Resume

Functional Areas and Strengths

Information Technology (IT) 

  • Asset Management & Tracking – creating a database of the deployed assets in the environment for tracking; when the asset was deployed, asset ownership, criticality to the organization, etc. 
  • Endpoint Deployment and Hardware Repair – experience building computers and replacing and repairing damaged components and deploying assets in a corporate environment 
  • System Cleaning – cleaning and removing adverse program from systems such as adware, malware, viruses, and trojans 
  • Hardware Deployment – procurement of hardware and enrollment into the asset management database for asset tracking and management and ultimately deployment for use 
  • Network Design & Architecture – creating and designing a network that meets business needs while ensuring secure and efficient communication across the organzation’s intranet and/or reviewing and enhancing the existing design for improvement 
  • Data Warehouse Management – data warehouses are systems meant to store large datasets such as customer, client, and patient data. A data warehouse, such as a Customer Relationship Management Database (CRM) allows the business to store data and make queries that will help the organization answer questions that help them make better strategic and tactical decisions for business operations and expansion (business intelligence)
  • Server and Infrastructure Architecture and Design – deployment of servers that will provide underlying businss services such as Active Directory (AD) for Windows 
  • Business Email Management – creating email services for an organization to send emails from their private domain name and creating/managing email accounts for employees 
  • Website Management and Design – creating and managing your business’ online web presense meant to promote brand awareness and display critical business information for world wide consumptions 
  • Custom Software Design – as a programmer, I have the ability to create custom software to meet business needs should there not be an existing commercial solution for purchase 
  • Automation / Scripting – automation allows for the business to have some tasks run automatically based on triggers without human intervention ex. When a volunteer signs in, an automatic email is kicked out to them to thank them for volunteering with us today and/or add them to a volunteer mailing list 
  • Establishing Instant Messenging Platform – deployment and configuration of popular instant messenging platforms such as Microsoft Teams, Slack, and Discord. Setup of an instant messaging platform allows for video/personal calls, file sharing, and creating of private communication channels that can help enhance communcations within the organziation to help achieve their goals 
  • Social Media Management – establishing and running a social media account meant to drive engagement to business and build brand awareness 

Cybersecurity 

  • Hygiene Assessments – conducting assessments of the organization’s overall cybersecurity posture and maturity based on the observables in the environment and identifying areas where additional resiliency is required 
  • Training and Awareness – ensuring that the users of the computer systems are educated on the threats in the cybersecurity landscape and how to defend against targeted attacks meant to gain unauthorized access to sytems; creating PowerPoint slides to design training presentations 
  • Professional Advancement & Training – I am an IT/Cybersecurity tutor with multiple certifications and I have taught/led corporate trainings for certifications as well as tutored individuals seeking to reach their professional goals 
  • Identity and Access Management – enrolling new users into systems, ensuring that they have only the permissions they need on the systems, and subsequently offboarding their accounts as their access requires revocation (ex. Deactivate account after employee quits to ensure they no longer have access) 
  • Attack Surface Reduction (ASR) – build and run vulnerability management program designed to profile both internal and external infrastructure to identify and remediate weaknesses in architecture and onboarding tools that provide additional visibility to the organization 
  • Server Monitoring and High Availability – building and establishing monitoring systems that can ensure continuos availability of the systems that provide critical business functions and generate alerts when system performance/availability has been negatively impacted 
  • Cybersecurity Program Advisory – advisory/consulting services are provided for me to review business program/project goals and ensure appropriate cybersecurity protocols and practices are being implemented 
  • Threat Modeling – identifying critical assets that are essential to business operations and identifying adverse cyber events which can negatively impact these assets and ensuring that they have adequate protections against the threats identified 
  • Incident Response – handling of adverse cybersecurity events end to end, such as data breaches, ransomware attacks, and denial of service (DoS) attacks that impact system availaibility 
  • Threat Hunting/TDO (Threat Defense Operations) – proactively and reactively looking for patterns of malicious activity within the environment, analyzing gaps in existing security control visibility, and engineering solutions to cover discovered gaps 
  • Penetration Testing & Red Teaming – proactively attempting to attack and gain access to business networks and systems in order to detect and remediate points of weakness; *Conducting phishing tests (fake emails meant to deceive) fall under this category 

