Washington D.C. July 2018 - May 2019 Provides mission-critical infrastructure products and services for civilian and military space agencies and commercial patrons. Information Security Specialist National Aeronautics and Space Administration Headquarters HITTS II Contractor Selected Achievements:
➢ NASA Manual Inventory; quarterly objective being to compile NMI file with all NASA HQ IT devices that are either missing a Bigfix agent or whose inventory is not automatically being fed into ITSEC EDW and associate those devices with a System Security Plan.
➢ Building Wireless Survey; conduct quarterly procedure which searches for broadcasting 802.11 Wi-Fi wireless devices for the purposes of identifying unauthorized, and/or unknown 802.11 wireless devices which are broadcasting within, or into the NASA HQ boundary.
➢ Media Sanitization; facilitating the destruction of digital media in a secure and confidential fashion as dictated by NASA Policy and NIST 800-88 on a quarterly basis.
➢ Development of Agency-wide ISCM strategy per GAO-16-501; drafted work plan for information system continuous monitoring strategy, appendices, metrics/tables for reporting, established POC list to be referenced when conducting data calls
➢ Assessment and Authorization Restructuring; Conducted strategic analysis of current A&A practices for both internal and external systems for the purposes of remediating policy/procedural requirements for increase effectiveness and adherence.
➢ Cyber Integrations Team; drafted meeting minutes documentation, supported on-going work plan development and helped develop recommendation-based repositories to be utilized as a resource for team members.
➢ OCIO Action Tracking; tended to the administrative functions of the information security action tracking system for the OCIO for the purposes of ensuring that both center and agency level initiatives are completed.
Washington D.C. July 2018 - May 2019
Provides mission-critical infrastructure products and services for civilian and military space agencies and commercial patrons.
Information Security Specialist
National Aeronautics and Space Administration Headquarters HITTS II Contractor
- Information Security Specialist at a.i. solutions, Inc (NASA)
- Regional Account Manager at Alertus Technologies, LLC
- Sr. Enterprise Software Sales Executive, Public Sector at Public Safety Systems, Inc
- Recognized as top grossing Sales Executive at Public Safety Systems, Inc
10 months at this Job
- Master of Science
6754 Ayala Avenue, Makati City, Philippines
Information Security Department- IT Division
Information Security Specialist
September 17, 2010 to December 2011
• Delivered accurate reports in a timely manner. Monitored and lead the implementation, configuration, and operation of vulnerability and compliance scanning tools.
• Provided expert penetration testing, vulnerability and compliance analytic support at the network and server level to identify and characterize anomalies on networks that may be susceptible to exploitation.
• Ensured patch management and security vulnerabilities remediation and systems compliance are applied.
- Information Security Specialist at Philippine National Bank
- Records Management Specialist at Philippine National Bank
- Records Management Assistant at Philippine National Bank
1 year, 3 months at this Job
- Bachelor of Science in Computer Science - Computer Science
Worked closely with CISO governance board to provide best practice cloud security architecture solutions. Solutions include security architecture patterns for a hybrid architecture that supports Single Sign-On (SSO), cloud integrated Security Information and Event Monitoring (SEIM), enterprise & cloud integrated Encryption Key Management, data-at-rest & data-in-transit architecture patterns for regulated data
● Managed incident response from outside threat-actors to protect the infrastructure.
● Analyzed cutting-edge technologies that would affect corporate security posture, as well as protecting against unknown risk.
● Reviewed information security controls to ensure maintenance
● Hands on experience on malware analysis
● Establish communication channel with key stakeholders to manage expectations and resolve issues
● Conducted enumeration of Admin account from regular end accounts and oversee the audit of privileges
● Track and maintain internal and external project dependencies, conducting vulnerability analysis of internal and external systems to ensure compliance
● Provide expert guidance on security related safeguard measures to the network and system administration teams regarding network architecture - topology, protocols and principles
● Analyzed and acted on I.T controls risk assessments that included updating organizational policies, standards and procedures
● Create, review and update security policies for content and provide input to ensure compliance with NIST guidelines FIPS standards FISMA requirements and industry best practices
● Perform Security Control Assessment (SCA) and develop security assessment report
● Perform System Categorization (FIPS 199), Privacy Threshold Analysis (PTA), E- Authentication with business owners and selected stakeholders
● Develop plans, requirements, and system. Participating in managing, planning, and execution of Systems Engineering Lifecycle (SLC) integration and testing stage reviews.
● Research, manage, and implement security protection technologies (i.e., firewalls, intrusion detection systems (IDS), data encryption, Biometrics, etc.) to mitigate systems security vulnerabilities.
● Made recommendations to TDCJ on how to mitigate the remaining residual risks by implementing various information security technologies, such as Biometrics, IDSs, Firewalls, Network Infrastructures, and advanced auditing technologies, as well as exploitation of emerging IPv6 advanced authentication and data security capabilities.
