Summary
Overview
Work History
Education
Skills
Certification
Volunteer Experience
Languages
Timeline
Generic

Roberto Madrid

Sugar land

Summary

Dynamic Information Systems Security Officer with proven expertise at NTT Data, specializing in vulnerability assessment and incident response. Adept at implementing NIST 800-53 controls and fostering collaboration among stakeholders. Skilled in security automation and risk assessment, driving compliance and enhancing organizational resilience through strategic security initiatives.

Overview

21
21
years of professional experience
1
1
Certification

Work History

Information Systems Security Officer

NTT Data
09.2023 - Current
  • Monitor outside intelligence sources to identify emerging threats and determine their application to enterprise environments.
  • Execute Security and Privacy Assessment and Authorization (SPAA) tasks meticulously, including security categorization and SSPP maintenance.
  • Lead authorization processes, conduct thorough reviews and assessments of security controls.
  • Perform NIST 800-53 Rev 5 control assessments in DOJ's Cyber Security Assessment and Management portal (CSAM).
  • Review and analyze vulnerability and compliance scans, providing detailed reports.
  • Assess system change requests for configuration deviations and offer risk assessments before submission.
  • Conduct system security impact analysis and evaluate effectiveness of security controls to identify areas for improvement.
  • Lead or participate in Incident Response and Contingency/Disaster Recovery exercises.
  • Manage Plan of Action & Milestones (POAMs) for assigned systems.
  • Create POA&M for system deficiencies in accordance with DEA standards.
  • Cultivated relationships with system stakeholders to enhance collaboration and ensure compliance with security protocols.
  • Oversaw development and maintenance of Business Impact Analysis and Contingency Plans to support organizational resilience.
  • Automate installation of Qualys Cloud agents and Crowdstrike agents across multiple OS platforms.
  • Collaborate with Information Assurance auditors to review completed control assessments.
  • Update FISMA/system documents annually and complete mandatory training certifications.
  • Processed security notice and validation penetration responses to ensure timely incident management.
  • Addressed incidents and contingency events promptly to mitigate potential risks.
  • Conduct daily system security log reviews and reporting.
  • Assist in designing Security Architecture for assigned systems.
  • Provide expertise in implementing security controls for on-prem, hybrid, or cloud Major Applications and/or systems.

Senior IT Security Specialist

Kiliuda
09.2018 - 09.2023
  • Monitors outside intelligence sources to identify emerging threats and associated protections and determines how they apply to the enterprise environment.
  • Sustained operations of Intrusion Detection System/Intrusion Prevention System to enhance threat detection.
  • Administered the Web Gateway Appliance to ensure effective data filtering and protection.
  • Implement and manage vulnerability management and POA&M processes for vulnerabilities and findings identified through scans, operating system scans and other assessments.
  • Conducted Plan of Action and Milestone reviews to ensure compliance and address security vulnerabilities.
  • Complete and oversee the completion of NIST 800-53 Rev 5 security documentation.
  • Prepare Assessment & Authorization documentation.
  • Review Cybersecurity and infrastructure Security Agency (CISA) Binding Operational Directives (BOD) to ensure the system and subsystems are patched per the CISA BOD and Agency Deadlines.
  • Completed Security Assessment Controls for the certification of the OSA (Open Storage Area).
  • Evaluates and recommends new and emerging security solutions and best practices.
  • Identify and Report technical security vulnerabilities by conducting application analysis, network analysis, and scanning.
  • Perform Security Impact Analysis on technologies (COTS and GOTS) coming into the environment.
  • Configure and maintain XProtect Milestone Systems (Servers and Workstations).

