ROBERT SMITH
Cybersecurity & Security Operations Analyst  |  CISSP, CEH, Security+
(909) 486-3759  |  rsmith16384@yahoo.com  |  Victorville, CA  |  Remote

PROFESSIONAL SUMMARY
Security Operations professional with 12+ years of enterprise SOC, vulnerability management, and compliance experience across government, defense, and commercial environments. CISSP-certified with hands-on SIEM engineering, endpoint protection, STIG/RMF/ATO documentation, and PCI DSS/HIPAA audit support. Recently designed and built a full-stack on-premises SIEM platform from the ground up — detection engine, ingest pipeline, and compliance dashboards — demonstrating deep operational and engineering capability.
CORE COMPETENCIES
SIEM & Detection	OpenSearch pipelines, Logstash, Sigma rules, FortiSIEM, Stellar Cyber, custom detection engines
Vulnerability Mgmt	Tenable.sc / Nessus, ACAS, STIG findings, CCRI inspection prep, POA&M authoring
SOC Operations	Alert triage, incident investigation, threat intel enrichment, noise tuning, escalation workflows
Compliance & Audit	NIST 800-53, NIST 800-171, PCI DSS 4.0, HIPAA, RMF, ATO cycles, audit evidence packaging
Endpoint Security	CrowdStrike, Carbon Black, McAfee ePO, Windows Defender, agent deployment & policy tuning
Scripting & Tooling	Bash, PowerShell, Batch, CGI/shell dashboards, automated reporting (PDF/CSV)
Platforms	Windows Server 2012-2022, RHEL, Debian/Ubuntu, OpenWrt, VMware, Docker
Networking	TCP/IP, Cisco IOS, firewall log analysis, DNS/DHCP monitoring, VLAN segmentation
PROFESSIONAL EXPERIENCE
Independent Security Engineering & SIEM Development — Self-Directed	2025 – Present
    • Architected and built a complete on-premises SIEM platform: custom Go-based detection engine (Sigma YAML rules, behavioral correlation, threat intel matching), OpenSearch log storage, Logstash ingest pipeline with 30+ source parsers, and a full CGI dashboard layer.
    • Built compliance dashboards covering NIST 800-53 AC/AU/CM/SI families, NIST 800-171, and PCI DSS 4.0 Requirements 1/5/8/10/12 — each with clickable drilldown, alert triage, and PDF/CSV export.
    • Implemented MITRE ATT&CK coverage mapping, UBA (user behavior analytics), threat hunting, and real-time alert correlation with noise suppression and time-range filtering.
    • Integrated multi-source threat intelligence: abuse.ch (URLhaus, MalwareBazaar, ThreatFox), FireHOL, Blocklist Project, LOLDrivers, DB-IP GeoIP, and ASN enrichment into a local SQLite intel database.
    • Deployed on commodity hardware with Docker orchestration; full stack runs on a SOHO router/VM — demonstrating security architecture from ingest to evidence reporting.
SOC Analyst II — BlueAlly Technology Solutions	Jun 2022 – Feb 2025
    • Monitored and triaged security events across multiple client environments using enterprise SIEM platforms (FortiSIEM, Stellar Cyber); primary escalation point for high-severity alerts.
    • Tuned detection rules and correlation logic to reduce false-positive rates and improve signal fidelity across diverse client network profiles.
    • Deployed and supported CrowdStrike and Carbon Black endpoint protection across managed client environments; tracked policy compliance and investigated EDR alerts.
    • Ran Tenable/Nessus vulnerability scans, validated findings, and produced executive and technical remediation reports for customer stakeholders.
    • Enriched detection content with updated IoCs; maintained threat intel feeds and contributed to threat hunting playbooks.
Security Analysis Specialist — NTT Data	Jan 2020 – Jan 2022
    • Executed Tenable/Nessus scan cycles across large enterprise endpoint populations; validated findings and tracked remediation to closure.
    • Triaged security issues, supported system hardening, and assisted with user access provisioning and endpoint security configuration.
    • Produced compliance documentation packages for audits and regulatory reviews.
Security Consultant — Atos	Aug 2017 – Oct 2019
    • Administered McAfee ePO and supported endpoint protection operations across HIPAA and PCI DSS-regulated customer environments.
    • Responded to escalated security incidents; contributed to audit preparation and maintained alignment with HIPAA/PCI DSS requirements.
System Administrator — DirectViz Solutions / Katmai	Nov 2016 – Aug 2017
    • Applied STIG-compliant patches, performed infrastructure upgrades, and supported vulnerability remediation and system hardening activities.
IT Specialist (GS-2210) — U.S. Navy (Federal)	Nov 2014 – Nov 2016
    • Supported STIG and RMF compliance; authored POA&M packages and supported multiple ATO cycles at NAVAIR Point Mugu.
    • Contributed STIG/ACAS efforts that resulted in a successful CCRI inspection outcome.
System Administrator — Jacobs (Contractor)	Feb 2013 – Nov 2014
    • Supported ACAS scan cycles, vulnerability response, and CCRI inspection preparation; maintained NOSC-level security appliances.
Network Analyst — Perot Systems / Dell Services	Mar 2006 – Nov 2012
    • Supported VoIP and EHR deployments across healthcare networks; provided field support meeting strict SLA and uptime requirements.
    • Deployed EHR systems to three hospital networks supporting meaningful use incentive requirements.
Network Switching Systems Operator (25F) — U.S. Army	May 2001 – Apr 2006
    • Deployed and maintained tactical networks using LOS and satellite communications in operational environments.
    • Awarded Army Commendation Medal, Army Achievement Medal, and Campaign Medals.
CERTIFICATIONS
CISSP — ISC² Certified Information Systems Security Professional	CEH — Certified Ethical Hacker (EC-Council)
CompTIA Security+, Network+, A+	ITIL Foundations v3, Azure Fundamentals
EDUCATION
    • Western Governors University — Information Security Studies (31 units completed)
    • Victor Valley College / Chaffey College — IT Coursework (56 units combined)