● Responsible for and manage daily routines, updates, patches and fixes to firewall and router appliances.
● Analyze IT systems to identify, assess, and design security features.
● Create network diagrams; create, document, and implement Standard Operating Procedures.
● Identify, resolve, and update organizational procedure shortfalls.
● Generate security documentation, including security assessment reports; system security plans; contingency plans; and disaster recovery plans.
● Provide security support and evaluation to development teams in order to integrate information assurance/security throughout
● Hands on experience using Qualys
● Hands on experience using cyberark
- Information Security Specialist - TDCJ at Security Information and Event Monitoring
- Information Security Officer-TBWA at Information Security solutions
5 years, 4 months at this Job
- BSC - Communication
Highly motivated and dedicated professional possessing Information Technology Resolution skills associated with CompTIA Security+ Certification obtained from higher education and professional experience to include a background in Cyber Security/Information Security Specialist. Exceptional computer skills, strength in time management, analytical problem-solving skills, able to work independently and within a team environment with a customer focused approach to work. United States Dept. of Homeland Security Headquarters
Athena Services International
February 2015- Present
• Security Analyst operates daily within the Security Operating Center (SOC). This involves working with clients, and other security personnel to identify and manage response to incidents impacting or threatening the organizations assets.
• Creates detailed reports of daily activities, as well as composing incident reports for any breach of security.
• Enforce access control, maintaining disaster preparedness to protect assets.
• Assists with triage, prioritization, and emergency response in addition to dissemination of information to proper agencies.
• Provides customer service exceeding clients expectations.
- Information Security Specialist at United States Dept. of Homeland Security Headquarters
- Squad Leader at US Army Reserves
- Team Leader at US Army Reserves
4 years, 4 months at this Job
* Develop and enforce the Enterprise Information Security program to ensure compliance with regulatory requirements (NCUA, FFIEC, PCI-DSS) and to maintain the confidentiality, integrity, and availability of networks, systems, applications, and data. * Perform formal risk assessments and threat analysis in order to develop security policy and governance; align policy and governance with technical enforcement. * Perform system audits and vulnerability assessments including: user accounts, file system, application access controls, firewall rules and policies, system and network vulnerability scans, and server configuration and compliance checks. * Evaluate, implement, and support all information security technology and services including: IPS/IDS, SIEM, AV, NAC, DDoS, firewall, vulnerability scanning, and patching. * Develop, update, and assist in maintaining information security awareness training documentation and materials; deliver security awareness training across organization. * Develop an incident response methodology and prepare incident reports for information security alerts (IPS/IDS, SIEM, AV, Firewall, etc.) and Security Incident Response Team notifications.
- Information Security Specialist at OneAZ Credit Union
- Senior Security Specialist at T-Systems North America
- Owner/Security Consultant at SOX, HIPAA
- Director of Information Technology at Miles, PLLC
3 years, 6 months at this Job
- Bachelor of Science - Molecular Biosciences and Biotechnology
• Ensure the confidentiality, Integrity, availability, privacy of protected health information and personal identifiable information according to HIPAA requirements.
• Provide support in special projects including health information system upgrade, access control recommendations, testing, analysis, and quality improvement projects.
• Support the IT team in the development and review of system documentation such as SOP, ISCP, IRP, PTA, PIA, ISA/MOU, and RoB.
• Develop and maintain POA&Ms for discovered operational and technical vulnerabilities for all assigned systems.
• Review all safeguard procedures to measure the effectiveness of the total system security and making formal recommendations based on these reviews.
• Responsible for ensuring that system support needs are met for assessment & accreditation, control implementation, operation & maintenance, and IA compliance.
• Interface with internal security personnel, system administrators, customers and management on the operational security posture for the systems in my purview and on security related policies.
- Information Security Specialist at Wellmed
- Information Security Consultant at Clientbucket
- Information Security Analyst at Startup52
1 year, 5 months at this Job
- Certificate in Information Assurance and Cybersecurity
- Bachelor's In Nursing - Nursing
Gather and organize technical information about existing security products, and ongoing programs. · Perform risk analysis, metrics and reports · Protects system by defining access privileges, control structures, and resources. · Recognizes problems by identifying abnormalities; reporting violations. · Implements security improvements by assessing current situation; evaluating trends; anticipating requirements. · Determines security violations and inefficiencies by conducting periodic audits. · Upgrades system by implementing and maintaining security controls. · Prepare performance reports; communicating system status. · Experience providing general technical support for both hardware and software. · Maintains quality service by following organization standards. · Provide timely detection, identification and alerting of possible attacks/intrusions · Assist users with Active Directory accounts and permissions. · Patch, upgrade and remediate vulnerabilities in Windows (2008, 2012, 2016) operating systems. · Understanding of Microsoft Active Directory, Microsoft and Linux Operating Systems. Computer & Software Proficiencies · Microsoft Office Suite · Resource Allocation · Microsoft Word · Microsoft Excel · Microsoft PowerPoint · Adobe · Microsoft Windows Operating Systems (95,98, NT, XP, 7, & 10) · Qualified Typist (70wpm) · Nessus Vulnerability Scanner (SC-5) · MS Project · IACS · BigFix Console · BigFix Web Reports · BigFix Inventory
Gather and organize technical information about existing security products, and ongoing programs.
