Python
DEMETRIUS ODOM
Atlanta,GA
Summary
Efficient Cloud Security Consultant with 12 years of experience assembling cloud infrastructure. Utilizes strong managerial skills by negotiating with vendors and coordinating tasks with other IT team members. Implements best practices to create cloud functions, applications and databases.
Actively Pursuing CCSP and CISSP certification. Operation Inherent Resolve Campaign Medal recipient
Overview
12
12
years of professional experience
18
18
Certificate
Work History
Senior Cloud Security Engineer
SAIC
06.2020 - Current
- Administrative duties such as system reports, communications with associated departments, and team support as needed
- Implement server hardening techniques to ensure compliance
- Design technical control standards for a variety of information systems based on industry best practices and guidelines (e.g., NIST CSF, CSA, CIS, OWASP)
- Define and document requirements for secure operations across the entire delivery ecosystem: internal datacenter, secure perimeter, public cloud, software-as-a-service, vendor hosted, public and private endpoints, etc
- Developed Incident Response Plan for implementation as a guideline in preparation for RMF audit in accordance with NIST SP 800-53
- Ensure IaaS and PaaS backup, recovery, high availability is fully implemented
- Oversee the enhancement and maintenance of Clearent’s secure software delivery lifecycle, including all aspects of secure coding practices, integration of security principles and practices into DevOps/DevSecOps, etc
- Coordinate with all departments to ensure cyber security control design is richly informed by current threat intelligence and incident response
- Prepare and present accurate and timely information in response to audits and regulatory exams; institute a proactive culture to align activities and measurement with internal policy and regulatory requirements
- Building security strategies, firewalls and systems unique to the company, encompassing our data, systems, hardware, components and networks
- Troubleshooting problems associated to our security and network, including handling any system breaches
- Testing for vulnerabilities in our system and network and addressing any issues accordingly
- Implement security measures across the company’s IT infrastructure, and ensuring our data and network is effectively protected
- Identify and report any cyber-attacks and participate in any resulting investigation as needed
- Work closely with the legal and security compliance team
- Use ELK/Splunk Analytics platform and other proprietary tools to identify threats, determine root cause, scope, and severity of each critical anomaly
- Proactively drive threat hunting and analysis
- Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure
- Report on findings and recommend system tuning/customization and data collection improvements
- Recommend specific control sets to mitigate inherent risk identified through cybersecurity risk assessments
- Provide technical expertise to guide security risk assessments, Pentest as needed
- Work with Threat Intelligence feeds and solutions to identify threats, develop or recommend countermeasures, and perform advanced network and host analysis in the event of a compromise
- Work with our team to improve and expand the value that we are delivering to all Clearent companies
- Interface with customers on a daily basis to consult with them on best security practices and help them mature their security posture
- Knowledge of VPNs, Data Loss Prevention, IDS/IPS, Web-Proxy, Security Audits
- The ability to work autonomously, or within the larger cyber security engineer team depending on assignment/requirements
- Configure Cloud systems environment by collaborating with business partners and stakeholders
- Provide foundational support and oversight of daily analysis and monitoring of client/server applications in the Retail Systems environment for any performance, availability and/or security issues
- Regular review of Cloud Systems performance and stability
- Determine corrective actions via tuning existing systems or R&D a sustainable solution
- Provide guidance to the Cloud Systems team regarding adherence to policies and procedures
- Provide Tier 3 support for all Cloud Systems ie AWS and windows Azure
- Maintain detailed documentation of all job functions for use as reference material
- Provide documentation and input into knowledge base articles for helpdesk and team associates
- Maintain the company-wide help desk database for all reported and assigned incidents with stated problems, status and resolutions
- Informs management about system problems that are considered out of the ordinary
- Check SQL databases and write queries because you will work with databases intensively
- Add and delete accounts, edit groups and create listings to view specific types of users or groups in PowerShell.
