Keith Michaud, CISSP, CISM

Cyber Security Analyst at Falconwood, Incorporated
  • Claim this Profile
Contact Information
us****@****om
(386) 825-5501
Location
Goose Creek, South Carolina, United States, US

Topline Score

Topline score feature will be out soon.

Bio

Generated by
Topline AI

You need to have a working account to view this content.
Join now
You need to have a working account to view this content.
Join now

Credentials

  • Certified Information Security Manager (CISM)
    ISACA
    Sep, 2020
    - Oct, 2024
  • CISSP
    (ISC)²
    Aug, 2017
    - Oct, 2024
  • GIAC-GSLC
    SANS Institute
    Dec, 2011
    - Oct, 2024
  • Network +
    CompTIA
    Jun, 2009
    - Oct, 2024
  • Security +
    CompTIA
    Jul, 2009
    - Oct, 2024

Experience

  • Falconwood, Incorporated
    • United States
    • Defense and Space Manufacturing
    • 100 - 200 Employee
    • Cyber Security Analyst
      • Feb 2014 - Present

      • Perform system security reviews as part of the A&A process for the Navy Marine Core Intranet (NMCI) Enterprise • Implement Certification and Accreditation (C&A), Assessment and Authorization (A&A) processes for IT systems and networks in accordance with the DoD 8500.1, 8510.01 and NIST 800-37 processes. • Analyze information systems security requirements to be implemented during system design. • Conduct Risk Management Methodologies to determine what security controls and compensating controls reduce potential threat vectors from being exploited and maintain residual risk. • Perform Risk Assessment recommendations on deltas from DoD Cyber Security Tools, Such as, STIGS, SRGs, and ACAS (Nessus) • Enterprise Risk Review Lead: responsible for managing vulnerabilities, threats, and maintaining an acceptable risk posture for the enterprise. This included working with the customer to report new vulnerabilities and review vulnerabilities being brought forward for closure. • Work with System Engineers on Mitigation and Remediation strategies for Vulnerability Assessments • Support Government lead with Cyber Security risk impact recommendations for technical changes to be presented at the Cyber Security Review Board (CSR) • Analyze and review results from network and system vulnerability scans for determination of the Risk Assessment of Security Controls in accordance with DoD 8500.2 and NIST 800-53 Revision 4 • Draft accreditation support documentation for C&A/A&A packages, etc., to include Risk Assessment Reports, Security Plans, Plan Of Action Milestones and security test and evaluation plans • End User Services Cyber Security Lead: Providing Liaison support for Government Leads with recommendations on all C&A/A&A phases to achieve Authority to Operate • Collaborate with Portfolio leadership and Engineers with building C&A/A&A requirements into all of the SDLC phases. Show less

  • Apex Systems
    • United States
    • IT Services and IT Consulting
    • 700 & Above Employee
    • Systems Analyst
      • Aug 2013 - Feb 2014

      • Knowledge of and experience with Department of Defense (DoD), DIACAP, NIST, FISMA, policies and regulations for the NAVY Medicines Clinical Infrastructure (CIP)/ Clinical Desktop (CDP) Enterprise Program • Conduct Vulnerability Analysis Using the following Cyber Security Tools, Security Technical Implementation Guidelines (STIGS), Retina, SCAP, NMAP, Security Compliance Checker (SCC) to provide efficient and accurate reporting to Management • Recommend Vulnerability Mitigation strategies to engineers to reduce the risk to an acceptable level while maintaining an effective Security Posture for 21 Enclaves within the Navy Medicines Enterprise • Incorporate Information Systems Security Engineering planning and Defense Layering strategies to System and Network Architects • Experience with developing, modifying Certification and Accreditation (C&A) packages while maintaining the Navy Medicines Enterprise’s Authority to Operate (ATO) • Work with various risk management concepts, such as information security, operations security, administrative security, and communications security • Ensuring Cyber Security compliance is built into the System Development Life Cycle of VMware application, desktop, Microsoft Windows Server 2008, Active directory 2008, Vcenter Server and VMware server virtualization infrastructures for enterprise environments. Show less

  • Scientific Research Corporation
    • United States
    • Defense and Space Manufacturing
    • 700 & Above Employee
    • Systems Analyst
      • Jan 2011 - Aug 2013

