Profiles search
Lonnie Joseph
Facility Information Security Officer
New Orleans, LA, United States
Details
Experience:
Lead the implementation of security programs designed to anticipate, assess and minimize system vulnerabilities.
2017 : Present
Veteran Administration
Facility Information Security Officer
* Analyzes Risk Management Framework (RMF) artifacts and supporting documentation. Performs site assessments, generates reports and remediates findings. Analyzes stored data in Governance Risk Compliance Risk Vision (GRC-RV) for accuracy, completeness and quality. Identifies acceptable evidence collection and testing results that support the Information Assurance (IA) control’s compliance.
2016 : 2017
ASM Research, an Accenture Federal Services Company
Information Security Analyst
• Responsible for the day-to-day management and handling of McAfee WebGateway(MGW) proxy issues.
• Create MOPs (Methods of Procedures) outlining work to be done during the building, testing, and implementation of network changes.
• Responsible for resolving all Incidents, Tasks, and Requests related to Internet proxy issues.
• Review and investigate Blocked-Site issues and White-List requests
• Create and submit Change Requests and represent those requests during weekly Change Control Board meetings.
• Responsible for creating, testing, and maintaining MGW proxy policies as required.
• Create AD Global group proxy rule sets.
• Use McAfee Web-Report to generate standard and customized reports, which include company and department proxy activity and the Internet activity of current and terminated employees and contractors.
• Test and manage the deployment of .pac files for custom proxies.
• Use Check Point SmartDashboard to access Check Point Firewalls and Tracker.
• Review Firewall rules and track and monitor traffic activity.
• Provide on-call support for daily operations, outages, and critical network issues.
• Utilize Active Directory (AD) to review Global group policies and memberships.
2015 : 2016
HCL Technologies
Network Security Engineer
• Performed user-access management functions with Active Directory (AD), and other core Bank systems, included the creation, modification, and removal of user and service accounts.
• Created and updated policies and procedures governing information security across the company’s IT infrastructure. Policies included systems access procedures, procedures handling of threat events, processes for account creation and removal and policies addressing the security posture of critical and non-critical IT resources.
• Bank security compliance initially based on FISMA Security Standards and Guidelines, NIST 800-series, i.e., 800-53, 30 and 39.
• Primary responsibility for research efforts aimed at policy creation and modification. Spear-headed efforts to transition the Bank from NIST SP 800-series to ISO based standards specifically ISO 27001 : 2013, which provides specifications for the Information Security Management System framework. Transition was the result of recommendation following an external ISO 9000 quality management and assurance audit.
• Have performed regular user-access reviews and audits of AD and other core financial systems in accordance with NIST and ISO/IEC standards.
• Created and/or improved technical and administrative security controls, e.g., preventive, detective, corrective, etc. Based on NIST 800-series and ISO/IEC 27002 : 2013 security practices.
• Possess strong knowledge of NIST SP 800-53 rev 4, NIST 800-37 rev 1, and the categorization of Federal Information and Information Systems (FIPS 200).
• Regularly developed Plan of Action and Milestone documents that outlined methodologies to correct systems and process deficiencies.
• Responsible for the daily administration and management of Symantec Endpoint Protection Management Server environment.
• Managed Endpoint Protection on 750 Windows 7 workstations, laptops, and Windows 8 tablets at 42 company locations.
2014 : 2015
Crescent Bank & Trust
Information Security Administrator
•Performed Tier 2 support for the National Affordable Healthcare (ACA) system.
•Performed Identity and Access Management functions within a distributed enterprise network environment. Processes included the verification, addition and deactivation of user accounts in the AD (Active Directory) and other proprietary systems including SWAT and TIPS which are software tools used by field personnel to input and sort applicant information.
•Controlled access to system resources by ensuring proper Role, Group and Location privileges for individual network and systems users.
•Trained all new-hire support analyst and provided training for Tier II personnel on newly implemented systems and technologies.
•Acted as Information Security Manager for local office. Responsibilities included managing and assisting in ongoing vulnerability management of workstations, servers, and network equipment.
•Ensured security policies, i.e., cell phone storage and usage, smart device usage, etc., were adhered to related to the physical security of the office complex.
•Managed the activities of 9 Tier I support analyst. Conducted training activities on user account creation and problem determination.
•Documented and monitored maintenance activities for systems across the enterprise.
•Actively managed on a daily basis, enterprise user and elevated privilege/system accounts.
•Created weekly and monthly security reports for management.