Database Administrator

Kiliuda
03.2015 - 09.2018
  • Administered and verified database security is maintained according to best practice and guidelines provided by DISA.
  • Migrated database servers from development to pre-production and from pre-production to production, ensuring a seamless transition.
  • Transitioned MS SQL 2008R2 DB Instances to MS SQL 2012 DB Instances.
  • Took charge of all DBA tasks including SQL Server permissions management, Database Mail & Alerts setup, Transactional Replication setup & management and developed SSRS reports to monitor critical SQL Server metrics such as file growth and index fragmentation.
  • Managed and monitored production, development, testing and training databases to ensure optimal performance and prevent or reduce negative impact on system or users.
  • Used SSIS and SSRS to develop solutions to improve security, reliability and accuracy.
  • Used SSIS to automate key internal processes and track key business information.
  • Redesigned maintenance plans as T-SQL scripts for backups, index rebuild/reorganization, statistics updates, and integrity checks, enhancing maintenance reliability and control.
  • Optimized processes through refactoring for improved reusability and scalability.
  • Mitigated security findings from Information Assurance Vulnerability Alerts (IAVAs) and Security Technical Implementation Guidelines (STIGs).
  • Worked in a 24/7 365 day environment supporting government agency needs.
  • Executed policies and procedures for database management.
  • Handled day to day monitoring and maintenance of database (Oracle, MS SQL, MongoDB).
  • Applied patches and upgrades to both Oracle and MS SQL to provide support and upgrades and installations.
  • Developed and maintained comprehensive on-site and off-site database backup and recovery policies to effectively address database outages and data corruption.
  • Assisted developers with database creation and sizing.
  • Assisted developers with database design to include an understanding of performance implications.
  • Ensured database backup strategy including database rollback operates accurately and reliably.
  • Performed daily administration, maintenance and support of Oracle and MS SQL data.
  • Used various window functions (such as lead, lag, rank), output clause, merge into, dynamic SQL, grouping sets, table & scalar value functions, views, stored procedures, cross join/apply.
  • Provided assistance and training to Reports Developers on T-SQL development best practices and SSIS, SSRS technologies and worked with ETL and Web developers to provide reliable solutions with relevant data.
  • Implementation of Data Warehousing for DEA and DOJ agencies.
  • Performed daily administration, maintenance and support of Oracle and MS SQL data.

Software Developer

JetDevLLC
06.2014 - 01.2016
  • Developed mobile and web applications to meet user needs.
  • Developed database model for the web application.
  • Participated in agile development processes to enhance project delivery.
  • Gathered functional and nonfunctional requirements from clients to inform project scope.
  • Conducted Integration testing, Inspection, Unit testing, and System testing.
  • Wrote scripts to automate tasks, streamlining processes.
  • Review documentation for the design and implementation.
  • Responsive Web and Mobile Application.
  • Performed web server maintenance to ensure optimal performance and security.
  • Object Oriented Development.

IT Specialist

Technica LLC
09.2009 - 09.2013
  • Onsite technical assistance to local Windows users to minimize operational disruptions (Over 600 nodes).
  • Managed help desk operations to identify, prioritize, and resolve end user requests efficiently.
  • Diagnosed and resolved customer-reported incidents; researched and analyzed trends to improve support processes.
  • Mitigated security findings from Information Assurance Vulnerability Alerts (IAVAs) and Security Technical Implementation Guidelines (STIGs).
  • Ensure the correct installation, configuration, upgrade hardware and software, operating systems, telecommunication equipment, and pertinent applications.
  • Provided basic troubleshooting for Remote Terminal Clients, including Windows and Oracle-based systems, to resolve user issues.
  • Performed computer maintenance by diagnosing and troubleshooting issues.
  • Test and analyze computer malfunctions to resolve physical operating problems.
  • Delivered formal and informal training to end users, enhancing their technical skills and confidence.
  • Implement and monitor system design changes and revise applicable procedures to accommodate changes.
  • Provide hardware support and software support for network and local printers, digital senders, and faxes.

IT Specialist

Glacier Technologies
04.2009 - 07.2009
  • Administered and controlled Windows-based PCs, ensuring optimal performance and user satisfaction.
  • Customer Support for Forest Service and Government Employees (USDA).
  • Troubleshot IBM Lotus Notes software issues, restoring functionality for end users.
  • Managed Active Directory.
  • Conducted Software installation and upgrades.
  • Troubleshot software and hardware issues.
  • Assisted with VPN account setup and troubleshooting, facilitating secure remote access for users.
  • Supported Forest Service, with a base of 48,000 employees (USDA).

IT Specialist

Computek Technologies and Business Solutions
05.2007 - 05.2009
  • Managed Windows PCs, Macintosh computers, and Linux systems.
  • Executed repairs on operating systems to maintain optimal performance.
  • Configured networks using hubs, switches, and wireless routers/access points.
  • Controlled Windows Based PCs, Macintosh Computers, and Linux based computers.
  • Performed repairs on operating systems to ensure optimal functionality.
  • Conducted Software installation and upgrades.
  • Performed Data backup and Recovery.
  • Repaired and maintained printers, scanners, and fax machines.
  • Provided end user training.

