Profiles search

Martin Southerland

Information Security Analyst, Sr | Sec+ | CCSFP
Austin, AR, United States

Details

Education: Bachelor’s Degree

Criminal Justice, Cybercrime & Cybersecurity

Colorado Technical University

2016 : 2018
Experience: • Conduct security incident investigations.

• Ensure enterprise compliance regarding controls related to the cyber security framework.

• Provides guidance and policy expertise for data security, data classification, data storage, data transmission, and data lifecycle.

• Setting policy and enforcement on security standards.

• Managing privileged access entitlement review/approvals.

• Conduct usage audits and verify the removal of retired and stale accounts.

• Manage software and application compliance and ensures that unauthorized software and application are not on enterprise assets.

• Conduct entitlement reviews of users and groups to ascertain that appropriate personnel have access to enterprise data.

• Provide guidance in the evaluation and assessment of Policy Exception Reports (PERs).

• Conduct analysis and provide recommendations on the Change Advisory Board (CAB)

2021 : Present

Arkansas Blue Cross Blue Shield

Information Security Analyst Sr

• Support and coordinate workflow, activity, and documentation necessary to achieve successful RMF (Risk Management Framework) Assessment & Authorization (A&A)

• Identify, develop, and incorporate artifacts found in an RMF A&A package, e.g., system architecture and authorization boundaries, hardware and software inventories, risk assessment reports, Plan of Action and Milestones (POA&Ms), data flows, and other necessary system documentation.

• Evaluate and provide input to systems security controls in eMASS, using Control Correlation Identifiers (CCIs) from the Assessment Procedure (AP) List

2021 : 2021

SAIC

Cyber GRC Analyst Sr

• Provide subject matter expertise in all cyber security initiatives.

• Ensure compliance with data security policies and relevant legal and regulatory requirements in accordance with Defense Health Agency (DHA) directives and applicable Risk Management Framework (RMF) requirements.

• Assist in drafting “Authorization to Operate” (ATO) packages for new and existing systems.

• Ensure compliance with MTF cyber security program implementation plan, and DHA management policies.

2021 : 2021

ManTech

ISSO

• Develop processes to support IA (Information Assurance) updates to Army Cyber Mission systems and network.

• Review quarterly IA scan results and other information to maintain security posture.

• Update POA&Ms (Plan of Action & Milestones) for systems that have gone through the DoD (Department of Defense) RMF (Risk Management Framework) process.

• Participate in milestone reviews to ensure IA compliance.

• Develop and maintain RMF authorization schedules and schedule milestones.

• Implement and execute necessary eMASS (Enterprise Mission Assurance Support Service) entries and updates in support of RMF and RMF/IA packages.

• Maintain system security plans, policies and procedures IAW DoD and Army RMF guidelines.

• Ensure that all directed applications comply and support the Army's Information Assurance Vulnerability Management (IAVM) program notification and correction processes.

2020 : 2021

PeopleTec

Cybersecurity Analyst

• Performing cyber hygiene activities to ensure system security controls are operating and monitoring mission integrity.

• Assessing known systems vulnerabilities and verifying system hardening and patching activities to ensure compliance with the most current applicable Security Technical Implementation Guides (STIGs)/Security Requirements Guides (SRGs).

• Performing analysis on cybersecurity collected data and test results, identifying and implementing cybersecurity design, and preparing and maintaining engineering and security related documentation.

• Performing Nessus Assured Compliance Assessment Solution (ACAS) vulnerability assessment scan results and providing recommendations to other Cyber Security personnel.

• Provide system administration, situational analysis, impact assessment, and issue resolution of North American Aerospace Defense (NORAD) Cheyenne Mountain Complex - Integrated Tactical Warning/Attack Assessment (NCMC-ITW/AA) and Space Support Contract (NISSC) covered systems.

• Monitor network architecture and services; resolving issues as they arise.

• Assist users in accessing and using NISSC covered systems.

• Monitor and service incoming/outgoing messages related to air, missile, and space defense systems.

2016 : 2020

Raytheon

Sr. Cyber Engineer/Program Protection Specialist
Company: Arkansas Blue Cross Blue Shield
Years of Experience: 20
Spoken Language: English

Skills

Active Directory, Assured Compliance Assessment Solution (ACAS), Cisco VoIP, Cybersecurity, DHCP, Dynamic Host Configuration Protocol (DHCP), Fiber Optics, HITRUST, HP Openview, Information Security, Military, Military Experience, Network Administration, Operating Systems, Red Hat Linux, Security, Server Administration, Solaris, STIG, System Administration, TACLANE, Troubleshooting, TS/SCI, Unix, Unix Administration, VTC, Windows, Windows Deployment Services, Workstation Administration, Windows 7, Windows Vista, Windows XP, Windows Server 2003, FalconView, Patriot Excalibur, SQL Server 2008, Servers, Integration, Networking, Computer Security

About

I have spent the last 18 years working with the DoD and commercial information systems. The roles that I have filled have prepared me for a broad range of duties. Some of these roles include:

• Supporting the intelligence community by providing systems administration and support for 24/7 operations.

• Providing communication and systems administration support for tactical units deployed for domestic operations.

• Providing hardware and software support for Army/Air Force intelligence networks and equipment.

• Providing system administration, situational analysis, impact assessment, and issue resolution of North American Aerospace Defense (NORAD) Cheyenne Mountain Complex - Integrated Tactical Warning/Attack Assessment (NCMC-ITW/AA) and Space Support Contract (NISSC) covered systems.

• Providing Cyber Security through Assured Compliance Assessment Solution (ACAS) vulnerability assessment scans and Security Technical Implementation Guides (STIG).

• Performing analysis on cybersecurity collected data and test results, identifying and implementing cybersecurity design, and preparing and maintaining engineering and security related documentation.

• Providing guidance and policy expertise for data security, data classification, data storage, data transmission, and data lifecycle.

• Ensure enterprise compliance regarding controls related to the cyber security framework.