Kurt Gebhardt, CISSP
Details
Organizational Leadership/Executive Management
Regis University
2003 : 2006
Bachelor of Science - BS
Computer Information Systems Management
Colorado Christian University
1996 : 1998
United States Air Force
Chief of CyberSecurity for 2 SOPS
• Designed, procured and implemented multiple classified systems for RMF process enactment
• Responsible for ensuring the IT team completes tasks according to JSIG/ICD-503/NIST SP 800-53
• Developed CONOPs for multiple classified systems according to customer needs
• Responsible for all A&A activities of local networks from conception to authorization (ATO)
• Reviews and updates POA&Ms for local systems according to AO/DAO requirements
• Developed and maintains multiple SOPs according the JSIG, NIST & ICD-503 requirements; IA SOP, CM Plan, AFT/MP SOP, cybersecurity IR Plan, CCB SOP, privileged/general user guides
• Responsible to the SCIF/SAPF PSO for controlling all IT equipment movements
• Created and implemented CCB processes separate networks; ensuring security-relevant changes were reviewed by all stakeholders and approval obtained from appropriate authorities
• Manages requirements to complete system vulnerability/compliance scanning, AV updating, software patching, and the archiving of event logs for multiple classified systems
• Developed and reviewed vulnerability & mitigation scan report for multiple classified systems
• Manages and completes requirements for all systems to ensure specific controls are monitored, tested, documented, and reported to the AO/DAO proving compliance and viability
• Responsible for initiating protective/corrective actions for cybersecurity incidents/vulnerabilities
• Trains data transfer agents regarding AFT procedures/program according to JSIG/ICD-503 req’mts
• Provided SME input for the Cybersecurity Maturity Model Certification (CMMC) transition
• Readied corporate network for CMMC accreditation; all controls applied; documentation created
• Media custodian responsible for control within the SCIF/SAPF & transport; ensures proper logging
• Appointed as the trusted agent for multiple TS/SCI-level and TS/SAP-level networks
• Ensures all systems are maintained according to internal/external security policies and practices
2018 : 2021
Cosmic Advanced Engineered Solutions
Information System Security Manager/CyberSecurity Manager
• Processed multiple classified systems through Risk Management Framework (RMF) receiving approvals to operate (ATO)
• Developed CONOPs for multiple classified systems according to customer needs
• Coordinated the procurement, delivery and establishment of $1 million+ in IT equipment
• Responsible physical security officer in SCIFs/SAPFs; controlling all IT equipment movement
• ISSO lead responsible for ensuring the IT team completes all tasks according to JSIG)
• Responsible for all A&A activities of six local networks, from conception to authorization
• Reviews and updates POA&Ms for six systems according to AO requirements
• Created and implemented a configuration control board (CCB) process for each system ensuring all security-relevant changes are reviewed by all stakeholders
• Developed and maintains a IA-AIS SOP (Master SSP) covering all policies/ procedures for all systems; ensuring compliance with the system specific SSPs according to the JSIG
• Manages requirements to complete system vulnerability scanning, Anti-Virus updating, software patching, and the archiving of audit logs for multiple classified systems according to systems SSP
• Appointed as the trusted agent for six different SCI and SAP level networks
• Ensures all systems are maintained according to internal/external security policies and practices
• Manages and completes the requirements for all systems to ensure specific controls are monitored, tested, documented and reported to the approving officer (AO) proving compliance and viability
• Information Assurance Officer responsible for initiating protective and corrective measures when a security incident or vulnerability is discovered
• Created and trains agents regarding assured file transfer procedures/program according to JSIG
• Media custodian responsible for media entering/leaving the SCIF/SAPF; ensures inspection/ logging
• Verifies access to local SCI/SAP networks using Scattered Castles and JADE
2015 : 2018
MANTECH
Information System Security Manager
• Responsible for maintaining KM network architecture consisting of multiple VMs running MS 2K8-R2 hosted on 5 ESXi’s utilizing VMWare 5.0 residing on SAN; monitored system health/event logs
• Supported KM current operations by creating/updating user accounts, provisioning device information and providing customer outreach support
• Ensured all necessary individuals had network access and appropriate rights to for specific mission accomplishment; accounts are approved prior to access by MMC IAO
• Assisted MMC IAO network scans; reviewed and mitigated results, configured necessary network GPOs to ensure DISA policy compliance
• Ensured entire KM architecture was compliant with any/all IAVAs; applied MS WSUS patches and various software updates, as necessary, per MMC IAO
• Confirmed all systems are backed-up regularly using Veeam Backup & Replication; assists IAO with KM-specific architecture designs and HW/SW structure
• Maintained a consolidated list of all KM hardware and software; ensured the MMC equipment custodian and configuration manager are kept up-to-date on any/all changes
• Responsible for ensuring all KM customers were aware of monthly network maintenance and for keeping down-range KM users apprised of any other planned network outages
• Provided system administrator SME input to MMC chief and various program officers regarding KM network related issues
2013 : 2015
Salient Federal Solutions
Senior System Administrator
• Conducted/managed network backups
• Conducted scans, mitigated findings, reporting results/compliance
• Provided system support and network administration
• Assisted with architecture design, analysis, planning, implementation and maintenance
• Assisted with configuration management and system refresh
• Assisted with Virtualizing two networks utilizing VMware
• Reviewed, imported WSUS updates for 7 networks
• Managed/configured McAfee ePO Anti-Virus servers
• Performed technical reviews of PKI and software encryption training
2013 : 2013
USfalcon
System Administrator
Skills
Active Directory, Computer Security, DNS, DRA, ePolicy Orchestrator, Hardware, Hyena, Information Security, Integration, Microsoft SQL Server, Military, Network Administration, Network Security, Project Management, Security, Security Information and Event Management (SIEM), Servers, Symantec Backup, System Administration, TCP/IP, Troubleshooting, Veeam B&R, VMware, Windows Server, WSUS
About
An experienced information systems security officer/system administrator with a BS in Computer Science, several IT-related certifications, and 35+ years of experience working in various IA/IT positions. I offer SAP-level experience and expertise in the Risk Management Framework (RMF) process to achieve accreditation for high-level and high visibility networks for the Space Security and Defense Program (SSDP). Provided network operation and architectural design support for mission-critical systems to the USSOCOM and the US Army. Coordinated and delivered system administration and network support for multiple, mission-critical networks supporting the Space Warfare Center (SWC)/Space Innovation and Development Center (SIDC) mission. A critical member of the internationally recognized, multi-nationally participated, Schriever Wargame IT team.
Highly distinguished 20+ year career in the Air Force serving in various information and personnel management positions, working with executive leadership, I became recognized for consistently delivering the skills required for team development and mission accomplishment. A people-oriented, customer-driven team member with the demonstrated ability to effectively lead organizational change and performance improvements.
*TS
*CI Poly
*CISSP
*Retired USAF (Veterans Preference)
Profile Photo
