Summary
Overview
Work History
Education
Skills
Certification
Additional Information
Timeline
Generic
Ricky Hart

Ricky Hart

San Diego,CA

Summary

Sr. System Administration and Engineering: Over 12 years of experience with the design, modification, maintenance, documentation, and support of operating systems, systems components, tools, and utilities. Information Security and Compliance: Over 12 years of experience developing policies, controls and procedures to safeguard organizational assets, ensure data integrity, availability and confidentiality. Leadership and Teamwork: Experience supervising staff and working with multiple teams. Adept at inter and intra-departmental communication and diplomacy. Training in NERC-CIP compliance experience. Customer Focus: Successful in prioritizing needs of all internal and external customers; develop all systems with a keen eye for service improvement and ease of use. Process Development: Able to identify key areas of improvement in operating procedures and compliance policies used for access control, software systems, and propose innovative solutions to improve quality, reduce cost, and accelerate schedules.

Overview

15
15
years of professional experience
1
1
Certification

Work History

Sr. Cyber Network Analyst

Insight Global/NAVY Naval Air Station
2022.11 - 2024.04
  • Develop, implement, maintain, and oversee enforcement of systems security policies
  • Led instructed in-house NERC class training, with understanding in NERC compliance
  • Instructed on maintaining operations in the Grid Control Center (GCC)
  • Detailed knowledge of power systems operations and NERC compliances
  • In-depth knowledge and experience with EnCASE Enterprise forensics software or comparable industry standard
  • Performed some memory forensic analysis
  • Ensure the demonstrable Confidentiality, Integrity and Availability (CIA) of systems information assets for authorized internal and external users by reviewing, validating, classifying, and responding to security events and cyber-attacks
  • 2 years- Experience working with DevSecOps practices, including Continuous Integration / Continuous Delivery (CI/CD) pipelines
  • Working with the IT department, I have developed DevSecOps Principles - Strong understanding of processes and concepts to drive the integration of development, operations, and security into enterprise software development to produce better outcomes
  • Track and report compliance status in the Vulnerability Remediation Asset Manager (VRAM) and similar reporting tools as applicable
  • Ensure current security testing and evaluation software is sufficient to the task of conducting infrastructure security testing and regularly look for and recommend additional software that may fill gaps in current security testing toolset
  • Cloud Delivery- Familiarity with different cloud computing delivery models, knowledge of cloud-based solutions for Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS), and ability to deliver cloud-based technologies and systems
  • Perform analysis of cybersecurity directives, policies, and instructions to include, but not limited to: Communications Task Orders (CTOs), Fragmentary/Task/Operation Orders (FRAG/TASK/OPORDs), IA Vulnerability Management (IAVM), Public Key Infrastructure (PKI) guidance, and STIG requirements
  • Provided expert advice about the preparation of certification and accreditation documentation to support the DITSCAP/DIACAP/RMF approval process
  • Documented security control implementation and monitored controls on an ongoing basis
  • Participated in security engineering reviews and working groups, providing risk assessment critiques and evaluations
  • Performed Vulnerability report in ACAS, uploaded Plugins from Department of defense Patch Repository
  • Perform risk analysis/independent verification on security configuration and STIG finding risk reports / POA&Ms for devices on the network
  • Assessed whether security controls are implemented correctly, operating as intended and producing the desired outcome
  • Installed, configured, and maintained DISA ACAS (Assured Compliance Assessment Solution) and ESS/HBSS (Host Based Security System) servers
  • Configured and conducted daily ACAS scans with the use of Security Center and conduct patching and remediation when necessary in accordance with the IAVM process
  • Captured, configured, and tested ESS/HBSS policy using ePolicy Orchestrator.

