Overview
Summary
Skills
Work History
Education
Certification
Security Clearances
Accomplishments
Additional Information
Organizations
Generic

TONY C. HOWELL

Southern California (Torrance),CA

Overview

19
19

Year Of Professional Experience

14
14

Professional Certifications & Training

Summary

With over 19 years of cross-functional expertise in Cybersecurity & Infrastructure Network Engineering, this experience allows me to become effective and efficient quickly. Combining a proven professional approach, educational background, and history of executing through the demonstrated ability to reduce risk and improve the security posture quickly. Attention to detail, and ability to comprehend the significance of the information presented to make effective, impactful decisions with an emphasis on managing and executing strategies that reduce overall risks, threats, and vulnerabilities within infrastructures on large scales to increase efficiencies.

Skills

Software: Invicti / Netsparker, RedSeal, Tenable Nessus, RAPID7 - InsightVM & AppSec, Carbon Black Defense, DB CyberTech, ForeScout Counteract, Okta, Tripwire, Splunk, AlertLogic, Nipper, Netbrain, VeloCloud, NetDisco, Statseeker, Nagios, Infoblox, SummitAI Service Mgmt, Service-Now, Remedy, OpenDaylight, Visio, Wireshark, Solarwinds, Norton, Cisco ConfigMaker, MS Office, Java, Power Shell

Hardware: Routers, Switches & Other L2/L3 Devices > Cisco: 1900, 2500, 2600, 2900, 3500, 3700, 3800, 4500, 4900, 5300, 6500, 7200, 7600, VG224, ASR 9006 & 9010; Juniper: M10, MX240 & MX480; Brocade: MLXe; Arista: 7504, Adtran Routers Firewalls > Cisco 55XX's, Palo Alto, Check Point & Fortinet Other Devices Installed & Managed > SiliconDust HDHomerun TV Tuners and Google Global Caching (GGC) servers

Technical: Cisco, Juniper, Brocade & Arista > Routers/Switches configuration, administration, and maintenance Configure, install & working knowledge of L2/L3 network segmentation to improve performance & security Knowledge in Wireless networking (Fast, Gigabit, 10-Gigabit & 100-Gigabit) Cisco Network Registrar, Excellent working knowledge of TCP/IP protocol suite and OSI layers Experience in IP-based networking/protocols: (Ethernet, IPv4, IPv6, Multicast, OSPF, BGP,IGRP, EIGRP, RIP, EtherChannel, MPLS, VLAN, VTP, HSRP, GLBP, VRF, STP, SNMP, SCCP, MGCP, VMPS, ACLs, FTP, TFTP, Telnet, DNS, DHCP, VPN, PVST, LACP, ARP, CDP, LLDP, IPsec, PPP, PPTP, TACACS,AL2 SDN (OpenFlow)

Work History

Application Security Manager / Resident Eng-US GOV

Invicti Security
Austin, TX.
07.2022 - 04.2023
  • As Invicti Security's Resident Engineer, served as liaison to the U.S Department of Transportation (DOT) IT officials and supported Operating Administrations to maintain big picture understanding of security needs covering all assets.
  • Provided advanced dynamic application security testing (DAST) services to advance platform adoption and adherence to testing best practices.
  • Implemented & discussed web asset discoveries, defined websites, scanned websites/web applications and APIs, scan optimization, triaged vulnerabilities, reviewed vulnerabilities, provided dashboards, reports (weekly/monthly), and exported web application firewall (WAF) rules.
  • Facilitated technical reviews with stakeholders weekly, bi-weekly, monthly & quarterly.
  • Delivered technical solutions to technical and non technical end-users via phone, meetings, support systems, and other channels as needed.
  • Interacted with government agencies concerning compliance with federal guidelines and regulations.
  • Created & tracked tier 2 support tickets as needed for any escalation issues.
  • Resolved customer issues through research, diagnosis, troubleshooting, and identified solutions.
  • Assisted with routine upgrade maintenance of web application servers & agent scanning servers.
  • Recommended & implemented improvements in the security platform with best practices.
  • Completed vulnerability scans to identify at-risk systems and remediate issues.
  • Collaborated with senior government IT personnel to develop and implement strategies to mitigate security risks.
  • Initiated the discussion, provided analysis, and received support from management to integrate security testing into the software development life cycle - SDLC.
  • Kept team compliant with security protocols and appearance standards.
  • Delivered regular security initiative to educate personnel on security measures and protocols.
  • Obtained & maintained an active security clearance.

