Summary
Overview
Work History
Education
Skills
Certification
Education
Timeline
Generic

James Ferm

San Diego,CA

Summary

Senior Cyber Security Engineer with over 12 years of experience in securing Department of Defense enterprise systems. Expertise in designing and deploying robust enterprise-level Data Loss Prevention (DLP), Identity and Access Management (IAM), Privileged Access Management (PAM), Endpoint Protection Management (EPM), and Zero Trust Network Access (ZTNA) controls, ensuring data protection without compromising usability. Proven track record in developing comprehensive security strategies and implementing scalable solutions across diverse environments. Recognized for reliability, adaptability, and the ability to translate complex requirements into effective security standards that enhance organizational resilience.

Overview

13
13
years of professional experience
1
1
Certification

Work History

Senior Consultant

Booz Allen Hamilton, Inc.
San Diego, CA
09.2022 - Current
  • Led a team of technicians to deliver innovative solutions to enterprise level issues, improving service reliability and incident response.
  • Maintained security and compliance of 21 servers and 10 workstations through the implementation of WSUS patch management.
  • Configured and managed Cisco and Juniper Switches to enforce network segmentation and secure routing.
  • Developed policies for ENS, HIPS, and DLP to reduce false positives and enhance endpoint protection.
  • Tracked policy development lifecycle from testing to deployment, enforcing consistent security baselines.
  • Patched enterprise systems with updated plugins, FAMs, and STIGs, ensuring compliance with DoD standards.
  • Conducted ACAS vulnerability scans in Unmanned Surface Vessel environments, delivering actionable RMF data.
  • Generated STIG checklists, documenting compliance evidence for accreditation packages.
  • Engineered ESS solutions for lab and shipboard deployments using Zero Trust controls to enhance security.
  • Led cross-functional teams to deliver strategic solutions for complex client challenges.
  • Developed comprehensive project plans, aligning resources to achieve client objectives efficiently.

Senior Network Engineer

JSL Technologies
05.2021 - 09.2022
  • Executed six major server upgrades as team lead from McAfee HBSS to Trellix ESS.
  • Developed and implemented Host Based IPS Firewall policies for Industry Partner Backup solution Installation.
  • Provided onsite and remote troubleshooting support for McAfee HBSS, ensuring swift resolution of issues.
  • Identified and documented corrective actions for McAfee HBSS and ePolicy Orchestrator.
  • Developed ENS policies for critical Shipboard Systems implementing least privilege and endpoint protection.
  • Supported eight external installations through comprehensive HBSS policy grooming.
  • Developed and tuned Trellix DLP policies to protect PII, CUI, and classified information, reducing false positives and enhancing audit readiness.
  • Implemented DLP controls to restrict the use of removable media and prevent transfer of sensitive files, aligning with DLP best practices.
  • Led network design and implementation for enterprise-level solutions, enhancing system performance and reliability.
  • Developed and executed network security protocols, significantly reducing vulnerabilities across all systems.
  • Mentored junior engineers, fostering skill development and improving team productivity through knowledge sharing.

Information Systems Technician

United States Navy
09.2013 - 04.2021
  • Scanned and patched 300 assets for cyber compliance to maintain cyber compliance with DISA STIGs and DoD Security Standards improving overall security posture.
  • Conducted scanning and compliance assessments using Retina, ACAS, and VRAM to ensure timely identification and remediation of network vulnerabilities.
  • Administered 20 servers and 300 assets across 2 Active Directory domains enforcing PAM and IAM principles through account segregation, role-based access controls, and least-privilege enforcement as lead System Administrator.
  • Configured and managed Cisco and Alcatel Routers and Switches to support network communications and network segmentation.
  • Maintained a Red Hat Enterprise Linux environment, enforcing EPM by applying account segmentation and restricting root access to mitigate privilege escalation risks.
  • Implemented DLP policies restricting the use of removable storage utilizing McAfee DLP.
  • Maintained and repaired various information systems to ensure operational readiness.
  • Analyzed system performance to identify areas for improvement and implement solutions.
  • Supported training initiatives for personnel on new technologies and system updates.

Education

Master of Science - Cyber Security

California State University San Marcos
San Marcos, CA
2026

Bachelor of Science - Computer Networks And Cybersecurity

University of Maryland Global Campus
College Park, MD
08-2023

Skills

  • Privileged Access Management
  • Identity & Access Management
  • Data Loss Prevention
  • Database management
  • System administration
  • Security management
  • Network configuration
  • Virtualization technologies (VMWare, VBox)
  • Cisco Routers and Switches
  • Endpoint Privilege Management
  • Zero Trust Network Access
  • SQL
  • Linux and Windows OS
  • Access control management
  • Data protection strategies
  • Juniper Switches
  • Alcatel Switches
  • ACAS
  • Teamwork mindset

Certification

  • A+, 2014, 2026
  • Network+, 2018, 2026
  • Security+, 2014, 2026

Education

true,other

Timeline

Senior Consultant

Booz Allen Hamilton, Inc.
09.2022 - Current

Senior Network Engineer

JSL Technologies
05.2021 - 09.2022

Information Systems Technician

United States Navy
09.2013 - 04.2021

Master of Science - Cyber Security

California State University San Marcos

Bachelor of Science - Computer Networks And Cybersecurity

University of Maryland Global Campus