Timothy Kim Email & Phone Number

San Antonio, TX, US

Ft. Meade, MD

• Integrated cyberspace capabilities into operational action plans through the creation of CONOPs, COAs, and TTPs to conduct offensive cyber operations (OCO) and information operations (IO). Utilized the analysis and.
• Developed plans and orders in support of USCYBERCOM through the application of operational art and operational design through the joint operation planning process (JOPP). Provided subject matter expertise in the.
• Contributed to Joint Planning Groups (JPGs) and Operational Planning Teams (OPTs) to fulfill USCYBERCOM objectives. Monitored and reviewed strategies, doctrine, policies, directives, and instructions from USCYBERCOM.

San Antonio, Texas, United States

• Consolidated enterprise security solutions for more than 3,000 Department of Defense information systems across various classification levels according to NIST 800-53 and DoD CIO standards.
• Guided AFCYBER security operations center (SOC) integration into the AWS GovCloud environment, centralizing Air Force cloud incident response and handling capabilities for AWS, GCP, OCI, and Azure. Translated NIST.
• Engineered enterprise security solutions for 69 financial systems to comply with FISCAM (Federal Information System Controls Audit Manual) and Financial Audit Manual (FAM) requirements for the Department of the Air.
• Conducted multiple working groups with DBS system owners, ISSMs, and ISSOs, developing reports for critical stakeholders such as the Department of the Air Force (DAF) CISO (SAF/CN), DAF Financial Management Directorate.
• Piloted cybersecurity compliance assessments of critical USSTRATCOM nuclear command, control, and communications (NC3) systems, culminating in the first AFCYBER accredited subscriber system.
• Led the development of the AFCYBER CSSP onboarding process, consulting all AF system owners, ISSMs, ISSOs, and ISSEs on their system architecture, to ultimately achieve CSSP coverage and maintain cATO (continuous.

Honolulu, Hawaii, United States

• Managed enterprise network operations of 20 disparate wide area networks (WAN) within PACAF, supporting USCYBERCOM operations in the Indo-Pacific region. Maintained enterprise coverage of 120,000 endpoints across.
• Executed incident response, damage assessments, and risk reduction operations for 24 security events resulting in zero impact to system availability for 51,000 joint personnel across PACAF.
• Directed enterprise vulnerability assessment (ACAS – Tenable /Nessus) malware protection (ESS – Trellix), storage and virtualization (VMware ESXi/vCenter), vulnerability remediation (MECM), boundary defense (Palo Alto.
• Discovered and conducted research of critical vulnerability associated with a prevalent enterprise configuration that enabled malicious cyber actors (MCA) to exploit task critical assets (TCA). Authored white paper of.

Irvine, CA

- Engineered an educational pentesting web application as a training ground for aspiring cybersecurity students- Developed an educational phishing website to research social vulnerabilities responses to phishing schemes