Michael R.

Hannah
Palmdale, CA | endcaptex@gmail.com | (661) 618-3677 | https://www.linkedin.com/in/michael-h-aab835120/

WHO I AM:
Michael Hannah is an Honorably Discharged, U.S. Army Veteran, with 16+ years of work experience with the last 6+ years
in the security sector. My goal and interests are the care taken to manage a team that is equipped to operationalize business
strategy, implement change in their organization’s processes and systems, and maximize value over the life of the asset.

PROFESSIONAL SUMMARY:
AWS Administration, AWS Solutions & Cloud Solutions productivity workflows
Business Management: PMP, Agile, SCRUM & Lean Six Sigma.
Business Administration: SalesForce, QuickBooks & MS Office.
Project Management ($20M Annual Revenues, Managed Business Partner/Vendors/Suppliers).
Project Microsoft Data & Business Analyst.

ACCOMPLISHMENTS:
Michael is motivated by purpose and is a demonstrated leader with a results-oriented focus and a “Can-Do” attitude to make
a difference in Cyber Security, IT/OT project management approach that emphasizes a linear progression from beginning
to end of a project, Threat Intelligence, SCADA, Security Engineering, Safety, Governance, Risk, and Compliance
Management and a key member in responding to and triaging security events and incidents, including public cloud, secure
application development, virtual network big data, elastic compute cloud security.

Michael focused on operational excellence will advance an organization into the next generation of information Team
building, Problem-solving, and Leadership in addressing gaps in security extended across cloud platform environments,
enforcing policies, consolidating multiple types of security, and applied to, between the client and working environment that
offers front-loaded to rely on careful planning, detailed documentation, and consecutive execution to partner with staff,
stakeholders, and external customers on multiple projects.

Finally, Michael does not claim to be a paragon but has the resilience that demonstrates only a nose down, a task at hand,
get the job done, deliberate alliance in analytical, conflict management, interpersonal, management, presentation, technical
writing skills including; Active listener, Adaptability, Budget management, Leadership, Motivation, Negotiation, Organization,
Policy knowledge, Problem-solving, Project management methodologies, Reporting, Research, and Risk management, Team
management, Technologically savvy and Time management sustainability with several Fortune 500 companies.

CYBER SECURITY SKILLS:

 Agile and Six Sigma Framework Network Analysis Tools (Wireshark)
 BIA, Assessment, Strategy, Framework OS (Windows Server 2012/2016)
 C2/C&C Vulnerability Analysis Management and Exploits Pen-Testing (Metasploit, Kali)
 CIA Triad for Information Systems Assets SOX, PCI, FERPA, FedRAMP
 COMSEC/Shonan.io Real-world - Contingency Planning Log Mgmt. and SIEM (Splunk, IBM QRadar)
 Digital GRC (Teneable.sc / Teneable.io) Regulatory Regimes (NIST 800, PCI, GDPR
 HACS SIN - Oral Tech. Evaluation FERPA, FedRAMP, HIPAA, HITRUST
 Full-Stack knowledge of IT Infrastructure and Direct experience administrating IAM technologies and services.

QUALIFICATION EDUCATION CERTIFICATION & TRAINING:

 CISSP DOD 8570 IAM level II/III In-progress
 SANS - GICSP In-progress
 Construction Safety and Health OSHA | 34-602155418
 Purdue Global University, BS Cyber Security In-progress
 EC Council C|EH
 Comp TIA DoD 8570 IAM Level I Security+
 McAfee University Email and Web Gateway Systems
 Six Sigma Certification Green Belt
 U.S. Army, Military Education Primary Leadership & Development
 U.S. Army Veteran Honorably Discharged, 1992
QUANTIFIED WORK HISTORY:
Endcap Technology Solutions 7/2020 – Present
Cyber Security Consultant
ACCOMPLISHMENTS: Established the project management support to four major commercial and government businesses
(Hensel Phelps, DCS Corp., City of Hope, and Softek International, Inc.). Conducted strategies that identified and assessed
time-sensitive analysis during cyber investigations, contextualizing identified impact (exfiltration, operational impact) that
informed leadership to actively respond to emerging risk in cloud security strategy, architecture, implementation, and
operations that protected the enterprise systems, applications, and data by establishing policies, practices, and tools that
prevent unauthorized access, use, disclosure, modification or disruption.

