Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

William Phillips

Colorado Springs,CO

Summary

Motivated cyber security professional with expertise in accreditation documentation, implementation of key cyber tools such as SIEM, Endpoint Security, NIDS, and ACAS. Participated in many audits, including CVT's, CCRI's, and AA's. Holds CISSP, SSCP, CEH, Sec+, Net+, and Project+ certifications. Proficient in Windows and Linux based Operating Systems.

Overview

17
17
years of professional experience
1
1
Certification

Work History

DevSecOps Software Security Lead

USfalcon, Inc.
Colorado Springs, CO
01.2023 - Current
  • Support cyber efforts on the CCMS (COCOM Cyber Mission Support) contract by integrating security principles into the development and deployment of software/hardware solutions.
  • Participate in root cause analysis investigations.
  • Develop security protocols ensuring compliance for new code deployment and cloud integration.
  • Currently working through the FedRAMP Agency Process to gain IL4 accreditation for a network being developed within AWS.
  • Support CI/CD pipeline tools (Confluence, BitBucket, GitLab).
  • Develop and implemented security policies, plans, and procedures to create IL4 accreditation package.
  • Monitor systems for Indications of Compromise.
  • Implement solutions such as encryption, antivirus software, firewalls. to secure data from external threats (AWS Security Groups, ESS, FIPS).
  • Maintained up-to-date knowledge of trends in cyber security threats and technologies used in protecting information assets.
  • Assisted in creating disaster recovery plans focused on critical systems
  • Configure intrusion detection systems and intrusion prevention systems according to best practices guidelines (ePO, ESS, Snort).

Project Delivery Manager

Deloitte
Colorado Springs, CO
01.2022 - 01.2023
  • Advised on technical design and implementation of DCO capabilities required to effectively protect, detect, and respond to cyber threats and attacks for the SCC (Space Cyber Center).
  • Researched cyber defense technologies for best fit on specific mission, architecture, and current threats.
  • Assisted newly activated CYS (Cyber Squadron) with cyber assessments on remote sites.
  • Identified potential risks and issues early on in the process, developed strategies for resolution, and communicated these plans to stakeholders.
  • Analyzed data from previous projects in order to identify areas for improvement.
  • Presented multiple Course of Action (COA) reports for proposed plans to upgrade the Network Intrusions Detection Systems (NIDS) on the Satellite Control Network (SCN).
  • Analyzed Tier 1 systems to present multiple COAs for gathering all Security Information and Event Management (SIEM) data and transporting it to Tier 2 for oversight.

Senior Cyber Engineer

Raytheon
Colorado Springs, CO
01.2019 - 01.2022
  • Assigned the title DCO SME (Defensive Cyber Operations Subject Matter Expert) overseeing a team of four endpoint security professionals and twelve 24/7 network defenders tasked with protecting the C2BMC (Command and Control Battle Management Center) mission for the MDA (Missile Defense Agency).
  • Validated the following cyber tools were deployed, compliant, and configured to protect, detect, and respond to cyber threats: HBSS/ESS, Endgame, ArcSight.
  • Updated and executed the IRP (Incident Response Plan) when needed.
  • Provided support for multiple audits including CCRI's, CVT's, and AA's.
  • Collaborated with Network Defenders on the floor to create custom Arcsight dashboards within SIEM to enhance the teams capabilities to identify IOC's and respond to threats quickly and accurately.

Principle Cyber Engineer

01.2017 - 01.2019
  • Deployed new EDR tool "Endgame" to the C2BMC mission system.
  • Configured, maintained, and validated compliance for HBSS/ESS and Endgame.
  • Participated in multiple adversarial assessments as blue team, implementing the IRP against Red Team cyber-attacks.

Cybersecurity Engineer

01.2016 - 01.2017
  • Performed as an ISSO (Information System Security Officer) supporting C2BMC, assigned to three AORs including Fort Greely, STRATCOM, and BTG.
  • Executed monthly vulnerability scans utilizing ACAS.
  • Updated artifacts within eMASS to maintain a current ATO (Authorization to Operate) for each package.
  • Troubleshot ACAS-credentialed scanning issues, proposed architecture changes to place Nessus scanners in key locations to improve scanning proficiency.
  • Performed SCAP as needed for compliance and assisted during audits to gather necessary SCAP scans per their policy.

Network Intrusion Operator

Davidson Technologies
Colorado Springs, CO
01.2013 - 01.2016
  • Monitored systems, servers, infrastructure, and software, to include firewalls, proxy servers, and intrusion detection systems for GMD (Ground-Based Midcourse Defense), utilizing their SIEM solution (ArcSight).
  • Quickly isolated and took appropriate action to mitigate security threats.
  • Assisted incident response team with investigations, responses, resolution identifications, and root cause analysis.
  • Updated dashboards and queries to eliminate 'white noise,' improving threat detection and discovering anomalies.

