Cybersecurity Systems Administrator

Performed Vendor assessments/3rd party background and internal assessments and compliance.Responsible for tool and service designs within a technical domain that enable business strategies per architectural governance, standards, and policies.Served as a primary contributor to the team responsible for digital certificate management lifecycle support. The support of enterprise tools and their integration as an enterprise provisioning service. Facilitated deployment of technical solutions by developing templates, playbooks, and automation used during implementation. Consistently look for opportunities to improve reliability and efficiency when implementing and maintaining infrastructure tools and/or services. Embraces a culture that drives innovation and continuous improvement.Understanding of active directory from a conceptual standpoint and explaining what active directory does rather than having experience with AD permissions.Assisted and translated business requirements to technically assist with compliance.Ensuring the private cloud is secure from these aspects: physical network, infrastructure, hypervisor, virtual network, operating systems, firewalls, service configuration, and identity and access management as internal stakeholders are responsible for all aspects of their environments and the ability to translate and inform internal stakeholders the purpose and scope for these requirements is key.Ensured compliance for SaaS vendors to ensure that they are compliant with their platforms as well as internal auditing to ensure that data is not being mishandled and stored anywhere but internally.Overall ensuring that visibility of Saas applications, performing analytics, Controls are maintained in the event of a violation, and threat intelligence.HSM management and maintenance. Knowledge of DigiCert CA for certificate creation via the RA validation process.

City of Denton – Contract Sr. Cybersecurity AnalystHired to implement continuing efforts to harden and bring the Information Security department to a sustainable level.Duties included implementation of KnowBe4 GRC platform, KnowBe4 phishing campaigns, and cyber awareness for the city.Additional success with an eSports addition to the Parks and Recreation department and ensuring the program was segmented off network. This involved PCAP analysis, proving network segmentation and CIS Security baselines were performed for OS hardening.Additional duties included building Information Security policies for Acceptable Use, and collaboration of a Information Security Charter and the Information Security Policy.Worked with internal and external auditors for remediation to ensure a proper posture for the city to maintain compliance.Nerc-Cip compliance and tabletop procedures were revised to not only maintain compliance but also to satisfy the requirements of the city’s policies regarding information security standards.Performed numerous threat assessments for internal departments as well as vendors.

August 2021 – March 2022Joined the Global Information Security Risk and Compliance team to assess risk for all applications either in development or changes to apps in production to properly comply with internal and regulatory standards.Having an extremely in depth knowledge of applications, functions and controls of any app that operates before or updating in production, to ensure the safety of customer data and for the protection of the bank to ensure security and the potential inherent risk of a data breach or the possibility of exposure an integrity of the bank’s policies, security posture, and reputation.Assessed risk for applications based on factors data classification, SSN, PCI, MNPI etc. whether public or internal facing, web tech vendor hosted or managed, geolocation, and PII.Other areas of Risk Governance and controls included assessing risk for infrastructure, authentication, authorization, session management, data protection, input validation, logging, API’s, cryptography, Also third party and application status controls, building risk surveys, collecting information on threat models, application diagrams to ensure that all applications either internal, external, existing or new meet the requirements of the bank or regulatory compliance to include Sarbanes Oxley.Managing fifty plus projects at any given time, the ability to meet SLA levels and ensure a timely and detail oriented workflow to ensure QA teams could properly report metrics regarding accuracy and continuity from a performance standpoint.Worked with blue teams and application teams to ensure proper controls and testing measures conform with SOX and bank standards to ensure all applications passed and could receive DLP as well as operational standards before going into production.

Selected to perform active threat triage and threat analysis for an international law firm spanning eight countries.Successfully prevented and remediated hundreds of phishing and social engineering attacks as well as threat remediation of several attacks including lateral movement within the organization via NIST guidelines (Preparation, Detection and Analysis, Containment, Eradication, and Recovery).Worked with the team to audit and grow an active vulnerability management database for endpoints, VM’s, and servers.Streamlined customization of a SaaS platform to assist with automated remediation and custom actions to automate quarantining of malicious emails.Worked as a primary internal vulnerability management analyst to comply with over 1500 total endpoints including VM’s to remediate stakeholder turn up’s and inform each of what needs to be remediated per system to alleviate internal risk and external vendor visibility and compliance.Being the SME for BitSight and Security Score Card for external vendor compliance as well as the POC of remediation, maintained the external visible score for both platforms at a minimum of A to A+. Maintaining and monitoring email DLP based on current and changing standards to ensure sensitive, confidential or internal only correspondence could accurately be identified and blocked before leaving the email gateway.

Hired to serve as an augmented Jr. Cyber Security Engineer for an organization of 15 plus business units.Advancement to a full Cyber Security Engineer occurred approximately one year after hire date.Daily responsibilities included working with Senior Engineer(s) to assist with security related projects as well as a first responder to cyber threats and security breaches. Working with a streamlined environment, team(s) collaboration was crucial to daily operations within the organization.Consistent monitoring of SaaS security platforms ensured threats were identified and remediated quickly. Timeline builds and collaboration documentation were built to assist with user awareness training or new best practices and lessons learned implementation, reducing risk of advanced persistence or a duplicated attack in a 24\7 role.Information security reporting of analysis trends, external and internal, as well as user analytics were performed frequently.Additional responsibilities included, internal penetration testing, external website penetration testing, security product(s) evaluations in a collaborative environment, data recovery and forensics, physical and CLI isolation of potentially infected systems, user awareness training pre or post breach, evidence collection for internal and external investigations and extensive auditing across multiple areas of the overall internal IT spectrum.Additionally, Vulnerability and Security Risk Management played a crucial role in reporting to other teams for immediate patching based on threat trends and emerging or crucial vulnerabilities.Long term projects included; penetration testing, Creation of visually based metrics of aggregated trend data for executives and interactive wall boards to include GeoIP plotting of all activity from multiple monitoring services to ensure a high level overview of all security related instances could be analyzed and viewed from a live interactive perspective.

