Joel D. Kinard CISSP

1501 Old Charlotte Highway | Suite A-148 | Monroe, NC 28110

jdkinard@gmail.com

(843) 991-4444

 

CERTIFICATIONS:

 

·         CISSP (Certified Information Systems Security Professional, registration number 108647)

·         CIAM (Identity Management Institute, registration number = 3530)­

·         CISCO Number = CSCO10610786

o    CCNA (Cisco-Certified Network Associate)

o    CWLSS (Cisco Wireless LAN Support Specialist)

·         EIT (Engineer in Training)

 

March 2021 to June 2021 – Information Security Analyst SME - NCI = Navigate. Collaborate. Innovate. TM

·         I provided Information Security services for NCI on Federal contracts.  One interesting project we were working on is the $807M DIGIT engagement for the U.S. General Services Administration (gsa.gov).

·         Automated company processes using Tenable software, PowerShell scripts and other tools.

·         Contributed Security best practices as a member of the UNIX support team.

·         Worked remotely from my private office in Monroe NC, within a geographically-distributed workforce

·         **This role was unfortunately cut short, when NCI conducted an I.R.I.F. and asked several people to leave.

 

October 2018 to June 2020 Information Security Analyst 4 – Wells Fargo                                                        

 

·         In Enterprise Key Management we handled the entire lifecycle of various types of encryption keys.  Types of keys included Mainframe, Debit & Credit cards, etc.  Creation, installation, secure transport, protection, storage, and destruction of Production and Development encryption keys across all of Wells Fargo's data centers.

·         Installed encryption keys on IBM z/OS hosts

·         Assisted IBM’s Garry Sullivan during initial build of a new Trusted Key Entry (TKE) appliance

·         Managed the team’s access to encryption key vaults at North Carolina’s data centers.

·         Assigned physical brass keys and vault combinations.

·         Maintained security badge readers.

·         Created documentation using Visio.

·         Worked on-site and remotely from my private office in Monroe NC, within a geographically-distributed workforce.

 

August 2018 – October 2018 – Information Security Analyst III – Contract: INT Technologies for client Wells Fargo

 

·         Investigated Privileged Access abuse at Wells Fargo using Splunk SIEM within Wells Fargo's CTFC (Cyber Threat Fusion Center)

·         Completed week-long instructor-led Splunk SIEM course: "Using Splunk Enterprise Security 5.0", Dedicated Virtual (Date 26 September 2018)

 

Jun 2017 to Aug 2017 – Vulnerability Management SME – Contract: Apex Systems for client Wells Fargo

 

·         Involved with vulnerability processes and timelines, application patching tasks, scheduling, planning and coordination for Wells Fargo’s Technology Health Refresh (THR) initiative.  Collected Qualys scan data for application vulnerabilities and populated Excel workbooks with this information.  The workbooks were then formatted for clarity before meeting with application owners to discuss scan findings, remediation strategies and schedules.

·         Worked on-site and remotely from my private office in Monroe NC, within a geographically-distributed workforce

 

Feb 2016 to Present – Co-owner – Private Equestrian Facility (Kinard Horse Riding and Boarding)

 

·         Manage projects and tasks for horse farm that conducts lessons and boarding in Monroe, NC.


Sep 2015 to Jan 2016 – NERC-CIP Compliance Analyst & QA Partner – Contract: CRG (Computer Resource Group) for client Duke Energy

 

·         Location = 400 S. Tryon Street, 32nd floor, Charlotte, NC

·         Exposure to NERC-CIP standards

·         Provided Compliance reviews for Fossil Hydro Generation (FHO).

·         Performed Business Continuity Planning and Disaster Recovery procedures

·         Performed NERC-CIP Quality Assurance measures to assure Duke Energy generating stations provide reliable delivery of electricity to consumers and businesses.

·         Assisted in delivering NERC-CIP Compliance training at generating stations in Florida, Indiana and North Carolina.

·         The late Daphne Pinchback supervised my QA Reviews for FHO.

