Dusty Brooks

Cybersecurity professional specializing in Operational Technology

Oklahoma City, OK, United States

Details

Education: Master of Science - MS

Telecommunications Management/Information Assurance

Oklahoma State University

2008 : 2009

Bachelor of Science - BS

Computer Engineering Technology

Southwestern Oklahoma State University

1997 : 2001

Experience: 2022 : Present

Crane Co.

OT Manager, Global Information Security

Manager, OT Data Communications & Telecom

Feb 2019 – Present, Oklahoma City, Oklahoma

Leads the Operational Technology Data Communications and Telecommunications Engineering teams. 16 Technicians, 2 Engineers and 1 Supervisor.

Leads the planning, design, operations, compliance and direction of the field telecommunications, voice, land mobile radio and data networks

Manages the performance of the team. Coaches the staff on performance, completes employee performance evaluations and recommends pay actions. Trains and mentors the staff on department processes.

Plans and directs activities of the team, including call-out responsibilities 24 hours per day, 7 days per week

Manage third-party provider relationships and related SLA’s, contracts, etc.

Key Achievements

• Implemented a preventative maintenance program to support 300 remote sites to ensure that operational data communications are highly available

• Converged 4 separate team callout rotations into a single multilevel first call rotation to provide coverage and uptime for the company services and work life balance for the team members

• Developed a long-term strategic plan to address aging technology

• Reduced Telecom Vendor spend by 25%

2019 : 2022

Enable Midstream Partners

Manager, OT Data Communications & Telecom

Interacts with technical/operational teams to determine and develop security architecture approaches, security tools, and solutions

Provided support, configuration and administration of security tool sets and infrastructure, as well as investigation of information security events related to intrusion detection, firewalls,

Evaluates and recommends security solutions to solve business needs

Manages and governs relationships with managed security services providers (Optiv and Accenture)

Key Achievements

• Chaired the Architecture Steering team to align business needs with IT projects while guiding teams to the correct technology solutions

• Designed and implemented Palo Alto Firewall architecture for the Enable Private Cloud Project. Using 5200 series PA Firewalls, implemented the entire stack offered by PA Firewalls including : App-ID, User-ID, URL filtering, SSL decryption

• Implemented Virtual Panorama and migrated from M100 physical devices

• Implemented secure Azure Vnet design using Palo Alto VM-Series firewalls

• Designed, implemented, and developed operational procedures, for the LogRhythm SIEM addition for IT Security continuous monitoring activities

• Worked with multiple teams and contractors to complete the installation and onboarding for Managed Security Services support

• Implemented Operational Technology network improvements. Designed modifications for the Corporate VPN solution to support OT assets. Coordinated the migration from 3 separate OT VPN’s to the Corporate VPN solution.

• Partnered with Managed Security Service to implement Platform management for 20 OT Firewall and Cisco Firepower IPS assets

2016 : 2019

Enable Midstream Partners

Lead Cybersecurity Engineer

Selected to lead and manage a team of SCADA Engineers in the support of 3 Telvent Oasys SCADA systems to provide industry leading Reliable, Stable, Useable, and Secure SCADA Services, data, and information to our customers and stakeholders. Direct activities of SCADA Engineers engaged in Operations and Maintenance of the SCADA System. Coordinate with Operational Technology network team to ensure top tier communications. Management of Service support contracts to ensure maximum value for cost is achieved

Key Achievements

• Combined separate support teams in different cities into one cohesive support team to increase effectiveness

• Implemented and expanded proactive system health checks to improve system uptime

2014 : 2016

Enable Midstream Partners

Supervisor SCADA

Selected to fill a position to implement cybersecurity measures that protect and defend the Enogex /Enable SCADA system. Evaluated, recommended, and implemented the application of security controls for new, emerging, and existing Industrial Control Systems technologies based on applicable standards and frameworks. Provided oversight in systems patching and monitoring SCADA system for alerts, performance, and security events. Investigated and resolved security incidents and recommended enhancements to improve security. Served as a member of the OGE Cyber Security Team

Key Achievements

• Developed Enogex SCADA Security program based on American Petroleum Institute standard 1164 and NIST Standards

• Developed disaster recovery plan, incident response handling procedures, and ENOGEX SCADA system continuity plan, including data retention and backup recovery

• Developed comprehensive Enogex SCADA system asset inventory and a repeatable update process implemented using PowerShell

• Developed incident response plan for Enogex SCADA system

• Implemented Vulnerability remediation program. Primary tool used was Tenable Nessus

• Contributor for the Department of Homeland Security Oil and Natural Gas Subsector Cybersecurity Capability Maturity Model (ONG-C2M2)

• Participated in the update project for Interstate Natural Gas Association of America (INGAA) Control Systems Cyber Security Guidelines

2012 : 2014

Enable Midstream Partners

SCADA Information Assurance Coordinator

Company: Crane Co.

Years of Experience: 29

Skills

AVEVA SCADA, AVEVA Screen Building, Azure Security, Budgeting, Business Planning, Cloud Computing, Cloud Security, Cloud Security Architecture, Cybersecurity, DevSecOps, Engineering, Engineering Management , ICS Security, Information Security, Information Security Management, Information Technology, Infrastructure Projects, Internet Protocol (IP), Kali Linux, Leadership, LogRhythm, LogRhythm Security Analyst, Management, Metasploit, Networking, O365, Oil & Gas, Operational Technology, Operations Management, Palo Alto Networks, PowerShell, Problem Solving, Process Improvement, Project Planning, Risk Management, SCADA, Security Architecture Design, Security Information and Event Management (SIEM), Self-care, Strategic Planning, Stress Management, System Administration, Telecommunications, Telvent OASys DNA, Tenable Nessus, Threat & Vulnerability Management, Troubleshooting, Vendor Management, Vulnerability Management, Vulnerability Scanning

About

Exceptionally qualified Veteran that joins years of SCADA/Operational Technology Telecommunications experience with in-depth Cybersecurity knowledge, education, and experience. Education includes MS in Telecommunications Management focused on Information Assurance as well as a Graduate Certificate in Information Assurance and a CISSP certification. Outstanding leader with a record of success in defining, leading, and implementing support teams and processes for control systems environments. Self-motivated with ability to manage multiple projects simultaneously while maintaining customer focus. Strong technical background ranging from Operational Technology, Networking and Voice services to Information Security, all backed with certifications.