Profiles search
Derrick Spooner
Cybersecurity Researcher at CERT
Pittsburgh, PA, United States
Details
Education:
MS
Information Security Policy and Management
Carnegie Mellon University
2008 : 2010
BA
Information Technology Leadership
Washington & Jefferson College
2004 : 2008
Information Security Policy and Management
Carnegie Mellon University
2008 : 2010
BA
Information Technology Leadership
Washington & Jefferson College
2004 : 2008
Experience:
2020 : Present
Carnegie Mellon University - Heinz College of Information Systems and Public Policy
Instructor - NoSQL Database Management
I am currently a cybersecurity researcher on the Insider Threat team at CERT. The Insider Threat Center focuses on insider threat research, threat analysis and modeling, assessments, and training. In this position I :
-Manage the infrastructure, software/hardware configuration, and operations of several research and development network enclaves.
-Served as a technical lead for a project to create a secure web portal for the Insider Threat case management system.
-Created several immersive insider threat exercises using an internally developed platform and delivered the exercises to customers and at conferences.
-Was responsible for architecting several internal SharePoint pages to support business process workflows and enforce strict access controls.
-Served as a technical infrastructure manager and subject matter expert for a customer's security assessment product. In this role I interacted with internal and customer IT security departments to secure and provision the on-site assessment systems.
-Took over the design, management, implementation, and security of the two internal Insider Threat case management systems (Access 2007/2010), and migrated the systems to Microsoft SQL Server 2008 R2 (and later 2012). I designed and implemented a case coding queue for the system using Microsoft SharePoint 2007/2010. I also served as an advisor and mentor for graduate student interns who used the system.
2010 :
CERT
Cybersecurity Researcher
As a Graduate Student Researcher on the Insider Threat Team at CERT I :
-Assisted with the design, management and implementation of two internal Insider Threat case management systems that utilized Microsoft Access (2007 and later 2010).
-Conducted research on public cases of insider Sabotage, Fraud, Theft of Intellectual Property and Espionage and recorded them in an internal case management system.
-Performed and provided data queries, analysis, presentation on the Insider Threat cases contained in our case management system for research papers, customer deliverables and educational/awareness training courses.
-Developed an employee training tracking system in Microsoft Access 2003 and an associated SharePoint site.
2009 : 2010
CERT
Graduate Student Researcher
Provided troubleshooting and support for employee computers and hardware
Implemented and oversaw tape backup system
Migrated users from Microsoft Office 03 to 07 and conducted training session to educate them on interface changes
2008 : 2008
Nucor Wire Products Pennsylvania
Information Technology Intern
-Served as the first point of contact for the department by providing phone support to students and college employees
-Entered and maintained records in the helpdesk ticket system
-Maintained helpdesk documentation in Confluence (enterprise wiki software)
-Provided technical troubleshooting on site as well as by telephone and e-mail
-Responsible for assembling and overseeing various multimedia setups for on campus presentations
2006 : 2008
Washington & Jefferson College
Helpdesk Technician
Carnegie Mellon University - Heinz College of Information Systems and Public Policy
Instructor - NoSQL Database Management
I am currently a cybersecurity researcher on the Insider Threat team at CERT. The Insider Threat Center focuses on insider threat research, threat analysis and modeling, assessments, and training. In this position I :
-Manage the infrastructure, software/hardware configuration, and operations of several research and development network enclaves.
-Served as a technical lead for a project to create a secure web portal for the Insider Threat case management system.
-Created several immersive insider threat exercises using an internally developed platform and delivered the exercises to customers and at conferences.
-Was responsible for architecting several internal SharePoint pages to support business process workflows and enforce strict access controls.
-Served as a technical infrastructure manager and subject matter expert for a customer's security assessment product. In this role I interacted with internal and customer IT security departments to secure and provision the on-site assessment systems.
-Took over the design, management, implementation, and security of the two internal Insider Threat case management systems (Access 2007/2010), and migrated the systems to Microsoft SQL Server 2008 R2 (and later 2012). I designed and implemented a case coding queue for the system using Microsoft SharePoint 2007/2010. I also served as an advisor and mentor for graduate student interns who used the system.
2010 :
CERT
Cybersecurity Researcher
As a Graduate Student Researcher on the Insider Threat Team at CERT I :
-Assisted with the design, management and implementation of two internal Insider Threat case management systems that utilized Microsoft Access (2007 and later 2010).
-Conducted research on public cases of insider Sabotage, Fraud, Theft of Intellectual Property and Espionage and recorded them in an internal case management system.
-Performed and provided data queries, analysis, presentation on the Insider Threat cases contained in our case management system for research papers, customer deliverables and educational/awareness training courses.
-Developed an employee training tracking system in Microsoft Access 2003 and an associated SharePoint site.
2009 : 2010
CERT
Graduate Student Researcher
Provided troubleshooting and support for employee computers and hardware
Implemented and oversaw tape backup system
Migrated users from Microsoft Office 03 to 07 and conducted training session to educate them on interface changes
2008 : 2008
Nucor Wire Products Pennsylvania
Information Technology Intern
-Served as the first point of contact for the department by providing phone support to students and college employees
-Entered and maintained records in the helpdesk ticket system
-Maintained helpdesk documentation in Confluence (enterprise wiki software)
-Provided technical troubleshooting on site as well as by telephone and e-mail
-Responsible for assembling and overseeing various multimedia setups for on campus presentations
2006 : 2008
Washington & Jefferson College
Helpdesk Technician
Company:
Carnegie Mellon University - Heinz College of Information Systems and Public Policy
Years of Experience:
19
Skills
Access, Active Directory, ArcSight, Cisco ASA, Cisco IOS, Computer Security, Database Administration, Information Assurance, Information Security, Information Security Analysis, Information Security Policy, Information Technology, Insider Threat, Juniper Switches, Linux, Microsoft SQL Server, MySQL, Nessus, NetApp Filers, Network Security, Security, SharePoint, System Center Configuration Manager (SCCM), Technical Support, Virtualization, VMware, Vulnerability Assessment, Windows
About
Specialties: Information Security Analysis, Database Administration, Insider Threat, Information Security Tools and Infrastructure Engineering
Profile Photo