2013 : 2014
Artech Information Systems
Technical Support Analyst (Tier II)
2017 : Present
Veteran Administration
Facility Information Security Officer
* Analyzes Risk Management Framework (RMF) artifacts and supporting documentation. Performs site assessments, generates reports and remediates findings. Analyzes stored data in Governance Risk Compliance Risk Vision (GRC-RV) for accuracy, completeness and quality. Identifies acceptable evidence collection and testing results that support the Information Assurance (IA) control’s compliance.
2016 : 2017
ASM Research, an Accenture Federal Services Company
Information Security Analyst
• Responsible for the day-to-day management and handling of McAfee WebGateway(MGW) proxy issues.
• Create MOPs (Methods of Procedures) outlining work to be done during the building, testing, and implementation of network changes.
• Responsible for resolving all Incidents, Tasks, and Requests related to Internet proxy issues.
• Review and investigate Blocked-Site issues and White-List requests
• Create and submit Change Requests and represent those requests during weekly Change Control Board meetings.
• Responsible for creating, testing, and maintaining MGW proxy policies as required.
• Create AD Global group proxy rule sets.
• Use McAfee Web-Report to generate standard and customized reports, which include company and department proxy activity and the Internet activity of current and terminated employees and contractors.
• Test and manage the deployment of .pac files for custom proxies.
• Use Check Point SmartDashboard to access Check Point Firewalls and Tracker.
• Review Firewall rules and track and monitor traffic activity.
• Provide on-call support for daily operations, outages, and critical network issues.
• Utilize Active Directory (AD) to review Global group policies and memberships.
2015 : 2016
HCL Technologies
Network Security Engineer
• Performed user-access management functions with Active Directory (AD), and other core Bank systems, included the creation, modification, and removal of user and service accounts.
• Created and updated policies and procedures governing information security across the company’s IT infrastructure. Policies included systems access procedures, procedures handling of threat events, processes for account creation and removal and policies addressing the security posture of critical and non-critical IT resources.
• Bank security compliance initially based on FISMA Security Standards and Guidelines, NIST 800-series, i.e., 800-53, 30 and 39.
• Primary responsibility for research efforts aimed at policy creation and modification. Spear-headed efforts to transition the Bank from NIST SP 800-series to ISO based standards specifically ISO 27001 : 2013, which provides specifications for the Information Security Management System framework. Transition was the result of recommendation following an external ISO 9000 quality management and assurance audit.
• Have performed regular user-access reviews and audits of AD and other core financial systems in accordance with NIST and ISO/IEC standards.
• Created and/or improved technical and administrative security controls, e.g., preventive, detective, corrective, etc. Based on NIST 800-series and ISO/IEC 27002 : 2013 security practices.
• Possess strong knowledge of NIST SP 800-53 rev 4, NIST 800-37 rev 1, and the categorization of Federal Information and Information Systems (FIPS 200).
• Regularly developed Plan of Action and Milestone documents that outlined methodologies to correct systems and process deficiencies.
• Responsible for the daily administration and management of Symantec Endpoint Protection Management Server environment.
• Managed Endpoint Protection on 750 Windows 7 workstations, laptops, and Windows 8 tablets at 42 company locations.
2014 : 2015
Crescent Bank & Trust
Information Security Administrator
•Performed Tier 2 support for the National Affordable Healthcare (ACA) system.
•Performed Identity and Access Management functions within a distributed enterprise network environment. Processes included the verification, addition and deactivation of user accounts in the AD (Active Directory) and other proprietary systems including SWAT and TIPS which are software tools used by field personnel to input and sort applicant information.
•Controlled access to system resources by ensuring proper Role, Group and Location privileges for individual network and systems users.
•Trained all new-hire support analyst and provided training for Tier II personnel on newly implemented systems and technologies.
•Acted as Information Security Manager for local office. Responsibilities included managing and assisting in ongoing vulnerability management of workstations, servers, and network equipment.
•Ensured security policies, i.e., cell phone storage and usage, smart device usage, etc., were adhered to related to the physical security of the office complex.
•Managed the activities of 9 Tier I support analyst. Conducted training activities on user account creation and problem determination.
•Documented and monitored maintenance activities for systems across the enterprise.
•Actively managed on a daily basis, enterprise user and elevated privilege/system accounts.
•Created weekly and monthly security reports for management.
2013 : 2014
Artech Information Systems
Technical Support Analyst (Tier II)
Company:
Veteran Administration
Spoken Language:
English
About
Hands-on innovative problem solver with a solid record of project management, leadership, and team building with medium and enterprise-level organizations. Proven experience managing network and systems access, implementation of corporate-wide Information Security Awareness program, and enterprise-level Information Security compliance based on NIST and ISO frameworks.
Profile Photo
