Profiles search
Matthew Kroeger
Senior CyberSecurity Systems Engineer at Duke Energy Corporation
North Wilkesboro, NC, United States
Details
Education:
Cyber Security & Information Assurance
Western Governors University
2017 : 2023
Electric Lineman Technology
Nash Community College
2009 : 2011
Associate's degree
Electrical and Electronics Engineering
Wilkes Community College
2007 : 2008
Western Governors University
2017 : 2023
Electric Lineman Technology
Nash Community College
2009 : 2011
Associate's degree
Electrical and Electronics Engineering
Wilkes Community College
2007 : 2008
Experience:
2023 : Present
Duke Energy Corporation
Senior CyberSecurity Systems Engineer
•Undertake comprehensive ownership of activities, processes, procedures, documentation, compliance tools, and evidence procurement as required by the Duke Energy IT503 Cybersecurity Program and NERC CIP Reliability Standards to ensure Firewall Management team and assets satisfy compliance requirements
•Leverages NERC CIP, Cybersecurity and firewall related technical skill sets to effectively manage NERC CIP compliance in the Firewall Management area
•Responsibilities Performs operational activities required to fulfill IT503 & NERC CIP standards
•Performs ongoing comprehensive maintenance of existing documentation, processes, procedures and activities
•Closely monitor configuration changes related to in-scope NERC CIP assets
•Identify areas of concern and works with leadership team to address
•Serve as subject matter expert (SME) for relevant IT503 & NERC CIP standards
•Key role in all audit preparation activities Ensures time sensitive compliance activities and dates are met
•Train teams on key aspects and implications of compliance requirements
•Represent Cyber Security organization professionally with other IT groups, compliance organizations, leadership team, and internal business partners
•Execute activities that support and fulfill compliance program requirements
•Forecast and document compliance activity time requirements
•Provide input on future requirements and develop compliance roadmap
•Provide compliance recommendations and documentation when working on projects with NERC CIP impact
•Perform ongoing comprehensive reviews of existing compliance tools
2022 : 2023
Duke Energy Corporation
Cyber Security Firewall Analyst NERC-CIP Operational Compliance
- Experience in project and task management, responsible for ensuring successful task completion within the scheduled timeframe consistent with the established scope of work to include both the technical and financial solutions. Organizes, directs, and coordinates the planning and production of all activities associated with assigned tasks.
- Providing engineering creation and advisory in Security Technical Implementation Guide (STIG) & Security Resource Guide (SRG) infrastructure hardening documentation as published by DISA, including applying CIS Benchmark configuration guidance.
- Providing advisory guidance and creation of FedRAMP assessment packages (System Security Plan (SSP)), including FedRAMP Moderate, FedRAMP HIGH in guidance of NIST 800-53 Rev4 & Rev5 as well as applying SRG DOD IL5.
Projects :
-Advisory and support of FedRAMP assessment packages (SSP) for VMware Tanzu Mission Control (TMC); project and task management, responsible for ensuring successful task completion within the scheduled timeframe consistent with the established scope of work to include both the technical and financial solutions. Organizes, directs, and coordinates the planning and production of all activities associated with assigned tasks.
-Advisory and support in creation of FedRAMP assessment packages (SSP); Security Technical Implementation Guides (STIGs) & Security Resource Guides (SRG) hardening advisory for VMware Horizon Cloud Service(HCS).
Operational tools use and resources :
- Confluence
- Jira
- Microsoft Excel
- Microsoft Word
- Putty
- STIG Viewer
- SCAP Compliance Checker
- Nessus (light use)
- Linux, SQL
- CIS Benchmarks
- Apply DISA Security Technical Implementation Guides (STIGs) Security Resource Guides (SRGs) including :
- SLES STIG
- Ubuntu STIG
- Application Server SRG
- Web Server SRG,
- Central Log Server SRG,
- Database Server SRG
- Container Platform SRG
2021 : 2022
InfusionPoints, LLC
Senior Lead I Cybersecurity Consultant
- Providing engineering creation and advisory in Security Technical Implementation Guide (STIG) & Security Resource Guide (SRG) infrastructure hardening documentation as published by DISA, including applying CIS Benchmark configuration guidance.
- Providing advisory guidance and creation of FedRAMP assessment packages (System Security Plan (SSP)), including FedRAMP Moderate, FedRAMP HIGH in guidance of NIST 800-53 Rev4 & Rev5 as well as applying SRG DOD IL5.
- Research, organize, present, communicate and perform cross-functional task for and on customer behalf. Including supporting technical implementations from a project management approach and planning, organizing, and coordinating the activities of the team, other contractors, and stakeholders enterprise search.
-Advisory and support in creation Security Technical Implementation Guides (STIGs) & Security Resource Guides (SRG) hardening advisory for VMware Horizon Cloud Service(HCS).