Information System Security Manager
Army National Guard
06.2017 - 10.2021
- Provide crucial intelligence and network support that safeguards the cyber domain and collect, analyze and report digital data
- Collect, analyze and report digital data while maintaining network defense tools such as routers and firewalls
- Evaluate network defense operations and respond to incidents in cyberspace
- Surveillance and reconnaissance actions on specified systems and networks
- Conduct network terrain audits, penetration testing, basic digital forensics and software threat analysis
- CI/CD Pipelines: Octopus Deploy/uDeploy
- Automation of QA/QE: Selenium/TestComplete
- Configuration Management: Ansible Tower
- Scripting: PowerShell and Python
- Building containerized applications: OpenShift/Kubernetes/Docker/Helm
- On-Prem Server: Windows Server OS
- Cloud Computing: Azure/AWS
- Build automation: Jenkins/TFS
- Automation of data components: MS SQL DB/Teradata/Postgres
- Automation of integration and reporting services: SSIS/SSRS/Tableau
- Develop automation tooling for Windows Server 2019 and Microsoft Hyper-V technologies
- Develop RESTful APIs
- Develop a ReactJS-based web control panel; experience with React is not necessary but is a plus
- Write technical documentation for the systems you develop
- Perform Windows Server administration tasks.
Information System Security Officer
DCMA
Atlanta, GA
01.2019 - 06.2020
- Maintain 24/7 constant monitoring of intrusion detection systems
- Ensure proper methods of security are implemented ie golden images and server hardening
- Recommend modifications to security tools to detect, prevent, and mitigate intrusions
- Perform system administration on specialized DCO applications and systems (e.g., anti-virus, or Audit / Remediation) to include installation, configuration, maintenance, and backup/ restore
- Create, edit, and manage changes to network access control lists on specialized DCO systems (e.g., firewalls and intrusion prevention systems)
- Implement Certification and Accreditation (C&A) requirements for specialized DCO systems within the Network Environment (NE) or enclave, and document and maintain records of them
- Coordinate with the DCO-E Auditor (DCO-A) to manage and administer the updating of rules and signatures (e.g., Intrusion Detection Systems (IDS) / Intrusion Prevention Systems (IPS), anti-virus, and content blacklists) for specialized DCO applications
- Identify potential conflicts with the implementation of any DCO tools within the Computer Network Defense Service Provider (CND-SP) area of responsibility (e.g., tool I signature testing and optimization)
- Administer DCO test bed and test and evaluate new DCO applications rules / signatures, access controls, and configurations of CND-SP managed platforms
- Perform risk assessments in accordance with NIST SP 800-30 and apply them in accordance with NIST SP 800-37
- Apply complex problem solving to 'reverse engineer' applications, designs and manual build instructions to create zero touch automation packages
- Often these applications are legacy, were created without automation in mind or are otherwise resistive to full, zero touch automation
- Create production quality code, following industry standard best practices as well as internal policies and procedures
- Collaborate effectively with other members of the agile automation team; sharing knowledge and peer reviewing others work prior to formal review by the Automation Team Lead
- Create clear and concise technical documentation of their work
- Use the Atlassian toolset (JIRA, Confluence and Bamboo) to record, document and test their work.
Medical System Administrator (Instructor)
Theater Medical Information Program (Air Force)
Gunter AFB
07.2018 - 01.2019
- Provide technical support for both hardware and software issues our users encounter
- Manage, image and install the configuration and operation of client-based computer operating systems
- Respond to Tier 3 issues and resolve help desk requests
- Upgrade systems and processes as required for enhanced functionality and security issue resolution
- Administrate infrastructure, including firewalls, databases, malware protection software and other processes
- Install and test computer-related equipment and review application logs
- Instruct incoming airmen on how to manage medical suite for usage in theater missions.
IT Technician
Inserso (Medical Electronic Service Desk)
Gunter AFB
07.2016 - 05.2018
- Troubleshoot any technical issues that can be handled remotely
- Multitask and resolve technical issues from clients around the globe for air force medical elements
- Use administrative privileges to unlock/deactivate/create accounts on different medical software
- Manage tickets using BMC Remedy software, so other clients or customers can have a track record of the steps that took place during troubleshooting
- Assist civilian/contractor/military employees by reestablishing networks to prevent or stop work stoppage
- Troubleshoot medical software inside the medical theater suite (AHLTA, DMLSS, CHCS etc.)
Network Admin (25B)
Army National Guard
09.2015 - 06.2017
- Manage the deployment and maintenance of server stacks
- Implement network security using SSL Certificate configuration and management, Mail Server
- Troubleshoot network security hardware issues in a timely manner
- Investigate arising incidents caused by malicious activities and identified false positives.