Sr. Sentinel & Information Security Analyst

Tek-Systems, Inc./ SAIC
2021.12 - 2022.07
  • Provide IT support for engineering, integration, development testing, and system administration services for Global Command and Control Systems
  • Ensured NERC compliance with reliability standards pertaining to NERC requirements
  • Participated in applicable NERC-CIP training and attended training classes at Cybersecurity & Infrastructure Security Agency (CISA)
  • Proved knowledge of FedRAMP, FISMA, Cloud Computing, Information Assurance, IT Audit, Privacy and security processes, tools and methodologies
  • Clear understanding on 32 Code of Federal Regulations Part 117 and Defense Counterintelligence and Security Agency Assessment and Authorization Process Manual (DAAPM) requirements
  • Implemented company policies, technical procedures and standards for persevering the integrity and security of data loss prevention (DLP), reports and access
  • Worked with diverse team on Cyber Threat Intelligence and Threat Hunting
  • Implementation of Microsoft Sentinel (SIEM) with Automation deployment and testing
  • Works with the system team on all aspects of system security in collaboration with the DevSecOps team which includes security designs, security architecture, implementation, operations, and compliance
  • Perform threat modeling and assessment on SCADA Industrial Control Systems
  • Develop and execute Operational Technology (OT) and Industrial Control Systems (ISC) Cybersecurity solutions with guidelines from NIST SP 800-82 r2
  • Rewriting the SSP to reflect the updates to the ICS (SCADA), also writing process, policies and procedures
  • VM setup in an ICS environment with the VM hardware located in the ICS DMZ
  • Using GrassMarlin tool to identify traffic and systems on your ICS network
  • Using CSET tool, which is a Department of Homeland Security (DHS) product that assists organizations in protecting their key national cyber assets
  • Maintain POAMs and supervise the completion of assign tasks and activities by others
  • Security test and evaluations, and risk assessments for SCADA, ICS, including risk management, vulnerability assessment, security assessment, and architecture monitoring.

Chief Information Security Manager

INDUS Technology, Inc.
2021.04 - 2021.07
  • Managed staff of seven in support of 400-person multi-service throw-out corporation
  • Responsible for leading the INDUS' IT Staff and the INDUS Managed Service Provider (MSP)
  • Conduct data analysis to logically identify opportunities for improvement to shrink data loss (DLP)
  • Maintained accountability for Information Technology (IT) security system configurations, administration, and maintenance of all facility to ensure a fast response to distress situations while responding to multiple hazardous system failures
  • Responsible for the deployment of symmetrical business class fiber optic internet bandwidth with SDWAN at all our locations
  • Responsible for the development and implementation of INDUS' Cyber Security Program, guiding all program activities, including updating the Systems Security Plan (SSP), and developing/maintaining of the Company Plan of Action and Milestones (POA&M) for this 400-employee company's DFARS 7012 compliance regimens on an annual basis
  • Responsible for leading a team of engineers who deployed Palo Alto Networks security appliances at multiple geographic locations and creating a hub and spoke persistent AES 256-bit encrypted VPN between locations
  • Responsible for building out a data center with IDF's at several other suites and connecting them all together with fiber
  • Leading the effort to meet Cyber Maturity Model Certification (CMMC) level 3 compliance
  • Wrote and established all of INDUS' Information Security Policies and lead INDUS' Insider Threat Program and the Company's Insider Threat Plan
  • Responsible for replacing our outdated phone system with a state-of-the-art Voice over IP system that allows 3-digit transfers between our geographic locations.

Information Security Manager

INDUS Technology, Inc.
2020.03 - 2021.04
  • Developed, maintained, and facilitated the appropriate closure of POA&Ms and facilitate with the Agency designated security Point of Contact (PoC)/ISSM any related remediation activities
  • Led and trained shop members in network infrastructure, cryptographic equipment, and deployable LAN and VOICE switching systems in fixed and deployed environments
  • Developed training modules, configuration tools, and demonstrations for shop members, resulting in fewer errors and improved system uptime
  • Ensured NERC compliance with reliability standards pertaining to NERC requirements
  • Participated in applicable NERC-CIP training and attended training classes at Cybersecurity & Infrastructure Security Agency (CISA)
  • Led instructed in-house NERC class training, with understanding in NERC compliance
  • Detailed knowledge of power systems operations and NERC compliances
  • Assumed ISSO responsibilities in the absence of the ISSO; maintained required IA certifications
  • Maintained accountability for Information Technology (IT) security system configurations, administration, and maintenance of all facility to ensure a fast response to distress situations while responding to multiple hazardous system failures
  • Conducted Vulnerability Assessment utilizing approved scanning software and applications
  • Was responsible for implementation of the Risk Management Framework NIST SP 800-53/171
  • Maintained Information Security Policies and Standard Operating Procedures and managed waivers to policies/standards
  • Participated as required in Incident Response activities.

