Cyber Security Assessor
ENEC
Total years of experience :15 years, 3 Months
•Advised and making sure ENEC program is in compliant the following Cyber security regulations: 10 CFR 73.54(NRC), NRC 5.71, NEI 08-09, NEI 10-04, NEI 13-10, and NIST 800-53. Nuclear Cyber Security, Power Plant Cyber Security.
•Responsible for development and maintaining five training courses in ENEC TAQA learning system for the Cyber Security program. These courses target the general ENEC population and specialized groups such Cyber Security Assessment team (CSAT).
•As part of the Cyber Security team, provide technical direction, oversight, and quality review for identification, security controls implementation, and assessments of Critical Digital Assets (CDA’s) for the ENEC Physical Protection System (PPS) project.
•Develop procedures such as Portable Media Device (PMD) and Insider Threat Mitigation program associated with ENEC Cyber Security Program Manual (CSPM) designated to meet FANR regulation and Cyber Security milestones requirements.
•Response, investigated, and analyzed possible intrusions using SIEM platforms like ArcSight ESM, Splunk, to include firewall logs, IDS/IPS, Proxy logs, Centaur logs, web server logs, IOCs.
•Performed onsite and remote security penetration testing, application testing, onsite internet security assessment, social engineering, physical security assessments, and IDS/IPS hardware deployment.
•Provided security engineering solutions and support for the following: security-related systems hardware and software; network component evaluations; security policy; process and procedure determination/evaluation; risk gap analysis.
•Re-focused the vulnerability management program ensuring more accurate reporting; improving a faster response for the company’s mitigation and remediation efforts.
•Developed and regularly updated processes and procedures for information systems and making sure these processes were in compliance with the IT governance industry standards and company best business practices, policies, and regulations.
•As part of the Internal Assessor team, coordinated and engaged with efforts in guiding company’s network and system assets through the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), and ISO27001 certification and accreditation process; these initiatives resulted in the awarded accreditation of 15 different customers’ networks.
•Assisted and informed senior management and stakeholders on risk and vulnerabilities status of the company network both verbally and written presentation formats.
•Responsible for third-level support for all systems and servers related issues.
•Participated in complete system builds, upgrades, migrations, code deployments and patch management, firewall rules, and intrusion detection system.
•Assisted in the implementation of the company security policy and virus protection.
•Administered change management related to server upgrades and software installation.
•Prepared and maintained documentation of technologies, standards and procedures.
•Maintained and supported more than 500 servers for Intel Steady State.
•Provided engineering analysis support for the following: security-related hardware; software; network component evaluations; security policy; process and procedure determination/evaluation; risk analysis.
•Ensured the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
•Maintained current knowledge of relevant technology as assigned.
•Provided lead and technical guidance to a team of Information Assurance Officers and Information Assurance Engineers.
•Performed security engineering analysis, risk analysis, and vulnerability evaluations on systems and applications under development for compliance standards and regulations as part of the Certification and Accreditation program.
•Ensured all network and system administrators are taking action to implement appropriate patches and updates within the mandatory timeframe and comply with the vulnerability and incident reporting procedures outlined.
•Developed security analysis of new information technologies, event networks, and configurations.
•Established controls to ensure users operate, maintain, and dispose of information systems according to the current policy and procedures.
•Periodically validated user-access privilege levels in accordance with company users rights policies utilizing Active Directory (AD) queries, Group Policy Object (GPO) audits, and automated scripts.
•Periodically review systems to ensure users do not use freeware, shareware, or public domain software unless approved for use by senior company management.
•Analyzed and remedy all major security and system administration processes and procedures.
•Supported security design, testing, and implementation requirements of integrated networks including hardware, software and port facilities.
•Solely responsible for all Information Technology decision-making, support and administration at a site of more than 200 ‘demanding users’ in a fast paced architectural and engineering environment.
•Conducted both network and user activity audits using various automated tools.
•Recommends measures to maintain compliance with government regulations.
•As part of the incident response program - Monitored and analyzed several networks for intrusion detection, attacks and penetration utilizing Securify, Snort, and other security tools.
•Significant experience evaluating all aspects of physical security controls evaluation, design and remediation.
•Researched activities and threats. Recommend and implement changes to policies, procedures, and systems to enhance security.
•Proficient in the application of a host of commercial and public domain security tools intended to identify platform vulnerabilities (E.g. DumpSec, Retina, Hyena, sniffers and scanners), with follow up activities intended to employ ‘hardening’ safeguards (E.g. vendor, or de facto standards).
•Evaluated new information systems, products or services and suggests changes to existing products or services to better aide the end user. Relies on extensive experience and judgment to plan and accomplish goals.
•Installed, configured, performed troubleshooting and deployed SP1 for Windows 2003 Servers.
•Performed day-to-day administration functions, backup and restoration, file server maintenance.
•Provided Tier II trouble call support for hardware and Commercial-off-the-Shelf (COTS)/Government-off-the-shelf (GOTS) software via telephone, remote access, electronic mail, on-site.
•Implemented and maintained Active Directory Group Policy Objects (GPO) for servers and clients.
•Worked with Computer Associates UNICENTER Enterprise Management System tools.
•Took and troubleshoot all aspects of computer issues within 5, 000 users and 8 different Networks within MS 2000/XP OS environment.
•Maintained daily functions of 800 end users systems on a Microsoft NT/2000 environment.
•Took end users trouble calls and provide either on-call or on-site problem resolution like software installations and configurations, virus disinfections, PC hardware diagnose/reconfiguration and malfunctioning components replacement.
•Installed hard drives, floppy drives, zip drives, sound cards, network cards and other hardware components.
•Managed user accounts, groups, print queues and controlling access rights using Active Directory.
•Built, created, and modified domain and email accounts.
•Conducted a major inventory of all the systems and coordinated with the unit network administrator for 100% accountability.
•Prepared and maintained a website for the unit using HTML and MS FrontPage.
–