Cybersecurity Analyst

Smart & Final
Commerce, CA.
05.2019 - 06.2022
  • Reporting to the Director of Compliance & Cybersecurity, advising the organization on its cybersecurity risk management by organizing information via metrics and reports, enabling risk management decisions, and addressing threats to ensure the security posture of company systems and information assets.
  • Responsible for the security, compliance, and integrity of all systems, worked as the liaison and primary point of contact for technical issues with the Virtual Security Operations Center (VSOC) & Managed Security Services Provider (MSSP).
  • In 4 months, planned and executed the first successful Vulnerability Management Program for the organization, SME for the program, covering 320+ stores, 2 data centers & 7 distribution centers.
  • In 8 months, implemented & lead SME on the launch of a new MDR solution; replaced legacy SIEM product.
  • Facilitated weekly Vulnerability Management Program meetings; provided management and various teams with metrics for reducing overall risks, threats, and vulnerabilities.
  • Monitored, logged, and alerted critical asset owners (IE: Store Systems POS server team, DC admins, etc.) of security concerns and incidents, generated reports, and tracked performance.
  • Provided weekly and bi-weekly metrics and reports to patching teams, server & application owners.
  • Expanded scopes of database visibilities for the Compliance team relating to CCPA.
  • Involved in monitoring ingress/egress network traffic and its diagnosis using toolsets such as Omnicenter, Velocloud, and on occasion, firewalls.
  • Collaborated with the Director of Compliance & Cybersecurity on developing and updating Cybersecurity policies, standards, and procedures referencing NIST 800-53 controls and the NIST Cybersecurity Framework.
  • Participated in audit management & tracking of remediation items and/or findings to completion.
  • Maintained physical and virtual environments to protect servers, switches, and entire Information Technology systems while balancing our overall load.
  • Worked with other teams to enforce security of applications and system.

Cybersecurity Network Engineer

Molina Healthcare
Long Beach, CA
09.2015 - 05.2019
  • Managed RedSeal Cybersecurity analytics platform; co-managed Tenable Nessus.
  • Under the direction of the CISO & Director of IT Security and Compliance, provided various business groups with security risks, vulnerabilities & threat analytics, as well as remediation reports on critical business assets/services.
  • Tasked by the Director of IT Security and Compliance to provide reports and metrics to justify RedSeal's license renewal in 2016. Successfully completed the project & extended the organization's use of the platform from a yearly to a multi-year licensing agreement.
  • Discovered new internet-facing directly exploitable hosts & more overall organizational exposure by way of some pre-existing ingress/egress traffic points in 2018; vulnerabilities increased by 300%; assisted various teams in lowering that exposure by 40% within 4-6 months.
  • Areas covered include but were not limited to the data centers, DMZ, PCI, & PHI holding assets.
  • Assisted in hardening servers & network devices based on vendor/industry standards & best practices.
  • Assisted with internal & external PCI auditing efforts.
  • Continuously monitored and reported changes to internal groups & management as they relate to our entire infrastructure.
  • Facilitated remediation meetings with asset group owners (IE: CDC, NOC, Engineering, CIRT & SOC).
  • Analyzed & reported pre/post firewall change requests, asset additions, and/or removals.
  • Assisted in various planning & deployment of projects (IE: Cisco Identity Service Engine/ISE & Hybrid DC migrations to Microsoft Azure).
  • Provided senior management with executive monthly & quarterly reports on the organization's overall security posture.
  • Educated, trained & periodically provided demos for users & groups on the RedSeal platform.