Full-Time University Attendance

National University
2018.07 - 2019.10
  • Identified, designed, and specified platform software systems and processes through collaboration with server, embedded, and client teams
  • Supervised team of 12 technicians with the installation and configuration of Red Hat/ Blue Hat on desktop systems and servers for end-users
  • Evaluate the results of a security assessment to assess the security status of a network or computer system
  • Training in writing NERC-CIP and NIST Policies
  • CYB/604- Wireless & Mobile Security with Policies and Labs
  • CYB/606- Network Defense & Cloud Security with Polices and Labs
  • CYB/608- Ethical Hacking with Polices and Labs
  • CYB/612- Disaster Recovery & Business Continuity, and Open Web Application Security Project with Polices and Labs.

Full-Time University Attendance

University of Phoenix
2014.03 - 2018.06
  • Selected as lead advisor for planning and resourcing deployments, conducted incident prevention, detection/analysis, containment, eradication, and aid recovery across IT systems
  • Performed multiple updated security practices with Senior Advisor, as the lead planner and supervisor for IPs for servers, backup devices, printers, and workstations to conform to new domain standards
  • Ensured relevant information and knowledge with regards to application solutions were shared with technical support teams base wide improving customer satisfaction and reduced trouble calls
  • Responsible for the planning and execution of all tasks assigned to the organization
  • Planned, resourced, and executed all organization training required to meet all the objectives of the organization
  • Change detection: By using Regshot for comparing the system's state before and after the infection, to highlight the fundamental changes malware made to the file system and registry
  • Operational planner and proficient with GRC tools related to access controls and monitoring
  • Responsible for functional analysis and course of action development for complex environments in coordination with peers and upper management.

Lead Information Security Analyst

Ultra Clean Technology
2014.05 - 2014.08
  • Selected and responsible for coordinating with internal and external organizations to assist in led redesign and outsourcing of SaaS platform to leading-edge open-source standards, and the personnel in receiving and training on new modernized equipment
  • Responsible for the accountability, maintenance, and operation readiness by network monitoring using Wireshark I could sniff or observe network traffic for malicious communication attempts, such as DNS resolution requests, or downloads
  • Maintained 100% accountability of all equipment during the entire period of responsibility
  • Training in writing NERC-CIP and NIST Policies
  • Monitored project status, prepared activity, progress reports, weekly performance statistics, and worked with field staff and support teams to identify and resolve problems, which impacted deliverables
  • Worked with vendors to improve relations, ensured SLAs were being met, and met with primary hardware vendors regarding hardware roadmaps on a regular basis.

Sr. IT Project Manager

Tek-Systems, Inc./ Century-Link
2013.01 - 2013.03
  • Assessed risks and vulnerabilities, recommend mitigation strategies, and addressed senior leadership results
  • Establish guidelines and policies surrounding risk and security
  • Audit current and future systems and implement the right security strategy
  • Define backup policies and monitor backups for completion and viability
  • Monitor hardware and software for any suspicious behavior or traffic
  • Document best practices for security and information assurance based on business and user requirements.

Lead Network Security Engineer I

Ralph L. Wadsworth, Inc.
2009.06 - 2012.02
  • Maintained accountability for Information Technology (IT) security system configurations, administration, and maintenance of all facility to ensure a fast response to distress situations while responding to multiple hazardous system failures
  • Developed a better understanding of HIPPA privacy and HIPPA Hi-Tech compliance
  • Development and maintenance of an organizational cybersecurity plan
  • Routinely completed safety update training and ensured cybersecurity system architecture, technical cybersecurity standards, and industry best practices.

