Michael Hess Email & Phone Number

Colorado Springs, CO, US

Bethesda, MD, US

• Support the COOLR (Combined Orbital Operations, Logistics and Resiliency) program, working to capture, define, architect, design, develop, integrate, test & deliver cybersecurity products to government customers.
• Key technical cybersecurity contributor for architecture, design, capability, deployment and sustainment of an AEHF sub system.
• Current toolset experience includes Splunk (Enterprise, Enterprise Security, Forwarders), ACAS, Xylok, Trellix/McAfee (ePO, DLP, SolidCore, Agents), Zeek, Suricata, GitLab (CI/CD, Runners, Pipelines), Windows Server.
• Architect and engineer cybersecurity capability and functionality solutions that meet the requirements of contracts, customers and government regulations.
• Identify system capabilities to meet NIST 800-53 controls and requirements (RMF) to provide cybersecurity capabilities to the ground system of the AEHF (Advanced Extremely High Frequency) satellite constellation.
• Research, evaluate and analyze various solutions to meet identified controls and requirements, followed by customer approval.

Bethesda, MD, US

• Dual role as primary information security engineering support and assistance for authorization/accreditation test and evaluation activities, providing technical expertise for cybersecurity requirements from ISSOs to.
• Developed IT architecture deliverables, specific to information security countermeasure implementations, for operational systems and provided input to A&A process activities and documentation, including systems concept.
• Conducted assessments of existing IT architecture for compliance with security requirements from applicable security frameworks.
• Evaluated proposed security architectures and designs and provided input as to the adequacy of those security designs to meet required security compliance objectives.
• Established and optimized processes and procedures to identify, track and mitigate customer system vulnerabilities.
• Specialized in Compliance-as-Code Ansible Playbooks to meet DISA STIGs requirements for multiple systems and appliances.

Dallas, TX, US

• Managed operations, administration, maintenance and troubleshooting of the ACAS (Assured Compliance Assessment Solution) platform for 45,000+ Endpoints within the MDA, IRES contract, Cyber Applications group, at the.
• Ensured operational status of all security centers (Tenable.SC) for more than 15 organizations within the MDA.
• Provided the most optimal architecture for the best vulnerability scanning performance within the primary MDA environment, which operates entirely on RHEL 7 Endpoints.
• Close collaboration with the IA Team, providing troubleshooting and technical assistance during vulnerability scans that yield results with anomalies and/or inconsistencies, to ensure the highest possible compliance to.
• Assisted the CERT Team with reporting ACAS results to CMRS for situational awareness of regulatory compliance standards.
• Confirmed that only the most current and effective software packages for the ACAS platform are deployed, performing continuous software version updates and system configurations.

Dallas, TX, US

• Priority support for 800+ users for high-level, mission critical task orders for the MDA, IRES contract, CLAW team, at the MDIOC.
• Dedicated First Contact for break/fix priority Tier 1-3 level incidents with high SLA to multiple groups in-person and remotely.
• Coordinated on suspicious malware with the HBSS/ESS department to be handled by the CERT (Cyber Emergency Response Team).
• Accurately troubleshot high-impact misconfigurations on enterprise systems and applications, preventing risk to the mission.
• Executed Security Certificate management within the PKI (Public Key Infrastructure), performed routine in-person check-ins to confirm functionality and performance and validated update installations and cybersecurity.
• Performed workstation imaging using PXE boot configured with Microsoft’s SCCM (System Center Configuration Manager), Active Directory configurations, computer/software installations and provided User Account guidance.

GB

• Expert cybersecurity support through triage, investigation, communication and reporting for SOC (Security Operations Center).
• Processed daily alarms using AlienVault, CarbonBlack, Palo Alto, CrowdStrike Falcon, FortiSIEM, IBM QRadar and more.
• Performed investigations to gather data using Threat Modeling (MITRE ATT&CK Matrix) to obtain an in-depth understanding of adversarial tactics and techniques, identify anomalies, recommend necessary actions and report.
• Participated in the Incident Response Process, wrote detailed Incident Response Reports, provided analysis and trending of security log data from wide range of security devices, recommended improvements based on.
• Initiated customer tickets from results of alarm review (Jira, RT, ServiceNow).
• Conducted whitelisting, blacklisting and malware removal and provided recommendations for tuning alarms.

Tampa, FL, US

• Level 1 triage within a NOC (Network Operations Center) and SOC (Security Operations Center) environment.
• Investigated and responded to a variety of health and availability alerts generated by monitoring and management platforms, customer email requests and queries, remediating or escalating as required.
• Responded to security alerts for a vast array of network-based devices, based on severity and risk.
• Responsible for initial response to alerts from firewalls, IPS/IDS, SIEM, and Host-Based Security tools.
• Provided routine maintenance for monitoring probes and managed devices and implemented Firewall Blocks.
• Conducted analytical queries within SIEM (multiple platforms) and endpoint security solutions.

Corpus Christi, Texas, US

• MDM for daily operations of 1000+ devices, resolved network issues, performed Bitdefender analysis, firewall configurations, malware removal, system and network hardening, server and security audits, system backup.
• Designed, installed, maintained LAN, WAN and VoIP infrastructures as Microsoft Partner at multiple customer locations.
• Highlight: Remediated, eradicated & recovered from an Enterprise-wide Ransomware attack on Incident Response Team.
• Highlight: Led the design and execution of a 2-part Enterprise-level migration of on-premise solution to Office 365, improved business performance, cost benefit ratio & expanded customer’s production toolset, using AD.
• Highlight: Created KBAs (Knowledge Base Articles) simplifying and improving company’s training process, adopted by company.

Stamford, Connecticut, US

• Advanced troubleshooting/configuration of Spectrum internet & VoIP phone service in a fast-paced 24/7/365 inbound call center.
• Utilized network hardware and software associated with LAN/WAN and Internet Protocols (IP) using Windows and Mac operating systems, email, DNS, web-hosting, and Internet Telephony.

Stamford, Connecticut, US

• Hand-picked to train, mentor and guide new hires, providing instruction, assistance and shadowing for Charter’s Eagle Program.
• Processed and handled payment arrangements, billing issues, account and product inquiries in a fast-paced 24/7/365 call center environment using CSG Advanced Convergent Platform, IssueTrak, RIO and UCM (Unified Case.

• Network and PC troubleshooting, set up network equipment (modems/routers/switches), configured antivirus software, Cloud compatibility, OS upgrades and resets, driver updates, drive reformats and partitions.