector General’s office. • Managed Active Directory (AD). • Managed user group assignments. • Performed server software & hardware maintenance, management, and configuration (Domain Controllers, File Servers). • Administered Citrix Metaframe XP server for remote users. • Researched, priced and made purchase recommendations of affordable IT solutions for the enterprise. • Managed all procurement activities for our contract. • Administered McAfee Corporate Edition on all servers through ePolicy. • Completed all monthly maintenance and patching of servers. • Assisted NIH help desk personnel with troubleshooting issues when needed. • Supported Audio and Video (A/V) equipment for meetings. Show less

LAN Administrator

• Mar 2004 - Sep 2005

• Provided Tier I, II & III support for 300 users in five US locations and remote locations worldwide (Network, Hardware, OS, Software, VPN, Lotus Notes, Etc.) • Provided network support for WAN at five offices across three states • Managed user accounts and permissions. • Managed and configured Active Directory (AD), DNS, and DHCP. • Managed global Group Policy. • Performed server software & hardware maintenance, management, and configuration (Domain controllers, and File Servers). • Designed and built new data center for corporate office. • Created and maintained Images for multiple hardware platforms. • Worked on design and implementation of enterprise disaster recovery plan • Managed tape backup systems for all locations (Veritas Net Backup, Veritas Backup Exec.) • Installed, configured, maintained, and managed, Symantec Anti-virus Servers at two US locations. • Implemented network and workstation security policies. Implemented data encryption standard for laptops. • Researched, priced and made purchase recommendations of affordable IT solutions for the enterprise. • Managed a project to upgrade 200 user’s PC’s to new hardware platform. • Managed a project to incorporate new Help Desk tracking software. • Managed the continuous software upgrades for users. (Office, Lotus Notes) • Upgraded domain servers form Windows 2000 Server to Windows 2003 Server. • Managed Help Desk functions for entire IT department. • Designed and implemented network, & configuration solutions across entire enterprise. • Administered Citrix Metaframe XP server for remote users. • Tested software upgrades and service packs before implementation. • Implemented network and workstation security policies and procedures. Show less

Lead Desktop Support

• Aug 2003 - Jan 2004

* Tier II & III desktop support for 2000 users over three buildings * System and network troubleshooting, software configuration * Image refurbished machines with company approved image * Transfer users files and data to new PC using Ghost or network drive and restore all of users files on new PC * Input users settings for network connection, printers, Novell Client and Lotus Notes * Tier II & III desktop support for 2000 users over three buildings * System and network troubleshooting, software configuration * Image refurbished machines with company approved image * Transfer users files and data to new PC using Ghost or network drive and restore all of users files on new PC * Input users settings for network connection, printers, Novell Client and Lotus Notes

Field Supervisor

• Apr 2003 - Aug 2003

* Supervise tech’s in multiple territories spread over metro area * Respond to service calls in entire metro area as dispatched * Provide phone support to clients as needed * Evaluate, troubleshoot and repair Network and PC issues including: Windows 95, 98, NT, 2000, XP, 2003, Unix, BSD, Mac OS 9 & OS X * Wireless 802.11b & 802.11g, Ethernet, PC hardware & Network Hardware including - Firewalls, routers, switches, and hubs * Designed and implemented server solutions for businesses * Design custom networks and PC’s for residence and business solutions * Designed custom managed and unmanaged backup solutions Show less

Consultant

• May 2001 - Apr 2003

* Troubleshoot & repair computer & network issues * Server & workstation software installations * Network monitoring & analysis * Install & configure network devices such as firewalls, routers, switches, hubs, and repeaters * Provide remote access solutions such as VPN & dialup connections * Provide custom backup solutions for clients (managed & unmanaged) * Provide custom network solutions for clients needs * Network design and architecture * Design and install virus solutions for clients * Advise clients on all aspects of their IT needs * Provide clients with phone support as needed * Provide network security solutions for customers Show less

Q.A. Test Engineer

• Jun 2000 - May 2001

Tested software for compatibility and security on multiple platforms: Windows 95,98,98SE,NT, 2000,ME, XP; Win CE, Citrix Solaris, Linux, BSD, Mac OS, and Palm OS Designed, developed set up & supported multiple test LAN networks Installed and configured NT, Win. 2000, and XP servers Installed, configured, and maintained Active Directory for Win 2000 networks Installed, configured, and maintained Exchange 2000 server Diagnosed and repaired multiple types of network and system malfunctions Show less