Kevin Flint

Cyber Security Professional at Syndicus, Inc.
  • Claim this Profile
Contact Information
us****@****om
(386) 825-5501
Location
Columbia, Maryland, United States, US
Skills

Topline Score

Topline score feature will be out soon.

Bio

Generated by
Topline AI

You need to have a working account to view this content.
Join now
You need to have a working account to view this content.
Join now

Credentials

  • GIAC Pentetration Testing (GPEN)
    SANS Institute
    Jul, 2014
    - Oct, 2024
  • CISSP
    (ISC)²
    Jan, 2007
    - Oct, 2024
  • GIAC Reverse Engineer Malware (GREM)
    SANS Institute
    Mar, 2013
    - Oct, 2024

Experience

  • Syndicus, Inc.
    • United States
    • Cyber Security Professional
      • Aug 2012 - Present

      CNO masters’ accredited course instructor for National Security Agency. Courses provide the fundamental academic background and proficiency needed to identify, understand, and navigate the digital environment; utilize a given set of tools to develop situational awareness within the digital environment; understand network operation methodologies; and demonstrate strategic practical application. -Analyzes customer requirements, available training methods and material, and facilitates the design of required curriculum for classroom instruction. -Develop, and deliver new content, making recommendations for revisions of existing topic area content that are covered by the contract. -Teach the fundamentals of risk analysis and situational awareness concepts needed to apply industry best practices. -Course developer for Security Concepts, Windows, and Networking. Show less

  • SRA International
    • Pakistan
    • Appliances, Electrical, and Electronics Manufacturing
    • 1 - 100 Employee
    • Sr. Security Analyst
      • 2011 - 2012

      Analyze malware using both static and dynamic means in order to gain an understanding of a threat agent’s tools, tactics, techniques and procedures (TTP). Providing remediation recommendations for proactive network defenses, as well as, addressing and managing the aftermath of a security breach or attack, while limiting associated damages and reducing recovery time and costs. -Assistant Team Lead responsibilities: assist with direction and training of junior contractors and provide point of contact in Team Leads absence for critical incidents. -Security Information and Event Management (SIEM) system project team lead, responsible for tracking and reporting on product installation, configuration, and log correlation. -Provided expertise and advice in the development of CIRT operations to Department of State leadership, particularly in the form of CONOPS, Processes, Training, and Tool Selection. -Supported internal branch development by creating the “CIRT Analyst Awareness Report” to help customer and team pro-actively identify possible threats using open source research. -Request and analyze log data, ticket histories, and technical specifications required to understand the gaps between human observations and on the ground technical facts. -Contributed to the development of DoS Security Policy and CIRT Incident Response Policy Show less

  • Apptis (now part of URS Corporation)
    • IT Services and IT Consulting
    • 100 - 200 Employee
    • Cybersecurity Engineer
      • 2010 - 2011

      Integral part of the Secure Infrastructure Team utilizing advanced skill sets to perform Security Testing and Evaluations (ST&E) in an attempt to identify security vulnerabilities that may compromise the system by using manual means and automated tools. Results provided are essential for the Certification and Accreditation (C&A) process for Transport Security Administration (TSA) in compliance with FISMA and NIST Security Guidelines. -Analyze and process results of vulnerabilities discovered during ST&E and compile findings into a Plan of Action and Milestones (POA&M) for the Designated Approving Authority (DAA) in determining acceptable risk. -Generated a custom Nessus compliance audit scan for Windows systems using the Nessus Audit Scripting Language (NASL) for TSA. Compliance checks were generated using the DISA STIG. -Performed security testing for the enterprise deployment of the iPhone/Android using the Good Mobile Suite (GMS) and Little Red Wagon (LRW) for centralized mobile management to ensure product can enforce required TSA security requirements. Show less

  • Knowledge Consulting Group
    • Lebanon
    • E-Learning Providers
    • Senior Incident Response Analyst
      • 2009 - 2010

      As a member of the TSA-CSIRT I provided enterprise wide IT Security Incident Response capability for a large TSA enterprise in accordance with NIST security incident handling guidelines. Also accepted and investigated security event escalations, primarily from the enterprise Security Operations Center (SOC), the DHS SOC, and also from individual team members or teams. Subsequent to initial notification, as required, performs additional analysis, assessments and information correlation to determine if a security incident has occurred and if so, identify and execute the required remediation. As appropriate, collaborates with and provides effective situational awareness to the leadership of the TSA Information Assurance Division. -Broad range of incident handling experience by responding to over two hundred cases involving: Malicious Logic, Alteration/Compromise of Information, Unauthorized Access/Intrusion, Phishing/Spearphishing, Unauthorized Scans/Probes, Misuse, and Wireless Intrusions. -Created email analysis procedures to detect malicious code using automated means, allowing TSA to proactively and expeditiously remediate malicious content execution through embedded links. -Increased TSA Computer Incident Response reporting capabilities and threat trend analysis through the creation of a Computer Network Defense Incident Case database providing high level management review. -Improved malware discovery by analyzing and submitting unrecognized malicious code to major antivirus vendors using behavioral analysis workstation created using open source utilities. Show less

  • Lusec Solutions
    • Italy
    • Machinery Manufacturing
    • 1 - 100 Employee
    • Cyber Security Instructor
      • 2007 - 2009

      Provide training to DOD employees and commercial agencies for attainment of information assurance technician and managerial certifications. Provides instruction in the subjects of information assurance, security compliance, forensics, incident response, vulnerability assessment, and other security subjects. -Developed objectives, materials, course structure and labs for Intrusion Detection and Prevention Systems (IDS/IPS) course to increase student ability to effectively deploy, implement and identify threats and analyze packets using open source software such as Snort, Tcpdump, and Wireshark. -Instructor for comprehensive computer forensic course covering topics such as, image acquisition, chain of custody, timeline analysis, malware forensics, and legal requirements of handling evidence and findings. -Taught Vulnerability Assessment and Management course that demonstrated effective strategies to insure IAVA compliance within Vulnerability Management System (VMS) using eEye Retina, Nessus, and WSUS. Show less

  • US Navy
    • United States
    • Armed Forces
    • 700 & Above Employee
    • Information Assurance Manager (IAM)
      • 2005 - 2007

      Granted promotion to manage a team of six security personnel responsible for providing technical security support to over 40 command operations. Analyzed and evaluated system security technology, policies and training requirements in support of National, DOD and DON information assurance policies. -Streamlined incident response through development of guidelines and procedures that reduced response time by 6 hours, minimized impact and increased efficiency of reporting. -Authored an addendum to the Internet Usage Policy that reduced security incidents by 80%. -Key member of the ONE-Net migration team responsible for ensuring certification and accreditation (C&A) and migration of a standardized and centralized enterprise network environment that reduced security holes, overall costs and the international training curve. -Created a structured security baseline to meet Security Technical Implementation Guides (STIG's), using DISA Gold Disk, system configuration and Windows Active Directory Group Policy Objects. -Managed the Installation and configuration of both eEye Retina and Citadel Hercules for patch management and mitigation, insuring the renewal of the Authority to Operate (ATO) for the unclassified network. -Lead configuration and change management board member, leading all stages of system development efforts, including security requirements definition, design, architecture, testing, and support. Show less

Education

  • University of Maryland University College
    Bachelor of Applied Science (B.A.Sc.), Information Technology
    2012 - 2015

Community

You need to have a working account to view this content. Click here to join now