Profiles search
Shawn Thompson, C|EH
Cybersecurity Analyst III at Boecore
Huntsville, AL, United States
Details
Education:
Master of Science (MS)
Engineering Management with a focus on Cyber-Security
The George Washington University
2010 : 2013
Graduate Certificate
Systems Engineering
The George Washington University
2010 : 2012
BS
Computer Science
Athens State University
1999 : 2001
Madison County High School
Engineering Management with a focus on Cyber-Security
The George Washington University
2010 : 2013
Graduate Certificate
Systems Engineering
The George Washington University
2010 : 2012
BS
Computer Science
Athens State University
1999 : 2001
Madison County High School
Experience:
In my current role I routinely conduct risk assessments and provide recommendations for application/system/architecture design. I participate in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access. I utilize encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research. I perform regular management and maintenance of network vulnerability scanning tools and other IA tools and performing vulnerability assessment scans as necessary. Provide input/artifacts as part of the DIACAP process. I analyze and assist in the application of Security Technical Implementation Guides (STIGs) and Information Assurance Vulnerability Alerts (IAVAs). I develop information assurance (IA)/Cybersecurity solutions and process improvements to help minimize the risks to computer network defense threats. I read and interpret IV&V results in order to develop a Plan of Actions and Milestones (POA&M). I conduct briefings on areas of responsibility, and possess the ability to translate technical data into a format understood by individuals from varied backgrounds.
I posses a proficient understanding of boundary protection devices, including firewalls and IPS devices. I have a working knowledge of data communications and networking capabilities and information systems security analysis for systems/networks. I exhibit strong writing and presentation skills. I have experience with DoD Information Assurance Certification and Accreditation Process (DIACAP) Controls and the Risk Management Framework (RMF) Controls as well as experience with Enterprise Mission Assurance Support Service (eMASS). My previous roles gave me experience performing risk assessments and analyzing results of those assessments
2016 : Present
Boecore
Cybersecurity Analyst III
I am currently responsible for all accreditation packages for the Apache (AH64-E) Weapons Systems and Training devices using the RMF (Risk Management Framework). The creation and maintenance of Authority to Operate (ATO), Authority to Test (ATT), Certificate of Networthiness (CoN), System Risk Acceptance (SRA) and all other accreditation related documents is my primary responsibility. I am tasked with scanning all Apache Sensor devices and training devices by using the industry standard tools such as ACAS, Nessus, Nmap and the SCAP Compliance Checker and report findings using the rollup reporting capability of ACAS (Assured Compliance Assessment Solution).. As a system implementer, I install, configure and harden a set of Panasonic Toughbooks with McAfee SolidCore for use loading operational flight planning software. I write visual basic scripts to perform repetitive tasks with spreadsheets. I provide expert analysis of SolidCore/HBSS implementation strategies on training systems in standalone networks. I author and review cybersecurity tasking for all Apache SOWs (Statement of Work). I provide weekly briefings to upper management on the status of all cybersecurity issues at a program management level.
2015 : 2016
IronMountain Solutions, Inc.
Cybersecurity Engineer
Solidcore (SME) subject matter expert leading the deployment and implementation efforts encompassing the PEO Aviation HBSS alternative solution for Tactical Systems, (MAC/MCC) McAfee Application Control/Change Control known as Solidcore. Architecting, testing and developing the Solidcore, (DCM/DLP) Device Control Module/Data Layer Protection, and (VSE) VirusScan Enterprise cyber strategies for all Army Aviation Tactical systems. Centralized Service Request solution provider for all Army Aviation (PoR) Programs of Record. Engineering cutting edge solutions that allow ad hoc implementation changes for post-fielded, solidified systems using FIPS 140-2 compliant custom made encryption/decryption Trusted Updaters. Validating that all Aviation Tactical systems meet the Commander's intent while remaining compliant with DIACAP directives and HBSS mandates.
2014 : 2015
Quantum Research International
Cybersecurity Engineer (Solidcore SME)
My daily assignments focued on the Windows Security Engineering domain. Knowledge of the Windows Pre-Installation Environment and Army Information Assurance tasks involving work with STIGs, IAVAs and use of Retina and DISA gold disks was required. Previous work also involved reverse engineering the Army Gold Master (AGM-Windows7) and the Unified Gold Master (UGM-Windows Server 2008 R2. Software Development using C# and Programming in HTA (HTML for Applications) and scripting in Vbs, Vba and PowerShell was utilized as well.
2012 : 2014
SAIC
OS Integration Engineer
As a member of an unmanned aircraft system modeling and simulation program in support of the Joint Systems Integration Lab (JSIL) in Huntsville, Alabama, I was able to see the complexity involved in developing and managing a system of systems. My responsibilities included the development of software test plans and procedures, execution of software tests in a multi-platform, rapid application development environment, analysis of test results, and documentation and reporting of test conclusions to the test lead and software development leads. My assignments included writing test plans, test cases and developing test scenarios based upon system requirements, performing system acceptance tests according to test plans, performing functional tests according to test plans and writing software trouble reports and test summaries. Some additional tasks included setup, training, securing and operating the Multiple Unified Simulation Environment / Air Force Synthetic Environment for Reconnaissance and Surveillance (MUSE/AFSERS) software suite in both a test lab environment and a field environment. I also installed Army Gold Master baseline operating systems and ensured local system and network environment integrity met the current site’s Security Control requirements by executing Retina scans and mitigating any vulnerability prior to live training exercises and event tests in diverse sites throughout the United States and Korea. Exercise responsibilities included network design, network emplacement, network STIG compliance and network operation in ad hoc closed network environments.
