Profiles search
Paul Williams
Sr. Cybersecurity Engineer II at Vertex TTS
Indianapolis, IN, United States
Details
Education:
Bachelor’s Degree
Information Systems Security, Cybersecurity Concentratoin
American Military University
2014 : 2016
Spartan School of Aeronautics
1997 : 1999
Trident Technical College
Information Systems Security, Cybersecurity Concentratoin
American Military University
2014 : 2016
Spartan School of Aeronautics
1997 : 1999
Trident Technical College
Experience:
2020 : Present
Vertex TTS
Sr. Cybersecurity Engineer II
Network Security team lead.
SME for Splunk Enterprise data logging and Splunk Enterprise Security systems.
Configure and manage Splunk search heads, indexers, and forwarders to collect and report enterprise data.
Create Splunk searches and reports that provide information to the network admins, system admins, and enterprise architects to give a concise overview of various configurations.
SME for Cisco ASA FirePOWER and NGIPS (next-generation intrusion prevention system) modules and sensors.
Create and manage IPS/IDS policies for threat detection from both internal and external sources.
Update systems as required when new IOS software or firmware versions are available.
Monitor network traffic and take action when adverse conditions arise that will impact network connectivity.
Consistently test network configurations to optimize traffic flow through security appliances.
Verify network configurations are secure by conducting wireless and network penetration tests using Kali Linux.
Suggest new technologies and procedures that will improve the overall security posture of the network.
2017 : 2022
General Dynamics Information Technology
Sr. Analyst, Information Security
SME for Splunk Enterprise data logging and Splunk Enterprise Security systems.
Configure and manage Splunk search heads, indexers, and forwarders to collect and report enterprise data.
SME for Cisco ASA FirePOWER and NGIPS (next-generation intrusion prevention system) modules and sensors.
Configure and manage IPS/IDS with latest virus and malware signatures.
Update systems as required when new IOS software or firmware versions are available.
Monitor network traffic and take action when adverse conditions arise that will impact network connectivity.
Consistently test network configurations to optimize traffic flow through security appliances.
Verify network configurations are secure by conducting wireless and network penetration tests using Kali Linux.
Suggest new technologies and procedures that will improve the overall security posture of the network.
2017 : 2017
Obsian Global
Network Security Engineer
SME for Splunk Enterprise data logging and Splunk Enterprise Security systems.
Configure and manage Splunk search heads, indexers, and forwarders to collect and report enterprise data.
SME for Cisco ASA FirePOWER and NGIPS (next-generation intrusion prevention system) modules and sensors.
Configure and manage IPS/IDS with latest virus and malware signatures.
Update systems as required when new IOS software or firmware versions are available.
Monitor network traffic and take action when adverse conditions arise that will impact network connectivity.
Consistently test network configurations to optimize traffic flow through security appliances.
Review various information system security documentation such as complete C&A plans / Security Authorization packages, Plans of Actions and Milestones (POA&M), System Security Plans, Contingency Plans, Disaster Recovery Plans and Incident Response Plans.
Assist IAOs with completion of various information system security documentation such as complete C&A plans / Security Authorization packages, Plans of Actions and Milestones (POA&M), System Security Plans, Contingency Plans, Disaster Recovery Plans and Incident Response Plans.
Review vulnerability assessment (SCCVI) scan results which are required for C&A package submission.
Review results of Security Technical Implementation Guides (STIGs), Secure Content Automation Protocol (SCAP) outputs and other various DISA checklists required for C&A package submission.
Provide input for security control selection and implementation.
Assess initial system risk and identifies correct system security controls for remediated findings, mitigation strategies and residual risk.
Coordinate with Information Assurance Officers (IAO), information system owners and users to ensure that their systems remain in a secure state throughout the systems lifecycle. Significant configuration changes are assessed to determine overall impact to the security posture of the system.
2015 : 2016
Sagent Partners
Network Security Engineer
Manage a team of Cyber Security professionals in day-to-day operations in support of the JTF-GTMO operation.
Write and review SOP documentation for the local operation.
Write and report POA&M(Plan of Action and Milestones)
Responsible for all reporting on IAVM program for JTF GTMO to include reporting in both VMS (Vulnerability Management System) and CMRS (Continuous Monitoring and Risk Scoring), and providing updates on the mitigation of IAVA.
Provide Information Assurance (IA) support for all requirements associated with Certification and Accreditation (C&A) and DoD Information Assurance Certification and Accreditation Program (DIACAP) policies, principles, concepts, and practices to include the VMS and Enterprise Mission Assurance Support Service (eMASS) databases.
Build packages for DIACAP, now Risk Management Framework (RMF) for JTF-GITMO J6
Back-up for ACAS (Assured Compliance Assessment Solution) Scanning tools, Nessus.
Back-up for McAfee HBSS (VSE, HIPS, DLP, ACCM) administrator covering two networks consisting of approximately 2000 workstations and servers.
Responsible for scanning network assets for reporting compliance as directed by SOUTHCOM and in accordance with DISA compliance.
Member of Configuration Change Board
Back-up Bluecoat Administrator.
Back-up CISCO ASA Firewall Administrator
2014 : 2015
Intelligent Decisions
Cyber Security Section Lead
Vertex TTS
Sr. Cybersecurity Engineer II
Network Security team lead.
