Nelson Sims
Security Analyst at District of Columbia Water and Sewer Authority- Claim this Profile
Click to upgrade to our gold package
for the full feature experience.
Topline Score
Bio
Amy Horowitz
Nelson is a great addition to any team. I have watched Nelson grow into a great security advocate. Nelson always had the customer in mind while ensuring security was top priority. I would recommend Nelson for any position- especially one relating to customers.
Erich Stokes
Nelson was a great asset to the Dell IT Security team. Nelson helped develop and lead the security vulnerability assessment team. He was able to keep many people with diverse opinions on track and focused on the true security issues at hand. Nelson's steady focus on security improvement brought lasting change.
Amy Horowitz
Nelson is a great addition to any team. I have watched Nelson grow into a great security advocate. Nelson always had the customer in mind while ensuring security was top priority. I would recommend Nelson for any position- especially one relating to customers.
Erich Stokes
Nelson was a great asset to the Dell IT Security team. Nelson helped develop and lead the security vulnerability assessment team. He was able to keep many people with diverse opinions on track and focused on the true security issues at hand. Nelson's steady focus on security improvement brought lasting change.
Amy Horowitz
Nelson is a great addition to any team. I have watched Nelson grow into a great security advocate. Nelson always had the customer in mind while ensuring security was top priority. I would recommend Nelson for any position- especially one relating to customers.
Erich Stokes
Nelson was a great asset to the Dell IT Security team. Nelson helped develop and lead the security vulnerability assessment team. He was able to keep many people with diverse opinions on track and focused on the true security issues at hand. Nelson's steady focus on security improvement brought lasting change.
Amy Horowitz
Nelson is a great addition to any team. I have watched Nelson grow into a great security advocate. Nelson always had the customer in mind while ensuring security was top priority. I would recommend Nelson for any position- especially one relating to customers.
Erich Stokes
Nelson was a great asset to the Dell IT Security team. Nelson helped develop and lead the security vulnerability assessment team. He was able to keep many people with diverse opinions on track and focused on the true security issues at hand. Nelson's steady focus on security improvement brought lasting change.
0
/5.0 / Based on 0 ratingsFilter reviews by:
Experience
-
-
Security Analyst
-
2013 - Present
Information Assurance and Security Operations in support of the Authority’s Information Security Program: Monitor intelligence community threat reports that provide information about Indicators of Compromise (IOC) on Critical Infrastructure for both Office Automation and Supervisory Control and Data Acquisition (SCADA) networks. Advise the Chief Information Officer (CIO) and Executive leadership about emerging threats. Leading cross-functional teams to implement mitigation and/or remediation strategies to minimize the impact from identified threats. Implemented industry standard Information Assurance Security Controls based on NIST 800-53, DOD 8500 and SANS Top 20 Series. Completed yearly internal and external audits including PCI-DSS to identify strengths and areas of opportunity with complying with the security controls. Leading cross-functional teams to develop a Plans of Actions and Milestones (POAM) to document audit findings and the process(s) required to meet compliance. Providing security assessments in support of Change Management and Certification and Accreditation activities. Implemented, managed and operate the day to day process for the security infrastructure. The infrastructure includes Intrusion Protection System (IPS), Security and Information Event Management System (SIEM), Web filtering System, Vulnerability Management System, as well as managing the tool set to dynamically analyze potentially malicious code. Developed and implemented signatures to address network threats via IPS, correlate and alert on potential indicators of compromise via the SIEM, and ensure the appropriate web access and filters to aid in meeting business objectives within the Web Filtering Service. Show less
-
-
-
CGI
-
Canada
-
Information Technology & Services
-
1 - 100 Employee
-
Sr. Consultant
-
Dec 2012 - May 2013
Security Operations Center: Utilizing digital forensics skills primarily to accomplish analysis of hosts in a predominantly Microsoft Windows environment. Identify and take ownership for the response to and remediation of computer security incidents throughout the incident response life cycle. Duties include record and document all actions taken by the Incident Response team throughout the incident response life cycle. Facilitate the effective collaboration and coordination with the different sections of the CGI Federal IT Support Team to develop and implement a response course of action. Effective use of the SOC's digital forensic and incident response tools to properly collect, preserve, and perform preliminary and (as needed) complete incident response and digital forensics analysis of affected computers and other digital devices. Consult and coordinate with internal/external investigative/enforcement entities. Perform memory and malware Analysis. Facilitate Lesson Learned post incident reviews to contribute to the continuous improvement of the SOC's capabilities, processes and procedures, and to mitigate potential mis-configuration or architecture vulnerabilities identified. Administer and manage HBSS infrastructure to include upgrade of ePO server, deploy updated modules, create/modify policies and ensure compliance with Information Assurance and DOD policy Show less
-
-
-
General Dynamics
-
Farming
-
Principle Analyst
-
Nov 2011 - Dec 2012
Security Operations Center: Principal security analyst responsible for the network security posture on both classified and unclassified networks. Responsibilities included: correlating multiple close and open sources intelligence feeds to provide current threat level to aid in Risk acceptance, transfer or mitigation decisions. Creating correlation event rules within the Security Information and Event Management System (SIEM) to identify security “Events of Interest” affecting business operations, leveraging dynamic malicious code analysis techniques, packet analysis and electronic communications analysis to identify host and network based indicators of compromise (IOC). Implement mitigation and/or remediation strategies for network and host based computer threats. Show less
-
-
-
IntelliDyne
-
United States
-
Wholesale
-
1 - 100 Employee
-
Information Assurance Officer
-
Oct 2010 - Apr 2012
Managing an enterprise team in the development, implementation, analysis, administration of Information Technology related security policies, practices, standards and programs. Coordinate the development and execution of security programs and initiatives. Provides input to contract and program level computing effective use and other related policies and programs. Facilitate and direct the timely dissemination of security information. Leading a Program level Computer Emergency Response Team (CERT). Currently serving as Information Assurance Officer (IAO/ISSO) managing the Certification and Accreditation activities of both major and minor computer systems, including the continuous monitoring of these systems in accordance with DOD DIACAP standards (8500 Series): Show less
-
-
-
Federal Client
-
Capital Markets
-
Cyber Intel Analyst
-
Oct 2009 - Jul 2011
Provide Security Operation Center Services for Federal Client Provide Security Operation Center Services for Federal Client
-
-
-
Transportation Security Administration
-
United States
-
Government Administration
-
700 & Above Employee
-
Incident Response - Team Lead
-
Jun 2008 - Oct 2009
Responsible for network secuirty within TSA's enclave. Including Incidnet Response, Executive level reporting, Security Product Evaluation, and Security process improvements Responsible for network secuirty within TSA's enclave. Including Incidnet Response, Executive level reporting, Security Product Evaluation, and Security process improvements
-
-
-
Dell Inc
-
United States
-
Non-profit Organization Management
-
Security Analyst
-
Feb 2001 - Jun 2008
-
-
-
USAF
-
Guinea
-
International Trade and Development
-
Communication Analyst
-
1990 - 1992
-
-
Education
-
The University of Texas at San Antonio
BA, Information Systems -
Wayne State University
Electronics -
Cranbrook Academy of Art
Horizon Upward Bound