Michael J Gibson

• Work with internal platform and security engineers to design, build, and implement enterprise class security strategies with cloud native solutions including Azure Sentinel, Microsoft Defender for Cloud, Azure Monitor, Azure Firewall, Azure Policy, Azure Governance, and Azure Purview to supply oversight of all cloud based system activities within a extremely diverse operational environment to reducing risk and enhance overall security posture.
• Identify and communicate emerging threats to key decision makers in cloud-based infrastructure and implement mitigation strategies such as Microsoft Purview Data Loss Prevention rules and actions to protect deployed resources.
• Routinely evaluate security posture to identify deficiencies and improve status.
• Developed and implemented security metrics to identify where security policy is not meeting expectations.
• Aligned infrastructure with DoD Risk Management Framework Approval to Operate (ATO) certification and accreditation process.
• Utilize Trellix (MVision Mobile ePO) and IBM Mobile device management (MaaS360 - SaaS) to actively monitor and manage over six hundred devices worldwide.
• Incident response

 VDI Engineer / System Administrator

• Actively managed and maintained initial instantiation and deployment of VMWare ESXi, VCenter Server, and Horizon view virtual desktop to a new greenfield Virtual Desktop Infrastructure environment.
• Implemented and supported Wyse management suite to actively manage over fifty thin clients in initial deployment.

• Identified, designed, planned, evaluated, and implemented Army Endpoint Security Solution (AESS) products into an existing active environment with zero interruption to services.
• Aided in the successful deployment of Elasticsearch, Logstash, and Kibana (ELK), and applicable Elasticsearch agents into the existing environment for enhanced monitoring capabilities including near real time monitoring and SEIM capabilities with custom developed Kibana dashboards.
• Identified training and educational opportunities with AESS products for existing employees to assist in adoption of recently implemented technologies and enrich productivity.

• Utilized third party tools such as Suricata IDS / IPS to ingest threat data into ELK stack for analysis, visualization, and action based on threat level and resources resulting in greater visibility into the environment.
• Designed, built, and implemented, Azure cloud native security solutions for greenfield cloud-based application deployment. Initial instantiation of Azure Sentinel, Azure Monitor, Azure Policy, and Azure Governance to define and adapt industry standard security policy and procedure into a pristine environment.
• Aided in the design and development of Android operating system security configuration providing secure workspace for Special Operations Forces deployed personnel resulting in the increased adoption of the platform using MaaS360.
• Identified and implemented host-based security for Android mobile device endpoints to identify threats quickly and accurately on mobile devices.

 System Administrator V

• Managed and supported SOF Information Enterprise (SIE) specific systems and applications including OS deployments and applications.
• Performed security analysis of ~1000 endpoints and active users and used outputs to guide security strategies; reduced vulnerability management and endpoint attack surface by 25% overall on SOCEUR tactical edge compute devices utilizing Splunk and Microsoft Endpoint Configuration Manager (MECM/SCCM).
• Co-engineered SOCEUR OS and imaging solution to perform upgrades and end user device management for over one thousand endpoints utilizing Microsoft Active Directory and Systems Center Configuration Manager. Achieved a first deployment success rate of over 90% for upgrade deployments and less than 3% computers requiring patch management.

• Accompanied wife on contract to USAG Stuttgart, Germany. Attended University of Maryland Cyber Security master's program and participated in various online Cybersecurity Forums.

• Implemented, managed, and maintained information system security program and personnel in accordance with Federal Information Security Management Act (FISMA), Office of Manning Budget (OMB), and Department of Energy (DOE) policy utilizing NIST and DOE guidance.
• Developed Security Change Control Board to ensure changes within the production environment are fully vetted prior to implementation and increase efficiency and visibility.
• Developed budgetary requirements for Cybersecurity personnel and related duties and requirements.
• Coordinated Cybersecurity policy and supplied information assurance education throughout a diverse workforce ensuring compliance in the organization as well as external agencies facilitating the Cybersecurity program.
• Performed Certification and Accreditation actions to ensure security policy met with industry standards and managed Plan of Action and Milestones to ensure delivery of ATO was achieved within the accreditation period.

• Served as key member of the Sandia National Laboratories Sandia Partner Network (SPN (SIPR)/ NSN) Virtual Desktop Infrastructure (VDI) team supporting over 120 operational servers and desktops.
• Implemented security strategies in the planning, development, implementation, and maintenance of virtual desktop environment to ensure changes conformed to SNL security program and user requirements.
• Managed the SNL SPN/NSN Vulnerability Management Program (VMP) and verified the VMP remained in compliance with DOE Information Assurance Response Center (IARC) requirements.
• Implemented and supported common operating environment for virtual desktop infrastructure deployment as well as research and development of security related Active Directory Group Policy Object configurations allowing for almost immediate deployment of user virtual environment achieved delivery in under 1 hour from request to delivery.
• Utilized Nessus Security scanner to plan, coordinate, and validate vulnerability and compliance management with twenty various SNL organizations and approximately one thousand devices, with a net result of a 20% overall reduction in WAN facing vulnerabilities.

• Served as Deputy Team Lead of Cybersecurity element as a contractor for the National Nuclear Security Administration Headquarters Albuquerque Complex overseeing ten individual security personnel.
• Implemented and monitored Cybersecurity policy and compliance of NNSA Mission Information Systems on all headquarters assets associated with NNSA-MIS
• Managed the professional development and training of three junior ISSO's in duties and functions of Information System Security Officers, including developing security policy, risk management and compliance monitoring utilizing NNSA Policy (NAP), NIST and CNSS.
• Utilized automated security scanning tools such as Tenable Nessus Security Scanner, McAfee ePO, Splunk, CIS-CAT Benchmark tool, and others to ensure compliance with local security policy as well as monitor bulk network traffic for malicious or suspicious activities.
• Information System Security Officer for multiple classified video teleconferencing systems, classified standalone systems, SIPRNet node interface, and National Nuclear Security Administration classified WAN network.
• Oversee the coordination, development, and implementation of desktop and server operating systems technical security policies and Group Policy Objects, to ensure secure configurations of desktop and server deployments and compliance with STIG and Center for Internet Security (CIS) configuration guidance.

• Azure CI/CD DevOps
• Github Workflow Actions
• System Integration, System Administration, Security Administration, Vulnerability Management
• Python, PowerShell, PowerBI, Kusto Query Language (KQL), Bicep, Terraform
• Mobile Device Security, Mobile Device Management
• Incident Response (Analysis), SOC Operations
• And continously growing!