 

May 2015 to Jul 2015 – Cyber Security Engineer – Contract: Matlen Silver for client Babcock & Wilcox

 

·         Managed a Data Loss Prevention (DLP) system, protecting data from escaping over various protocols such as SMTP & FTP, on removable USB storage and printed copy.  Began architecting an enterprise DLP system upgrade to v14.

·         Used IBM Unified Endpoint Management systems

·         Leveraged Splunk to aggregate and correlate a variety of system events for analysis

·         Examined Cloud-based CASB solutions such as Bitglass, to check the efficacy of compromise detection and prevention mechanisms.

 

Dec 2013 to Feb 2015 – Sr. Network Security Engineer – for client Bank of America

Dual contract management: Dell Secureworks (2013-2014) and TEKsystems (2014-2015)

 

·         Managed an enterprise firewall consulting queue

·         Perimeter security engineering solutions and cyber security services

·         Articulated differences between Maximo software and new Remedy ITSM package

·         Shepherded project requests through correct channels insuring on time delivery of services

·         Worked both remotely from my private office and on-site in Charlotte, NC, within a geographically-distributed workforce.

 

Jul 2012 to Sep 2013 – Systems Security Engineer III – Honeywell – North Charleston, SC

 

·         Obtained a Secret Security Clearance from the United States Department of Defense (DoD)

·         Provided Cyber-Security and Information Assurance expertise for the Department of Defense, protecting critical systems and other assets utilized by the warfighter in combat missions.

·         Protected the Confidentiality, Integrity and Availability of information systems for federal government agencies, public and private sector clients.

 

Specific IA experience:

·         Served as IAO for SPAWAR supporting the ISSM in two Marine Corps taskings (AFATDS and TLDHS).

·         Engaged in Risk Management Framework (RMF) architecture/planning; Leveraged NIST 800-53 and ISO 27001 guidelines.

·         Participated in Baseline and IV&V activities for JTF Capital Medical systems

 

May 2007 to Jul 2012 – Information Security Analyst II: Santee Cooper – Moncks Corner, SC

 

·         Attained the CISSP (Certified Information Systems Security Professional, #108647) credential by examination September 29, 2007

·         Worked with NERC-CIP standards

·         Created Visio master LAN maps for firewall router and switch documentation at Headquarters and the Standby Control Center, SCADA Control Systems’ network security upgrades, regional water systems and all electric cooperatives, plus Antivirus/Antimalware & RSA Appliance deployment and management.

·         On-Call 1: Participated in Annual rotation as primary BCP & DR response analyst for potential Coastal storm events during hurricane season

·         On-Call 2: Participated in weekly rotation as the primary response analyst for Security-related network and systems events, escalated by Secureworks and other technical groups

·         Change Management: processes, policies and procedures

·         Encryption: Project manager for the assessment phase of a laptop encryption project

·         Antivirus: Designed, launched, upgraded and solely managed a redundant enterprise antivirus protection schema for all corporate Windows, Citrix and Linux servers, desktops and laptops, using Symantec Endpoint Protection.  Implemented & administered other antivirus & management products such as Trend Micro, IBM/Tivoli Endpoint Manager (TEM), and IBM/BigFix.

·         Malware: Procured supported version of Malwarebytes version with full documentation, then set up full scans at various intervals; Utilized TDSS Killer by Kaspersky to eliminate boot sector infections common on internet-facing endpoints; Fine-tuned detection and sensitivity thresholds of Symantec Endpoint Protection and Trend Micro to the highest levels, minimizing effects of malicious malware and other devious applications on production endpoints and servers

·         Firewalls: Upgraded numerous end-of-life Nokia appliances on IPSO 3.x in our inventory to their latest Nokia IP-series hardware, eventually running IPSO v4.2.  After Check Point purchased Nokia’s line of IP-series firewall appliances we began to roll out some Check Point-branded hardware running SPLAT, as its versioning steadily progressed from NGX R60 up to NGX R75.30. I specified, ordered, received, built, implemented, installed and managed Check Point and Nokia firewalls for use at 1. Fossil Hydro (FHO) Generating Stations in Power Generation Process Control networks, and 2. CEMS (Continuous Emissions Monitoring Systems).  These firewalls were also used with IP Metering systems at electric cooperatives, each transmitting monthly/hourly power billing data securely over Check Point VPN’s.  (See VPN’s below.)    

