Summary
Overview
Work History
Education
Skills
Certification
Languages
References
Timeline
Generic

Richardson Ngwa Ngaling

Lanham,MD

Summary

Adept at spearheading cybersecurity initiatives, I enhanced security postures at General Dynamics Electric Boat through rigorous vulnerability management and strategic risk assessments. Also leveraging AWS services, I have built highly scalable, fault-tolerant, resilient, and secure compute infrastructures in cloud environments meeting customers' business, operational and security requirements cost effectively. Skilled in collaboration and Linux administration, I excel in high-stakes environments, ensuring robust, security compliant infrastructures and incident response.

I possess an ACTIVE DOD SECRET CLEARANCE

Overview

7
7
years of professional experience
1
1
Certification

Work History

Lead Tactical Network and Security Engineer

General Dynamics Electric Boat
Groton, CT
10.2023 - Current
  • Providing lifecycle cybersecurity and network support for embedded software, the modified Virginia-class submarines.
  • Manage a cluster of servers to support the team of software developers, providing a secure infrastructure for the development and testing of code in CUI environments.
  • Management and remediation of server vulnerabilities by implementing security controls using NIST standards, addressing these vulnerabilities for security hardening, and providing evidence for security audits.
  • Providing support as the lead network engineer and security compliance officer for submarine warfare tactical systems.
  • Responsible for leading a team of five engineers to provide robust network communications across compute and embedded software components on submarine warfare tactical network systems.
  • Experience prototyping simulations for concepts of operations on submarine warfare tactical network systems.
  • Collaborating with project stakeholders and third-party vendors to facilitate project needs.
  • Proactively perform threat hunting, conduct credential and non-credential vulnerability scans, and perform penetration tests for continuous monitoring of system security posture and for security awareness.
  • Ensuring that development, test, and production environments adhere to CUI specifications and comply with security audit requirements.
  • Collaborating in team Agile development workflows using the SDLC.
  • Developing a high-level design for tactical network architecture and engineering.
  • Implementing tactical network security through VLANs, firewall rules configurations, and disabling unused ports and protocols.
  • Developing, managing, and securing configuration items and code in repositories.
  • Serving as a POC and liaison, facilitating network and security integrations between internal and external stakeholders' information systems.
  • Build installation procedure drafts for projects for Configuration Management purposes, providing continuous support and maintenance.
  • Support formal configuration management and deployment releases of product deliverables.
  • Develop cron jobs and scripts for automation and system administration tasks.
  • Performing periodic software updates for OS patches and hardware upgrades, as required, to project and develop network environments.

AWS DevSecOps Engineer

Peraton Inc
Remote
12.2022 - 07.2023
  • Supported team in successfully designing and implementing a cloud-based solution to support and maintain the Department of Veterans Affairs (VA) MVP Online Program.
  • Leveraged AWS cloud services to build secure, highly scalable, and flexible systems that handled expected and unexpected load bursts for fast data transfer and secured connections to other AWS services and other AWS accounts.
  • Used the JIRA ticketing system for agile development project management and task completion.
  • Ensured security compliance by implementing best practices, encryption, and security monitoring.
  • Leveraged AWS IAM for user and group management, and creating respective roles and policies.
  • Used IAM best practices to implement robust authentication mechanisms, least privileges, and user activity logs to achieve AAA (Authentication, Authorization, and Accounting) for security posture, and audits.
  • Designed, implemented, and maintained the security of our organization's hosted cloud infrastructure, including VPC, web server, web application, and container services.
  • Implemented cloud network security groups, inbound and outbound rules, NACLs, and web application firewalls to achieve web application security.
  • Built and managed custom AMIs for recurring deployments, creating tags, and attaching permissions.
  • Demonstrated ability to architect and deliver scalable enterprise solutions using dynamic auto-scaling.
  • Configured and provisioned EC2 instances (web servers), implemented elastic load balancing capabilities, allowing for high-performing web applications.
  • Implemented continuous monitoring of the cloud environment, web servers, and other AWS services used by means of AWS CloudWatch Alarms, and leveraged SNS for notifications to designated personnel.
  • Managed access and encrypted data storage services in cloud environments, like S3 buckets, KMS keys, and databases.
  • Ensured low latency for web applications with the use of a CDN (CloudFront), Route 53.
  • Used the network health monitoring tool for health checks and for troubleshooting errors.
  • Developed CI/CD pipeline automation to enable automated security scans and streamlined development workflows, resulting in 75% faster builds and deployments.
  • Implemented automated security testing and scanning practices for web and mobile applications to detect and remediate security vulnerabilities, and designed and developed security policies and procedures.
  • Integrated Infrastructure as Code solutions, like Terraform, for predefined and automated resource provisions.
  • Implemented OKTA for Single Sign-On (SSO) applications with SAML protocols.
  • Designed and documented SOPs for procedures designed to follow best practices in the SDLC.

