Profiles search
Becky Santos
Director, Information Security at Cintel, Inc.
Huntsville, AL, United States
Details
Education:
Master of Science (M.S.)
Computer Science - Information Assurance & Security
University of Alabama in Huntsville
2011 : 2014
Bachelor of Science (B.S.)
Computer Science
University of Alabama in Huntsville
2006
Computer Science - Information Assurance & Security
University of Alabama in Huntsville
2011 : 2014
Bachelor of Science (B.S.)
Computer Science
University of Alabama in Huntsville
2006
Experience:
At Cintel, we are ALL problem solvers! We combine our expertise in the areas of Cyber Security, Data Science & Analytics, Modeling & Simulation, Software Development, Machine Learning, and Energy & Infrastructure to provide our clients with innovative solutions. We strive to not only meet but exceed the expectations of our partners in all that we do.
2019 : Present
Cintel, Inc.
Director, Information Security
Founder and principal cybersecurity engineer specializing in providing product development, research, consulting, assessment, and auditing of information technology security. Provide security consulting and solutions to small business or home office (SOHO) assisting customers in identifying and managing risks associated with their reliance on information technology.
2018 :
Brazen Security, LLC
Principal Cybersecurity Engineer
Conducted security assessments of election systems under the test in the Voting Systems Testing Laboratory. Determined test strategies, developed procedures and test cases from federal guidelines, state security requirements, and vendor specifications. Conducted assessments and reported results of the security evaluations. Specific areas of expertise include : conducting risk assessments, conducting source code analysis including evaluation for secure coding practices, performing vulnerability scanning and penetration testing of systems, examining network topography with respect to telecommunication security, and evaluating systems for proper implementation of cryptographic mechanisms including assessing for FIPS 140-2 compliance.
Lead program development of NIST Cryptographic and Security Testing Laboratories (CSTL) capabilities. Researched technical requirements and developed program management documentation needed in pursuing accreditation as a CSTL with scope including level 1 software testing and security content automation protocol (SCAP) testing.
Responsible for reducing enterprise cyber exposure and the development of a formal corporate security management program. Developed and implemented security management program utilizing NIST Cybersecurity Framework, CIS Top 20 Controls, and DHS US-CERT Cyber Resilience Review (CRR) as guidance. Conducted self-assessments utilizing frameworks to recommend and prioritize strategic areas for improvement of security posture.
2016 : 2018
Pro V & V
CSO, R&D Program Manager
Served in a software engineering role working throughout the entire application development lifecycle over multiple projects. Performed requirements solicitation, problem analysis, system architecture design, and lead development team on software solution projects internally focused and in direct support of DoD and commercial customers. Performed secure code analysis, vulnerability assessment, and vulnerability mitigation within provided products. Facilitated Cyber Community of Practice charged with workflow and capability development.
2008 : 2016
Intuitive Research & Technology
Senior Systems Analyst
Served as a member of an IT infrastructure team supporting Operational Technologies (OT) in an Industrial Control System based chemical manufacturing facility supporting both continuous and batch processes. Provided specific expertise in database management, administration, and development. Administered MSSQL Servers, conducted data analysis, report design, developed database and interfaces, of systems housing data from SCADA systems. Administered Lotus Domino Servers and developed databases used as operational process management information repositories. Implemented and monitored global replication topology to ensure security confidentiality of data flowing to international sites. Designed, implemented, and maintained disaster recovery strategy of servers and long-term massive data archiving solutions. Responsible for security administration on servers.
1999 : 2008
BASF Catalysts, LLC.
Systems Administrator
2019 : Present
Cintel, Inc.
Director, Information Security
Founder and principal cybersecurity engineer specializing in providing product development, research, consulting, assessment, and auditing of information technology security. Provide security consulting and solutions to small business or home office (SOHO) assisting customers in identifying and managing risks associated with their reliance on information technology.
2018 :
Brazen Security, LLC
Principal Cybersecurity Engineer
Conducted security assessments of election systems under the test in the Voting Systems Testing Laboratory. Determined test strategies, developed procedures and test cases from federal guidelines, state security requirements, and vendor specifications. Conducted assessments and reported results of the security evaluations. Specific areas of expertise include : conducting risk assessments, conducting source code analysis including evaluation for secure coding practices, performing vulnerability scanning and penetration testing of systems, examining network topography with respect to telecommunication security, and evaluating systems for proper implementation of cryptographic mechanisms including assessing for FIPS 140-2 compliance.
Lead program development of NIST Cryptographic and Security Testing Laboratories (CSTL) capabilities. Researched technical requirements and developed program management documentation needed in pursuing accreditation as a CSTL with scope including level 1 software testing and security content automation protocol (SCAP) testing.
Responsible for reducing enterprise cyber exposure and the development of a formal corporate security management program. Developed and implemented security management program utilizing NIST Cybersecurity Framework, CIS Top 20 Controls, and DHS US-CERT Cyber Resilience Review (CRR) as guidance. Conducted self-assessments utilizing frameworks to recommend and prioritize strategic areas for improvement of security posture.
2016 : 2018
Pro V & V
CSO, R&D Program Manager
Served in a software engineering role working throughout the entire application development lifecycle over multiple projects. Performed requirements solicitation, problem analysis, system architecture design, and lead development team on software solution projects internally focused and in direct support of DoD and commercial customers. Performed secure code analysis, vulnerability assessment, and vulnerability mitigation within provided products. Facilitated Cyber Community of Practice charged with workflow and capability development.
2008 : 2016
Intuitive Research & Technology
Senior Systems Analyst
Served as a member of an IT infrastructure team supporting Operational Technologies (OT) in an Industrial Control System based chemical manufacturing facility supporting both continuous and batch processes. Provided specific expertise in database management, administration, and development. Administered MSSQL Servers, conducted data analysis, report design, developed database and interfaces, of systems housing data from SCADA systems. Administered Lotus Domino Servers and developed databases used as operational process management information repositories. Implemented and monitored global replication topology to ensure security confidentiality of data flowing to international sites. Designed, implemented, and maintained disaster recovery strategy of servers and long-term massive data archiving solutions. Responsible for security administration on servers.
1999 : 2008
BASF Catalysts, LLC.
Systems Administrator
Company:
Cintel, Inc.
Years of Experience:
24
Skills
Attack Methods, Business Process Improvement, C++, CCNA, information assurance, integration, Linux, Network Security, Program Management, Project Management, requirements analysis, Security, software development, software documentation, sql, systems engineering, testing, u.s. department of defense, Vulnerability Assessment, c
About
A strategic, passionate, and pragmatic information technology and cybersecurity professional with extensive experience and deep understanding derived from a career beginning in enterprise infrastructure administration and defense, diving deeper into software engineering and development, and pulling it all together to focus on the security of it all. Thankful for a diverse background that provided me a solid foundation in applying that acquired knowledge to the modern cyber awakening. Known for being a liaison between technical and management. Proud of always pushing to move security to the left. Lauded for always striving to do what is right over what is easy.
Profile Photo