·         VPN’s: Created, implemented and administered Tunnel-mode IPSec VPN’s for the electric cooperatives using IP Metering firewalls.

·         Network Address Translation (NAT): Created a NAT table to prevent IP address conflicts.  A new electric cooperative wished to join my IP Metering program, but its existing address configuration was the same as one of our generating stations.  I created a translated IP schema on our network using a new 10.x.x.x format.  This segmented all traffic destined for the generating station away from traffic to the cooperative.

·         Occasionally during troubleshooting and configuration I utilized “expert-mode” CLI on Check Point w/SPLAT and CLISH on Nokia w/IPSO.

·         Authentication: Managed RSA SecurID two-factor authentication system upgrade from old virtual server-based systems to new Appliances; integrating disaster recovery/redundancy/failover capabilities; management; upgrades, service packs & patches; agent configuration/distribution, etc.

·         Vulnerability Management: Scanning, remediation and reporting with eEye Retina

·         Patching: Managed security updates & patching for all HP-UX servers (which housed existing Development and Production Oracle databases), Redhat Linux and Windows development and production servers

·         Monitoring: Managed perimeter network monitoring services provided by Dell-Secureworks

·         Deployed Symantec Anti-Virus For Linux (SAVFL) onto RHEL4 (32-bit) and RHEL5 (64-bit) servers. Authored an installation guide describing this process in detail.

·         Metrics Reporting: Monthly/quarterly reporting on Internet and Firewall Availability, Kiwi, FTP, antivirus coverage

·         Hardening: Secured new HP-UX servers (deployed to house new Oracle databases) using Bastille, SUDO and Trusted System

·         VMWare: vSphere Host and Guest Management

·         Security representative on various project teams

·         Coordinated security vendor relationships

 

Jul 2005 to Apr 2007 – Network Engineer: Decore-ative Specialties – Monroe, NC

 

·         Network engineering and administration for national wood products manufacturing company

·         Executed Business Continuity/Disaster Recovery plan for production manufacturing computers

·         Configured Zebra devices for use on assembly lines

·         Wireless: Designed and implemented improvements to 802.11 / 802.1x wireless LANs and numerous handheld devices

·         Site Maps: Created master LAN maps and device documentation using Visio and Autocad

·         Process Improvements: Conceived and executed strategy to mediate detrimental effects that extreme temperatures and wood dust have on Technology equipment in harsh manufacturing environments

·         Patching: Applied security vulnerability updates using HFNetChk Professional

·         Data Protection: Scripted daily archival of data from manufacturing computers on XP/Windows2000

·         Served as East Coast technical liaison for peers in California

·         Backup Systems: Managed Tivoli Storage Manager (TSM) data backup system

·         Scripting: Developed shell and command-line scripting with VBScript modules, automating repetitive administration tasks

·         Service: Diagnosed issues and coordinated factory service of servers, workstations, laptops, switches, wireless access points and StorServer tape drive

 

Feb 2004 to Jul 2005 – Security and Systems Administrator:  Global Compliance Services – Charlotte, NC

 

·         Responsible for Information Security, System Administration, and User Administration using Role-based Access Control (“RBAC”).

·         Policies 1: Discussed with the CEO the importance of having solid policies to guide Technology management, practices and decisions, which shall be implemented after obtaining Senior-level review and approval

·         Policies 2: Conceived and authored Information Security, Internet Usage, BCP & DR (Business Continuity Planning/Disaster Recovery) and Microcomputer policies

·         Policies 3: Created new password expiration policies and logon banners and implemented them into production use

·         Policies 4: Created new password complexity requirements and implemented them into production use by installing passflt.dll on the Primary and Backup NT4 domain controllers

·         Patching: Created and managed a Microsoft Software Update Services (SUS) server, and used it to distribute security patches to Windows servers and end-user computers/laptops

·         Active Directory: Coordinated conversion of old Windows NT 4.0 domain to hybrid Active Directory.  Created default Group Policy, GPO’s and OU’s