Hensel Phelps - Remote Cyber Information Assurance Specialist (8 Months)

ACCOMPLISHMENTS: Led multiple DoD IT/OT programs across the US, working with PMs, and PD team, trade
partners, and subcontractors to obtain Authority to Operate (ATO) approvals for IT and OT Systems for Intelligent Building
Infrastructure, Cyber Best Practices within RMF, and throughout the project technology delivery cycle.
 Accountable for development and delivery of solutions and assistance in securing the technology stack within their
organization, threat detection and remediation, and writing and implementing policies/governance of CUI and CI.
 Monitored security tools and technologies of web security gateways, perimeter security and network access controls and
endpoint security, Full-Stack infrastructure Cloud security rules and implementations of NIST SP800-171 and CMMC
requirements, and FIPS Encryption Standards of devices, and for the implementation and assessment of cybersecurity
standards, IEC 62443, ISO 27001, NIST CSF, NIST SP 800-82, Unified Facilities Criteria, and WBDG.
 Primed for the inevitable with comprehensive incident response plans, security risk, and compliance of information
systems hosted within the cloud on PaaS solutions.

DCS Corp. - F-35 Classified Cyber Security Analyst IV (Sr. ISSO) Remote (10 Months)
ACCOMPLISHMENTS: Advocated commissioning of the first diverse classified information objectives based on the NIST
Cybersecurity Framework that included the Special Access Programs via DLP, E-DRM integrated multiple Government
information security policies and regulations RMF, ICD-503, JSIG, and NIST 800 series special publications including RMF
in planning, analyzing, and implementing policies and process authorization packages, DoD collateral processes, Cloud
Security, ACAS - NESSUS, ACAS, DISA STIGs, SCAP, and HBSS.
 Certified plans of action and milestones or remediation, implemented Governance and Compliance SCAP/ACAS -
NESSUS scanning, policies, and procedures to ensure the protection of critical infrastructure (as appropriate).
 Conducted and collaborated on security access assessments and analysis in support of customer’s systems, including
leading the required documentation to obtain system Authority to Operate (ATO) for cloud services including Platform
as a Service (PaaS), Infrastructure as a Service (IaaS), and Software as a Service (SaaS) solutions.
 Maintained Used Tenable.sc/ ACAS scan for vulnerability mitigation management, and threat analysis such as IDS/IPS,
Firewalls, Host-Based IDS (HIDS) McAfee, and cloud computing environments.
 Performed troubleshooting of local and remote installation of HBSS components and deployments of HBSS products
and policies, and installed updates to McAfee software as released and in compliance with STIG requirements.

City of Hope, Vulnerability Management - Remote (3 Months)

ACCOMPLISHMENTS: Host security Project Lead as a liaison to the other Information Security and IT functional groups,
influencing outcomes as appropriate and coordinating with host security engineers to provide 3rd level production support
for security applications working hand-in-hand across functions, and individual project success where OT/Cyber team is
involved in the project team.
 Served as a security technical lead on enterprise IT projects through the Collateral, Sensitive Compartmented
Information (SCI), and activities to deliver senior-level security certification and accreditation consulting related to the
maintenance, upgrade, and technology insertion for a DoD classified network with multiple sites.

