Stephen Pullum CISSP CISA

Stephen Pullum CISSP CISA

Sr. Information Assurance (IA) Engineer

Iraq

Current
  • Sr. Information Assurance (IA) Engineer at MultiNational Division - South (MND-S), Basra, Iraq (Tribalco, LLC)
Past
  • Information Assurance Engineering Manager at PerotSystems - Anniston Army Depot, Anniston, Alabama
  • Communications-Computer Systems Supervisor(Active, Reserve, and Guard) at United States Air Force
  • Regional Information Assurance Security Officer (RIASO) at DRS-TSI/MultiNational Division - Central South (MND-CS) Iraq
  • Architect - Data Security at General Motors Acceptance Corporation (GMAC ResCAP)
  • Assistant Vice President (AVP) at Bank of America
  • Network Security Manager (Global Security Operations) at Verizon and Verizon International
  • Banking Officer/Senior Network Security Engineer at The Independent Banker’s Bank (TIB)
  • Senior Security Staff Member at Headquarters Army Air Force Exchange Services (AAFES)
  • Senior Network Security Engineer at Affiliated Computer Services, Inc. (ACS)
  • Network and Security Administrator at Pollock Investments and Distribution
  • LAN Support Manager/Network Support Specialist at Dallas County Community College District (DCCCD)
  • Non-Commissioned Officer In Charge, Procedures and Analysis Section at United States Air Force - McGuire AFB New Jersey
  • IINCOMNET/FOSIF Computer Operator at USAF - Rota Naval Air Station, Spain
  • Special Security Office Communications Center Operator (SSO SAC) at USAF - Offutt AFB Nebraska
  • Weather Communications Center Specialist at USAF - Offutt AFB Nebraska

see less...

12 more...

Education
  • Kilgore College
  • Community College of the Air Force
Recommended
Stephen has 6 recommendations 6 people have recommended Stephen
Connections
130 connections
Industry
Computer & Network Security
Websites

Stephen Pullum CISSP CISA’s Summary

Oct 2001 SANS/GIAC Network Security Essentials Certification Course (GSEC)
Feb 2002 ISC(2) Common Body of Knowledge CISSP
Mar 2002 Watchguard Firewalling Certification Course (WCSP)
May 2002 MOC 2604 Microsoft Security Clinic
Aug 2003 NSA INFOSEC Assessment Methodology (IAM)
Dec 2003 Cisco Security Agent Host-Based Intrusion Course
Aug 2004 MOC 2811A Microsoft Security Guidance
May 2006 NSA INFOSEC Evaluation Methodology (IEM)
June 2008 Information Assurance Security Officer (IASO) US Army
June 2008 Flying Squirrel Wireless Training, US Army
June 2008 eEye Retina and REM Training, US Army
July 2008 Mobile Armor Data At Rest Training, US Army
Dec 2008 Netscreen Firewall Course, US Army
Dec 2008 Incident Handling Course, US Army

Certifications

Apr 2002 Watchguard Certified System Professional (WCSP)
Mar 2002 Certified Information Systems Security Professional (CISSP)
Dec 2001 SANS/GIAC GSEC GOLD Certification
Dec 2001 ISSA (Information Systems Security Assoc.) North Texas (Member 17527)
Aug 1994 Certified USAF Communications-Computer Systems Supervisor (CCAF)
Dec 2000 FBI-INFRAGARD – North Texas Region membership
Aug 2003 National Security Agency (NSA) (IAM)
May 2006 National Security Agency (NSA) (IEM)
July 2006 Certified Information Systems Auditor (CISA)
Jun 2008 SME - Information Assurance Technology Analysis Center (IATAC)
Aug 2008 AirDefense Certified Engineer (ACE)

Clearances Held (current SECRET)
Top Secret SI/TK LL/BB/GG/UU/PP, CNWDI,SIOP-ESI, ATOMAL, Cosmic Top Secret, Nato Secret,assorted SAPs, SSBI investigation

Stephen Pullum CISSP CISA’s Specialties:

Network Intrusion Detection Systems
Host-based Intrusion Detection Systems
Network and Data Security architecture
Information Assurance

Stephen Pullum CISSP CISA’s Experience

  • Sr. Information Assurance (IA) Engineer

    MultiNational Division - South (MND-S), Basra, Iraq (Tribalco, LLC)

    (Computer & Network Security industry)

    April 2009Present (4 months)

    Evaluates, monitors, manages, troubleshoots and provide oversight in planning and design of current and future Information Assurance architecture.

    Maintain expertise in planning, installing, programming, operating, maintaining, and supporting Information Assurance (IA) architecture in a tactical setting to include but not limited to Cisco ASA, firewalls, content engines, scanning software, and Microsoft Active Directory Group Policy.

