Summary
Overview
Work History
Education
Skills
Certification
Previousemployers
Profencies
Interests
Timeline
Generic
Justin Lewis

Justin Lewis

Arlington,VA

Summary

Results-driven Senior InfoSec Analyst with a passion for designing and aligning security architecture plans and processes with security standards and business strategy. Significant experience applying NIST RMF and various security frameworks to hybrid and cloud infrastructure, with a proven history of delivering exceptional risk management and cybersecurity support. Considerable experience with security operations, incident response, SIEM management, threat hunting and engineering security solutions. Tenacious about security modernization, automation and redefining approaches to mission-critical operations to achieve optimal business performances and balanced organizational security.


CISSP certified with over 18 years of Cybersecurity and IT experience working in fast-paced and high demand industries. Effective when managing simultaneous tasks, leveraging tools or processes to enhance productivity. A savvy innovator, equipped with strong problem-solving abilities, and self-motivated to tackle new challenges presented by the evolving threat landscape. Inspired to learn emerging technologies, pursue new challenges and projects. Excellent oral and written communication, skilled in briefing or reporting to executives, various audiences and colleagues. Known for thought leadership, proactivity and taking a collaborative approach to achieving organizational excellence.

Overview

12
12
years of professional experience
1
1
Certification

Work History

Sr. Principal Information Security Analyst

Cohesity (acquired Veritas Technologies LLC.)
04.2022 - Current
  • Provides security oversight, assesses risk, apply risk reduction strategies and implements safeguards to prevent security compromises. Implement advanced security monitoring tools and techniques to detect and respond to security incidents in real-time.
  • Enforce data classification policies to protect sensitive and proprietary organizational data.
  • Support security engineers with developing SIEM solutions to map alerting to MITRE, CIS and Cyber Kill Chain frameworks. Adjust detection mechanisms and fine-tunes analytics for high-fidelity alerting.
  • Continuously assess cloud-related security risks and vulnerabilities and develop mitigation strategies to address identified threats. Ensure response analysts have appropriate capabilities to respond effectively to security incidents
  • Address high priority security incidents, assist investigations, conduct threat hunting, contain and coordinate with respective stakeholders to ensure thorough remediation. Support post-mitigation efforts including root cause analysis incident reporting and lessons learned documentation
  • Maintain the Security Incident Response Plan and execute regular reviews of the incident response process and postmortem exercises, with a focus on creating measurable benchmarks to improve efficiency. Coordinate and oversee periodic SIRP testing
  • Serves as Insider Threat Program Senior Officer (ITPSO), leading program management, assessing insider risk, responding and mitigating insider threats. Provide regular briefings to CEO and Senior Leadership
  • Lead security program initiatives to train and educate the user base, executing continuous phishing exercises, and cyber security awareness training. Effectively reducing the risk of exposure through tailored training, with measurable key performance indicators.
  • Drives security operations maturity leading high-visibility initiatives, promoting defense-in-depth strategies to improve organizational security tools, modernize processes and incorporate automation where applicable.
  • Identifies security gaps, analyzes and measure risk of internal assets and apply security safeguards leveraging security frameworks such as NIST CSF, SP 800-137, SP 800-171 and SP 800 53. Referencing AWS well-architected framework and Azure Security Benchmarks to support zero-trust architecture
  • Periodically review standard operating procedures, protocols, and capabilities to ensure the SOC continues to effectively meet operational requirements in response to known and emerging threats
  • Collaborates with cross-functional teams, partner with security architecture, Risk Compliance, Threat & Vulnerability management teams to conduct threat and control assessments, apply safeguards and countermeasures and ensure compliance with CMMC, FedRAMP, legal and regulatory requirements (SOC 2 Type II) across Enterprise Architecture.

Sr. Principal Specialist - Cyber Sec & Risk Management

Raytheon BBN Technologies
02.2020 - 04.2022
  • Company Overview: Raytheon Intelligence and Space (RI&S)
  • Applies RMF, IAW with NIST Frameworks, CNSSI-1253, ICD-503,705, DCSA, DAAPM, NISPOM, Special Access Programs (SAP), Intelligence Community (IC) directives, DISA, SCAP, STIGs and customer requirements
  • Collaborated with appropriate stakeholders to assess cybersecurity risks, vulnerabilities and mitigates security threats
  • Responsible for maintaining the security posture of multiple classified information systems and networks
  • Maintained and updated System Security Plans, Risk Assessments, Network & System Artifacts, Security Control Matrices, Plans of Action & Milestones
  • Categorized, selected, assesses, implemented, and continuously monitoring 400+ controls at required intervals
  • Participated in CCB (Configuration Control Board)
  • Ensured proper account management and documentation
  • Ensured audit records are collected and analyzed in accordance with the system security plan
  • Monitored user activities and ensured data was analyzed, stored, and protected in accordance with the Insider Threat Program Senior Official (ITPSO) policies and procedures
  • Client-focused service, reporting and management
  • Collaborated with program managers to identify needs of information system(s)
  • Notified ISSM of security infractions, non-compliance activities and security relevant changes to a system
  • Raytheon Intelligence and Space (RI&S)