Softek International, Inc., GSA HAC SIN Cybersecurity Analyst - Remote (1 Month)
ACCOMPLISHMENTS: Executed leadership and development to bridge large complex, federated organizational security
assessments, processes to proactively monitor, and govern the effectiveness of Governance Cybersecurity Risk and
Compliance controls of Cybersecurity Policies within Teneable.sc Vulnerability Monitoring reporting.
 Proven autodidact experience in problem-solving skills, Security Assessments, Vulnerability Scans, Security Health
Checks, Roadmaps, Remediation, and Compliance Assessments under GDPR, CCPA, PCI, NIST RMF,
HIPAA/HITECH, DAAPM, NISPOM, GLBA, PCI, FERPA, FedRAMP, FISMA regulatory requirements.
 Validated Team HACS Oral Technical Evaluation consisted of questions related to the 3 subcategories of, High-Value
Asset Assessments Including Security Architecture Reviews (SAR) and Systems Security Engineering (SSE).
Sr. ISSO/Regional Lead DoD (Contractor) 12/2019 – 7/2020
ManTech International Corp. Edwards AFB, CA
ACCOMPLISHMENTS: Pioneered Regional Lead and management of activities to resolve problems and challenges to
ensure sound execution of contracted efforts for both technical and non-technical personnel and lower-level managers, and
all aspects of a large-scale, complex contract to include subcontractors, personnel, schedule, and financial performance of
the West Region facilities: AZ: Davis-Monthan AFB, Luke AFB. CA: Beale AFB, Edwards AFB, Los Angeles AFB, NH
Camp Pendleton, NH Twenty-Nine Palms, Presidio of Monterey, Travis AFB, and Vandenberg AFB. NV: Nellis AFB.
 Continuous Monitoring on Dashboard daily of implemented security controls for user systems to assure compliance
with NIST/ STIG/ FISMA, best practices for 14 direct reports across these facilities in CA, AZ, and NV.
 Directed risk and vulnerability assessments of information systems to identify vulnerabilities, risks, and protection need
using DISA SCAP Compliance Checker and ACAS - NESSUS in conjunction with hands-on manual STIG assessment
as necessary, established, updated, and reviewed RMF documentation to include Security Plans, Implementation Plans,
Plans of Action and Milestones (POA and Ms), and Risk Assessment Reports.
 Synchronized the Certification and Authorization (C & A) process using applicable DoD and DHS tools, and
implemented each task within the six phases of the Risk Management Framework (RMF), and followed the processes
and procedures for the Air Force implementation of RMF within the eMASS.

Sr. Classified Information Systems Security Risk Analyst 4/2019 – 8/2019

Lockheed Martin Corporation, Palmdale, CA
ACCOMPLISHMENTS: Established implementation of the Joint Special Access Program (SAP) Implementation Guide
(JSIG) in determining technical Information Assurance (IA) requirements and ensuring proper security implementation of
the Risk Management Framework (RMF).
 Completed data integrity containments and investigations on cybersecurity for Special Access Programs (SAP) to ensure
classified information systems (IS) meet cybersecurity requirements and government directives.
 Monitored external data sources (e.g., Computer Network Defense vendor sites, Computer Emergency Response
Teams [CERTs], SANS, Security Focus) to maintain currency of Computer Network Defense threat condition and
determine which security issues may have an impact on the enterprise
 Provided initial and ongoing technical security support regarding system architectures, A&A requirements, and training.

Classified Cyber Security Analyst DoD (Contractor) 11/2018 – 4/2019

Brandes Associates, Inc., Point Mugu, CA
ACCOMPLISHMENTS: Executed the Defense Intelligence Agency and other elements of the U.S. intelligence community
on inspections, reviews, investigations, and other reportable issues; coordinated with the Defense Security Service (DSS) and
Department of Defense sponsors on inspections, reviews, investigations, and other reportable issues.
 Investigated A&A artifacts to achieve the Joint Mission Planning System, JMPS, IAW the DODI 8510.01, RMF for
DoD IT, JMPS/Cyber.
 Lead threat modeling activities during Secure Development Lifecycle (SDL) to execute the IT vision and goals
(Infrastructure Design and Optimization, BIA, Assessment, Strategy, and Framework and Managed oversight of the
IT/OT infrastructure).
 Monitored external data sources (e.g., Computer Network Defense vendor sites, Computer Emergency Response
Teams [CERTs], SANS, Security Focus) to maintain currency of Computer Network Defense threat condition and
determine which security issues may have an impact on the enterprise.