AWS Cloud Solutions Architect

Renoxx Inc
Lanham, MD
10.2017 - 11.2022
  • Served as a subject matter expert in IT and Cloud Infrastructure Architecture.
  • Designed and deployed secure, scalable, and cost-efficient AWS cloud architectures for a number of clients.
  • Designed environments to support high availability and business continuity using self-healing architectures, failover routing policies, multi-AZ deployment of EC2 instances, ELB health checks, Auto Scaling, and other disaster recovery models.
  • Designed VPCs for different client projects and web applications.
  • Defended the company's cloud infrastructure from cyberattacks by creating and implementing a robust cloud security strategy that included intrusion detection/prevention systems, user access controls, multi-factor authentication, access key rotation, encryption using KMS, configuring firewalls, security groups, and NACLs, S3 bucket policies, and ACLs, mitigating DDoS attacks, and more, using security best practices.
  • Protected customer data by designing and implementing a data security strategy that included encryption, access controls, and audit logging.
  • Implemented a cost optimization strategy that reduced the company's cloud expenditure using budget alarms and notifications.
  • Leveraged AWS Savings Plans and conducted continuous billing analysis to improve overall cloud spending and achieve company savings.
  • Reduced the company's vulnerability to cyber-attacks by creating and implementing a vulnerability management program that included vulnerability scanning, patch management, and security awareness training.
  • Configured S3 events to set up automated communication between S3 and other AWS services.
  • Configured the AWS CLI to make API calls to the AWS Console.
  • Using AWS Scheduler as a simple solution to create automatic start and stop schedules for Amazon EC2 and Amazon RDS instances for cost optimization.
  • Designed serverless and scalable web applications using AWS Lambda and Elastic Beanstalk.
  • Tagging AWS resources and developing a methodological standard for the tagging of individual resources for audit, tracking, and cost analysis.
  • Managed and provisioned AWS infrastructures using the IaC tool, Terraform.
  • Performed shell scripting for task automation.
  • Developed continuous integration and delivery pipelines for continuous application deployments.
  • Created and implemented a backup and disaster recovery plan.