2010 : 2012
SAIC
Software Engineer
I posses a proficient understanding of boundary protection devices, including firewalls and IPS devices. I have a working knowledge of data communications and networking capabilities and information systems security analysis for systems/networks. I exhibit strong writing and presentation skills. I have experience with DoD Information Assurance Certification and Accreditation Process (DIACAP) Controls and the Risk Management Framework (RMF) Controls as well as experience with Enterprise Mission Assurance Support Service (eMASS). My previous roles gave me experience performing risk assessments and analyzing results of those assessments
2016 : Present
Boecore
Cybersecurity Analyst III
I am currently responsible for all accreditation packages for the Apache (AH64-E) Weapons Systems and Training devices using the RMF (Risk Management Framework). The creation and maintenance of Authority to Operate (ATO), Authority to Test (ATT), Certificate of Networthiness (CoN), System Risk Acceptance (SRA) and all other accreditation related documents is my primary responsibility. I am tasked with scanning all Apache Sensor devices and training devices by using the industry standard tools such as ACAS, Nessus, Nmap and the SCAP Compliance Checker and report findings using the rollup reporting capability of ACAS (Assured Compliance Assessment Solution).. As a system implementer, I install, configure and harden a set of Panasonic Toughbooks with McAfee SolidCore for use loading operational flight planning software. I write visual basic scripts to perform repetitive tasks with spreadsheets. I provide expert analysis of SolidCore/HBSS implementation strategies on training systems in standalone networks. I author and review cybersecurity tasking for all Apache SOWs (Statement of Work). I provide weekly briefings to upper management on the status of all cybersecurity issues at a program management level.
2015 : 2016
IronMountain Solutions, Inc.
Cybersecurity Engineer
Solidcore (SME) subject matter expert leading the deployment and implementation efforts encompassing the PEO Aviation HBSS alternative solution for Tactical Systems, (MAC/MCC) McAfee Application Control/Change Control known as Solidcore. Architecting, testing and developing the Solidcore, (DCM/DLP) Device Control Module/Data Layer Protection, and (VSE) VirusScan Enterprise cyber strategies for all Army Aviation Tactical systems. Centralized Service Request solution provider for all Army Aviation (PoR) Programs of Record. Engineering cutting edge solutions that allow ad hoc implementation changes for post-fielded, solidified systems using FIPS 140-2 compliant custom made encryption/decryption Trusted Updaters. Validating that all Aviation Tactical systems meet the Commander's intent while remaining compliant with DIACAP directives and HBSS mandates.
2014 : 2015
Quantum Research International
Cybersecurity Engineer (Solidcore SME)
My daily assignments focued on the Windows Security Engineering domain. Knowledge of the Windows Pre-Installation Environment and Army Information Assurance tasks involving work with STIGs, IAVAs and use of Retina and DISA gold disks was required. Previous work also involved reverse engineering the Army Gold Master (AGM-Windows7) and the Unified Gold Master (UGM-Windows Server 2008 R2. Software Development using C# and Programming in HTA (HTML for Applications) and scripting in Vbs, Vba and PowerShell was utilized as well.
2012 : 2014
SAIC
OS Integration Engineer
As a member of an unmanned aircraft system modeling and simulation program in support of the Joint Systems Integration Lab (JSIL) in Huntsville, Alabama, I was able to see the complexity involved in developing and managing a system of systems. My responsibilities included the development of software test plans and procedures, execution of software tests in a multi-platform, rapid application development environment, analysis of test results, and documentation and reporting of test conclusions to the test lead and software development leads. My assignments included writing test plans, test cases and developing test scenarios based upon system requirements, performing system acceptance tests according to test plans, performing functional tests according to test plans and writing software trouble reports and test summaries. Some additional tasks included setup, training, securing and operating the Multiple Unified Simulation Environment / Air Force Synthetic Environment for Reconnaissance and Surveillance (MUSE/AFSERS) software suite in both a test lab environment and a field environment. I also installed Army Gold Master baseline operating systems and ensured local system and network environment integrity met the current site’s Security Control requirements by executing Retina scans and mitigating any vulnerability prior to live training exercises and event tests in diverse sites throughout the United States and Korea. Exercise responsibilities included network design, network emplacement, network STIG compliance and network operation in ad hoc closed network environments.
2010 : 2012
SAIC
Software Engineer
Company:
Boecore
Years of Experience:
22
Skills
.NET, C, C#, C++, CEH, CISSP, CompTIA, CompTIA Network+, CompTia Security +, Computer Security, Configuration Management, Cyber-security, Databases, DIACAP, Digital Certificates, DoD, HBSS, HTA, IAVA/IAVM, Information Assurance, Information Security, Information Security Management, Information Systems, Integration, Java, McAfee SolidCore, MCSA Security, Network Administration, NSTISSI 4011, Object Oriented Design, OOAD, Penetration Testing, Perl, Programming, Requirements Analysis, Risk Management, Security, Software Design, Software Development, Software Engineering, System Architecture, Systems Engineering, Test Automation, VBA, VBScript, Visual Basic, VMware Workstation, Windows 7, Windows Batch
About
Cyber Security Engineer with the tools and the team to get the job done right.
Profile Photo
