Brandon Mcintosh, Msc. Email & Phone Number

Washington, District Of Columbia, United States

Washington, District Of Columbia, United States

• Performed assessments of systems and networks within the networking environment or enclave and identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy
• Managed the continuous protection of systems and information assets by contributing to or leading teams in the execution and implementation of information security defense improvements involving architecture.
• Used data collected from a variety of cyber defense tools (e.g., Vulnerability scanning, IDS alerts, firewalls, network traffic logs) to analyze the security posture of information systems
• Performed oversight of 3rd party risks and controls documented in Risk and Control Self-Assessments through execution of periodic assessments and quality assurance reviews
• Implemented the security program initiatives designed to anticipate and assess and minimize system vulnerabilities
• Actively participated in developing security governance framework materials (policies, controls, standards) to drive consistent security risk treatment across the enterprise

Washington D.C. Metro Area

• Provided advice and assistance to customers and troubleshoots the most complex problems in a manner that minimizes interruptions in customer’s ability to carry out critical business activities
• Responsible for phone support, desk-side technical support, and bench-top diagnosis and repair.
• Troubleshooted and maintained the stability of communications lines and equipment; installed, configured, and troubleshoot LAN components such as routers, hubs, switches, and servers
• Provided briefing mid-level management and IT staff on the status of information technology systems, projects, or daily operations, including the communication of technical information to a non-technical audience
• Installed, tested, and configured network workstations and peripherals, assisted customers in navigating and accessing databases using various interface methods; supported the credentialing system with IT updates
• Coordinated, executed, implemented, and maintained the installation and operation of customer application systems

Crystal City, VA

• Provided consultative support and collaborate with business partners and 3rd party management stakeholders to identify enhancement opportunities to strengthen 3rd party management processes and controls
• Reviewed authorization and assurance documents to confirm that the level of risk is within acceptable limits for each application, system, and network
• Supported project implementation by supplying technical security consultation and implementing technology as needed.
• Coordinated IT security remediation activities (remediation solutions and strategy, ticket creation, item remediation logging, follow up, etc.) to address reported/discovered vulnerabilities
• Categorized information systems, select appropriate security controls based on system categorization, tailor security controls, assess security controls, draft POA&Ms, and develop ATO packages using NIST Risk.
• Performed system monitoring and analysis support for the detection of cyber incidents and provides recommendations on how to correct findings

Silver Spring, MD

• Implemented security control for Information Systems based on NIST Special Publication 800-53 rev 4, FIPS 200, and System Categorization using NIST 800-60, and FIPS 199 and ensure compliance with federal and state.
• Evaluated, acquired and configured software intended to ensure that they are secure from unauthorized use, viral infection or would compromise sensitive information in terms of confidentiality
• Provided strategic direction, program evolution/maturity, and workflow modernization to the Commission's Assessment & Authorization (A&A) program institute a well-defined project management structure to the A&A program
• Conducted security assessment interviews and developed a security test and evaluation questionnaire to ensure and maintain the company’s authorization to operate, and for security plans, and system categorizations.
• Collaborated with administrators to resolve plan of action and milestones (POA&M) by gathering of artifacts, creating mitigation and residual risk memos, and implementing corrective action plans
• Utilized and updated the cyber security management system with reviews and remediation on POAMs

Master Of Science (Ms), Cybersecurity

Bachelor Of Science (Bs), Criminal Justice And Corrections