Nicco Denton
Los Angeles,CA
Summary
Diligent Cyber Security Analyst with a strong background in protecting sensitive information and systems. Skilled in implementing the Risk Management Framework (RMF) and overseeing Authorization to Operate (ATO) processes to strengthen organizational resilience and ensure compliance. Demonstrated success in collaborating with teams and engaging stakeholders to effectively mitigate risks and promote a culture of cybersecurity awareness.
Overview
8
8
years of professional experience
1
1
Certification
Work History
ISSM/ISSO/ Sr. Principal Cyber Security Analyst
Northrop Grumman
12.2020 - Current
- Team lead of 4 Information System Security Officers (ISSOs) in supporting and maintaining multiple classified networks and achieving Authorization to Operate (ATO)
- SIPRNet ISSM supporting Spectrum Technology Center location working on DoD accredited programs
- Primary POC responsible for continuing the workflow for software approvals
- Using due-diligence to approve and vet various software to include COTS, GOTS, Freeware, and Open-Source by using industry standards such as MITRE CWE Top 25, CVE, NVD, Snyk, and Iron Bank for special access programs
- Developing and utilizing Splunk dashboards for auditing and monitoring to ensure the safeguarding of information systems and data from external and internal threats
- Work closely with the System Administrators to maintain various system and application certifications and accreditations status
- Manage POA&Ms in eMASS as applicable by submitting mitigation strategies, completion dates, extensions, and milestones on accreditation activities
- Develop SOPs in support of Government Customer and Cyber Information Systems Security (CISS) Community
- Working closely with company peers to test and review information systems to ensure the highest levels of security for systems and information that needs protection
- Review all assigned systems to identify potential security weaknesses, recommend improvements to amend vulnerabilities according to Common Vulnerabilities and Exposures (CVE), implement changes and document upgrades
- Participate in the Cyber Security education and awareness of colleagues
- This includes DoD Security briefs, Privileged User briefs, Trusted Download, and Assured File Transfer briefings
- Interface and coordinate Security efforts with Industrial Security, IT, Program Management and Operations
- This includes using SIMS to verify that users have completed the appropriate training and are cleared before accessing information systems
ISSO/ Cyber Security Analyst
Mission First Solutions
06.2020 - 12.2020
- Perform assessments of systems and networks within the network environment/ enclave and identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy
- Ensure security policies, procedures; recommendations comply with FISMA, NIST, Organizational guidelines and technical best practices
- Implement Risk Management Framework (RMF) in accordance with NIST SP 800-37 Rev2
- Monitor and conduct Security Control Assessment to ensure all controls meet security requirements as stipulated in the SSP and NIST SP 800-53 Rev4
- Identify active network devices, ports, and communication paths
- Develop Plan of Action and Milestones (POA&M) for identified vulnerabilities and ensure compliance through monthly updates
- Initiate compliance and vulnerability scan request to identify and report weaknesses and potential security breaches
- Participated in continuous monitoring that includes but not limited to POAM management, waiver & Exception support, and periodic recertification in accordance with NIST SP 800-137
Computer Support Specialist (IT Apprentice)
Department of Labor- IT Apprenticeship Program
07.2016 - 10.2020
- Received classroom and ongoing hands-on training to perform a variety of computer systems administration and technical support tasks including:
- Learning the proper method of installing, configuring, and maintaining desktop and laptop PCs and peripherals
- Learning how to properly provide technical support and troubleshooting to assist end-users and resolve computer issues
- Analyzing network connectivity issues
- Learning how to correctly perform data backups, virus scans, and administering security settings
