Earl Burke

• Developed incident response plans ensuring compliance with industry standards.
• Conducted security vulnerability scans, identifying critical areas for enhancement.
• Reviewed system logs and monitored network traffic for anomalies.
• Evaluated user access privileges according to company security protocols.
• Deployed endpoint protection tools, including anti-malware software, to safeguard systems.
• Researched emerging threats utilizing threat intelligence sources for proactive defense.
• Collaborated with cybersecurity professionals and law enforcement to share insights and coordinate responses.
• Maintained current knowledge of cybersecurity trends, threats, and vulnerabilities.
• Reviewed system logs and monitored network traffic for suspicious activity.
• Developed incident response plans to ensure compliance with industry standards.
• Conducted security vulnerability scans and identified areas for improvement.
• Assisted in developing policies and procedures related to information security management.
• Researched emerging threats using threat intelligence sources.

Lead enterprise-wide vulnerability scanning, analysis, and reporting using ACAS (Tenable.sc) for traditional infrastructure and AWS Inspector for cloud-hosted assets.

• Interpret and apply DISA STIGs to establish secure configuration baselines, develop remediation plans, and manage POA&M lifecycle activities.

• Coordinate with system owners, application teams, and ISSOs to drive timely remediation of findings and risk reduction.

• Automate vulnerability scanning and reporting pipelines to increase coverage and reduce cycle time.

• Create and maintain vulnerability dashboards, compliance reports, and audit-ready documentation for leadership and auditors.

• Support RMF continuous monitoring and ensure timely ingestion and tracking of findings in SNOW

• Mentor junior analysts and contribute to SOP development and policy refinement

• Managed and approved Accreditation Packages, including ISO/IEC 15026-2 standards.
• Reviewed authorization and assurance documents to validate acceptable risk levels for software applications.
• Established limits for software applications, networks, and systems based on risk assessments.
• Assessed manpower requirements to ensure alignment with organizational objectives.
• Developed policies and strategies adhering to laws and regulations governing cyber activities.
• Coordinated cyber operations across functions to enhance overall effectiveness.
• Identified external partners aligned with organizational cyber operation interests.
• Interpreted and enforced relevant laws and regulations to fulfill organizational cyber objectives.
• Provided customer service by answering product and service-related questions.
• Escalated unresolved issues to appropriate departments for further investigation.
• Assisted customers with order placement, returns, exchanges, and refunds.
• Assisted in the development of marketing strategies for products and services.
• Collaborated with colleagues in other departments to ensure that all customer needs were met effectively.

• Streamlined project processes using agile methodologies, enhancing efficiency, and reducing completion times.
• Supported simultaneous delivery of various e-commerce and mobile projects.
• Identified risks early in project lifecycle, developing mitigation plans to prevent delays or cost overruns.
• Established communication channels through detailed status updates, ensuring stakeholders remain informed of critical milestones.
• Facilitated communication via effective meeting management and timely resolution of conflicts.
• Supervised contract tasks performed by project personnel to ensure optimal performance.
• Directed daily program activities, aligning them with overarching objectives.
• Served as primary contact for all contract delivery activities, promoting clear communication and collaboration.

Security control assessor Insight Global, McLean, VA

• Supported incident response efforts by analyzing security breaches and recommending appropriate corrective actions.

• Maintained up-to-date knowledge of emerging cyber threats, ensuring relevant expertise in assessing security risks.

• Recommended improvements in security policies and procedures, leading to enhanced protection against potential threats.

• Developed detailed reports on security control assessment findings for stakeholders to facilitate informed decision making.

• Streamlined the security control assessment process by creating standardized templates and procedures.

• Evaluated and improved security controls by conducting thorough risk assessments.

• Performed gap analyses on existing security controls, identifying areas requiring improvement or additional measures.

• Reduced cybersecurity vulnerabilities through the development of tailored mitigation strategies.

• Conduct comprehensive security control assessments for diverse information systems, ensuring alignment with NIST, FISMA, and other relevant frameworks

• Applied a holistic approach when assessing systems, considering both technical aspects as well as human factors influencing overall risk posture.

• Develop and implement assessment plans, methodologies, and risk analysis strategies to evaluate controls' effectiveness

• Generate detailed Security Assessment Reports (SARs) and findings reports, articulating assessment results and providing actionable recommendations

• Collaborate with system owners, administrators, and stakeholders to gather necessary assessment information and address security concerns

• Establish continuous monitoring procedures, track system environment changes, and provide ongoing risk analysis

• Assisted in security control assessments, vulnerability assessments, and risk management activities

• Conducted security awareness training sessions for employees, emphasizing best practices and compliance with security policies

• Supported audit activities by providing documentation and evidence of security control assessments and addressing audit findings.