Profiles search
Kenya George
Security Control Assessor-Representative (Cybersecurity Engineer) at STG Inc.
Sierra Vista, AZ, United States
Details
Education:
Master of Business Administration (M.B.A.)
Management Information Systems, General
Wayland Baptist University
2014 :
Bachelor’s Degree
Computer Information Systems
Wayland Baptist University
2011 :
Management Information Systems, General
Wayland Baptist University
2014 :
Bachelor’s Degree
Computer Information Systems
Wayland Baptist University
2011 :
Experience:
2014 : Present
STG Inc.
Security Control Assessor-Representative (Cybersecurity Engineer) Team Lead
• Applied STIGs to software intelligence system applications and Operating Systems to ensure compliance.
• Ran network and system scans, including Retina, Nessus, and Security Content Automation Protocol (SCAP) to analyze and resolve potential system vulnerabilities, before intruders could use identified weaknesses against organization deploying the intelligence system.
• Provided detail information on tools used to scan the system, the vulnerabilities found, and potential risk to the systems.
• Assisted the Information Systems Security Manager (ISSM) in securing a repository prior to closed area and systems accreditation.
• Verified that the latest software releases implemented system security.
• Utilized system’s Security Classification Guide (SCG) to determine classification of documents.
2014 : 2014
Engility Corporation
Information Security Engineer
• Provided Information Assurance (IA) support, assessed systems security risks, and verified system security requirements for information systems and applications in support of the Joint Interoperability Test Command (JITC).
• Evaluated a wide array of IT devices for Security Technical Implementation Guide (STIG) compliance using Nessus, SCAP Compliance Checker, and manual checklist reviews. This includes Windows, Solaris, and Red Hat Linux servers and desktops, routers, switches, firewalls, etc.
• Conducted IA vulnerability testing/security analysis on voice, video, and data systems.
• Documented test findings and results in the form of an assessment report, which included Risk Assessment and Vulnerability Analysis that were used for the system accreditation.
• Performed detailed security assessments to include working to provide Security Technical Implementation Guide (STIG) testing and Security Requirement Guide (SRG).
• Hosted status meetings with government auction officers, vendors, and Field Security Officers (FSOs) to discuss threats and vulnerabilities that affected the information systems tested.
• Performed IP vulnerability test and evaluation using DoD approved vulnerability scanning tools.
• Gave detailed information on vulnerability tools and penetration testing tools used and the vulnerabilities found with associated risk level when information systems were scanned.
• Verified security requirements and performed the Defense Information Assurance Certification and Accreditation Process (DIACAP) testing.
• Reviewed the Plan of Action and Milestone (POA&M) to ensure that proper mitigations were in place to reduce risk and that milestones were realistic and achievable.
2010 : 2014
TASC, Inc.
Information Assurance Test Engineer
STG Inc.
Security Control Assessor-Representative (Cybersecurity Engineer) Team Lead
• Applied STIGs to software intelligence system applications and Operating Systems to ensure compliance.
• Ran network and system scans, including Retina, Nessus, and Security Content Automation Protocol (SCAP) to analyze and resolve potential system vulnerabilities, before intruders could use identified weaknesses against organization deploying the intelligence system.
• Provided detail information on tools used to scan the system, the vulnerabilities found, and potential risk to the systems.
• Assisted the Information Systems Security Manager (ISSM) in securing a repository prior to closed area and systems accreditation.
• Verified that the latest software releases implemented system security.
• Utilized system’s Security Classification Guide (SCG) to determine classification of documents.
2014 : 2014
Engility Corporation
Information Security Engineer
• Provided Information Assurance (IA) support, assessed systems security risks, and verified system security requirements for information systems and applications in support of the Joint Interoperability Test Command (JITC).
• Evaluated a wide array of IT devices for Security Technical Implementation Guide (STIG) compliance using Nessus, SCAP Compliance Checker, and manual checklist reviews. This includes Windows, Solaris, and Red Hat Linux servers and desktops, routers, switches, firewalls, etc.
• Conducted IA vulnerability testing/security analysis on voice, video, and data systems.
• Documented test findings and results in the form of an assessment report, which included Risk Assessment and Vulnerability Analysis that were used for the system accreditation.
• Performed detailed security assessments to include working to provide Security Technical Implementation Guide (STIG) testing and Security Requirement Guide (SRG).
• Hosted status meetings with government auction officers, vendors, and Field Security Officers (FSOs) to discuss threats and vulnerabilities that affected the information systems tested.
• Performed IP vulnerability test and evaluation using DoD approved vulnerability scanning tools.
• Gave detailed information on vulnerability tools and penetration testing tools used and the vulnerabilities found with associated risk level when information systems were scanned.
• Verified security requirements and performed the Defense Information Assurance Certification and Accreditation Process (DIACAP) testing.
• Reviewed the Plan of Action and Milestone (POA&M) to ensure that proper mitigations were in place to reduce risk and that milestones were realistic and achievable.
2010 : 2014
TASC, Inc.
Information Assurance Test Engineer
Company:
STG Inc.
Years of Experience:
13
Skills
CISSP, CompTIA CASP, CompTIA Security+, Computer Security, Defense, DoD, GWAPT, Information Assurance, Information Security, Integration, Leadership, Military, Military Experience, Military Operations, Program Management, Security, Security Clearance, Testing, Troubleshooting, U.S. Department of Defense
Profile Photo