    Conducts scans of network and client automation systems for to ensure Information Assurance Vulnerability Assessment (IAVA) compliance.

    Provided technical assistance and recommendation to Information Assurance (IA) policy and implementation to assist in identifying vulnerabilities before exploits occur.

    Change Management assignment and processing via Remedy.

    Train soldiers on all aspects of Defense in Depth (DiD) to include but not limited to scanning procedures, group policy and client management, firewall and content management rules, and overall Information Assurance (IA) architecture.

    Utilized toolsets of Symantec Endpoint Protection (SEP), Microsoft Windows Software Update Services (WSUS), eEye Retina Vulnerability scanner, Cisco MARS, Cisco ASA, GFI Languard, BlueCoat Proxy SG, iGuard Web filter, SNORT IDS, McAfee ePolicy Orchistrator, Host-Based Security System (HBSS) - McAfee.

  • Information Assurance Engineering Manager

    PerotSystems - Anniston Army Depot, Anniston, Alabama

    (Defense & Space industry)

    May 2008February 2009 (10 months)

    Responsible for project management, compliancy, planning, development, and implementation of key technical products, procedures and policies in the areas of customer support, device engineering, firewall and IDS management, minor security consulting, interfacing with security product vendors, process and procedure documentation, and trouble ticket resolution.
    Performs duties such as architecture design, system/network analysis, security analysis, and security assessment of hardware and software. Performs duties on tasks that require expertise in firewall implementation/configuration, perimeter defense devices, physical security analysis of facilities, security assessment/risk analysis, security design of local and wide area networks, security analysis of network operating systems and applications. Consulting on DIACAP. Utilizes tools such as McAfee Intrushield, Intrusion IPS, NetForensic SEIM, AirDefense, Aruba, various DOD specific toolsets, both on SIPR and NIPR networks.

  • Communications-Computer Systems Supervisor(Active, Reserve, and Guard)

    United States Air Force

    (Government Agency; 10,001 or more employees; Military industry)

    December 1984December 2008 (24 years 1 month)

    Supervises Communications-Computer Systems (C-CS) operations. Performs network management, control, and administration on DoD local, metropolitan, and wide area networks, and C4i, Defense Message Systems (DMS), Tactical Communication systems, and functional area systems. Administers Communications Security (COMSEC) and Information Assurance (IA) programs. Provides information systems life-cycle management. SCI environment.

    Force Protection Supervisor: Leads, manages, supervises, and performs security force (SF) activities, including installation, weapon systems, and resource security; antiterrorism; law enforcement and investigations; military working dog function; air base defense; armament and equipment; Combat Arms, Heavy Weapons (MK-19), Psych-Ops training, covert cover and concealment tactics, Ground Launch Cruise Missile (GLCM) Ranger and extreme climate (cold/hot) weather training.

  • Regional Information Assurance Security Officer (RIASO)

    DRS-TSI/MultiNational Division - Central South (MND-CS) Iraq

    (Military industry)

    May 2007May 2008 (1 year 1 month)

    - Regional Chief Technical Systems IA Advisor for security for DAA for SIPR, NIPR, and CENTRIX networks.
    - Authorized to enforce all Security Policies and Safeguards to all network systems for 4 military installations in Southern Iraq in support of Operation Iraqi Freedom (OIF)
    - Develop and implement and IS vulnerability tracking program
    - Investigate and report security violations
    - Audit all elevated users. Ensure clearances, authorizations, Need To Know and indoctrination on security practices before granting access
    - Provide annual IA Awareness training
    - Ensure SA’s, management and NetSec personnel are trained for their duties
    - Coordinate Security Measures for Analysis, Periodic Testing, Evaluation, Verification, and Accreditation and review for appropriate classification levels
    - Utilize tools such as Websense, Microsoft WSUS, Symantec SAV, eEye Retina, LanGuard NSS and proprietary Department of Defense tools in support of mission requirements.

  • Architect - Data Security

    General Motors Acceptance Corporation (GMAC ResCAP)

    (Public Company; 10,001 or more employees; Computer & Network Security industry)

    December 2005March 2007 (1 year 4 months)

    Responsible for intrusion detection (IDS) tuning, documentation of tuning, creation of Standard Operating Procedures for IDS management and maintenance. Assist leadership in determining tactical and strategic direction of the organization as it relates to emerging operational support technologies. Researches, analyzes, and recommends new operational support technologies, tools and techniques as it relates to intrusion detection. Independently researches, validates, escalates threats to the organization. Worked with major security applications: Mercury SiteScope, Websense Enterprise, NetIQ Directory and Resource Administrator, Check Point Smart Dashboard, and primarily ISS Real Secure Server Sensor, ISS SiteProtector, ISS Proventia Server for Windows, and ISS Proventia G series network sensors. Developing responsibilities with Tenable Security Center 3 and Network Intelligence SIM.

