Profiles search
Derick D.
Information Security Leader | MPS Cybersecurity | CISSP
Orlando, FL, United States
Details
Education:
Master of Professional Studies
Cybersecurity Analytics & Operations
Penn State University
2020 : 2022
Postbaccalaureate Certificate
Information Systems Cybersecurity
Penn State University
Bachelor of Science (B.S.)
Computer Science
William Paterson University of New Jersey
Cybersecurity Analytics & Operations
Penn State University
2020 : 2022
Postbaccalaureate Certificate
Information Systems Cybersecurity
Penn State University
Bachelor of Science (B.S.)
Computer Science
William Paterson University of New Jersey
Experience:
2022 : Present
The Nu-Age Group
Director of Information Security
• Global 24x7 SOC team lead and lead incident responder to ensure compliance to SLA's, adherence to processes, and continuous improvement of operational objectives.
• Lead design and implementation of security response automation, threat hunting activities based on emerging, behaviors, IOCs or vulnerabilities, and in-depth analysis and triage of threat activity covering over 5,000 assets.
• Engage with a global team of developers, engineers, and architects in the security requirements definition and risk assessment (including analysis of threats and risks and Architecture standards) for internal and public Cloud usage.
• Guide and advise internal and external customers on a broad range of specific security controls and Information Security programs, policies, standards, and incidents.
• Assist Security Architects with the development of repeatable architectural patterns working with internal and external customers in operational readiness reviews to ensure that systems are placed within the relevant security zones based on the data they house and their purpose.
• Provide mentorship, leadership, and subject matter expertise to other team members to address advanced threats and/or security issues, including developing and executing on remediation, detection, and prevention.
2019 : 2022
Cubic Transportation Systems
Senior Information Security Analyst
• Provide analysis and trending of security log data from production systems around the globe.
• Provide Incident Response support when analysis confirms actionable incident.
• Provide threat and vulnerability analysis as well as security advisory services to the IT Operations team
• Analyze and respond to newly identified security vulnerabilities within Windows/Linux environments
• Investigate, document, and report on information security issues and emerging trends.
• Analyze and review escalated cases until closure; including investigating and recommending appropriate corrective actions for data security incidents; and communicating with the appropriate staff responsible or taking corrective actions.
• Assist in the assessment of technical security control implementation and validation of correct operation of monitoring tool set.
• Verify systems and processes continue to comply with internal policies and standards to ensure compliance with SOX, ISO 27001, and PCI DSS.
• Coordinate with the Internal/External Auditors, penetration testers and IT Operations teams to successfully complete periodic audits.
• Review existing processes and identify opportunities for improvement.
2017 : 2019
Cubic Transportation Systems
Information Security Analyst
• Assisted with the implementation and continuous monitoring of FISMA and NIST 800-53 controls across the entire Engineering Services contract at Kennedy Space Center totaling over 600 assets.
• Supported all ESC Continuous Monitoring activities including Risk Assessment and Contingency Plan testing.
• Scanned, assessed, and remediated vulnerabilities with McAfee Foundstone Vulnerability Scanner.
• Reviewed Audit and Authentication logs for anomalies and potential risks.
• Planned and coordinated the Patch Vulnerability Group (PVG) meeting activities (announcements, agenda, actions items, etc.).
• Analyzed monthly vulnerability scan data, removed exceptions/false-positives, and produced weekly reports and charts for PVG meetings.
• Performed monthly Plan of Action & Milestones (POA&M) updates and KATS actions with compliance status reports to senior leadership.
2015 : 2017
a.i. solutions
IT Security Administrator
Responsible for providing a central source of support and administration for all servers, systems and of information technology resources on a 24x7 NOC team.
2014 : 2015
Nu Age Managed Services
Network Operations Center (NOC) Engineer
The Nu-Age Group
Director of Information Security
• Global 24x7 SOC team lead and lead incident responder to ensure compliance to SLA's, adherence to processes, and continuous improvement of operational objectives.