· Perform risk analysis, metrics and reports
· Protects system by defining access privileges, control structures, and resources.
· Recognizes problems by identifying abnormalities; reporting violations.
· Implements security improvements by assessing current situation; evaluating trends; anticipating requirements.
· Determines security violations and inefficiencies by conducting periodic audits.
· Upgrades system by implementing and maintaining security controls.
· Prepare performance reports; communicating system status.
· Experience providing general technical support for both hardware and software.
· Maintains quality service by following organization standards.
· Provide timely detection, identification and alerting of possible attacks/intrusions
· Assist users with Active Directory accounts and permissions.
· Patch, upgrade and remediate vulnerabilities in Windows (2008, 2012, 2016) operating systems.
· Understanding of Microsoft Active Directory, Microsoft and Linux Operating Systems.
Computer & Software Proficiencies
· Microsoft Office Suite
· Resource Allocation
· Microsoft Word
· Microsoft Excel
· Microsoft PowerPoint
· Microsoft Windows Operating Systems (95,98, NT, XP, 7, & 10)
· Qualified Typist (70wpm)
· Nessus Vulnerability Scanner (SC-5)
· MS Project
· BigFix Console
· BigFix Web Reports
· BigFix Inventory
- DATA / INFORMATION SECURITY SPECIALIST at ActioNet
- Cyber Security Analyst at Coastal International Security
- Entry Level Information Security Analyst at General Dynamics Systems
- Cyber Security Analysts at
1 year, 2 months at this Job
• Maintain New York State IT Systems, manage, control user access and identity.
• Monitor databases and website interface and promptly resolve end user issues regarding access requests.
• Deliver quality end user support for access requests and control vendors and contractors access.
• Project leader for the development of a User Access protocol portal for New York state vendors and contractors including onboarding new users and terminating access, promoting least access.
• Provide remote and onsite end-user support for software and hardware issues, and address security weaknesses by promoting New York State ITS IT policies and practices.
• Develop, manage and improve security processes.
• Assist with technology evaluations, software testing, briefing development, and IT infrastructure engineering analyses.
• Manage process for reviewing access security for New York State vendors, contractors, and other third-party service providers.
• Provide meaningful Information Security metrics, which include identifying historical trends, areas of risks/gaps, violations and/or improvements
- Information Security Specialist at 22 Century Technologies/New York State
- Master Systems Administrator at 22 Century Technologies/New York State
- Office365 Ambassador at Experis
- Migration Support Engineer at Metropolitan Transit Authority
2 years, 2 months at this Job
- Bachelors - Network Architecture and design
- - design
- Information Security Specialist at Shred-It
- Supervisor/Manager at Sprint
- Sales Ops Specialist at BCBG
1 year at this Job
- BA - Organizational Communications
Function as part of the Compliance Team responsible for conducting the Risk Management Framework process to achieve ATO and continuous monitoring of systems ❖ Analyze and update System Security Plan (SSP), Risk Assessment (RA), Privacy Impact Assessment (PIA), System Security test and Evaluation (ST&E) and the Plan of Actions and Milestones (POA&M) ❖ Prepare A&A package documents to include SSP, SAR & POA&M in order to secure ATO for systems from the Authorizing Official ❖ Conduct continuous monitoring by identifying, assessing, responding and remediate risk. ❖ Conduct annual self assessment (1/3 assessment) after receiving ATO (NIST-800-53A) ❖ Assist System Owners and ISSO in preparing certification and Accreditation package for company's IT systems, making sure that management, operational and technical security controls adhere to a formal and well-established security requirement authorized by NIST ❖ Designate systems and categorize its C.I.A using FIPS 199 and NIST SP 800-60 ❖ Conduct Self-Annual Assessment (NIST SP 800-53A) ❖ Perform Vulnerability Assessment to ensure risks are assessed, evaluated and proper actions taken to limit their impact on the Information and Information Systems ❖ Update Trigger Allocation Log and Center Allocation Table as and when vulnerabilities are discovered and POAMs are remediated ❖ Performs walkthrough interviews and maintains communication with a variety of client stakeholders, including system personnel such as system and database administrators ❖ Requests, obtains, reviews, and analyzes a variety of artifacts to assist in executing IT controls testing such as Security Plans, SOPs, system screenshots, and system configuration settings
- Information Security Specialist at Nationwide IT Services
- Information Security Assessor at First Impression Staffing
5 years at this Job
- BSc - Banking and Finance