Education

Master's in Cybersecurity -

National University
San Diego, CA
10.2019

Bachelor of Science Information Systems and Advanced Cybersecurity Certification -

University of Phoenix
San Diego, CA
06.2018

Skills

  • NIST SP-800 (171, 53r5, 34, 82 Framework)
  • OT/ICS: NERC-CIP Framework
  • Security Technical Implementation Guides (STIGs)
  • Host Base Endpoint Security Support (HBSS)
  • Endpoint Security Solutions (ESS)
  • ISO/IEC 27000 Series
  • Enterprise Mission Assurance Support (eMASS)
  • NIST Assessment Methodology and CMMC Implementation
  • CSET Tool and GrassMarlin on ICS
  • FedRAMP & FISMA Compliances
  • Threat Hunting Tool: Microsoft Sentinel
  • DFARS 7010, 7012, 7019, 7020, & 7021
  • Budgeting
  • Data Loss Prevention (DLP)
  • Governance Risk Compliance & Policies
  • Agile Methodology Project Management
  • Security Information Event Management (SIEM)
  • Experience in AWS, Azure, API, Java & JavaScript
  • Cross-Functional Team Building
  • Knowledge of Information System Audit

Certification

  • Computer Technology Industry Association (CompTIA) 501 Security+ CE
  • ACAS Certification
  • ESS (formally HBSS) 201 ePO 5.10, 301 ePO 5.10, & 501 ePO 5.10
  • 30 Individual OT/ICS SCADA Industrial Control Systems Training Certifications
  • Advanced Cybersecurity Certification
  • Completing my CISSP/CISM Certification by December of 2023

Additional Information

My experience includes:

➢ Microsoft Sentinel Implementation & Architecture Design

➢ CSET Tool and GrassMarlin on ICS

➢ Incident response/ Data Loss/ and Threat Prevention

➢ ACAS/HBSS/ESS/eMASS

➢ OT/ICS NERC ICS Framework

➢ Risk Management Framework (RMF)

➢ Regulatory Standards HIPAA

➢ Implements & Maintain ISO/IEC 27000 Series

Timeline

Sr. Cyber Network Analyst

Insight Global/NAVY Naval Air Station
2022.11 - 2024.04

Sr. Sentinel & Information Security Analyst

Tek-Systems, Inc./ SAIC
2021.12 - 2022.07

Chief Information Security Manager

INDUS Technology, Inc.
2021.04 - 2021.07

Information Security Manager

INDUS Technology, Inc.
2020.03 - 2021.04

Full-Time University Attendance

National University
2018.07 - 2019.10

Lead Information Security Analyst

Ultra Clean Technology
2014.05 - 2014.08

Full-Time University Attendance

University of Phoenix
2014.03 - 2018.06

Sr. IT Project Manager

Tek-Systems, Inc./ Century-Link
2013.01 - 2013.03

Lead Network Security Engineer I

Ralph L. Wadsworth, Inc.
2009.06 - 2012.02

Master's in Cybersecurity -

National University

Bachelor of Science Information Systems and Advanced Cybersecurity Certification -

University of Phoenix
  • Computer Technology Industry Association (CompTIA) 501 Security+ CE
  • ACAS Certification
  • ESS (formally HBSS) 201 ePO 5.10, 301 ePO 5.10, & 501 ePO 5.10
  • 30 Individual OT/ICS SCADA Industrial Control Systems Training Certifications
  • Advanced Cybersecurity Certification
  • Completing my CISSP/CISM Certification by December of 2023

Similar Profiles

  • Maurice Sutherland

    Maurice SutherlandMaurice Sutherland

    COMMAND SENIOR ENLISTED LEADER at U.S. Navy Naval Air Station MeridianCOMMAND SENIOR ENLISTED LEADER at U.S. Navy Naval Air Station Meridian

    View Profile
  • Gabriela A. Febres Jimenez

    Gabriela A. Febres JimenezGabriela A. Febres Jimenez

    Master-at-Arms ( Security Admin) at Naval Station Norfolk US NAVYMaster-at-Arms ( Security Admin) at Naval Station Norfolk US NAVY

    View Profile
  • Aaren Lindsey

    Aaren LindseyAaren Lindsey

    Air Terminal Shift Supervisor at Naval Air Station Whidbey IslandAir Terminal Shift Supervisor at Naval Air Station Whidbey Island

    View Profile
Ricky Hart