Lead Network Engineer

University Of California, Los Angeles (UCLA)
Los Angeles, CA
06.2006 - 09.2015
  • Backbone Network Services / NOC
  • Created, administered, and troubleshot over 40 department CBN (Campus Backbone Network) connections running protocol BGP.
  • Deployed and managed 600+ (switches/routers); 300+ are VOIP switches.
  • Managed & redirected campus traffic for our scheduled, non-scheduled maintenances & the maintenances of CENIC - Corporation for Education Network Initiatives in California.
  • Processed DNS zone delegations for administrators of internal schools & departments.
  • Identified top users of outbound & inbound commodity ISP traffic/bandwidth and possibly compromised campus devices that use larger bandwidth than average.
  • Built and maintained DHCP scopes and managed the allocation of IPv4/IPv6 addresses in InfoBlox.
  • Updated, troubleshot, and maintained VMPS services for General Assignment Classrooms.
  • Deployed and maintained a wide range of campus projects, such as Out-of-Band Management, Multicast
    networks & the restructuring of the campus backbone infrastructure.
  • Created written Method Of Procedures (MOP) and diagrams for project deployment and maintenance.
  • Maintained Routing Registries: American Registry for Internet Numbers (ARIN) & Routing Assets Database (RADb).

Network Engineer

Tek Systems / Vector Resources
Los Angeles, CA
01.2004 - 06.2006
  • Los Angeles Unified School District (LAUSD) project by way of Vector Resources.
  • Responsible for the replacement of Elementary, Junior & High School backbone equipment. This included installing, patching, testing, troubleshooting & verifying traffic flows to/from each classroom to the office hub; out to the central Data Center.
  • Maintained, administered, and troubleshot Cisco Routers/Switches, Multi-layer switched networks, and
    frame-relay networks.
  • Configured and managed Milan, Xylan, and Alcatel Switches.
  • Responsible for installing and troubleshooting fiber-optic cabling.
  • Built switch and router racks.
  • Troubleshoot Mac/PC and Windows 2000 network-related problems.
  • Installed and configured SNMP Web Cards for TrippLite UPS's.

Education

Bachelor of Science - Information Technology - Networks Design & Management

Western Governors University - WGU
Salt Lake City, UT
11.2010

Certification

  • BSCP (Burp Suite Certified Practitioner) - Completion 08/23
  • CySA+ (CompTIA Cybersecurity Analyst) - Completion 09/23
  • CISM (Certified Information Security Manager) - Completion Q4:23
  • RAPID7 InsightVM / AppSec
  • RedSeal Certified Administrator ~Vendor Highest Passing Score 94% ~Deep Dive Hands-On Training & Web-Based Training
  • CCSP (Cisco Certified Security Professional)
  • CCNP (Cisco Certified Network Professional)
  • CCNA (Cisco Certified Network Associate)*
  • NETWORK+ (CompTIA Certified)*
  • A+ (CompTIA Certified)*
  • Cisco Wireless LAN Support Specialist
  • Juniper Networks EX Switching Bootcamp
  • Advanced Juniper Networks Routing in the Enterprise, Dynamic Worldwide Training Consultants
  • Unix and Linux Introduction Workshop, UCLA Extension
  • ** (Gates Technical College, Redondo Beach, CA. 2003-2005)

Security Clearances

Completed multiple Electronic Questionnaires for Investigations Processing (E-QIP), for separate Government Agencies.

  • Public Trust ~ Eligible
  • Top Secret Clearance ~ Eligible
  • TS/SCI Security Clearance ~ Eligible

Accomplishments

  • 1ST Cybersecurity Analyst employed by Smart & Final
  • 1ST Resident Engineer employed by Invicti Security

Additional Information

Knowledge in the following Compliance, Industry Standards & Cybersecurity Frameworks

  • NIST ~ National Institute of Standards Technology
  • CIS ~ Critical Security Controls
  • ISO 27001 ~ International Organization for Standardization
  • PCI DSS ~ Payment Card Industry Data Security Standard
  • DHS ~ Binding Operational Directives BOD
  • HIPAA ~ Health Insurance Portability and Accountability Act
  • FISMA ~ Federal Information Security Modernization Act
  • OWASP ~ Open Web Application Security Project
  • FedRAMP -Federal Risk and Authorization Management Program
  • DISA ~ Defense Information Systems Agency
    **STIG -Security Technical Implementation Guide

Organizations

  • WGU Alumni Association*
  • WGU Cybersecurity Club*
  • WGU Women in Technology Club*
  • WGU Night Owl Network Program*
  • National Society of Leadership and Success (NSLS)
  • College of Information Technology
  • IT Management
  • Cybersecurity & Information Assurance
    *Western Governors University (WGU)

Similar Profiles

CREATE PROFILE
TONY C. HOWELL