IT Specialist

Socorro Independent School District
05.2005 - 05.2007
  • Administered and controlled Windows PCs, Macintosh computers, and Linux computers to ensure optimal system performance.
  • In charge of over 1000 nodes across the School district.
  • Set up networks (hubs, switches, Wireless routers/access points, etc.).).
  • Conducted Software installation and upgrades.
  • Performed repairs on operating systems to restore functionality.
  • Repaired and maintained printers, scanners, and fax machines.
  • Provided end-user training to enhance user proficiency and support operational efficiency.

Education

Master of Science - Software Engineering

University of Texas at El Paso
El Paso, Texas
05-2018

Bachelor of Science - Computer Science

University of Texas at El Paso
El Paso, Texas
12-2014

Skills

  • Application Security
  • Web Application Security
  • Security Automation
  • Incident Response
  • Threat Intelligence
  • Vulnerability Assessment
  • Risk Assessment
  • Security Auditing
  • Security Compliance
  • Security Operations Center
  • Endpoint Detection Response
  • User Behavior Analytics
  • Malware Analysis
  • Digital Forensics
  • Secure Coding Practices
  • Splunk Enterprise
  • Tenable Security Center
  • Intrusion Detection Systems
  • Web Security Solutions
  • Endpoint Management
  • Database Security
  • MySQL
  • MSSQL
  • Oracle 11g
  • MongoDB (36, 40)
  • PL SQL
  • SQL Server Management Studio
  • Sql Developer
  • Sql Navigator
  • Java
  • JavaScript
  • Python
  • Unix Shell
  • GNU Bash
  • PowerShell
  • Nmap
  • Wireshark
  • Netstat
  • Git
  • SVN
  • Emacs
  • Eclipse
  • Netbeans
  • Visual Studio
  • VmWare Horizon View
  • ServiceNow
  • Jira (Confluence)
  • Active Directory
  • Windows
  • RedHat
  • MacOS X
  • Ubuntu
  • Data Protection
  • Data Encryption
  • Security Information Management
  • Security Reporting
  • Hexdump
  • PSTools
  • Metasploit
  • MS SQL Server
  • SharePoint
  • MongoDB
  • MySQL
  • Data Encryption
  • Security Reporting

Certification

  • CompTIA Network+
  • CompTIA A+
  • CompTIA Security+

Volunteer Experience

University of Texas at El Paso, Miners Cyber Security Club Officer, 08/17, 05/18, Cyber Security Workshops: Ransomware Wannacry, Cryptography, Network attacks and exploitation.

Languages

  • English
  • Spanish
  • Italian

Timeline

Information Systems Security Officer

NTT Data
09.2023 - Current

Senior IT Security Specialist

Kiliuda
09.2018 - 09.2023

Database Administrator

Kiliuda
03.2015 - 09.2018

Software Developer

JetDevLLC
06.2014 - 01.2016

IT Specialist

Technica LLC
09.2009 - 09.2013

IT Specialist

Glacier Technologies
04.2009 - 07.2009

IT Specialist

Computek Technologies and Business Solutions
05.2007 - 05.2009

IT Specialist

Socorro Independent School District
05.2005 - 05.2007

Master of Science - Software Engineering

University of Texas at El Paso

Bachelor of Science - Computer Science

University of Texas at El Paso

Similar Profiles

  • Nicholas ChinnNicholas Chinn

    Information Systems Security Officer at Marshall Health NetworkInformation Systems Security Officer at Marshall Health Network

  • Lindsey MitrosLindsey Mitros

    Information Systems Security Officer at Intellibridge-Revacomm DivisionInformation Systems Security Officer at Intellibridge-Revacomm Division

  • Aghabgong JudeAghabgong Jude

    Information Systems Security Officer at FreelanceInformation Systems Security Officer at Freelance

  • Aghabgong JudeAghabgong Jude

    Information Systems Security Officer at FreelanceInformation Systems Security Officer at Freelance

CREATE PROFILE
Roberto Madrid