Selected from an extensive pool of applicants to support North America customers from all aspects of support capabilities.After initial selection, was trained to support ePolicy Orchestrator and assist in daily support operations. Began operating as a Cyber Security Support Engineer for North America to assist businesses in all aspects of McAfee products. Daily tasks include product installation, best practices, configuration (policy how do I etc.), break/fix, as well as any product aspect or function compatibility questions and best practices. During this timeframe, support, knowledge and performance were evaluated determined to be above expectations.After 60 days, was selected based on previous performance by Management to support additional products post new hire support for ePolicy Orchestrator to include Security for Microsoft Exchange as well as Microsoft Security for SharePoint with Quarantine Manager, McAfee Site Advisor, McAfee Policy Auditor, and McAfee Deep Command. After rapid training, and internal turnover, became the only North America support technician who was qualified to support Security for Microsoft Exchange as well as Microsoft Security for SharePoint. During a 90 day period, 14 Survey accommodations were received and documented for personal performance to include knowledge to resolve as well as time to resolve.At 90 Days was selected by management to support McAfee SolidCore (Application Control, Change Control, Memory Protection)At 140 days was selected by management to support McAfee Virus Scan Enterprise, Endpoint Security Threat Prevention, Endpoint Security Firewall, and Endpoint Security Web Protection and DLP.Overall performance as a Tier 1 Engineer has resulted in a 99 percent overall approval rating to date including product knowledge to assist, ability to understand complexity of a request for a McAfee product, time to resolve, as well as support to Security Engineer’s response for assistance.

Endpoint Security Administrator responsible for over 4500 endpoints including BYOD compliance and auditing.Information Security User Administrator responsible for maintaining least privilege, change management for all job roles, as well as oversight in maintaining all active, disabled, and modified users to ensure separation of duties and proper access controls to maintain least privilege.Lead Point of Contact in a hybrid Service Desk/NOC environment for all advanced network troubleshooting and team education including; primary network failure and advanced troubleshooting, 4G failover, VPN and all related potential resolutions before infrastructure escalation is granted based on established guidelines and protocols.Successfully updated 250 branches to T1 Circuits through a companywide WAN upgrade to include, new IP Address Scheme, Routers with POE capability, Switch, and Access Points in a team environment.Successfully converted over 12 branches either acquired or relocated including, circuit provisioning, PRI provisioning, and all aspects of asset ordering and change management for 9 different internal systems, as well as complete assurance of 100 percent operational and data systems availability by target date.Subject Matter Expert for all Distribution Centers regarding specialty devices. This includes mobile handhelds, mobile label printers, and ensuring all devices comply with current wireless security standards.

Selected by a Capital Investor from previous venture to integrate IT and business technical solutions for future growth and expansion.Project scope included establishing and implementing standards for Client/Server based network, VPN access, Information Security auditing and implementation including endpoint protection, ITIL based support for IT related issues and best practices.To meet the demands of a growing business, selection, training and support of entry level IT support technicians and maintenance vendors were onboarded to ensure operational success.Further accomplishments included selection of a new financial platform software vendor. Working directly with the CEO and CFO as the primary Business Analyst, vendor selection was made based on business requirements and expectations. Project completion was successful through customization and QA returning a working platform with full rebrand of website, lead generation platform, partial application web capture with a 90 percent conversion rate. New customer features included, new payment options including web based account management as well as new account funding via MoneyGram. Immediate new sales growth of 22 percent was achieved in 2.5 months across all targeted revenue streams.

Founder of a web based company for incarcerated call cost reduction utilizing VOIP technology to minimize private toll call costs between loved ones and their incarcerated family members, focused on beating excessive toll charges through contracted telecommunications providers gouging consumers we were apart of a movement to initiate change. As a result of companies like Edwards Communications and other similar companies, the majority of Incarceration call providers were mandated by law to reduce costs, from local, county and state facilities ending the call cost burden for low income families.After funding, a medium load softswitch VOIP platform, and operational support were organized to create a hosted retail service for targeted markets to include incarceration call cost reduction. This service reduced family to incarcerated recipient call cost burden by 80 percent on average. Overall customer savings during the first year reached 1.2 million dollars based on customer response and satisfaction surveys.During startup, the organization was able to fully create and deploy a customized VOIP softswitch for medium markets. Feature integration included API's for multiple DID wholesale providers, applying least cost provisioning, as well as initiation and termination analysis reporting, LCR, and real time cost analysis. Further implementation of a web-based portal for lead generation, account provisioning, as well as individual web-based account self service, modifications, and full cycle automated renewal billing and correspondence.Overall, sales and renewal revenue increased revenue 125% in single quarter and reduced churn rates increased customer payment retention across the board after full integration.After twenty-two months, the platform and all operations including client base and billing were sold to a major competitor..

Aerial Refueling Flight Navigator, fixed wing KC130s