Cameron Faison

• Provided continuous monitoring to high-side and low-side US Government (USG) program networks against internal and external threat actors.
• Respond to and investigate security incidents, triaging alerts and escalating as necessary based on severity and impact, consistent with NIST SP 800-61 guidelines.
• Utilize SOPs and playbooks, ensuring compliance with DOD RMF 8510.01.
• Utilized SEIM, EDR, DLP, and IDS solutions such as:

- Splunk Enterprise Security/UAM

- Trellix Endpoint Security/IVX

- Ivanti Device control

- Forward Networks

- Snort IDS

• Conducted routine threat hunts designed with MITRE ATT&CK and Lockheed Martin Cyber Kill Chain framework in mind.
• Utilized up-to-date reporting and intelligence for IOCs from both open and closed sources.
• Prepared weekly reports of security posture, presented to CIO briefings.
• Conducted daily vulnerability assessments utilizing Tenable ACAS, assisted with mitigation.
• Coordinated with other IT teams to achieve the highest possible outcome for security incident handling with the lowest impact to enterprise.

Key Achievements

• Was the principal architect behind all current SOPs and playbooks within my department.
• Contributed to achieving an "excellent" rating through DISAs annual "Cyber Operational Readiness Assessment (CORA)" program for the last 4 years. A rating which was previously marked "poor" prior to my team's onboarding.
• Research and develop future security technology briefings for stakeholders.

• Responsible for the continuous monitoring of two USG high-side networks and Zenetex corporate network.
• Ensured compliance with applicable frameworks, including NIST SP 800-53, RMF, and DCSA Assessment and Authorization Process Manual (DAAPM).
• Prepared, maintained, and reviewed security documentation, including System Security Plans (SSPs), Security Control Assessments (SCAs), and Plan of Action and Milestones (POA&Ms).
• Provided security training, guidance, and awareness programs to personnel with system access.
• Dual-hatted as analyst and Monitored security incidents and events to ensure appropriate responses and reporting, utilizing tools such as Microsoft Azure Sentinel, Windows Defender, and Splunk Enterprise Security.
• Monitored and review audit logs, incident reports, and user activity to detect anomalies and ensure compliance.
• Evaluated and managed the implementation of security patches, updates, and system enhancements.

Key Achievements

• Working as a one-man team, successfully upgraded a critical high-side air gapped network complete with latest OS distribution and all-new hardware to ensure DISA Authorization to Operate (ATO).
• Implemented a regular corporate exercise consisting of false phishing emails to assess security posture. Assigned employees remedial training if they failed to successfully identify and quarantine attempts.
• Automated security processes through Microsoft Azure to ensure continued security despite manpower deficiencies.

• Assisted with system administration and security for high-side contract networks housed at office. Assisted with Microsoft Azure implementation within Zenetex corporate enterprise.
• Conducted cyber threat detection and response.
• Conduct basic risk assessments and report findings to ISSM.
• Provided L1 Help Desk support through Service Now
• Support the DoD RMF documentation for high-side networks such as SSP, POA&M, SCA.
• Conduct research on emerging cybersecurity threats, vulnerabilities, and attack vectors. Utilized reporting from open sources.

Key Achievements

• Assisted with completing requirements to ensure CMMC certification, allowing for CUI processing for the first time within the company.