Information Technology Specialist - Mid
NGEN Contract
12.2019 - 06.2020
- Assisting the Cyber team with STIG auditing for the removal of CAT 1, vulnerability isolations to meet ATO requirements
- Providing End-User support for hardware and software issues by consulting with customers via in-person, phone, and email
- Escalating issues to the various IT teams when necessary and following up on any escalated issues within a timely manner
- Backing up end-user data through robocopy and EMC Avamar solutions
- Incorporating PowerShell scripts to optimize different work processes
- Tech refresh responsible for the imaging and installation of end-user workstations
- Utilizing ACAS to scan devices for vulnerabilities to meet IA standards
- Responsible for the re-imaging of MCEN customer workstations
- Responsible for the installation and setup of command wide multi-functional printers (MFP)
- Installing the required patches, drivers, and software to meet DoD IA compliance
- Assisting Cyber with enhancing the security posture of DoD IA systems through the hardening of Marine Corps computer assets via STIG checklists
- Ability to maintain closing tickets on Remedy ticketing system and managing a call que on daily basis
- Providing troubleshooting for end-user workstations, telephones, peripherals, networked printers/scanners, and cellular devices
- Provide tier two support to end users with professionalism, timeliness, and accuracy
- Troubleshoot IT related issues (hardware, software, network, peripherals, VPN)
Education
Accelerated Management Program -
Yale SOM Executive Education
01.2022
Master of Science - Cyber Security & Information Assurance, Ethical Hacking and Penetration Testing
National University
01.2018
Bachelor of Science - Information Systems, IT Management
National University
01.2016
Skills
- Security Governance
- Security Policies & Procedures
- RMF Implementation
- DAAPM
- NIST
- CNSSI
- NISPOM
- JSIG Guidance
- Trellix
- SPLUNK
- STIG-VIEWER
- Tenable Nessus
- EMASS
- SCAP
- Snyk
Websites
Certification
- CISSP (700071)
- CCSP (700071)
- CISM (211646136)
- CGRC (Certified in Governance, Risk and Compliance)
- CompTIA Security+
- CompTIA Linux+
Clearancelevel
Active Top Secret/SCI
Career Experience
- Northrop Grumman, ISSM/ISSO/ Sr. Principal Cyber Security Analyst, 12/20, Present, Team lead of 4 ISSOs supporting classified networks., Primary POC for software approvals., Developing Splunk dashboards for auditing., Manage POA&Ms in eMASS., Develop SOPs for Government Customer.
- Mission First Solutions, ISSO/ Cyber Security Analyst, 06/20, 12/20, Perform assessments of systems and networks., Ensure compliance with FISMA and NIST., Implement RMF in accordance with NIST SP 800-37 Rev2.
- NGEN Contract, Information Technology Specialist - Mid, 12/19, 06/20, Assisting Cyber team with STIG auditing., Providing End-User support., Utilizing ACAS to scan devices for vulnerabilities.
- UCSD HEALTH | Insight Global, Field Service Technician (Contract), 10/19, 12/19, Utilized SCCM to image and push applications., Managed trouble tickets through Service-now.
- Mater Dei Catholic High School, System Administrator | Help Desk Support, 05/18, 12/18, Provided Desktop Support for over 1,200 customers., Administered group policies and security policies.
- Department of Labor- IT Apprenticeship Program, Computer Support Specialist (IT Apprentice), 07/16, 10/20, Received training in computer systems administration., Provided technical support to assist end-users.
Personal Information
Title: Sr. Cyber Security Analyst
References
REFERENCES PROVIDED UPON REQUEST
Timeline
ISSM/ISSO/ Sr. Principal Cyber Security Analyst
Northrop Grumman
12.2020 - Current
ISSO/ Cyber Security Analyst
Mission First Solutions
06.2020 - 12.2020
Information Technology Specialist - Mid
NGEN Contract
12.2019 - 06.2020
Computer Support Specialist (IT Apprentice)
Department of Labor- IT Apprenticeship Program
07.2016 - 10.2020
Accelerated Management Program -
Yale SOM Executive Education
Master of Science - Cyber Security & Information Assurance, Ethical Hacking and Penetration Testing
National University
Bachelor of Science - Information Systems, IT Management
National University