Anthony Gomez

Experience

• 

  US Army

  Mar 2003 - May 2014

  Soldier

  United States Army • Battalion Maintenance Supervisor. • Environmental Compliance Officer. • Land and Ammunition Officer. • Welding and Fabrication. • Engineer• Vehicle Recovery Supervisor. • Track Vehicle Mechanic. • Medical Laboratory Specialist.

• 

  Knowlogy Corporation

  Nov 2015 - May 2018

  USAREUR G6, Army Europe – Information Technology Training Program, Helpdesk

  ● Army Training & Certification Tracking System (ATCTS) Manager for USAREUR G6. Verificationof profiles, appointment orders, all supporting documents and training are current and updates forsystem access.● Provided network maintenance and support for Stuttgart and Vilseck.● Maintained multiple NAT servers across multiple sites to ensure reliable network connectivity.● Deployed Images across multiple sites, repaired images and Virtual Machines using VMWaresoftware, and deployed images weekly using Ghost 32. Show less

• 

  Global Knowledge

  Jan 2019 - Jan 2020

  Army Europe – Information Technology Training Program, Account Mgt / Front end Web dev.

  ● Account Management and Database maintenance for Army Europe-Information TechnologyTraining Program’s learning management system.● Responsible for providing customer support. The creation, unblocking, updating customeraccounts as well as assigning privileges and roles.● Front end Web development of AE-ITT website. Build new pages, links, formatting, pictures andall client changes requested from the US army. Modify or create new HTML and java builds tomeet DISA STIG hardening standards for Army Government Network.● Army Training & Certification Tracking System (ATCTS) Manager for USAREUR G6. Verificationof profiles, appointment orders, all supporting documents and training are current and updates forsystem access.● Responsible for the assignment of duties, workload and coverage to other sites across Europe.● Responsible for supporting remote training in locations within Europe. Travel with mobileequipment and setup sites with mobile networks and workstations.● Responsible for management of equipment and resources across Europe. Show less

• 

  Valiant Integrated Services

  Jan 2020 - Oct 2020

  ATMP Contract - System And Database Administrator

  ● Active Directory Accounts Manager. Create accounts, assign permission and assign personnel byrole base and group management.● Create certificates and cut PKI cards for system access.● Army Training & Certification Tracking System (ATCTS) Manager for the ATMP contract.● Verification of profiles, appointment orders, certifications, all supporting documents and trainingare current and update for Valiant and Raytheon employees for access to multiple systems.● Utilize monitoring tools such as ACAS and Splunk to audit general user and systemadministrators and devices on the network.● Manage multiple Linux databases, access, accounts, permissions, configurations, backups, logmanagement, systems configuration and hardening. Show less

• 

  Lockheed Martin

  Oct 2020 - Oct 2021

  ● Coordinates the continuous development, implementation and updating of security and privacypolicies, standards, guidelines, baselines, processes and procedures in compliance with federalregulations and Department of Defense Standards.● Develop and manage the frameworks, processes, tools to properly manage risk and to makerisk-based decisions related to operational activities.● Support in Authorization to Operate packages, FISMA inspections, write POA&M and STIGdeviation justifications, EOL/EOS documentation, software/hardware asset management,uploading and managing documentation eMass.● Proactive identification and mitigation of IT risks as well as responding to observations identifiedby third party auditors or examiners while assisting in the development of periodic reports anddashboards presenting the level of controls compliance and current IT risk posture.● Broaden and deepen knowledge of the business and environment of IT with respect to thedelivery of projects, strategic initiatives and systems portfolio to effectively assist IT managersand staff with risk and compliance management.● Identify acceptable levels of residual risk and assist with action plans, policy and proceduralchanges for risk mitigation. Provide strategic recommendations to key IT projects to help improveproject results, quality of deliverables, risk optimization, security processes and compliance withregulations.● Manage permanent, temporary employees on the SOC team. Hire and recommend termination ofemployees, as necessary. Create formal evaluations and provide informal evaluations of SOCemployees. Coach, mentor, train and develop SOC employees. Set and maintain a workschedule from standard operation time to 24 hour rotating schedule.● Receives allegations of security incidents and conducts complex investigations; prepares writtenfindings, recommendations and follow up evaluation; and analyzes patterns and trends. Show less ● Monitor security access and report suspicious activity to a higher level or team members.● Conduct security assessments regularly to identify vulnerabilities and perform risk analysis.● Conduct security audits of baseline configurations, and STIG deviations in compliance with ATOand DISA compliance.● Analyze security violations and breaches to reach the root cause.● Generate reports for IT administrators, business managers, and security leaders to serve as inputto evaluate the efficacy of the security policies.● Advise and implement necessary changes required to counter attacks or improvise securitystandards.● Keep security systems updated, patch management of Microsoft systems, Mac IOS, VMWare,RHEL, SQL, and Applications.● Document incidents to contribute to incident response and disaster recovery plans.● Perform internal and external security audits.● Database Administrator, perform STIG Hardening, backups, log maintenance, and auditing.● Proficient with the use of the following technologies, Splunk, Solarwinds, HBSS, ACAS, Tenables,VMWare, RHEL, SQL, Mac IOS, DECM, Kiwi Syslog, Show less

  • ATMP Contract - Information Systems Security Officer

    Apr 2021 - Oct 2021

  • ATMP Contract - Security Operations Center Analyst / Database Administrator

    Oct 2020 - Apr 2021
• 

  General Dynamics Information Technology

  Nov 2021 - now

  AFCEC/COOI Contract - Information Systems Security Engineer

  ● Create, and review, technical security assessments of Industrial Control Systems to identifypoints of vulnerability, non-compliance with established Information Assurance (IA) standards andregulations and recommend mitigation strategies.● Validate and verify system security requirements definitions and analysis to already establishedindustrial control systems and assist in the security designs and onboarding of new controlsystems.● Assess and mitigate system security threats/risks throughout life cycle replacement.● Support in Authorization to Operate packages, write POA&M for Enterprise, STIG deviationjustifications, EOL/EOS documentation, software/hardware asset management, uploading andmanaging documentation eMass.● Install, Configure, integrate Security Systems, HBSS, ACAS, Scanners, Tanium, WSUS, SCCM,MECM, DECM, Kiwi Syslog, SolarWinds.● Establish security posture by setting computing environments baseline configurations forMicrosoft Systems, RHEL 6, REHL 7, SQL Databases, IIS, DotNet, LTMA Servers, VMWare,Network Devices, and applications such as Siemens, HoneyWell, and Johnson● Assist in Continuous Monitoring along with Security Operation Center by validating weeklycompliance and vulnerability scans and taking corrective actions and documentation creation.● Enterprise engineering, management and maintenance of LTMA servers and CA templates.Design OU structure and maintenance of Active Directory computer and users, permissions,security groups, and role based security builds. Manage and maintenance of Group Policy create,structure, enforcement and securities.● Travel CONUS and OCONUS to client sites and assist local site personnel establish securityconfigurations for operating and control systems. Training the local site in the use of ACASreports, SCAP scan tools and STIG compliance set forth by DISA. Assist in establishingcontinuous monitoring plans, network diagrams, incident response plans, and eMassmanagement. Show less