Justin Greer

• Team lead for the Remediation Audit Monitoring team, part of the larger Security Patch Management group
• Responsible for investigating the last 2-3% of workstations that do not complete patching
• Used tools such as Splunk, Qualys, Aternity and Symantec Management Console (ITMS) to identify vulnerable machines for patching
• Performed routine hardening campaigns to ensure that workstations were properly patched
• Security Patch Management is responsible for continuous monitoring for over 110k workstations across the enterprise
• Managed open vulnerabilities, increasing compliance from 3% to 90%+ over the past year
• Contributed to the continuous process improvement (CPI) of the overall SPM Quarantine Team process and assisted in identifying vulnerabilities and gaps in the processes and better ways to serve internal and external customers
• Utilized IRS guidance as well as FISMA standards to ensure SPM policies were properly aligned while supporting the organization's mission
• Analyzed month-to-month remediation trends to identify patterns, as well as ascertain what deficiencies develop and why. Regularly communicate with leadership and other business units when shortcomings are discovered

• Team lead specializing in Knowledge Management, training, cybersecurity, and IT systems management
• Performed access management duties for users who needed access to the Knowledge Management console in Service Now
• Meaningfully contributed to the team that implemented the roll-out of Service Now in the IRS computing environment; managed assigned platform development projects and worked with administrators to validate changes and identify breaks or anomalous behaviors
• Maintained the Service Now Knowledge base for over 8K IRS IT support staff as well as the 90K+ IRS employees who interact with Service Now on a regular basis
• Managed a team of six personnel and two contractor while coordinating the transition of Winnie the chatbot, which required facilitating regular meetings with senior leadership and an outside organization to discuss project requirements, progress and blockers. This project was completed on-time and on-budget, and is utilized by IRS staff to answer basic IT questions to reduce service desk call volume.
• Managed hardware and software inventory, ensuring timely updates and replacements as needed.

• Team member focused on identity and access management (IAM) and system analysis
• Use tools such as SailPoint, CyberArk, IBM identity management tools, Ping and Microsoft Azure AD to manage user onboarding, offboarding, and transfer actions to ensure that users have just the right access to needed resources to perform assigned duties
• Worked to create and modify company policies to adhere to NIST and NERC standards
• Performed privileged access management (PAM) duties so that power users received elevated privileges in a controlled, regulated manner in a hybrid environment
• Managed user access in a hybrid (on-premises and cloud) environment
• Monitored daily reports to ensure that transfer and offboarding actions are triggering the correct processes, document instances of noncompliance with established policies, and perform root cause analyses to identify causes and advise on solutions to restore compliance
• Use elevated privileges to collect necessary data for compliance with North American Electric Reliability Corporation (NERC) regulations
• Advised enterprise users in using IAM tools to complete access reviews and ensure compliance
• Perform IAM duties for over 10,000 full-time employees and contractors across over a dozen sites in a two-state region
• As SailPoint admin, granted user access, created business roles for supervisors to request for new employees and transfers
• Cleared one-month documentation backlog, enhancing our team’s ability to identify instances of noncompliance, and aiding in reporting to the compliance team
• Interfaced with users concerning transfer reviews, providing training for completing tasks in SailPoint
• Collaborated with senior analysts to identify deficiencies in current processes and created new policies based on findings to align process outcomes with NIST standards and NERC regulations
• Performed assessments of emergent technologies to determine functionality and fit within the current IAM environment
• Created quick resource guides (QRGs) to assist users in the use our team’s tools to perform their assigned tasks
• Collaborated with team members to manage multi-factor authentication (MFA) and single sign-on (SSO) functions for the enterprise

