Profiles search
Jontavius Caston
Cyber Intelligence Technologies
Seattle, WA, United States
Details
Experience:
2019 : Present
Boeing
ITCFP - Information Security Supply Chain Cyber Security
Threat & Vulnerability Management
● Provided an example of a SQL Injection attack and explained why the back end database makes a difference in how it works. Explained what type of information or access could be compromised with SQL injection attacks.
● Knowledge of system and application security threats and vulnerabilities including : buffer overflow, mobile code, cross-site scripting, PL/SQL injections, covert channel, replay, return-oriented attacks, XSS/CSRF, DoS attacks, and malicious code.
● Analyze the key cybersecurity domains and controls of the environments (access management, data protection, logs capture, firewall rules, internal and external network access and visibility, etc.) to determine alignment with security policies and to identify potential security weaknesses.
● Apply fundamental threat modeling techniques and integrate threat intelligence resources to analyze the environments and identify and document threats and vulnerabilities.
● Working knowledge using multiple threat modeling and threat rating techniques including STRIDE, DREAD, P.A.S.T.A., Trike, VAST, Microsoft Threat Modeling Tool, MyAppSecurity, Threat Dragon, IriusRisk.
● Analyze and document the physical and logical interdependencies between the infrastructure environments consisting of compute components (processors, RAM), storage (SAN, NAS), internetworking components (routers, switches, firewalls), software (operating systems, applications, databases) and operational protocols for possible security risks.
2017 : 2022
Bellevue University
Cyber Security Graduate/Analyst
Governance, Risk, and Compliance
● Understanding and familiarity of risk-based frameworks to include PCI-DSS, Sarbanes Oxley, NERC-CIP, HIPAA, FISMA, ISO, COBIT, NIST, CIS, CPNI
● Develop security assessment reports and review the findings with relevant teams across departments
2017 : 2022
Bellevue University
Cyber Security Graduate/Analyst
Network/Infrastructure Security
● Experience and familiarity with the following technologies : Encase, FTK, Wireshark, NMAP, Truecrypt, Notepad++, FTK Imager, Active Directory, Virtualization platforms, Microsoft Windows, Unix, Linux, LDAP, Active Directory, 802.11 wireless, firewalls, routers, network protocols and architecture, databases, VPN/RAS, IDS/IPS
● Experience in understanding networking infrastructure (routers, switches, firewalls), wireless/mobile networking components (Public Switched Telephone Network (PSTN), Mobile Switching Center (MSC), Base Station (BS), Radio Access Network (RAN))
● Build diagrams depicting the environments, physical and logical boundaries, logical data flows, intersystem call flows, communications and operational protocols, trusted and untrusted zones, operational, administrative and maintenance interconnections
● Hands-on experience in the implementation and operations of computing, storage, internetworking technologies and wireless/mobile technologies
2017 : 2022
Bellevue University
Cyber Security Graduate/Analyst
Relevant Coursework :
Network Security | Operational Security| Operating Systems and Mobile Device Security| Windows Operating Systems I | Java Programming I/II | Visual Basic.NET I | Intro to Database Design | Building Secure Environments | Structured Query Language SQL | Network and Information Security Basics | Network Attacks Intrusion | Boundary Protection | Information System Forensics and Legal | Principles of Physics | Intro to Cyber Threats, Technologies, and Security | Web Commerce and Application Security | Securing Access Control | Assessment and Audits | Data/Database Security
2017 : 2022
Bellevue University
Cyber Security Graduate/Analyst
Boeing
ITCFP - Information Security Supply Chain Cyber Security
Threat & Vulnerability Management
● Provided an example of a SQL Injection attack and explained why the back end database makes a difference in how it works. Explained what type of information or access could be compromised with SQL injection attacks.
● Knowledge of system and application security threats and vulnerabilities including : buffer overflow, mobile code, cross-site scripting, PL/SQL injections, covert channel, replay, return-oriented attacks, XSS/CSRF, DoS attacks, and malicious code.
● Analyze the key cybersecurity domains and controls of the environments (access management, data protection, logs capture, firewall rules, internal and external network access and visibility, etc.) to determine alignment with security policies and to identify potential security weaknesses.
● Apply fundamental threat modeling techniques and integrate threat intelligence resources to analyze the environments and identify and document threats and vulnerabilities.
● Working knowledge using multiple threat modeling and threat rating techniques including STRIDE, DREAD, P.A.S.T.A., Trike, VAST, Microsoft Threat Modeling Tool, MyAppSecurity, Threat Dragon, IriusRisk.
● Analyze and document the physical and logical interdependencies between the infrastructure environments consisting of compute components (processors, RAM), storage (SAN, NAS), internetworking components (routers, switches, firewalls), software (operating systems, applications, databases) and operational protocols for possible security risks.
2017 : 2022
Bellevue University
Cyber Security Graduate/Analyst
Governance, Risk, and Compliance
● Understanding and familiarity of risk-based frameworks to include PCI-DSS, Sarbanes Oxley, NERC-CIP, HIPAA, FISMA, ISO, COBIT, NIST, CIS, CPNI
● Develop security assessment reports and review the findings with relevant teams across departments
2017 : 2022
Bellevue University
Cyber Security Graduate/Analyst
Network/Infrastructure Security
● Experience and familiarity with the following technologies : Encase, FTK, Wireshark, NMAP, Truecrypt, Notepad++, FTK Imager, Active Directory, Virtualization platforms, Microsoft Windows, Unix, Linux, LDAP, Active Directory, 802.11 wireless, firewalls, routers, network protocols and architecture, databases, VPN/RAS, IDS/IPS
● Experience in understanding networking infrastructure (routers, switches, firewalls), wireless/mobile networking components (Public Switched Telephone Network (PSTN), Mobile Switching Center (MSC), Base Station (BS), Radio Access Network (RAN))
● Build diagrams depicting the environments, physical and logical boundaries, logical data flows, intersystem call flows, communications and operational protocols, trusted and untrusted zones, operational, administrative and maintenance interconnections
● Hands-on experience in the implementation and operations of computing, storage, internetworking technologies and wireless/mobile technologies
2017 : 2022
Bellevue University
Cyber Security Graduate/Analyst
Relevant Coursework :
Network Security | Operational Security| Operating Systems and Mobile Device Security| Windows Operating Systems I | Java Programming I/II | Visual Basic.NET I | Intro to Database Design | Building Secure Environments | Structured Query Language SQL | Network and Information Security Basics | Network Attacks Intrusion | Boundary Protection | Information System Forensics and Legal | Principles of Physics | Intro to Cyber Threats, Technologies, and Security | Web Commerce and Application Security | Securing Access Control | Assessment and Audits | Data/Database Security
2017 : 2022
Bellevue University
Cyber Security Graduate/Analyst
Company:
Boeing
About
Information Security Analyst/Cybersecurity Specialist and U. S. Air Force veteran with active U.S. Secret Security Clearance ready to serve on a corporation’s front lines battling cyber-attacks. Strengths include solving technical challenges, communicating effectively at all levels, and the ability to collaborate with systems engineers, network administrators, tech support personnel, software developers, and IT managers to analyze critical infrastructure and in the optimization of systems and software.
While pursuing my BASc Cyber Security I have learned the following skills:
Operating Systems: Windows 7/8/10, UNIX/Linux Ubuntu
Technical Support: Installation, Configuration & Troubleshooting of Hardware & Software
Languages: Visual Basic, Java I, Java II, HTML,
Applications: MS Office (Word, Excel, PowerPoint, Outlook), Wireshark
Willing and seeking to relocate to the Seattle, WA area.
Profile Photo