-Advisory and support in creation Security Technical Implementation Guides (STIGs) & Security Resource Guides (SRG) hardening advisory VMC on AWS.
Operational tools use and resources :
- Confluence
- Jira
- Microsoft Excel
- Microsoft Word
- Putty
- STIG Viewer
- SCAP Compliance Checker
- Nessus (light use)
- Linux, SQL
- CIS Benchmarks
- Apply DISA Security Technical Implementation Guides (STIGs) Security Resource Guides (SRGs) including :
- SLES STIG
- Ubuntu STIG
- Application Server SRG
- Web Server SRG,
- Central Log Server SRG,
- Database Server SRG
- Container Platform SRG
2021 : 2021
InfusionPoints, LLC
Senior Cybersecurity Consultant
- Providing engineering creation and advisory in Security Technical Implementation Guide (STIG) & Security Resource Guide (SRG) infrastructure hardening documentation as published by DISA, including applying CIS Benchmark configuration guidance.
- Providing advisory guidance and creation of FedRAMP assessment packages (System Security Plan (SSP)), including FedRAMP Moderate, FedRAMP HIGH in guidance of NIST 800-53 Rev4 & Rev5 as well as applying SRG DOD IL5.
- Research, organize, present, communicate and perform cross-functional task for and on customer behalf. Including supporting technical implementations from a project management approach and planning, organizing, and coordinating the activities of the team, other contractors, and stakeholders enterprise search.
Projects :
-Advisory and support in creation Security Technical Implementation Guides (STIGs) & Security Resource Guides (SRG) hardening VMware Log Insight, VMWare Automation.
-Advisory and support in creation Security Technical Implementation Guides (STIGs) & Security Resource Guides (SRG) hardening advisory RSA.
Operational tools use and resources :
- Confluence
- Jira
- Microsoft Excel
- Microsoft Word
- Putty
- STIG Viewer
- SCAP Compliance Checker
- Nessus (light use)
- Linux, SQL
- CIS Benchmarks
- Apply DISA Security Technical Implementation Guides (STIGs) Security Resource Guides (SRGs) including :
- SLES STIG
- Ubuntu STIG
- Application Server SRG
- Web Server SRG,
- Central Log Server SRG,
- Database Server SRG
- Container Platform SRG
2019 : 2021
InfusionPoints, LLC
Cyber Security Consultant
Duke Energy Corporation
Senior CyberSecurity Systems Engineer
•Undertake comprehensive ownership of activities, processes, procedures, documentation, compliance tools, and evidence procurement as required by the Duke Energy IT503 Cybersecurity Program and NERC CIP Reliability Standards to ensure Firewall Management team and assets satisfy compliance requirements
•Leverages NERC CIP, Cybersecurity and firewall related technical skill sets to effectively manage NERC CIP compliance in the Firewall Management area
•Responsibilities Performs operational activities required to fulfill IT503 & NERC CIP standards
•Performs ongoing comprehensive maintenance of existing documentation, processes, procedures and activities
•Closely monitor configuration changes related to in-scope NERC CIP assets
•Identify areas of concern and works with leadership team to address
•Serve as subject matter expert (SME) for relevant IT503 & NERC CIP standards
•Key role in all audit preparation activities Ensures time sensitive compliance activities and dates are met
•Train teams on key aspects and implications of compliance requirements
•Represent Cyber Security organization professionally with other IT groups, compliance organizations, leadership team, and internal business partners
•Execute activities that support and fulfill compliance program requirements
•Forecast and document compliance activity time requirements
•Provide input on future requirements and develop compliance roadmap
•Provide compliance recommendations and documentation when working on projects with NERC CIP impact
•Perform ongoing comprehensive reviews of existing compliance tools
2022 : 2023
Duke Energy Corporation
Cyber Security Firewall Analyst NERC-CIP Operational Compliance
- Experience in project and task management, responsible for ensuring successful task completion within the scheduled timeframe consistent with the established scope of work to include both the technical and financial solutions. Organizes, directs, and coordinates the planning and production of all activities associated with assigned tasks.
- Providing engineering creation and advisory in Security Technical Implementation Guide (STIG) & Security Resource Guide (SRG) infrastructure hardening documentation as published by DISA, including applying CIS Benchmark configuration guidance.
- Providing advisory guidance and creation of FedRAMP assessment packages (System Security Plan (SSP)), including FedRAMP Moderate, FedRAMP HIGH in guidance of NIST 800-53 Rev4 & Rev5 as well as applying SRG DOD IL5.
Projects :
-Advisory and support of FedRAMP assessment packages (SSP) for VMware Tanzu Mission Control (TMC); project and task management, responsible for ensuring successful task completion within the scheduled timeframe consistent with the established scope of work to include both the technical and financial solutions. Organizes, directs, and coordinates the planning and production of all activities associated with assigned tasks.