• Duties: Tier-1 helpdesk support, transitioning to network administration during tenure
• As helpdesk support, provided assistance to customers over-the-phone, remotely, and in-person
• Performed IAM functions for installation
• Performed assessments using DISA Security Technical Implementation Guides (STIGs) to identify vulnerabilities in device configurations and used recommended remediations to harden network devices
• Performed patching duties in tandem with the National Guard Network Operations and Security Center (NOSC) on a monthly and as-needed basis
• As network system administrator, performed continuous monitoring and maintenance of the installation networking environment, sustaining devices that supported the network as well as some devices that used the network to provide services
• Performed network security duties, hardening network devices to maintain the installation Authorization to Connect (ATC) accreditation, enabling the installation to interface with other DOD information environments
• Utilized Active Directory to perform IAM functions for an installation of over 1000 users and nearly 2000 devices
• Managed user and device identities, onboarding, offboarding, and move functions for users, and security group creation for access to resources
• Proactively engaged with the installation’s Remedy Incident Management console, receiving tickets to assist users in resolving issues with the Microsoft Office suite (Word, Outlook, Skype, Excel, PowerPoint, etc.) and Avaya VOIP devices
• Resolved customer issues using a combination of in-person, over-the-phone, and remote (Skype, Remote Desktop, Remote Tools Console, Microsoft Management Console tools) assistance
• Performed root cause analysis on a range of customer issues, assisting with device connectivity, difficulties with various software types (productivity, device driver, emergency management, etc.), peripheral device malfunctions, and faults with other devices such as IP surveillance cameras and building alarm sensors
• Used established SOPs to complete work, documented novel solutions in SOPs, and created checklists to instruct new personnel in computing environment operations
• Implemented network security controls that safeguard the confidentiality, integrity, and availability of USAF systems and applications
• Led IT development projects in network and security design, development, and implementation for a new system, which was major enhancement to the existing system
• Led network administration for Rosecrans Air National Guard (ANG) Installation, with responsibility for day-to-day operations of the 139th Airlift Wing’s IP network
• Conducted vulnerability analyses in concert with the NOSC as part of the DOD/NIST Risk Management Framework (RMF)
• Utilized ACAS to generate reports, created and implemented POA&Ms to eliminate or mitigate risks that could not be remediated immediately, and was responsible for tracking elements to conclusion

• Managed the organization’s patch management activities, while performing IAM duties in a hybrid environment
• Managed the user and device identity lifecycle (onboarding, role changes, offboarding), created security groups and assigned users to provide least privilege access to sensitive domain resources, and configured Azure Apps to enable features like multifactor authentication (MFA) and single sign-on (SSO)
• Utilized Azure AD as well as on-premises AD daily to manage user access to organizational resources based on the 'zero-trust' security model
• Provisioned users, managed user identities while with the organization, and deprovisioned users to remove access at their departure
• Configured access management for the domain using MFA with the Microsoft Authenticator app, and set up SSO for federated apps on the domain
• Created and managed security groups to enable automated resource assignment to users, implementing least-privilege access, completed access review campaigns to ensure users didn’t have unneeded access
• Responsible for user profile creation for non-federated apps, completing password resets, as well as user data backup and restoration
• Subject matter expert for employee onboarding and offboarding, device configuration, and building access for new users
• Participated in training for employees during new hire orientation
• Maintained IT inventories and Office 365 licenses to ensure that resources were utilized efficiently
• Performed monthly and emergency patching duties for approximately 1,400 facility workstations and application servers
• Used Ivanti and PDQ Deploy solutions to collect vulnerability data and deploy software updates, and Qualys to monitor the environment and remediate identified vulnerabilities
• Performed emergency patching activities to mitigate emerging threats, then notifying leadership and documenting outcomes
• Coordinated remediation activities via an established change management process
• Deployed patches to a DEV/TEST environment to ensure there are no unforeseen issues before deploying to the PRODUCTION environment
• Completed SQL server backups and upgrades, creating database snapshots, installing current software, and uploading backups into new virtual server instances
• Utilized System Center Configuration Manager (SCCM)/ Microsoft Endpoint Configuration Manager (MECM) for imaging desktops and laptops
• Employed SecureDoc whole-disk encryption solution when staging devices to protect PHI
• Managed tickets via the Helpdesk web-based ticketing system

Performed helpdesk and IT security functions for the organization, information assurance (IA) related customer support functions, completed assessments, documented findings, performed incident response duties, managed accounts, network rights and access to networking environment (NE) systems and equipment, and provided initial and refresher IA training to unit personnel

• Completed IA assessments for different areas within the unit monthly, assessing the performance of IA security controls and analyzing system performance for potential security problems
• Performed system audits to assess security related factors, identified and documented security gaps, evaluating potential IA security risks and taking appropriate corrective and recovery actions
• Collaborated with other unit IAOs to establish security policies as well as business continuity/disaster recovery (BC/DR) plans and tested them during tabletop and limited scope exercises
• Implemented response actions in reaction to security incidents, coordinating investigations, remediation, and sanitization procedures for potential security incidents that occur within the unit
• Complete memoranda to detail final resolutions, and directly brief the Commander and other senior management personnel concerning the situation
• Performed provisioning, deprovisioning and move actions for unit personnel, managing access for over 180 personnel
• Educated users regarding security policies and their responsibilities when using domain resources
• Provided training during the initial provisioning
• Delivered quarterly briefings to inform personnel about threats to network resources and how to eliminate or mitigate risks
• Performance in this position directly resulted in a 'zero deficiency'
  finding for the 131st Maintenance Squadron during Wing Information Assurance Staff Assistance Visits three years running, and greatly contributed to an 'Excellent' rating for Whiteman Air Force Base in the 2014 Command Cyber Readiness Inspection