Christopher Quimbaya
Details
Cyber Security and Information Assurance
Western Governors University
2020 : 2021
Associate of Science - AS
Cyber Security & Digital Forensic
Valencia College
2017 : 2020
My experience with DoD Cybersecurity policies, directives, and STIGs allows me to assess organizational risks and recommend mitigation strategies. I have extensive knowledge of NIST 800 series publications, including 800-30, 800-37, 800-53, 800-53a, and 800-171. Additionally, I participate as the team lead for scanning and patching Windows/Linux systems using IA/IS tools, and conduct security analysis of system risks/vulnerabilities from development to product delivery.
I am adept at interpreting policies and requirements in terms of established objectives and provide recommendations for improvements to meet program objectives. As a supervisor, I coordinate the work of Senior Cybersecurity Analyst and Cybersecurity Analyst team members, resolving conflicts independently while ensuring work is carried out effectively and efficiently. I am experienced in leveraging tools such as ACAS, SCAP/SCC, and/or eMASS to ensure successful project delivery.
2023 : Present
Cybernet Systems Corporation
SR Cybersecurity Engineer
As the CEO and Owner of CyberTroopers, I am deeply involved in providing strategic direction, vision, and leadership for the company, with an unwavering commitment to achieving our objectives while maintaining an optimal security posture. My role is a unique blend of top-tier leadership and hands-on execution, built upon a solid foundation in cybersecurity and military information systems.
Key Responsibilities :
Strategic Leadership : I develop and execute the company's business strategies to attain the goals set by our board and shareholders. I provide strategic advice to the board and Chairperson to ensure they have an accurate view of the market and the company's future.
Business Development : I identify and develop business opportunities for the company. A major part of my role involves building and maintaining relationships with partners and stakeholders.
Cybersecurity Leadership : I use my expertise in NIST 800-53 controls, the RMF process, and various cybersecurity tools to guide the company's security direction and posture. I oversee the enforcement of administrative security controls policies and procedures in line with best practices.
Risk Management : I oversee the company's fiscal activity, including budgeting, reporting, and auditing. I identify and address financial risks and opportunities for the company.
Team Development : I support and lead the team within the company, providing leadership and guidance to our management team. I implement efficient and effective decision-making processes.
2023 :
CyberTroopers
Company Owner
● Develop policies and procedures that ensure effective administrative security controls are in place in accordance with NIST 800-53.
● Functioning knowledge of vulnerability scanners; specifically, ACAS and Nessus.
● Performed RMF steps in the acquisition and sustainment of system Authority to Operate (ATO) and Authority to Connect (ATC)
● Performed or supervise vulnerability testing, risk analyses and security assessments.
● Researched system STIG and SRG compliance in support of establishing and overseeing configuration management
● Plan, research, and design robust security architectures for any IT project.
2022 : 2023
Cybernet Systems Corporation
Cyber Security Engineer
● Conduct watch officer duties in SOC environment, while also monitoring environment via SIEM such as Splunk.
● Conduct Threat and Malware analysis on suspicious files and systems
● Conduct assessments of threats and vulnerabilities via DISA STIGs and Nessus application.
● Provide detailed analysis reports to leadership regarding possible threats and/or incidents.
● Create defensive measures and information collected from a variety of sources to identify, analyze, and
report events that occur or potentially may occur in the future
2021 : 2023
DISA
CND Analyst (Army Reservist)
● Develop Policies, procedures, and standard operating procedures using Risk Management Framework.
● Identified Security requirements for connected and non-connected systems and unclassified and Classified systems.
● Experienced with using Enterprise Mission Assurance Support Service (eMASS), Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP), Assured Compliance Assessment Solution (ACAS), Ports, Protocols and Services Matrix, Vulnerability Remediation Asset Manager (VRAM), and Host-Based Security System.
● Created POA&M to identify task to be completed for security controls.
● Support the performance of ongoing measurement, monitoring, and evaluation of Third-Party Information security risk.
● Monitoring of computing platform compliance with security policies and directives.
2021 : 2022
Booz Allen Hamilton
Information System Security Officer
Skills
ACAS, Access Controls, ATO , Cloud Data Security, Cloud Security Operations, Computer Networking, Computer Security, Cybersecurity, Cybersecurity Incident Response, Data Analysis, Docker Products, Ethical Hacking, Hardening, Incident Response and Recovery, Information Assurance, Information Security, Information Technology, Kali Linux, Leadership Development, Legal, Risk and Compliance, Management, Network Administration, Network and Communications Security, Networking, Network Operations Center (NOC), Network Security, NIST, NIST 800-53, PAO&M, Physical Security, Public Speaking, Risk Management, RMF, SCAP, Security Information and Event Management (SIEM), Security Operations, Security Operations and Administration, Security Testing, Servers, Software Installation, Splunk, STIG, Teamwork, Technical Support, Tenable Nessus, Threat & Vulnerability Management, Troubleshooting, Windows
About
A seasoned cybersecurity engineer, I bring over a decade of experience across civilian and military information systems. My professional journey has seen me excel in roles from Network Operations Technician to my current position as a Senior Cybersecurity Engineer, consistently demonstrating leadership in IT configurations, technical support, and information assurance.
My expertise spans multiple areas of cybersecurity including vulnerability scanning, intrusion detection, and governance, risk, and compliance (GRC) tools. I am highly proficient in NIST 800-53 controls and the Risk Management Framework process, and I have a solid background in using tools like Nessus/ACAS, eMASS, and STIG Viewer/SCAP.
In my current role at Cybernet Systems Solutions, I architect and enforce administrative security controls policies and procedures in line with NIST 800-53, conduct vulnerability testing and risk analyses, and handle RMF steps to secure system Authority to Operate (ATO) and Authority to Connect (ATC). Prior to this, as an Information Security Systems Officer at Booz Allen Hamilton, I formulated policies and procedures using Risk Management Framework and evaluated Third-Party Information security risk through ongoing measurement, monitoring, and evaluation.
I also proudly served as a Computer Network Defense Analyst in the Army Reserves where I executed watch officer duties in a Security Operations Center (SOC) environment and conducted threat and vulnerability assessments using DISA STIGs and Nessus application.
I hold a Bachelor's degree in Cyber Security and Information Assurance and an Associate degree in Cyber Security/Digital Forensics. My commitment to continuous learning is reflected in my numerous certifications including CompTIA A+, Network+, Security+, Certified Ethical Hacker, System Security Certified Practitioner (SSCP), Certified Information Systems Security Professional (CISSP), and Certified Information Security Manager (CISM).
My goal is to continue leveraging my skills and experiences to protect and secure valuable information systems. I am always eager to collaborate with other professionals in the field and contribute to the larger cybersecurity community.
Profile Photo
