Support Engineer

• Nov 2018 - Present

Sr. Systems Administrator

• Nov 2017 - Nov 2018

Senior Systems Administrator

• Oct 2011 - Sep 2017

Linux/Windows systems administration, with a focus on security/compliance combined with developing and deploying security and virtualization projects. CISSP Certified. Microsoft AD to Linux integration using Beyond Trust PBIS authentication. Microsoft AD implementation of smartcard technologies, DoD CAC Redhat Linux 6,7 hardening and baseline creation via CIS complinance Tenable Nessus Security Center migration/implementation Snort Intrusion Detection deployment OSSEC Host IDS and File Integrity to meet minimal PCI-DSS compliance. Implementation of VMware virtualization across all CLASS sites Implementation of cryptography(SSL/TLS) across various devices, services, and applications. Paired with network lead to implement VPN solution to migrate users from SSH gateway, while implementing smart card and end user system auditing via host checking tools Deployment of HPSS HSM application and various hardware/network services to replace StorNext managed filesystems. McAfee ePO Server, combined with McAfee Endpoint Encryption for all user laptops to meet FIPS compliance Migrating over 150 services from insecure HTTP or outdated HTTPS to modern SHA256 certificates. Non-Technical Highlights - This work I served in a security advisory capacity to development, engineering, and/or security team or worked with users and team generally. Deployment of HTTPS/FTPS services across project, interfacing with external customers and other NOAA entities to ensure encryption technologies are compliant with federal regulations. Public Key Infrastructure SME, providing training to developers, engineers, admins, and users Advisory to Security/Engineering teams regarding secure implementations of new hardware and software, specifically with regard to large deployments managed by external vendors Virtualization SME, providing training and serving as last level support for team Comparison paper for VMware vSphere and RHEV virtualization technologies as part of deliverable to Federal agency

Deputy Information Systems Security Officer

• Jun 2004 - Sep 2011

Advises the system owner regarding security considerations in applications systems procurement or development, implementation, operation and maintenance, and disposal activities (i.e., life cycle management). Assists in the determination of an appropriate level of security commensurate with the level of sensitivity. Assists in the development and maintenance of securityandcontingency plans for all FISMA ID systems under their responsibility. Participates in security impact analysis to periodically re-evaluate sensitivity of the system, risks, and mitigation strategies. Participates in security impact analysis of system safeguards and program elements and in authorization and assessment (A&A) of the system for continuous monitoring. Is the point of contact for all security incidents within their area of responsibility and reports using the NOAA 47-43 form to the NOAA Computer Incident Response Team (NCIRT). Handles and investigates incidents in cooperation with and under direction of the NOAA ITSO and NCIRT. Participates in vulnerability scanning and penetration testing of systems/networks. Monitor and review security policy, practices, and procedures. Ensure the security of all interfaces between NOAA and external systems, develop and maintain interconnection documentation (ISA, SLA, MOU, and MOA). Responsible for maintaining a security certification as specified by DOC CITR-006. Certification Agent/Certification Assessor (CA). Conduct security assessments for all FIPS 199 systems. For Moderate and High systems, the CA must be independent. Independent is defined as independent from the persons directly responsible for the development and day to day operation of the systems. Provide recommended mitigation strategies for identified vulnerabilities attributed to NOAA information systems.

Quality Coordinator

• 1996 - 1998

Assisted management with the daily operation of a 50 seat call center Oversee technical processes Liason with Nortel's various technical support groups Assisted management with the daily operation of a 50 seat call center Oversee technical processes Liason with Nortel's various technical support groups