Dan Yarger
Details
Telecommunications Management
Illinois State University
2002 : 2008
Currently work with industry tools such as Metasploit, Nessus, IEF, Qualys, performing Vulnerability analysis, Risk Assessments, Forensic Investigations, Penetration tests, GAP Analysis(NIST, CJIS, HIPAA, GLBA). In addition I have experience in PCI ROCs, and ASV testing.
Current Certifications : CISSP, CAP, Security+, QSA.
2016 : Present
Parameter Security
Director of Information Security Assessment Services
• Perform Penetration test and Vulnerability assessment to clients of different size organizations
• Perform Remote and in person Social Engineering for clients to test employee response to different situations
• Assist in IT forensic investigations and incident response for clients when customers believe that their systems have been breached by an unauthorized source
• Complete Policy audits using different standards such as HIPPA, GLBA, and NIST800
• Created courseware for Certified Information System Security Professional (CISSP)
• Ensured smooth operation of ShowMeCon a 600 person IT hacking conference
2014 : 2016
Parameter Security
Information Security Consultant
Information Security Analyst at Bradford & Galt working for the Federal Reserve Bank of St. Louis. Current duties include preparing certiification and accrediation and lifecycle documentation for the Video Survailance system that has been installed in 20 locations accross the country. As part of this position in am researching and implementing change managment documentation and full security documentation for this system. Several Standards that I am working with are SAFR, NIST, PCI, HIPPA. I am also responsible for Certification and Accrediation documentation for the Physical Access Security System at the St. Louis Federal Reserve Bank.
2013 : 2014
Bradford & Galt
Information Security Analyst
• Created security documentation (System Security Plan (SSP) Continuity of Operations Plan
(CONOPS)) to be used for the Air Force Network Integration Center Testing network.
• Designed Disaster Recovery Plan for the testing network
• Worked with executive leadership to ensure security documentation met organizational goals and objectives
• Achieved Executive level signoff on security documentation within established timelines
2013 : 2013
Dynamics Research Corporation
IA Security Engineer
• Performed the network risk audit and analyses allowing for the implementation of iPad devices for Air Force air crew users saving 5.61 million dollars a year
o This evaluation was performed on a tight timeline. Due to the need and deadlines on
• Reduced customer backlog of work by 40% by streamlining feedback to the customer and
increasing interaction among different groups by implementing new techniques and procedures
facilitating faster communication
• Analyzed actual and potential cyber security problems for Air Force Network Integration Center
recommending modifications and solutions to address upcoming and ongoing cyber security
risks
• Performed network assurance analysis for Air Force Enterprise systems
• Attended customer meetings and conferences as a subject matter expert to work with different
system stake holders for complex network assurance problems this project discretionary decisions were made to show the real risk to the network
• Developed new process for returning audit results cutting approval time by 72%
o Improved processes were developed implementing triage to incoming work and looking for key security documentation. If documentation was not present systems were returned for rework with only high-level comments and review. If full documentation was provided detailed reports were sent back
• Led and directed projects performed by 10 team members
• Reviewed executive level briefs prepared by team members for quality and technical content
• Provided guidance to team members on proper escalation procedures for escalation issues to
key government stakeholders
• Ensured systems and networks meet regulatory requirements (DIACAP, DITSCAP, FISMA, and
HIPPA)
• Escalated issues needing management buy in and acceptance before implementing management determined courses of action.
2012 : 2013
Pragmatics, Inc.
Sr. IA Analyst
Skills
Air Force, CISSP, Compliance PCI, Computer Security, Data Center, Defense, DIACAP, Digital Forensics, Disaster Recovery, DoD, Incident Response, Information Assurance, Information Security, Information Technology, Management, Military, Networking, Network Security, NIST, Payment Card Industry Data Security Standard (PCI DSS), Penetration Testing, Security, Security+, Security Audits, Security Clearance, Testing, Troubleshooting, U.S. Department of Defense, U.S. Department of Defense Information Assurance Certification and Accreditation Process (DIACAP), U.S. Health Insurance Portability and Accountability Act (HIPAA), Vulnerability Assessment, Vulnerability Management
About
EVERY BUSINESS IS DIFFERENT.
SO IS EVERY RISK.
Parameter Security partners with clients to assess their security posture, security programs, employee preparedness, and governance policies and procedures that can preemptively deter information security threats. Other companies hire Parameter Security after an incident to determine the level of exposure and help minimize further risk to technology, data, and company reputation. Defining security parameters empowers businesses to handle risks with a dependable partner so they are never alone.
Currently, we provide Digital Forensics and Information Security to small to medium-sized businesses around the country. We proactively help customers identify if and where their network has been compromised and provide steps for remediation. Proven record of providing security audits for employers leveraging industry best practices and requirements (DIACAP, NIST, SAFR, PCI-DSS, HIPPA.)
To learn more about Parameter Security visit: https://www.parametersecurity.com/
Profile Photo