System Admin (25B)
Army National Guard
09.2012 - 09.2015
- Manage/troubleshoot Windows 7, XP, Vista, 10, Windows Server 2003, 2008, 2012, Linux
- Run/Create Cat 5/5e/6 cable to setup client connects to LAN/WAN resources
- Monitor and manage email spam filters, firewalls, anti-virus systems and vulnerability scanners
- Investigate alerts created by intrusion detection systems for malicious file uploads, compromised servers, SQL injections and port scanning
- Take responsibility for the high-level monitoring and analysis of all enterprise services and servers in a Windows environment
- Employ your knowledge of group policies in Active Directory to facilitate a wide variety of advanced network settings
- Utilize your skills to successfully deploy SQL integration services packages
- Analyze the performance of the system and recommend ways to improve it, including configuration updates and system tuning
- Deliver high-level (Tier 4) technical support as needed.
Education
CISSP
Kennesaw State University
Kennesaw, GA05-2024
Cyber Common Core
Department of Defense Cyber Crime Center (DC3)
Washington, DC01.2019
CEH -
ARCENT University
01.2018
Windows Server 2012, Snort, Retina, CCNA ICND2 and SharePoint 2012 -
Information Technology Advanced Leadership Course
01.2018
B.A. Management Information Systems -
Troy University
01.2017
Tactical Management Networking System Course
10-2016
Information Technology Specialists -
Dixon Hall
07-2013
Skills
- System Administration
- PCI DSS
- Sarbanes-Oaxley
- Wireshark
- Assessment and Authorization (A&A)
- Security Control Traceability Matrices (SCTM)
- Information Assurance
- SQL Servers
- Risk Management Framework
- DOD Policies
- Splunk
- HIPPA Compliance
- Windows/Unix Forensics
- Data Lakes
- Agile Work Environment
- DevOps
- IaaS
- Azure Security Center
- Endpoint Protection
- Azure Container Registry
- Plans of Action and Milestones (POAM)
- Azure Active Directory
- System Security Plans (SSP)
- Information Security
- NIST SP 800-53
- Pentesting
- Kubernetes
- Jira
- Azure Service Bus
- Docker
- Azure Sentinel
- Tanium
- Azure Kubernetes Service
- Windows PowerShell
- Cyber Defense
- IAVA Compliance
- Palo Alto Firewalls
- Continuous Monitoring
- Machine Learning
- Confluence
- Synapse
- WebJobs
- Azure Monitor
- Azure Blueprint
- Azure Data encryption
- Azure Defender
Certification
- HBSS Administrator 501
- AZ-500 (Microsoft Azure Security Technologies)
- EMASS
- ISACA Certified Information Security Manager (CISM)
- PMI Project Management Professional (PMP)
- Comptia Security+ CE
- Comptia CASP+ CE
- Comptia Linux+
- Comptia Server+
- Comptia Technical Trainer (CTT+)
- Linux Professional Institute LPIC-1
- AWS Solution Architect Associate
- EC-Council Certified Ethical Hacker (CEH)
Timeline
Senior Cloud Security Engineer
SAIC
06.2020 - Current
Information System Security Officer
DCMA
01.2019 - 06.2020
Medical System Administrator (Instructor)
Theater Medical Information Program (Air Force)
07.2018 - 01.2019
Information System Security Manager
Army National Guard
06.2017 - 10.2021
IT Technician
Inserso (Medical Electronic Service Desk)
07.2016 - 05.2018
Network Admin (25B)
Army National Guard
09.2015 - 06.2017
System Admin (25B)
Army National Guard
09.2012 - 09.2015
CISSP
Kennesaw State University
Cyber Common Core
Department of Defense Cyber Crime Center (DC3)
CEH -
ARCENT University
Windows Server 2012, Snort, Retina, CCNA ICND2 and SharePoint 2012 -
Information Technology Advanced Leadership Course
B.A. Management Information Systems -
Troy University
Tactical Management Networking System Course
Information Technology Specialists -
Dixon Hall
Personal Information
Work Permit: Authorized to work in the US for any employer
Quote
Judge a man by his questions rather than his answers.
Voltaire
References
- CW2 Jermaine Goodloe, Senior Information Systems Manager, (258)-810-3922
- COL Arnold J. Griffin, Senior Manager, (256)-808-927
- Erik Eddings, Supervisor, (404)-698-6601
- Dexter J. White, Supervisor, (254)-404-5402
- Joe Harris, Intrusion Response Lead, (334)-430-0353
Work Availability
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse
Clearance
- Top Secret SCI