Information System Security Engineer

ABACUS
Colorado Springs, CO
01.2012 - 01.2013
  • Maintained STIG compliance on ePO (ePolicy Orchestrator) server that hosts HBSS/ESS components in support of NORAD/NORTHCOM on Peterson AFB.
  • Configured and maintained HBSS components, including McAfee agent (MA), Policy Auditor (PA), Rogue System Detection (RSD), Asset Baseline Monitor (ABM), Virus Scan Enterprise (VSE), and Host Intrusion Prevention (HIPS).
  • Created network-specific policies for host-based intrusion and host-based firewall, ensuring the best cyber posture possible while preventing the interruption of day-to-day activities and critical services.
  • Gathered forensic data utilizing the OSCAR tool, which gathers logs, files, etc. for forensic purposes after a system was compromised.

Security Analyst

AECOM
Colorado Springs, CO
01.2012 - 01.2012
  • Troubleshot SCCM (Security Center Configuration Manager) related issues, responsible for patching and maintaining Microsoft updates and third-party applications.
  • Advertised biweekly updates to systems across AFNET.
  • Validated STIG compliance on primary SCCM servers.

Software Specialist

The Experts
Landstuhl
01.2010 - 01.2012
  • Installed and maintained IACS (Installation Access Control System) throughout Germany, Italy, and the UK.
  • Configured PDAs (Personal Digital Assistants), wireless access points, and laptops to scan personal CACs entering a military installation within EUCOM.
  • Lead technician assigned to install HBSS on the internal network that supported IACS.

System Engineer

Combat Support Associates Ltd.
Kuwait City
01.2008 - 01.2010
  • Developed and implemented an Information Assurance patching process for ASG-KU (Area Support Group, Kuwait).
  • Part of a rotation that oversaw the helpdesk located at the Camp Arifjan Command Center, supervised administrators and help desk technicians during normal business hours.
  • Engineered a SAN (Storage Area Network) that included a failover cluster solution for the Command Center on Camp Arifjan.
  • Utilized Retina for vulnerability scanning, patched systems remotely using PowerShell and msiexec tools.
  • Assisted engineers with centralizing the network into a single domain on Camp Doha.
  • Created and maintained user accounts within Active Directory.
  • Monitored file servers, ensuring availability of storage space, ensured updates were installed, and backups were completed.

Education

Associates degree - Computer Networking

IntelliTec
05-2003

Diploma -

High School
Widefield
05-1997

Bachelor's degree - Cybersecurity and Information Assurance

Western Governors University

Skills

  • DCO (Defensive Cyber Operations)
  • EDR (Endpoint Detection and Response)
  • SIEM (Security Information and Event Management)
  • NIDS (Network Intrusion Detection System)
  • HIDS (Host Intrusion Detection System)
  • FedRAMP Authorization Process
  • ESS/HBSS (Enterprise Security Suite/Host Based System Security)
  • SCAP (Security Content Automation Protocol)
  • Vulnerability Management
  • Risk Management
  • RMF (Risk Management Framework)
  • MITRE ATT&CK
  • NIST (National Institute of Standards and Technology
  • ACAS (Assured Compliance Assessment Solution)
  • ELK (Elasticsearch, Logstash, Kibana)
  • STIG (Security Technical Implementation Guides)
  • eMASS (Enterprise Mission Assurance Support Service)
  • Operating Systems: Server, Workstation, RedHat, Ubuntu, CentOS
  • Amazon Web Services (AWS) console management
  • Malware Analysis
  • Disaster Recovery
  • Cloud security
  • Incident Response
  • Network Security
  • Threat analysis
  • Intrusion Detection
  • Access Control
  • Risk Analysis
  • CI/CD Pipeline

Certification

  • TS/SCI Clearance
  • ISC2 CISSP (Certified Information Systems Security Professional)
  • ISC2 SSCP (Systems Security Certified Practitioner)
  • EC-Council CEH (Certified Ethical Hacker) 13Feb2014)
  • CompTIA Security+
  • CompTIA Project+
  • CompTIA Network+
  • CIW Web Design Specialist
  • CIW Web Foundations Associate 1
  • Axelos ITIL Foundation Certificate in IT Service Management

Timeline

DevSecOps Software Security Lead

USfalcon, Inc.
01.2023 - Current

Project Delivery Manager

Deloitte
01.2022 - 01.2023

Senior Cyber Engineer

Raytheon
01.2019 - 01.2022

Principle Cyber Engineer

01.2017 - 01.2019

Cybersecurity Engineer

01.2016 - 01.2017

Network Intrusion Operator

Davidson Technologies
01.2013 - 01.2016

Information System Security Engineer

ABACUS
01.2012 - 01.2013

Security Analyst

AECOM
01.2012 - 01.2012

Software Specialist

The Experts
01.2010 - 01.2012

System Engineer

Combat Support Associates Ltd.
01.2008 - 01.2010

Associates degree - Computer Networking

IntelliTec

Diploma -

High School

Bachelor's degree - Cybersecurity and Information Assurance

Western Governors University

Similar Profiles

CREATE PROFILE
William Phillips