-Advisory and support in creation of FedRAMP assessment packages (SSP); Security Technical Implementation Guides (STIGs) & Security Resource Guides (SRG) hardening advisory for VMware Horizon Cloud Service(HCS).
Operational tools use and resources :
- Confluence
- Jira
- Microsoft Excel
- Microsoft Word
- Putty
- STIG Viewer
- SCAP Compliance Checker
- Nessus (light use)
- Linux, SQL
- CIS Benchmarks
- Apply DISA Security Technical Implementation Guides (STIGs) Security Resource Guides (SRGs) including :
- SLES STIG
- Ubuntu STIG
- Application Server SRG
- Web Server SRG,
- Central Log Server SRG,
- Database Server SRG
- Container Platform SRG
2021 : 2022
InfusionPoints, LLC
Senior Lead I Cybersecurity Consultant
- Providing engineering creation and advisory in Security Technical Implementation Guide (STIG) & Security Resource Guide (SRG) infrastructure hardening documentation as published by DISA, including applying CIS Benchmark configuration guidance.
- Providing advisory guidance and creation of FedRAMP assessment packages (System Security Plan (SSP)), including FedRAMP Moderate, FedRAMP HIGH in guidance of NIST 800-53 Rev4 & Rev5 as well as applying SRG DOD IL5.
- Research, organize, present, communicate and perform cross-functional task for and on customer behalf. Including supporting technical implementations from a project management approach and planning, organizing, and coordinating the activities of the team, other contractors, and stakeholders enterprise search.
-Advisory and support in creation Security Technical Implementation Guides (STIGs) & Security Resource Guides (SRG) hardening advisory for VMware Horizon Cloud Service(HCS).
-Advisory and support in creation Security Technical Implementation Guides (STIGs) & Security Resource Guides (SRG) hardening advisory VMC on AWS.
Operational tools use and resources :
- Confluence
- Jira
- Microsoft Excel
- Microsoft Word
- Putty
- STIG Viewer
- SCAP Compliance Checker
- Nessus (light use)
- Linux, SQL
- CIS Benchmarks
- Apply DISA Security Technical Implementation Guides (STIGs) Security Resource Guides (SRGs) including :
- SLES STIG
- Ubuntu STIG
- Application Server SRG
- Web Server SRG,
- Central Log Server SRG,
- Database Server SRG
- Container Platform SRG
2021 : 2021
InfusionPoints, LLC
Senior Cybersecurity Consultant
- Providing engineering creation and advisory in Security Technical Implementation Guide (STIG) & Security Resource Guide (SRG) infrastructure hardening documentation as published by DISA, including applying CIS Benchmark configuration guidance.
- Providing advisory guidance and creation of FedRAMP assessment packages (System Security Plan (SSP)), including FedRAMP Moderate, FedRAMP HIGH in guidance of NIST 800-53 Rev4 & Rev5 as well as applying SRG DOD IL5.
- Research, organize, present, communicate and perform cross-functional task for and on customer behalf. Including supporting technical implementations from a project management approach and planning, organizing, and coordinating the activities of the team, other contractors, and stakeholders enterprise search.
Projects :
-Advisory and support in creation Security Technical Implementation Guides (STIGs) & Security Resource Guides (SRG) hardening VMware Log Insight, VMWare Automation.
-Advisory and support in creation Security Technical Implementation Guides (STIGs) & Security Resource Guides (SRG) hardening advisory RSA.
Operational tools use and resources :
- Confluence
- Jira
- Microsoft Excel
- Microsoft Word
- Putty
- STIG Viewer
- SCAP Compliance Checker
- Nessus (light use)
- Linux, SQL
- CIS Benchmarks
- Apply DISA Security Technical Implementation Guides (STIGs) Security Resource Guides (SRGs) including :
- SLES STIG
- Ubuntu STIG
- Application Server SRG
- Web Server SRG,
- Central Log Server SRG,
- Database Server SRG
- Container Platform SRG
2019 : 2021
InfusionPoints, LLC
Cyber Security Consultant
Company:
Duke Energy Corporation
Years of Experience:
14
Skills
Active Directory, Cloud Computing, Computer Hardware, Cybersecurity, Digital Forensics, Firewalls, Information Security, Information Technology, ISO 27001, IT Service Management, Linux, Microsoft Access, Mobile Devices, Networking, Network Security, Powershell, Technical Support, Telecommunications, Troubleshooting, Virtualization, Vulnerability Assessment, Windows 7, Windows Server
About
***Third Party Vendors - Please do not solicitate for business**** Cyber Security Professional with a demonstrated history of working in Information Technology/CyberSecurity. Skilled in Troubleshooting, Telecommunications, Technical Support, Computer Hardware, Network, and Security. Strong continuing education professional currently attending Western Governors University in Bachelor of Science - Cyber Security & Information Assurance
Profile Photo