Technical Training Contractor 8/2018 - 11/2018

LMU, Los Angeles, CA
ACCOMPLISHMENTS: Increased state-of-the-art developments in INFOSEC standards, principles, and policies
supporting the enterprise security posture of Vulnerability assessment, IPS/IDS, Access control and authorization, Policy
enforcement, Application security, PCI-DSS, Encryption, Email/Web-filtering, and Advanced Threat Protection/Detection.
 Evaluated the security posture within Scrum Agile DevOps teams to ensure that appropriate access controls are included
in the design and implementation, data is appropriately protected, and separation of duties is maintained appropriately
across all client systems.
 Monitored security tools and technologies: Azure AD, McAfee EPO/Email/Web Gateway, Splunk, Barracuda Spam
filter, EDR, Proofpoint Email Protection, Digital Guardian DLP, Protected Trust Encrypted Email covering NIST SP
800-53 controls, Fed RAMP and FISMA.
Systems Administrator/Cyber Security Analyst 7/2016 - 8/2018
Northrop Grumman Corp., Palmdale, CA
ACCOMPLISHMENTS: Diagnosed MS Windows Server 2K8, 2K12, and 2K16 while maintaining VMWare ESXi
environment and components including VDI SME for IS unclassified processing by various scanning tools and STIGs.
 Accountabilities extended to the integration of Security Control Services for the Solution including Anti-Spyware, Anti-
Phishing, SSL Inspection, IM/Chat, and Malicious Code Scanning.
 Accountable for all IP addressing, VLAN and IP Subnet design, equipment specification, and high/low-level designs and
architecture, including core, external and internal IP, and VLAN Engineering.
 Contributed to the DFARS Technical Solution, with NIST SP 800.171 Compliance for IAL/F-35 Program Assisted
enclave and system accreditations, and provide corrective actions to resolve or mitigate vulnerabilities that are identified.
 Facilitated producing the network designs and architectures, including IP and VLAN Engineering, and associated
Requests for Proposals (RFPs) for PCI industry-related information security technologies such as Access Control,
Vulnerability Assessment, Anti-Virus, Firewalls, Identity Management, Security Event (Log) Management, Data Loss
Prevention, Intrusion Detection, VPN, authentication systems, Encryption, URL, and malicious mobile code Filtering.
 Managed, configured, and supported cyber security tools such as Security Onion, McAfee Host Based Security Suite
(HBSS), Assured Compliance Assessment Solution (ACAS), Security Event and Incident Management (SEIM).
 Organized security HW/SW administration and technical support for life cycle management, extended file security
administration, file system creation and configuration, special backup and recovery services; manage file systems and
disk space; manage virus protection system and updated virus definitions on a routine basis, special off-Site storage
handling (non-IT DCO/RAM systems).
 Validated patches, hotfixes, system change packages, and current AV definitions are applied and compliance verified.
Surveys and evaluates network traffic and creates network diagrams.

McAfee ePO Administrator (Contractor) 2/2016 – 7/2016

Peak17 Consulting | St. Josephs Health Systems, Anaheim, CA
ACCOMPLISHMENTS: Collaborated endpoint security and implemented and administered (HIPAA, COBIT, PCI-DSS,
and ITIL), McAfee ePO McAfee endpoint security technologies: Drive Encryption (DE) and Enterprise Encryption for PC
(EEPC), VSE, MOVE-AV, Host Data Loss Prevention, Endpoint Protection for Mac, Management of Native Encryption
(HIPAA, COBIT, PCI-DSS, and ITIL).
 Managed configured and managed Palo Alto Network Traps that prevented advanced persistent threats and zero-day
attacks.

Threat and Vulnerability Analyst (Contractor) 10/2015 – 2/2016

Genuent | MUFG/Union Bank, Monterey Park, CA
ACCOMPLISHMENTS: Centralized dynamic and static malware analysis of potentially malicious files identified from
CND and Focused Operations personnel, while deploying and maintaining a malware analysis lab.
 Managed daily monitoring systems SIEM Splunk Arc Sight Agari/DMARC Threat Vulnerability Events used to detect
and report security violations and analyzed the business risk and apply necessary security controls while minimizing the
impact.

McAfee ePO Administrator (Contractor) 11/2014 – 10/2015

CareTech Solutions, Inc. | MLK JR Community Hospital, Los Angeles, CA
ACCOMPLISHMENTS: Managed daily monitoring systems of McAfee Networked Appliances.
 Advanced Threat Defense 3.2, Drive Encryption (DE), Agent, Go, Windows PC (EEPC), Email Gateway 7.6, Endpoint
Protection for Mac, ePO Deep Command Client.
 Discovery and Reporting Plugin, FireScope, Host Data Loss Prevention, IPS/IDS, HIPS, Management of Native
Encryption Behavior Analysis, MOVE-AV, NDLP, NSM.
 Product Coverage Reports, Quarantine Manager 7.0, SaaS Portal/Email Cloud Protection, SEIM 9.4, Site Advisor
Enterprise Plus, Splunk, VirusScan Enterprise, Vulnerability Manager 7.5, Web Gateway 7.4.2.

Prior Consulting Positions Available Upon Request.