Summary
Overview
Work History
Education
Skills
References
Timeline
Generic

Dustain Ebaugh

Fowlerville

Summary

Senior Security Analyst at Roush Defense specializing in CMMC compliance and risk assessment. Achieved a SPURS score of 100/110 through effective policy writing and vulnerability analysis. Skilled in managing change processes and enhancing collaboration among IT teams to strengthen cybersecurity measures.

Overview

21
21
years of professional experience

Work History

Sr. Security Analyst

Roush Defense
Troy
02.2025 - 04.2025
  • Assist in CMMC L2 Compliance
  • Review/Update Policies and Procedures
  • Update SSP
  • Conduct Risk Assessments on various systems
  • Conduct GAP analysis on various IT systems
  • Migrate CrowdStrike from Government Cloud to Commercial Cloud
  • Configure environment for 3 domains (Federal, Defense, Commercial)
  • Write rules and policies
  • Perform GAP Analysis
  • Mitigate GAP findings
  • Manage Change Management Process
  • Assist in mitigating various POA&M finding for CMMC L2
  • Monitor Elastic SIEM
  • Configure Cisco Umbrella
  • Work with various IT teams to shore up defenses in Windows, Palo Alto Firewalls

IT Manager/Security Manager

RedViking – a Lincoln Electric Company
Troy
04.2025 - 02.2025
  • Coordinate the migration of systems and users to Lincoln Electric Systems
  • Work with 6 child organizations within the Lincoln Electric umbrella to assist with their CMMC Level 2 compliance across those organizations and Lincoln Electric as a whole.
  • Perform various CMMC L2 risk assessments post migration to Lincoln Electric
  • Conduct Inventory assessments and classification of CUI assets across the 6 impacted LE sub organizations to include RedViking.
  • Write POA&M
  • Write SSP
  • Work with the CMMC Compliance team to increase their understanding of CMMC

IT Manager/Security Manager

RedViking
08.2010 - 04.2024
  • Compliance
  • Write all policies and procedures for IT and compliance
  • Spearhead all efforts for NIST 800-171/800-172 compliance
  • Spearhead all efforts for CMMC Level 2 compliance – SPURS Score 100/110
  • Conduct all risk assessments
  • Write SSP
  • Implemented Change Management process
  • Implement Data Classification
  • Worked with various departments to ensure their compliance with ITAR/EAR, DFARS, NIST, CMMC, ISO
  • Work with customers to ensure our compliance with their standards
  • Develop and test Disaster Recovery Plan (DRP)
  • Develop and test Incident Response Plan (IRP)
  • Implement and conduct Security Awareness Training activities
  • Conduct Vulnerability Analysis
  • Conduct various user assessment activities to include Phishing test
  • Implement and manage various physical security controls to include badge reader system, camera system, and visitor management system.
  • IT Management
  • Work with corporate leadership to ensure IT and business objectives were aligned.
  • Develop annual budgets for IT and Compliance.
  • Research various technologies for infrastructure implementation
  • Research, evaluate, and engage various IT vendors
  • Design, implement, and manage the infrastructure
  • Backend management of Epicor ERP System
  • Manage Active Directory
  • Develop Baselines for workstations/Servers/Virtual workstations (Generally based off STIGS)
  • Consult with customer IT departments to assist with their issues, to ensure compliance
  • Physically perform cable runs, copper and fiber
  • Migrated to Google Workspace
  • Develop access controls for folders
  • Design folder structure for all data repositories
  • Design permissions structure for all data repositories
  • IT Management – Customer Activities
  • Collaborate with Corpus Christie Army Depot (CCAD) to design and build a server and workstation environment for integration into their network for the control and testing of helicopter transmission test stands that RedViking was contracted to build.
  • Spec Server and Storage Hardware
  • Spec Core and Access Switches
  • Build the virtual environment based on VMWare
  • Build required virtual servers to include file servers, application servers, SQL cluster
  • Develop all documentation associated with the infrastructure
  • Assist with integration at the final destination
  • Work with various customers to implement communication between them and their test equipment to include FORD, Sikorsky, Pratt & Whitney or to facilitate a remote connection to the customers production floor.
  • Conduct in various RedViking lead customer audits
  • Participate in various security audits performed by customers
  • Consulted with customers regarding various IT/Security issues they faced.
  • IT Management – CAD Administrator
  • Design, Implement, maintain SolidWorks EPDM Vault.
  • Design Access Control policies for vault
  • Develop and maintain vault workflows and folder structure
  • Maintain user environment for up to 50 design engineers
  • Implement and maintain SVN repository for Controls Engineers

System Specialist II

Tyonec Native Corporation
Madison
01.2010 - 08.2010
  • Responsible for maintenance, analysis, troubleshooting and repair of computer systems, hardware and peripherals.
  • Documents, maintains, and upgrades and replaces hardware and software systems.
  • Works with other IT staff members to ensure all policies are applied consistently throughout the corporation.
  • Development of system images on a quarterly /semiannual basis and provide regular education to Tyonek personnel to ensure policies/procedures are understood.
  • Investigate policy violations and forensically investigate workstations as needed

