Profiles search
Clarence Campbell
CISSP, Information Security Specialist at Austin, TX
Pflugerville, TX, United States
Details
Experience:
2014 : Present
Austin, TX
Information Security Specialist
2013 : 2014
Texas Department of Licensing and Regulation
Information Security Officer
Performs / Conducts :
•Planning, analysis, development, implementation, enhancements, review and maintenance of Information Systems security program policies and procedures for the Information Assurance of networks and data including over 350 servers and 800 workstations for the Veterans Affairs Financial Services Data Center.
•Network vulnerability scanning and analysis utilizing Tenable Nessus Security Center.
•System configuration and vulnerability patching compliance analysis and reporting.
•System administration of the Tenable Nessus Security Center.
•McAfee Virus Scan Enterprise and Host Intrusion Prevention endpoint deployments and policy administration support using McAfee ePolicy Orchestrator.
•Configuration Management compliance monitoring and reporting utilizing IBM Tivoli Big Fix
•Auditing/reporting of end user web activity utilizing Trustwave M86 Web Filtering and Reporting tool
•Development, updates and enhancements of System Security Plans (SSP) for planned and existing information systems
•Development and tailoring of security controls in accordance with NIST standards and Veterans Affairs (VA) policies.
•Plans, prepares and conducts Information System Security Control Assessments (SCA) for effectiveness of security control implementation to include FISMA audits and Payment Card Industry (PCI) Self Assessments
•Preparation for Information System Certification and Authorization (C&A) activities for Authority to Operate (ATO).
•Interacts with System Administrators, Developers, System Analysts, Enterprise Architects, vendors, managers, staff and stakeholders in all phases of the Software Development Lifecycle (SDLC).
•Maintains Plan of Action and Milestone’s (POAM).
•The Information Security Officer’s (ISO) lead advisor for Technical, Managerial and Operation security control implementation and compliance reporting; including compensating security control identification and recommendation
•Incident Response support to the ISO
2012 : 2013
Austin, TX Veteran Affairs FSC - Kforce Government Solutions
Cyber Security Analyst
•Lead Security Engineer of a US Army Windows based system that utilizes an Oracle Database and a custom developed application.
•Responsible for Information Security IAW the Department of Defense (DoD) Information Assurance Certification and Accredidation Program (DIACAP), DoD Directive (DoDD) 8500.1, DoD Instruction (DoDI) 8500.2, U.S. Army Information Assurance Best Business Practices, DoD Information Security Agency Secure Technical Implementation Guides (DISA STIGS), and the US Government Configuration Baseline (USGCB) standards for over 22,000 systems worldwide
•Develops and Updates DIACAP documents including, Continuity of Operations Plans / Contingency Plans,Plan of Action and Milestones (POAM), baseline configuration documents, Incident Response Plans and System Security Plans
•Develops and updates System Security Group Policies and performs security hardening to include Security Templates, Group Policies, registry keys, manual system hardening instructions and security patch deployment
•Scans and interprets system vulnerability scans utilizing DISA STIG Secure Readiness Reviews (SRR), DISA Gold Disk Platinum standard and RETINA vulnerability scanners utilizing the Secure Content Automation Protocol (SCAP)
•Develops and executes IA testing and validation strategies to confirm system software security hardening
•Provides Information Assurance guidance to the Program Manager and resolves complex technical implementations of IA procedures
•Performs software security patch management for over 22,000 US Army systems
•Maintains Configuration Management compliance with coordination and planning of Configuration Control Boards for all Information Assurance actions
•Supports and participates in C&A audits to achieve Certification of Net-worthiness (CoN) and Authority to Operate (ATO)
•Developed and implemented over 250 security hardening policies, in a 1 year period, instrumental in achieving a 3 year ATO and CoN, a first ever for the department
2008 : 2012
McLane Advanced Technologies
Security Engineer
Austin, TX
Information Security Specialist
2013 : 2014
Texas Department of Licensing and Regulation
Information Security Officer
Performs / Conducts :
•Planning, analysis, development, implementation, enhancements, review and maintenance of Information Systems security program policies and procedures for the Information Assurance of networks and data including over 350 servers and 800 workstations for the Veterans Affairs Financial Services Data Center.