Information Technology Specialist – Cyber Security

United States Department of the Treasury
06.2017 - 02.2020
  • Company Overview: Associate Office of the Chief Information Officer - Infrastructure & Operations
  • Lead IT Specialist responsible for the managing the Treasury DO Endpoint Security solution, actively developing an integrated threat defense lifecycle, supporting Operations Security initiatives and applying Treasury security policies, guidelines and directives
  • Managed a centralized endpoint security solution leveraging security operations center tools to actively monitor emerging threats, analyze logs, and endpoint network traffic to hunt for malicious and anomalous activity government systems
  • Provided daily security oversight, for systems, and infrastructure operations
  • Implemented automated maintenance for security software pertaining to anti-virus and anti-definitions, exploit content, and software patches
  • Automated AV scans for systems and network nodes
  • Analyzed and correlated scan logs and data across multiple SOC tools including vulnerability scans, endpoint support data, operating system logs and other tools
  • Reported malicious activity and assisted SOC team members mitigation efforts on systems
  • Managed Data Loss Prevention, Insider Threat Prevention tools and enforced government policies for managed systems
  • Reported directly to the DO CISO and Operations team leads
  • Collaborated with ISSO/Ms, members of Office of Intelligence and Analysis (OIA), Office of Counterintelligence (OCI), and Government Security Operations Center (GSOC)
  • Provided regular reports for executive level security personnel
  • Assisted with mitigation efforts for Plans of Actions and Milestones
  • Provided recommendations for improvements to SOC monitoring tools
  • Participated in demonstrations, and presentations to further enhance the managed security infrastructure and improve security posture across the environment
  • Developed appropriate system-based policies, standardizes procedures, and rules of behavior to improve effectiveness of security of managed systems
  • Developed documentation outlining processes, policies, procedures and infrastructure management of endpoint security solution in compliance with Treasury DO policies and IAW NIST Special Publication 800-53
  • Associate Office of the Chief Information Officer - Infrastructure & Operations

Wireless Security Specialist

Integrio Technologies LLC
07.2015 - 06.2017
  • Company Overview: United States Department of the Treasury, Office of the Chief Information Officer
  • Lead Wireless Security Specialist responsible for providing daily cyber security oversight and managing the Wireless Intrusion Prevention System infrastructure ensuring the security of the wireless air space in designated Treasury Departmental Offices and enforcing Treasury Security policies
  • Managed Wireless Intrusion Prevention System security solution and served as a subject matter expert for matters pertaining to wireless security
  • Monitored, and analyzed wireless traffic, logs and network activity for Treasury networks and systems
  • Provided support and preventative maintenance to wireless intrusion prevention system
  • Performed monthly wireless scans, site surveys of client networks and non-wireless environments
  • Interfaced with Federal Department representatives from the Office of Intelligence and Analysis (OIA), U.S
  • Secret Service (USSS), Office of Security Personnel (OSP), Government Security Operations Center (GSOC), Enterprise Infrastructure Operations Division (EIO) and members of other agencies and bureaus such as the Department of Homeland Security (DHS) and Department of Defense (DOD)
  • Planned, designed, installed, and configured (WIPS) based on the Mojo Wireless Management Platform IAW government policies and NIST SP 800-53
  • Performed risk and threat assessments for non-wireless and wireless environments
  • Performed vulnerability scans and participated in incident response efforts
  • Leveraged protocol analyzers and SOC tools to baseline and report on systems and network activity
  • Tracked project tasks, established project objectives, milestones and execute tasks to completion
  • Developed SOPs, CONOPs, and Incident Response policies for WIPS management
  • Responsible for providing reports to Executive Officers and Security personnel
  • Developed wireless penetration testing laboratory and demonstrated offensive security tools and techniques to security personnel
  • United States Department of the Treasury, Office of the Chief Information Officer

