Jason Kraus

Experience

• 

  M-80 Systems, Inc.

  Jun 1995 - now

  Vice President | IT Director

  Manage all aspects of a domain computing environment for a commercial furniture sales & design and general contracting company. Responsibilities include managing compliance with NIST 800-171 requirements, governance, risk management, research, design implementation, management and upgrading all IT assets to include servers, workstations, printers, routers, firewalls, VPNs, telephony, software, biometric time clocks and CCTV. Develop, implement and manage a disaster recovery plan and offsite data backup strategy. Show less

• 

  Deloitte. - Guam and Micronesia

  Nov 2002 - Feb 2016

  Systems Engineer

  Assist in managing all aspects of a domain and workgroup computing environment across five geographically disparate locations to include Guam, Majuro, Palau, Pohnpei and Saipan. Perform IT security assessments and implement measures to improve Member Firm security posture. Research local laws and regulations related to data retention and implement policies, processes and procedures to adhere to those requirements. Assist in the development, implementation and management of a disaster recovery plan (DRP). Show less

• 

  Deloitte. - Southeast Asia

  Jan 2012 - Feb 2016

  Security Officer, Information Technology

  Manage a Firm-wide information security management system (ISMS) designed to protect the confidentiality, integrity and availability of client and Member Firm information. Develop and implement security policies, processes and procedures that affect over twenty nine offices and eight thousand staff members. Develop curricula and facilitate security awareness training. Manage an ongoing security awareness campaign to create a security-minded culture within Deloitte Southeast Asia. Perform cost benefit analysis on all recommended security strategies. Identify, evaluate and work with key security staff to implement all critical security systems related to intrusion prevention, antivirus/anti-malware, event log management, security patch management, and security incident response procedures. Collaborate with Member Firm relationship management team to assess Member Firm compliance with global standards. Supervise daily activities of IT security department staff.Perform annual FDIC IT security compliance assessments for a financial institution. Perform annual U.S. National Security Agreement compliance assessments for two telecommunications corporations.Develop and conduct a customized security assessment for a regional non-governmental organization. Show less

• 

  Ka'ala Systems Technology Corporation

  Feb 2016 - May 2024

  Cyber Security Analyst and Administrator

  Provide Cyber Security Administration services and serve as a subject matter expert for clients of Ka'ala Systems Technology Corporation.Work with a Navy command's Information Systems Security Manager and other command staff to ensure compliance with policy requirements dictated by the United States Navy, the Federal Information Security Management Act, and the Department of Defense's Risk Management Framework.Administer IAW DISA tactics, techniques & procedures (TT&P) and local security policies. Provide detailed remediation plan of action and milestones (POA&M). Maintain current applicable policies, regulations, instructions, security requirements and professional updates.Certified and experienced with ACAS (Nessus Security Center) and HBSS (Trellix ePolicy Orchestrator).Manage VMWare virtual environment.Configure and generate actionable reports using Splunk and utilize WhatsUp to monitor network-connected assets. Review, analyze and report on events for HBSS-managed assets. Develop standard operating procedures for various cyber-related tasks. Show less