Project Planning & Execution / Administration 

  • Agile Project Management – most popular project management methodology used in Fortune 500 organizations. I am an Agile Scrum Master and can offer training in the methodology to help add organization, tracking, contingencies, and delegation during project execution. The advantage of using Agile project management is to adopt the philosophy of “Failing Fast”. That is, we focus on creating a Minimal Viable Product (MVP) first and continuously iterate towards improvement and thus, should the project be a failure, this can be determined as early in the process as possible and course correct/abandon as neceessary to reduce time and resource waste. 
  • Metrics Generation and Tracking – Key Performance Indicators (KPIs) need to be established and tracked to determine if project progress is on target or if the project is at risk of failing. Additionally, KPIs can be established for the organization as a whole to ensure that we are meeting our strategic and tactical goals. 
  • Dashboard Generation – dashboards provide a single pane of glass to look at and receive, at a glance, key project and organizational health status information. Additionally with dashboards, you are able to create different “views”, thus enabling you to only allow users to see metric data that is relevant to their duties/tasks without providing confidential/excessive information. 
  • PowerPoint Presentation Design – proficiency in creating PowerPoint presentations to clearly and succinctly convey messaging with visual aids to assist 

Spirituality / Religion 

  • Spiritual Life Coach – established coaching business where I provide one-on-one coaching sessions meant to help the client optimize their life journey and/or provide spiritual guidance along their path. Each client’s life and spiritual journey is diffeernet and not everyone progresses at the same pace, thus guidance given is custom-tailored to create the greatest improvement to their life quality. Areas of expertise in coaching:
    • Healing Childhood Trauma: Growing up in a childhood where one was physically, mentally, and/or sexually abused can lead to long-lasting issues such as (social) anxiety, depression, self-sabotage, and low self-confidence. In order to reach your full potential, you must address and heal from these traumas to remove the blockages they have created. 
    • Healing Church Hurt: Many people have sought God through the church only to experience condemnation and rejection. Healing church hurt involves healing the trauma of rejection and developing a personal, direct connection to God. Your connection to God is meant to be strengthened by, instead of reliant solely upon, the church home of your choice. 
    • Developing a Spiritual Path: Your spiritual path begins with connecting to self, and then exploring your innate interests and talents. Through embracing these interests and talents, you discover your PURPOSE, which allows you to create something greater than yourself that can leave a positive impact in this world. 
  • Bible Study Lead – providing guidance in how to dissect the word of the Lord, understand the relevanct mindset(s) that must be adopted as a result, and providing real-world example(s) of application of the word, thus bridging the gap between theory and application to help further strengthen the participant’s faith in the word and the Lord 
  • Spiritual Messaging/Prophecy – as a vessel for the Lord, I create and publish spiritual messages, both video and text, to help others learn more of the Lord’s ways by providing his wisdom in easily digestible ways 

Classic Resume

Well-seasoned IT-security professional with a vast amount of knowledge of network, server, and cloud security. Possesses extensive experience with securing both company and client production servers and networks. Team player that can collaborate with group members to write new security scripts, discuss new security vulnerabilities, and implement new security procedures, and protocols.

Experience
C Still Capital, LLC: CEO/Equities Investor (Houston, TX) July 2022 – Present

Personal investment company dedicated to the creation and development of derivative trading strategies.

Responsibilities:

  • Perform stock market sector analysis & seasonality reports
  • Daily research for swing trade opportunities.
  • Developing investment strategies based on intra-month market conditions.
  • Reviewing company earnings reports to discover potential investment opportunities.
Booz Allen Hamilton: Cybersecurity Engineer (Houston, TX) April 2017 – June 2022

Member of the commercial consulting team that strategizes how to leverage new and existing technologies to meet client cybersecurity needs.

Work performed for various Fortune 150 clients:

  • Performed threat models on critical infrastructure to identify risk events and drive recommendations for remediation of risk.
  • Supported development of threat modeling methodology and training material
  • Performed incident response for NotPetya malware – Day one responder that supported the investigation of the malware incident including reviewing logs to determine the original point of compromise, identifying points of lateral movement and proliferation through the environment, and subsequently producing a report to brief the C-Suite/Board of Directors on the summary of events.
  • Performed NotPetya Readiness Assessments – analyzing client’s security control stack to evaluate the effectiveness against the tactics and techniques used by NotPetya/automated lateral movement malware.
  • Threat Hunting/TDO (Threat Defense Operations) – proactively and reactively looking for patterns of malicious activity within the environment, analyzing gaps in existing security control visibility, and engineering solutions to cover discovered gaps.
  • Splunk content development – development of cybersecurity use cases and dashboards for monitoring for adverse events within the environment.
  • Performed security control assessment and mapping security control effectiveness to MITRE ATT&CK framework and development of a custom Splunk application (Python) to display organization security control effectiveness as a heatmap.
  • Attack Surface Reduction (ASR) Lead – Build and run vulnerability management program designed to profile both internal and external infrastructure to identify and remediate weaknesses in architecture and onboarding tools that provide additional visibility to the organization.
cPanel Inc: Security Analyst (Houston, TX) November 2015 – March 2017

Member of a newly formed, two-person team dedicated to identifying malicious activity within the internal network and deploying/administering hardware and software solutions to proactively monitor the company’s production network.

