Chimere L. Murrill, M.Sc. Cissp, Cism Email and Phone Number

Implements, manages, secures the implementation and configuration of allinfrastructure components, applications, hardware, and tools. Providescomprehensive managed network, security and infrastructure operations and internet services.

As a Lead Cyber Security task Lead, I perform as the Cyber lead over a team of 7 to aid in the in defense and threat mitigation, for FEMA's most critical systems.

· Manages and responds to enterprise Security operations center (SOC) alert priorities to further meet and improve security hygiene as well as deliver strategic vision. · Develops executes detailed and accurate roadmap and procedures while appropriately communicating security risks and impacts with management. · Performs as enterprise security lead for all HHS Security initiative and efforts technical leads to accomplish agency goals in a timely manner, with outstanding quality. · Prioritizes Sev1 and Sev 2 with Microsoft Defender for Endpoints and CrowdStrike as the deployed MDR enterprise solutions. · Works alongside current state CIO and Bureau Chiefs, to assist in solving the most complex Security problems through discovery and analysis with no guidance.· Completes complex security projects independently and provides clear, well-articulated guidance to multiple teams

•Develops and defines a security framework aligned with the organization’s vision and develops plans for strengthening the cybersecurity posture. • Responsible for the information security of a large, enterprise ecosystems where the environment primarily is a hybrid of cloud and other technologies.• Coordinates formalizing the adoption and practice of performing security engineering best practices along the lines of NIST Special Publication (SP) 800-160.• Assists in the adoption and development of threat hunting practices and tools, recommending technology, process and skill improvements to improve the security posture of the organization. •Guides innovation on behalf of the team with a focus on mentoring team members and help drive collaboration within the organization and throughout the enterprise.• Works closely with system admin and stakeholders to understand goals, determine security requirements, to design, and implement application and data security solutions to meet business objectives, IT strategic initiatives, corporate and regulatory requirements.• Reviews and assesses system security controls to comply with government cyber security controls and requirements NIST 800-53, FISMA.• Assist in establishing system controls by developing framework and levels of access; recommending improvements.

-Formulates and develops security related aspects of the systems or subsystems architecture and develops the security related documentation.-Maintains system security configuration. -Plans code scanning to identify vulnerabilities. -Supports achievement of ATT and ATO. -Manages and review security logs and taking required actions.-Supports computer security design/architecture in a cloud environment-Configures and troubleshoots security infrastructure devices-Develops technical solutions and recommends new security tools to help mitigate security vulnerabilities and automate repeatable tasks -Writes comprehensive reports including assessment-based finding, outcomes and proposition for further system security enhancement-Supports for engineering, implementing and monitoring security measures for the protection of computer system, networks and information in an on-premise and cloud environment-Supports the achievement of certification and accreditation (C&A) of the system and all future re-certification.-Experience with NIST 800-53 compliance.-Experience migrating system to cloud environment.-Configures and troubleshoot security infrastructure devices.-Develop technical solution and recommend new security tools to help mitigate security vulnerabilities and automate repeatable tasks.

-Responsible for designing and implementing information security systems, devices, recommending and developing security measures to protect information against unauthorized data modification or loss. -Planned, designs, and implements security systems by evaluating network and security technologies, developing requirements and designs for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices, as well as hardware and software; adhering to industry standards.-Designed and monitored security for network infrastructure and core system services.-Performed low level technical analysis using various tools including packet capture and analysis in support of security and non-security related incidents at the most senior level of the escalation hierarchy.-Provided in-depth support for Cyber security incidents including internal violations, hacker attacks, and viruses.-Aided with vetting the security of proposed IT solutions by evaluating business strategies and requirements, researching information security standards, conducting system security and vulnerability analyses and risk assessments, studying architecture/platform, identifying integration issues, and preparing cost estimates.-Ensured the maximum operational availability of inline network security devices.-Developed detailed proposals and plans for new Cyber security systems that would enhance or enable new capabilities for network or host systems.

- Responsible for effective provisioning, installation/configuration, operation, and maintenance of systems hardware and software and related infrastructure. - Participated in technical research and development to enable continuing innovation within the infrastructure. - Ensured that system hardware, operating systems, software systems, and related procedures adhere to organizational values, enabling staff, volunteers, and Partners.- Accountable for the following systems: Linux and Windows systems that support GIS infrastructure; - Linux, Windows and Application systems that support Asset Management; Responsibilities on these systems include SA engineering and provisioning, operations and support, maintenance and research and development to ensure continual innovation.

- Performed as the central point of contacts for security events/ incidents and main liaison between the customer, leadership, and external organizations- Worked in concert with the Team Lead to verify that the anomaly management (AMT) analysts - Performed vulnerability scanning of networks, operating systems and applications- Produced regular briefings to executive and military level officials detailing infrastructure status, maintaining situational awareness of operational status across the partner sites - Ensured a daily brief to leadership was prepared and daily reports/slides are submitted with current, accurate updates- Provided direction and guidance to analyst across a 24/7 watch shift

- Performed in the Interactive Operation Division (IOD) as coordinator and conductor of Ops in a 24/7 operation center- Prepared documentation and procedure manuals related to system operations, and user guidance - Provided Incident Management Processes as defined by ITIL, to ensure prompt recovery of the systems classified data- Tracked, monitored, and analyzed mission critical operations on system networks working in a Windows and UNIX environment

- Performed as the central point of contacts for security events/ incidents and main liaison between the customer, leadership, and external organizations- Characterized and analyzed network traffic to identify anomalous activity and potential threats to network resources in a 24/7 shop - Received and analyzed network alerts from various sources within the NE or enclave as well as determining possible causes of such alerts- Performed IDS monitoring, analysis and incident response to information security alert and or events- -Analyzed network traffic and IDS alerts to assess, prioritize, and differentiate between potential intrusion attempts and false alarms- Conducted morning status briefing providing upper management situational awareness and system metrics - Monitored multiple open source security tools to ensure system integrity suggesting filters to

- Served as a liaison between the Infrastructure and web development teams - Aided with application loads based on current best practices and gathered requirements- Performed User Acceptance Testing (UAT) on the Marist portal server, logged technical errors, and provided support and reporting’s to the Software Quality Team - Protected hardware with Asset Management skill sets; tracking changing/moving hardware inventory and other resources to portal sites- Developed Project Status Reports (PSRs) to brief clients on program status, to include: Phase developments- Load balancing functionality Risk, issues, problems, concerns, and recommendations National Health Services Organization - Provided daily support, data management, and implementation of changes to iSeries hardware and software for the National Health Services Organization’s adjudication processing system AS/400- Performed iSeries migrations, backups, and upgrades using IBM Hardware Management Cons Office of Federal Detention Trustees (OFDT) – Department of Justice (DoJ)- Interviewed clients to gather and compile requirements and develop use cases for new systems- Searched best practices, managed the OFDT Team Room, and summarized gathered data to report - Performed iSeries migrations, backups, and upgrades using IBM Hardware Management Console - (HMC) technology- Served as a Confidential Assistant to the Secretary of the Air Force- Managed scheduling, operations, calendar, and mobile movement in support of all related missions

- Provided technical support to 500+ local and global B&D workstations via VPN remote access - Completed installations, server room upgrades, and maintained desktops and portable computer hardware, software, and peripherals- Preformed troubleshooting support during system interoperability issues after Service Pack rollout