• Lead design and implementation of security response automation, threat hunting activities based on emerging, behaviors, IOCs or vulnerabilities, and in-depth analysis and triage of threat activity covering over 5,000 assets.
• Engage with a global team of developers, engineers, and architects in the security requirements definition and risk assessment (including analysis of threats and risks and Architecture standards) for internal and public Cloud usage.
• Guide and advise internal and external customers on a broad range of specific security controls and Information Security programs, policies, standards, and incidents.
• Assist Security Architects with the development of repeatable architectural patterns working with internal and external customers in operational readiness reviews to ensure that systems are placed within the relevant security zones based on the data they house and their purpose.
• Provide mentorship, leadership, and subject matter expertise to other team members to address advanced threats and/or security issues, including developing and executing on remediation, detection, and prevention.
2019 : 2022
Cubic Transportation Systems
Senior Information Security Analyst
• Provide analysis and trending of security log data from production systems around the globe.
• Provide Incident Response support when analysis confirms actionable incident.
• Provide threat and vulnerability analysis as well as security advisory services to the IT Operations team
• Analyze and respond to newly identified security vulnerabilities within Windows/Linux environments
• Investigate, document, and report on information security issues and emerging trends.
• Analyze and review escalated cases until closure; including investigating and recommending appropriate corrective actions for data security incidents; and communicating with the appropriate staff responsible or taking corrective actions.
• Assist in the assessment of technical security control implementation and validation of correct operation of monitoring tool set.
• Verify systems and processes continue to comply with internal policies and standards to ensure compliance with SOX, ISO 27001, and PCI DSS.
• Coordinate with the Internal/External Auditors, penetration testers and IT Operations teams to successfully complete periodic audits.
• Review existing processes and identify opportunities for improvement.
2017 : 2019
Cubic Transportation Systems
Information Security Analyst
• Assisted with the implementation and continuous monitoring of FISMA and NIST 800-53 controls across the entire Engineering Services contract at Kennedy Space Center totaling over 600 assets.
• Supported all ESC Continuous Monitoring activities including Risk Assessment and Contingency Plan testing.
• Scanned, assessed, and remediated vulnerabilities with McAfee Foundstone Vulnerability Scanner.
• Reviewed Audit and Authentication logs for anomalies and potential risks.
• Planned and coordinated the Patch Vulnerability Group (PVG) meeting activities (announcements, agenda, actions items, etc.).
• Analyzed monthly vulnerability scan data, removed exceptions/false-positives, and produced weekly reports and charts for PVG meetings.
• Performed monthly Plan of Action & Milestones (POA&M) updates and KATS actions with compliance status reports to senior leadership.
2015 : 2017
a.i. solutions
IT Security Administrator
Responsible for providing a central source of support and administration for all servers, systems and of information technology resources on a 24x7 NOC team.
2014 : 2015
Nu Age Managed Services
Network Operations Center (NOC) Engineer
Company:
The Nu-Age Group
Years of Experience:
10
Spoken Language:
English, Spanish
Skills
Carbon Black, Computer Security, Crowdstrike Falcon, Cybersecurity, Data Center, Firewalls, HTML, IBM QRadar, Imperva, Incident Response, Information Security, Information Security Management, ISO 27001, Java, McAfee, Metasploit, Microsoft Azure, Microsoft SQL Server, Networking, Network Security, Nmap, Penetration Testing, PRTG, Python (Programming Language), Security, Security Information and Event Management (SIEM), Splunk, System Administration, Tenable Nessus, Threat & Vulnerability Management, Tripwire Enterprise, Troubleshooting, Vulnerability Assessment, Vulnerability Management, Windows Server, Wireshark, Microsoft Office, Time Management, Computer Hardware, Customer Service, PowerPoint, Computer Repair, CSS, C, OS X, Microsoft Excel, Cyber-security, PHP, Public Relations, Microsoft Word, Servers, microsoft outlook, Access, Outlook, Research, Project Management, Teamwork, Leadership, Unix
About
Experienced Information Security professional with a demonstrated history of working in the MSSP, aerospace, and transportation industries.
Profile Photo