      • Subject matter expert working on various Department of Defense (DoD) projects, assisting engineers with cyber security implementation of Defense Layering within systems and networks • Perform Certification and Accreditation (C&A), Assessment and Authorization documentation reviews to ensure compliance with DoD, National Institute of Standards and Technology (NIST) and FISMA, with Information Assurance requirements for Navy and Army risk assessments • Performed Vulnerability Analysis on systems and networks using vulnerability scanning tools, such as Retina, SCAP, NMAP, Gold Disk, Nessus, Wireshark, and Security Compliance Checker (SCC) • Administrated compliancy with Department of Defense (DoD) mandated cyber security baselines for systems, software, and applications within Department Information Systems Agency (DISA) issued Security Technical Implementation Guides (STIGs) in Production, Research and Development (R&D) environments. • Develop and Provide technical support for the review of DIACAP documentation, C&A/A&A artifacts, vulnerability assessment reports, assisting sites with mitigation strategies, ensuring that Best Business Practices (BBP) are followed and DoD Information Assurance standards are compliant • Collaborated closely with system sponsors to identify Designated Approval Authority (DAA) requirements in order to achieve an Authority to Operate (ATO) or Interim Authority to Operate (IATO), Using C&A documentation artifacts for proper Risk Assessment • Providing independent validation and verification (IV&V) within the DoD Policy for the installation and configuration of various systems, software, and appliances within multiple network architectures • DoD 8570.01 M, IAM III Certification Compliant Show less

  • Secure Missions Solutions
    • United States
    • Computer and Network Security
    • 1 - 100 Employee
    • Systems Analyst
      • Oct 2008 - Jan 2011

      • Personally responsible for ensuring that over 10 customer enclaves received an Authority to Operate from the local DAA through the US Army IA office. • Perform onsite Security Testing and Evaluation (ST&E) assessments and Certification Testing and Evaluation (CT&E) for the Department of Defense and various Military Installations. • Expertise in DIACAP and C&A implementation and testing of the following C&A documents, Security Implementation Plan, DIACAP implementation plan, Plan of actions and Milestones, and the Scorecard • Expert Knowledge of Department of Defense Information Assurance scan tools and security configurations, such as Retina, Gold Disk, Nessus, Nmap, wireshark, App detective, flying squirrel, snort, SCAP, Security Technical Implementation Guidelines (STIGs), and DODI 8500.2. • Subject Matter Expert in Mitigating technical vulnerabilities to an acceptable level by DoD Information Assurance Cyber Security Standards • Administer: MS Windows 7/Vista/XP/2000/2003/2008, Active Directory, DNS, GPO’S, Virtual workstation and servers • Recommend various solutions of vulnerabilities found with System and Network Administrators on different military and nonmilitary sites to strengthen the security posture without degrading the security of the network. • Effective communication and interpretation of vulnerabilities to a wide audience: Excellent Customer Service Skills • Excellent team player, work well at meeting deadlines and working under pressure. Show less

  • Dougherty Equipment Company
    • United States
    • Machinery Manufacturing
    • 1 - 100 Employee
    • System Administrator
      • Aug 2004 - Oct 2008

      • System Administrator/Technical Support Manager Responsible for all day to day operations for the company’s LAN/ Wan Infrastructure, Technical Support Desk, Server Farming, for Forklift Company with a Gross of 120 Million USD a yearly. • System Engineering of a 15 Server Farm, providing 24/7 support. • Backups Using Veritas, Disk to Disk, Tape Backups and Data Restoration. • Windows 2003 running in a native domain, Hardware, Software, Administration, Troubleshooting support. • Helped facilitate site design with setting up the Dougherty Equipment Domain with Domain Controllers, FSMO roles, Global Catalog Servers. • Replication between wan sites, implementing and enforcing group policies, setting up users, OU’s, Data Shares, NTFS permissions, Data Security. • DNS Implementation and Administration of Active Integrated Zones, forward look up zones, reverse look up zones, host, PTR, SOA, SVC, MX, ALIAS, records. • Antivirus Server configuration and maintenance using Norton client security 2.0 server supporting 300 clients. • Full Administration of WSUS 3.0, making sure all machines tested and patched in accordance to the Windows Security Guide. • Server Virtualization using VM ware Server and Workstation. • Help Desk Manager Supporting 500 users. • Full 24/7 Support for 15 Branch Locations in the Southeast, from Virginia to Georgia. • Administering, Configuration, Troubleshooting, of Wireless Access Points, Wireless data cards, 200 Laptops, 300 Desktops, Printers, Print servers, Scanners, Switches, Hardware, Software, VOIP Phones. • Liaison for warranty support for Dell, Gateway, HP, Barracuda, Alltel, Sprint, Nuvox, Shoretel. • Received Quarterly Bonus for 3 years straight for providing 95% Efficiency, with help desk SLA agreements in place. • Budgeting and Purchasing of company hardware, software, to include Printers, Laptops, Desktops, Servers, Cell Phones. Show less

Education

  • Sound School
    High School Diploma
    1992 - 1995

Community

You need to have a working account to view this content. Click here to join now