SME for Splunk Enterprise data logging and Splunk Enterprise Security systems.
Configure and manage Splunk search heads, indexers, and forwarders to collect and report enterprise data.
Create Splunk searches and reports that provide information to the network admins, system admins, and enterprise architects to give a concise overview of various configurations.
SME for Cisco ASA FirePOWER and NGIPS (next-generation intrusion prevention system) modules and sensors.
Create and manage IPS/IDS policies for threat detection from both internal and external sources.
Update systems as required when new IOS software or firmware versions are available.
Monitor network traffic and take action when adverse conditions arise that will impact network connectivity.
Consistently test network configurations to optimize traffic flow through security appliances.
Verify network configurations are secure by conducting wireless and network penetration tests using Kali Linux.
Suggest new technologies and procedures that will improve the overall security posture of the network.
2017 : 2022
General Dynamics Information Technology
Sr. Analyst, Information Security
SME for Splunk Enterprise data logging and Splunk Enterprise Security systems.
Configure and manage Splunk search heads, indexers, and forwarders to collect and report enterprise data.
SME for Cisco ASA FirePOWER and NGIPS (next-generation intrusion prevention system) modules and sensors.
Configure and manage IPS/IDS with latest virus and malware signatures.
Update systems as required when new IOS software or firmware versions are available.
Monitor network traffic and take action when adverse conditions arise that will impact network connectivity.
Consistently test network configurations to optimize traffic flow through security appliances.
Verify network configurations are secure by conducting wireless and network penetration tests using Kali Linux.
Suggest new technologies and procedures that will improve the overall security posture of the network.
2017 : 2017
Obsian Global
Network Security Engineer
SME for Splunk Enterprise data logging and Splunk Enterprise Security systems.
Configure and manage Splunk search heads, indexers, and forwarders to collect and report enterprise data.
SME for Cisco ASA FirePOWER and NGIPS (next-generation intrusion prevention system) modules and sensors.
Configure and manage IPS/IDS with latest virus and malware signatures.
Update systems as required when new IOS software or firmware versions are available.
Monitor network traffic and take action when adverse conditions arise that will impact network connectivity.
Consistently test network configurations to optimize traffic flow through security appliances.
Review various information system security documentation such as complete C&A plans / Security Authorization packages, Plans of Actions and Milestones (POA&M), System Security Plans, Contingency Plans, Disaster Recovery Plans and Incident Response Plans.
Assist IAOs with completion of various information system security documentation such as complete C&A plans / Security Authorization packages, Plans of Actions and Milestones (POA&M), System Security Plans, Contingency Plans, Disaster Recovery Plans and Incident Response Plans.
Review vulnerability assessment (SCCVI) scan results which are required for C&A package submission.
Review results of Security Technical Implementation Guides (STIGs), Secure Content Automation Protocol (SCAP) outputs and other various DISA checklists required for C&A package submission.
Provide input for security control selection and implementation.
Assess initial system risk and identifies correct system security controls for remediated findings, mitigation strategies and residual risk.
Coordinate with Information Assurance Officers (IAO), information system owners and users to ensure that their systems remain in a secure state throughout the systems lifecycle. Significant configuration changes are assessed to determine overall impact to the security posture of the system.
2015 : 2016
Sagent Partners
Network Security Engineer
Manage a team of Cyber Security professionals in day-to-day operations in support of the JTF-GTMO operation.
Write and review SOP documentation for the local operation.
Write and report POA&M(Plan of Action and Milestones)
Responsible for all reporting on IAVM program for JTF GTMO to include reporting in both VMS (Vulnerability Management System) and CMRS (Continuous Monitoring and Risk Scoring), and providing updates on the mitigation of IAVA.
Provide Information Assurance (IA) support for all requirements associated with Certification and Accreditation (C&A) and DoD Information Assurance Certification and Accreditation Program (DIACAP) policies, principles, concepts, and practices to include the VMS and Enterprise Mission Assurance Support Service (eMASS) databases.
Build packages for DIACAP, now Risk Management Framework (RMF) for JTF-GITMO J6
Back-up for ACAS (Assured Compliance Assessment Solution) Scanning tools, Nessus.
Back-up for McAfee HBSS (VSE, HIPS, DLP, ACCM) administrator covering two networks consisting of approximately 2000 workstations and servers.
Responsible for scanning network assets for reporting compliance as directed by SOUTHCOM and in accordance with DISA compliance.
Member of Configuration Change Board
Back-up Bluecoat Administrator.
Back-up CISCO ASA Firewall Administrator
2014 : 2015
Intelligent Decisions
Cyber Security Section Lead
Company:
Vertex TTS
Years of Experience:
22
Spoken Language:
English
Skills
Active Directory, Cisco FirePOWER IPS/IDS, Cisco Technologies, Computer Security, DHCP, Disaster Recovery, DNS, Firewalls, Information Assurance, Networking, Operating Systems, Routers, Security, Software Installation, Splunk, Switches, VPN
About
CISSP, CEH, CCNA, CCNA Security, CCNA Wireless
Independent study in Penetration testing and Mobile Penetration testing
Profile Photo