•Network vulnerability scanning and analysis utilizing Tenable Nessus Security Center.
•System configuration and vulnerability patching compliance analysis and reporting.
•System administration of the Tenable Nessus Security Center.
•McAfee Virus Scan Enterprise and Host Intrusion Prevention endpoint deployments and policy administration support using McAfee ePolicy Orchestrator.
•Configuration Management compliance monitoring and reporting utilizing IBM Tivoli Big Fix
•Auditing/reporting of end user web activity utilizing Trustwave M86 Web Filtering and Reporting tool
•Development, updates and enhancements of System Security Plans (SSP) for planned and existing information systems
•Development and tailoring of security controls in accordance with NIST standards and Veterans Affairs (VA) policies.
•Plans, prepares and conducts Information System Security Control Assessments (SCA) for effectiveness of security control implementation to include FISMA audits and Payment Card Industry (PCI) Self Assessments
•Preparation for Information System Certification and Authorization (C&A) activities for Authority to Operate (ATO).
•Interacts with System Administrators, Developers, System Analysts, Enterprise Architects, vendors, managers, staff and stakeholders in all phases of the Software Development Lifecycle (SDLC).
•Maintains Plan of Action and Milestone’s (POAM).
•The Information Security Officer’s (ISO) lead advisor for Technical, Managerial and Operation security control implementation and compliance reporting; including compensating security control identification and recommendation
•Incident Response support to the ISO
2012 : 2013
Austin, TX Veteran Affairs FSC - Kforce Government Solutions
Cyber Security Analyst
•Lead Security Engineer of a US Army Windows based system that utilizes an Oracle Database and a custom developed application.
•Responsible for Information Security IAW the Department of Defense (DoD) Information Assurance Certification and Accredidation Program (DIACAP), DoD Directive (DoDD) 8500.1, DoD Instruction (DoDI) 8500.2, U.S. Army Information Assurance Best Business Practices, DoD Information Security Agency Secure Technical Implementation Guides (DISA STIGS), and the US Government Configuration Baseline (USGCB) standards for over 22,000 systems worldwide
•Develops and Updates DIACAP documents including, Continuity of Operations Plans / Contingency Plans,Plan of Action and Milestones (POAM), baseline configuration documents, Incident Response Plans and System Security Plans
•Develops and updates System Security Group Policies and performs security hardening to include Security Templates, Group Policies, registry keys, manual system hardening instructions and security patch deployment
•Scans and interprets system vulnerability scans utilizing DISA STIG Secure Readiness Reviews (SRR), DISA Gold Disk Platinum standard and RETINA vulnerability scanners utilizing the Secure Content Automation Protocol (SCAP)
•Develops and executes IA testing and validation strategies to confirm system software security hardening
•Provides Information Assurance guidance to the Program Manager and resolves complex technical implementations of IA procedures
•Performs software security patch management for over 22,000 US Army systems
•Maintains Configuration Management compliance with coordination and planning of Configuration Control Boards for all Information Assurance actions
•Supports and participates in C&A audits to achieve Certification of Net-worthiness (CoN) and Authority to Operate (ATO)
•Developed and implemented over 250 security hardening policies, in a 1 year period, instrumental in achieving a 3 year ATO and CoN, a first ever for the department
2008 : 2012
McLane Advanced Technologies
Security Engineer
Company:
Austin, TX
About
Over 15 years experience in Cybersecurity and 10 years experience in the development of Cybersecurity programs at the Federal, State and Local Government level including Governance, Risk and Compliance (GRC) , Cybersecurity Incident Response, Vulnerability Management, Vendor Risk Management, Security Assessments, Risk Assessments and Risk Remediation/Mitigation planning, identification and recommendation for Cybersecurity vendor solutions and services.
Over 15 years experience in Information Technology.
Strong depth of knowledge and experience with the National Institute of Standards and Technologies (NIST) Risk Management Framework (RMF).
Certifications:
Certified Information System Security Professional (CISSP)
Security Plus (CompTIA Security +)
Network Plus (CompTIA Network +)
Microsoft Certified Professional
Microsoft Certified Desktop Support Technician
Certified Technical Trainer Plus (CompTIA CTT+)
A+ Computer Repair Technician (CompTIA A+)
Profile Photo