Responsibilities:

  • Ongoing development of Incident Response/Handling plans, and execution of said plans during adverse events
  • Regularly performing both internal and external scans of the company network using tools such as OpenVas to proactively discover network/server vulnerabilities and remediate any issues found
  • Performing patch management and software upgrades to mitigate 0-day exploits and announced CVEs
  • Build and maintain open-source IDS (Snort+Bro) including performance tuning and selecting appropriate ruleset for the network
  • Firewall management – adding new rules and auditing existing rules to ensure proper network segmentation
  • Investigation and remediation of alerts generated by IDS
  • Resolving/Handling third party security reports regarding company’s public facing infrastructure
  • Collaboration with other internal teams within the company to advise on secure product/feature/service implementation and deployment
  • Performing Red Team activities such as penetration testing of internal resources and performing phishing tests
  • Development of company-wide security training programs
HostGator,LLC: Senior Linux Security Admin (Houston, TX) Feb 2009 – June 2015

Maintained the integrity of the company’s network via addressing outbound attacks, monitoring production servers for malicious activity, and resolving both third party and internal abuse reports.

Responsibilities:

  • Detection of server rootkits and performing OS-reloads
  • Performing post-mortem security investigations for account/website compromises. Investigations detail point(s) of compromise and actions which need to be taken to secure the account and prevent the relevant exploit from re-occurring.
  • Monitoring and resolution of outbound attacks originating from company production servers, such as spam campaigns, self-spreading malware, and outbound DoS attacks.
  • Investigation and remediation of 3rd party abuse complaints from various ISPs and service providers such as Hotmail, Comcast, AT&T, and Yahoo.
  • Performing threat research in effort to write detection signatures for new and trending malware and implement preventative measures.
  • Performing manual security investigations of compromised accounts to find and remove malware which may not have existing detection signatures
  • Network monitoring and attack mitigation for both incoming and outgoing network attacks.
  • Performing security audits of customer servers/websites and providing a report of security weakness(es)
  • Assisting clients in becoming PCI compliant by resolving issues identified within third party PCI-DSS audit reports

Certifications
  • ISC2 Certified Information Systems Security Professional (CISSP) –  Oct 2016 – 2022 (Expired)
  • Offensive Security Certified Professional (OSCP) –  Indefinite
  • Microsoft Certified Solutions Expert (MCSE) – Server 2016 & Securing Windows Server 2016 – Indefinite
  • CompTIA Project+ – Indefinite

Education
  • University of Houston: M.Sc. Information System Security 2017 – 2019
  • Western Governor’s University: B.S. IT: Security 2016 – 2017
  • Houston Community College: Associates in Science 2014 – 2016

Awards Received
  • WGU:
  • WGU Texas: Graduate Commencement Speaker: School of IT (2017)
  • Booz Allen Hamilton: 2018 BEYA MDTL (Black Engineer of the Year Award – Modern Day Technology Leader)
  • Booz Allen Hamilton: 2018 Booz Allen Excellence Award (BEA) – Highest award offered by our firm; Awarded due to performance on Fortune 80 client impacted by NotPetya

Skills
  • LAMP (Linux, Apache, MySQL, PHP) server & Windows Server 2016 management and administration experience
  • Experience with Postfix and Exim mail server management and administration
  • Scripting experience with Bash, Python, and PowerShell for task automation
  • Experience with infrastructure configuration management tools such as Puppet
  • Experience with securing and deploying cloud infrastructure on AWS
  • Experience with network monitoring/netflow tools as Bro and nProbe
  • Strong knowledge of packet analysis using tools such as tcpdump and Wireshark
  • Experience with IDS/IPS tools such as Snort and Bro as well as experience in writing Snort rules
  • Experience with administration of AV/EDR tools such as Cylance and FireEye HX
  • Vulnerability scanning and management – identifying vulnerabilities, their impact to the business, and remediation recommendations and experience with tools such as Qualys, Shodan, and OpenVas
  • Firewall Management – Cisco, Juniper, iptables
  • Experience with Cisco and Juniper switch/router/firewall device administration
  • Network DoS attack identification and mitigation
  • Root Cause Analysis – investigating malware infections and using network forensic analysis and server log review to determine method and time of compromise
  • Experience removing malware and malicious injections from websites and servers
  • Experience with Linux and Windows server/endpoint hardening to minimize attack surface
  • Writing and evaluating regular expressions (RegEx)
  • Manually auditing and reviewing server, endpoint, and network logs to identify indicators of compromise (IOCs)
  • Experience with SIEM/log management tools such as Splunk and Elasticsearch, Logstash, and Kibana (ELK)
  • Experience working with large data sets/big data