INFORMATION SECURITY COORDINATOR/SENIOR ANALYST

EMCO Technologies
Madison
12.2009 - 01.2010
  • Company Overview: (NASA Contract)
  • Examine, write, or update Information Security Policies and Procedures.
  • Perform facility and infrastructure audits and risk analysis.
  • Write and present reports and suggestions based on findings to management.
  • Ensure the infrastructure is compliant with all NASA and other federal directives concerning information security.
  • Maintain knowledge of NIST 800-53 and FDCC standards.
  • Perform annual site security certification and accreditation audit.
  • Stay current on threats to security.
  • Work with the facility training coordinator to ensure help desk staff has appropriate knowledge of NASA information security standards and how to implement those standards.
  • Provide tier one support for end users at all NASA sites and facilities worldwide
  • Resolve hardware, software, and customer support issues.
  • Answers, evaluates, and prioritizes incoming telephone, voice mail, and E-mail requests for assistance.
  • Logs and tracks calls using problem management database (Remedy), maintain history records and related documentation.
  • NASA 85P security Clearance required.
  • (NASA Contract)

INFORMATION SECURITY COORDINATOR

VIVA Health
Birmingham
12.2008 - 12.2009
  • Responsible for the on-going management of information security policies, procedures and technical systems in order to maintain the confidentiality, integrity, and availability of all organizational healthcare systems.
  • Worked within the NIST 800-53 as well as HIPAA compliance framework

Senior Help Desk Analyst

EMCO Technologies
Madison
06.2004 - 12.2008
  • Company Overview: (NASA Contract)
  • Provide tier one support for end users at all NASA sites and facilities worldwide
  • Resolve hardware, software, and customer support issues.
  • Answers, evaluates, and prioritizes incoming telephone, voice mail, and E-mail requests for assistance.
  • Logs and tracks calls using problem management database (Remedy), maintain history records and related documentation.
  • NASA 85P security Clearance required.
  • (NASA Contract)

Senior Help Desk Analyst

AC Technologies
Tuscaloosa
05.2004 - 06.2008
  • Company Overview: (Department of Veterans Affairs Contract)
  • Tier one support for end users with hardware and software issues.
  • Answers, evaluate, and prioritize incoming telephone, voice mail, e-mail, and in-person requests for assistance from users experiencing problems with hardware, software, networking and other computer-related issues.
  • Logs and tracks calls using problem management database (Remedy) and maintain history records and related documentation.
  • Requires excellent verbal and written communication skills
  • (Department of Veterans Affairs Contract)

Education

Masters of Science - Information Assurance and Security specializing in Network Defense

Capella University
Minneapolis, MN
06.2021

Bachelors - Information Technology specializing in Information Assurance and Security

Capella University
Minneapolis, MN
06.2014

Skills

  • Fortinet Security Stack
  • Risk assessment
  • Incident response
  • Policy writing
  • Vulnerability analysis
  • Change management
  • CMMC compliance
  • Fortigate
  • Fortianalyzer
  • Forticlient EMS
  • Fortinet ZTNA
  • FortiMail
  • FortiSwitches
  • CISCO Meraki Switches
  • Wireless Access Points
  • CISCO 3560 Core Switches
  • AV Products
  • Server and workstation vendors/products
  • VMWare
  • Microsoft Server Technologies
  • Backup Technologies
  • Storage Technologies
  • Epicor ERP
  • SolidWorks EPDM Vault
  • Active Directory
  • DNS
  • Visual SVN
  • Microsoft SQL
  • Abnormal Security
  • Google Workspace
  • NIST 800-171
  • NIST 800-172
  • NIST 800-53
  • CMMC Level 2 V2
  • CMMC Level 3 V1
  • DFARS
  • NISPOM
  • DISA Stigs
  • DIACAP
  • RMF
  • HIPAA
  • Data classification
  • Security audits
  • Network security
  • System migration
  • Security training
  • Compliance documentation
  • Technical troubleshooting
  • IT governance
  • Cyber Crime Investigation
  • Virtualization security
  • Penetration testing
  • Identity and Access management
  • Protecting networks
  • Operating Systems Security
  • Malware analysis
  • Wireless security
  • Security planning

References

References available upon request.

Timeline

IT Manager/Security Manager

RedViking – a Lincoln Electric Company
04.2025 - 02.2025

Sr. Security Analyst

Roush Defense
02.2025 - 04.2025

IT Manager/Security Manager

RedViking
08.2010 - 04.2024

System Specialist II

Tyonec Native Corporation
01.2010 - 08.2010

INFORMATION SECURITY COORDINATOR/SENIOR ANALYST

EMCO Technologies
12.2009 - 01.2010

INFORMATION SECURITY COORDINATOR

VIVA Health
12.2008 - 12.2009

Senior Help Desk Analyst

EMCO Technologies
06.2004 - 12.2008

Senior Help Desk Analyst

AC Technologies
05.2004 - 06.2008

Masters of Science - Information Assurance and Security specializing in Network Defense

Capella University

Bachelors - Information Technology specializing in Information Assurance and Security

Capella University

Similar Profiles

CREATE PROFILE
Dustain Ebaugh