·         Standardized Windows 2000/XP workstation builds/images using local Group Policy

·         Antivirus: Introduced and managed McAfee Active Virus Defense systems, including ePolicy Orchestrator consoles

·         Email: Used ExMerge to migrate Outlook clients from Exchange 5.5 email server (used with NT4) to Exchange 2000 email server (used with hybrid Active Directory)

·         Leadership: Recruited/managed/mentored one direct report for technical support services

·         Scripting: Developed shell and command-line scripting using VBScript modules, automating repetitive administration tasks

·         Coordinated vendor relationships

·         Built these twelve (12) servers:

 

Windows 2000:
** One Exchange 2000 server
** Three Nortel Symposium servers (1-web server & 2-database servers)
** One McAfee ePolicy Orchestrator server
** One WSUS (Windows Software Update Services) server
** One Client Reports server

Windows 2003:
** Two domain controllers

OpenBSD:
** One FTP server (v. 3.5)
** One MTA server (v. 3.5)
** One SysLog server (v. 3.6)

 

 

Apr 2001 to Nov 2003 – Network and Security Administrator & End-user Support:  Sharonview Federal Credit Union – Charlotte, NC

 

·         Network and user administration

·         Increased awareness of Information Security; attended two security conferences

·         Check printing: Configured method for credit union tellers to view and print copies of processed/cleared checks for members upon request

·         Web filtering: Implemented SuperScout Internet usage monitoring system to enforce corporate browsing policy

·         Monitoring: Established and managed network monitoring system using IP Monitor, to ensure availability of network devices and promote uptime awareness

·         Antivirus: Introduced and managed McAfee Active Virus Defense systems, including ePolicy Orchestrator consoles

·         Standardized Windows NT4.0, 2000 and XP workstation builds using imaging

·         Installed and administered Windows 2000 Terminal Services

·         Scripting: Developed shell and command-line scripting using VBScript modules, automating repetitive administration tasks

·         Accounts: Managed network accounts using Role-based Access Control (“RBAC”), and Exchange user accounts

·         LAN/WAN: Performed Cisco router and switch configuration and deployment at credit union branches

·         Site work: Coordinated installation of data and voice wiring at credit union branches

·         Built branch and corporate servers

·         Evaluated/rebuilt crashed workstations and deployed new units

·         Installed/updated end-user software

·         Fixed network connectivity problems

·         Interfaced with vendors/suppliers

·         Documentation: Created/updated network documentation/diagrams

·         Policy & Policies: While working with the Business Continuity/Disaster Recovery manager I began examining policies, and drafted several “sample” IT Security policies

 

Sep 1998 to Apr 2001 – Assistant Vice President, Network and Security Operations Center Administration:  Bank of America – Charlotte, NC

 

·         Accounts: Administered user accounts using Role-based Access Control (“RBAC”), data access management, NTFS/Share security & DFS for client base of 15,000 users on a hybrid Windows 2000/NT4 domain

·         Policy & Policies: Implemented domain security policy best practices, including hardened domain passwords and procedures for terminating access of former employees

·         Change Management: processes, policies and procedures

·         Web server: Set up Global Corporate Investment Bank (GCIB) Client Administration Intranet web server and site for Accounts Administration use

·         Two-factor authentication: Set up and administered an enterprise RAS solution using RSA’s SecurID security tokens

·         Rights management: Cooperated in a project to lock down domain rights

·         Set up and managed DFS shares for centralized control of data

·         Troubleshooting: Worked with the Network Security/Operations teams to diagnose and troubleshoot Security issues, data processes and hardware resources

·         Backups: Facilitated a secure backup tape rotation and ensured proper off-site storage/retrieval standards

·         Scripting: Developed shell and command-line scripting, automating repetitive administration tasks

 

 

May 1992 to Sep 1998 – Structural Engineer, Various civil and structural engineering firms in North and South Carolina

 

 

EDUCATION:

 

UNIVERSITY OF SOUTH CAROLINA

Bachelor of Science in Civil & Structural Engineering