Security Control Accessor

Minerva Information Security Services
Frederick, MD
05.2020 - 06.2021
  • Implemented the NIST Risk Management Framework (RMF).
  • Actively supported achieving and maintaining compliance certification and accreditation of information systems, as per federal standards, using best practices.
  • Worked collectively with lead engineers to provide security remediations to management based on NIST and FIPS guidelines
  • Proposed remediation guidelines to implement technical security controls using DoD-SCAP and STIG tools.
  • Designed security controls with reference to the NIST and MITRE DEFEND frameworks.
  • Assisted in the development and review of System Security Plans, Contingency Plans, and POA&Ms.
  • Conducted a security control assessment and authorization (A&A) of agency systems using NIST 800-53 Rev. 4.
  • Conducted a gap analysis in information assurance to ensure compliance with all applicable laws and policies within the federal and state space.
  • Prepared Security Assessment Plan (SAP) and Security Control Traceability Matrix for the assessment of agency systems.
  • Designed system security plans and maintained relevant documentation.
  • Analyzed and continuously reviewed System Security Plans, SARs, and Plans of Action and Milestones (POA&Ms), and provided remediation solutions to deficient controls.
  • Conducted relevant research, data analysis on CVEs, network traffic, and logs, and presented meaningful reports to management.
  • Supported and continuously monitored the organization's day-to-day activities to ensure overall security, and addressed any vulnerabilities, risks, and threat vectors.
  • Performed qualitative and quantitative risk assessments on systems, users, processes, operations, and devices.
  • Tracked and audited the client's security posture to resolve vulnerabilities.
  • Secured sensitive customer data using confidentiality, integrity, and availability schemes.
  • Proactively applied problem-solving within a cohesive team environment.
  • Conducted briefings with management to recommend best practices to remediate known findings.
  • Responded to security incidents, and performed analysis to determine the root cause.
  • Informed and educated colleagues on security awareness and various loopholes for a more secure environment.
  • Served as a consultant on all matters related to security threats, vulnerabilities, and exploits, to identify security gaps.

Education

Bachelor of Science - Information Technology and Security

Bowie State University
Bowie, MD
01.2023

AWS Cloud Practitioner - AWS Solutions Architect

AWS
Amazon Web Services
01-2022

General Certificate of Education GCE - Advanced Levels - Mathematics and Computer Science

Bilingual Grammar School Molyko
Buea, Cameroon
01.2015

Skills

  • Vulnerability Management
  • Amazon Web Services
  • Identity and Access Management
  • Authentication, Authorization, and Accounting
  • Risk Management Framework
  • AWS Cloud Security
  • Incident Response
  • Security Control Assessments, Security Policies
  • Secrets and password management
  • Network IPS and IDS: Nessus, Qualys
  • Linux Administration, Penetration Testing
  • Infrastructure as Code (Terraform)
  • Git, GitHub, VsCode
  • Containerization: Docker, Kubernetes
  • Database Security
  • JIRA
  • Office 365

Certification

  • DOD Secret Clearance
  • Amazon Web Services Cloud Practitioner
  • AWS Identity and Access Management and Security Groups Certification
  • Certificate of Academic Distinction, Bowie State University, 2021
  • Dean's List

Languages

English
Native/ Bilingual
French
Limited

References

References available upon request.

Timeline

Lead Tactical Network and Security Engineer

General Dynamics Electric Boat
10.2023 - Current

AWS DevSecOps Engineer

Peraton Inc
12.2022 - 07.2023

Security Control Accessor

Minerva Information Security Services
05.2020 - 06.2021

AWS Cloud Solutions Architect

Renoxx Inc
10.2017 - 11.2022

Bachelor of Science - Information Technology and Security

Bowie State University

AWS Cloud Practitioner - AWS Solutions Architect

AWS

General Certificate of Education GCE - Advanced Levels - Mathematics and Computer Science

Bilingual Grammar School Molyko

Similar Profiles

  • Eric Smith

    Eric SmithEric Smith

    Shipboard Cybersecurity Engineer at General Dynamics Electric BoatShipboard Cybersecurity Engineer at General Dynamics Electric Boat

  • Robert Shea

    Robert SheaRobert Shea

    Operations Supervisor II at General Dynamics Electric BoatOperations Supervisor II at General Dynamics Electric Boat

  • Julian Zuniga

    Julian ZunigaJulian Zuniga

    Electrician at General Dynamics Electric BoatElectrician at General Dynamics Electric Boat

  • WAYNE FRANCIS DAVIS

    WAYNE FRANCIS DAVISWAYNE FRANCIS DAVIS

    Marine Electrician at General Dynamics Electric BoatMarine Electrician at General Dynamics Electric Boat

  • Torry Williams

    Torry WilliamsTorry Williams

    Service Manager/Dispatcher at McCarthy Tire ServiceService Manager/Dispatcher at McCarthy Tire Service

CREATE PROFILE
Richardson Ngwa Ngaling