Lead Systems & Network Administrator

Enginuiti Inc.
08.2012 - 07.2015
  • Lead Systems Engineer, responsible for providing network management and security services across all managed-service clients in the hospitality, medical, and automotive industries
  • Established and preserved customer relationships, industry partnerships for service providers and deliver comprehensive network and security solutions to customer base
  • Provisioned, managed, and supported over 750 end users at 20 customer locations
  • Designed, proposed, and implemented network and security solutions IAW Payment Card Industry Data Security Standards (PCI-DSS) compliance requirements
  • Leveraged protocol analyzers, network mappers, SIEM and endpoint security solutions for network management, operations, and incident response
  • Identified and assessed vulnerabilities using network-monitoring tools such as GFI LanGuard, Tenable Nessus, and NMAP
  • Deployed wireless enterprise systems IAW IEEE 802.11 standards and security best practices established by NIST SP800-53
  • Implemented and configure enterprise security appliances such as Cisco ASA and Ecessa WaaS Firewalls, as well as Innguard Content Filters
  • Managed networks with Trustwave Unified Threat Management Appliances
  • Maintained awareness of emerging technologies and solutions to better support client needs for maintaining network efficiency and system security

Education

Bachelor of Science - Information Technology

George Mason University
Fairfax, Virginia
12.2006

Skills

  • Information, network and cloud security
  • Security operations and incident response
  • NIST RMF, CSF, FISMA, FedRAMP
  • Insider Threat program management
  • Security project management
  • Controls assessment and auditing
  • SIEM management
  • Vulnerability assessment
  • Threat hunting and analytics
  • IT Administration
  • Problem-solving and process efficiency
  • Documentation and reporting

Certification

  • Certified Information System Security Professional (CISSP), Active - 10/01/22
  • Microsoft Azure Foundations 900, 01/01/24
  • CrowdStrike Falcon Investigator
  • CompTIA Security + Certification, 12/01/20, 12/01/23
  • Certified Information System Security Officer, 10/01/21

Previousemployers

redacted and available upon request

Profencies

  • SIEM Experience (5 years) | Splunk, Enterprise Security, Microsoft Sentinel, Qradar
  • Cloud Infrastructure | Microsoft Azure and AWS IaaS, PaaS,
  • Endpoint and Compliance Security | Microsoft Defender Suite, CrowdStrike Falcon Investigator, Zscaler, DLP
  • Security Training | KnowBe4 Phishing, Training, LearnCentral
  • CrowdStrike Falcon Administrator & Investigator
  • ITSM/Collaboration | Atlassian Jira/Confluence, Service-Now, Microsoft PowerBi
  • Vulnerability Tools | Nessus, Qualys, Rapid 7
  • Netwrok Analytics | Wireshark and Netflow Analyzers
  • Identity Management | Entra AD & Active Directory
  • Firewalls/Routing/Switching
  • Virtualization & Hypervisiors | VMware, Citrix Xen
  • Host Security | Windows/Linux/Unix Server Administration, Powershell, Auditing tools
  • Offensive Security | WIDS/WIPS, Wireless Penetration tools, Kali Linux
  • Forensic investigation and related tools

Interests

  • CISSP Informational Systems Security Architecture (ISSAP) Certification
  • Sherwood Applied Business Security Architecture (SAPSA)
  • Open Group Architecture Framework (TOGAF)
  • CISSP CCSP (Certified Cloud Security Professional)
  • Azure Certified Solutions Architect
  • AWS Certified Solutions Architect
  • Offensive Security Certified Professional (OSCP)


Timeline

Sr. Principal Information Security Analyst

Cohesity (acquired Veritas Technologies LLC.)
04.2022 - Current

Sr. Principal Specialist - Cyber Sec & Risk Management

Raytheon BBN Technologies
02.2020 - 04.2022

Information Technology Specialist – Cyber Security

United States Department of the Treasury
06.2017 - 02.2020

Wireless Security Specialist

Integrio Technologies LLC
07.2015 - 06.2017

Lead Systems & Network Administrator

Enginuiti Inc.
08.2012 - 07.2015

Bachelor of Science - Information Technology

George Mason University

Similar Profiles

  • Sidhesh Gawas

    Sidhesh GawasSidhesh Gawas

    MTS-4 (Previously Principal Software Engineer) at Cohesity (Previously Veritas Technologies LLC)MTS-4 (Previously Principal Software Engineer) at Cohesity (Previously Veritas Technologies LLC)

    View Profile
  • Shelly Calhoun-Jones

    Shelly Calhoun-JonesShelly Calhoun-Jones

    Technical Marketing Director at CohesityTechnical Marketing Director at Cohesity

    View Profile
  • ERIC SCHUSTER

    ERIC SCHUSTERERIC SCHUSTER

    Sr. Systems Engineering Manager- Enterprise East at CohesitySr. Systems Engineering Manager- Enterprise East at Cohesity

    View Profile
Justin Lewis