  • Assistant Vice President (AVP)

    Bank of America

    (Public Company; 10,001 or more employees; Banking industry)

    August 2005October 2005 (3 months)

    Provided advice to client management with regard to moderately complex security issues. Assists in the review, development, testing and implementation of security plans, products and control techniques. Utilized ISS SiteProtector for reseach analysis. Works on complex problems where analysis of situations or data requires an in-depth evaluation of various factors. Exercised judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results. Worked as part of a multi-disciplinary team of experts to assess, analyze, and respond to security intrusions and incidents affecting the Bank. Assisted in developing security policies and procedures. Obtained and maintained familiarity with NetForensics Security Information Management (SIM) product.

  • Network Security Manager (Global Security Operations)

    Verizon and Verizon International

    (Public Company; 10,001 or more employees; Telecommunications industry)

    January 2005May 2005 (5 months)

    Managed department responsible for project management, compliancy, planning, development, and implementation of key technical products, procedures and policies in the areas of customer support, device engineering, firewall and IDS management with ISS SiteProtector, minor security consulting, interfacing with security product vendors, process and procedure documentation, and trouble ticket resolution. The SCM is one of three groups that form the Verizon Global Security Operations Center. Security Configuration Management (SCM), Security Administration and Security Event Management (SEM), formulate a world class multifaceted security organization monitoring the largest telecommunications and wireless company in the world.

  • Banking Officer/Senior Network Security Engineer

    The Independent Banker’s Bank (TIB)

    (Public Company; 1001-5000 employees; Banking industry)

    October 2004January 2005 (4 months)

    Managed staff responsible for network security for banking infrastructure. Responsible for intrusion detection utilizing SNORT and ISS RealSecure sensors. Responsible for auditing compliance, project management, development and implementation of key technical products, procedure input and creation. Websense monitoring for compliance with stated Human Resource policies and objectives.

  • Senior Security Staff Member

    Headquarters Army Air Force Exchange Services (AAFES)

    (Government Agency; 10,001 or more employees; Military industry)

    July 2004October 2004 (4 months)

    Managed Threat Analysis methodology for quasi-military organization consisting of global locations and over 60,000 employees under the direction of both civilian and military chains of command. Responsible for Intrusion Detection methods and analysis with Snort. Snort sensor creation utilizing FreeBSD. SnortSnarf, SnortReport, ACID, and additional modules for AAFES security personnel to use is daily threat monitoring. Responsible of Security Personnel proficiency outlining and training. Responsible for McAfee ePolicy Orchistrator familiarity. Responsible for Cisco PIX threat interpretation for the AAFES environment. Responsible for creation of security best practices and procedures for the AAFES enterprise including down range locations in all aspects of network security. Responsible for input to Governance on applicable civilian laws and military regulations. Responsible for technology evaluation and recommendations.

  • Senior Network Security Engineer

    Affiliated Computer Services, Inc. (ACS)

    (Public Company; 10,001 or more employees; Computer & Network Security industry)

    May 2003July 2004 (1 year 3 months)

    Managed corporate and client Vulnerability Assessment administration, process, metrics, reporting and resolution problem management tracking. Conducted vulnerability assessments on corporate and client infrastructures.
    * Request For Proposal (RFP) review and response for Client security services. Perform cost analysis and identified alternate design approaches to make sure the client’s needs are met. Creating cost models to encompass client requirement for corporation network security.
    * Create and review Information Security policies and procedures for corporate and Clients. Incident Response plan creation and improvements.
    * Network and Host-based IDS implementation, administration and architectural planning.
    * Creation and implementation of Due Diligence documentation for corporate and Client requirement. Due Diligence in the area of HIPAA, Sarbanes-Oxley, GLBA, and California SB-1386
    * Threat Management and correlation

  • Network and Security Administrator

    Pollock Investments and Distribution

    (Privately Held; 501-1000 employees; Package/Freight Delivery industry)

    May 2000May 2003 (3 years 1 month)

    Within a Windows 2000 server to client native domain, responsible for the administration of 3 Exchange 2000 servers, Wide Area Network Infrastructure (11 nationwide remote sites, 11 Window 2000 servers, 14 various Cisco routers, 17 T1 circuits, 20+ 3Com switches, and 1 Cisco Catalyst Layer 3 switch segmenting 8 VLANs) via the Pollock frame network, Enterprise Security Administrator (Watchguard Firebox II and 1000 firewalls and PPtP VPN clients). Administer Enterprise faxing subsystem: Rightfax, Administer Enterprise EDI subsystem: Gentran. Administer Enterprise Tax and Rebates subsystem: Vertex. Maintain familiarity with Enterprise ERP subsystem: SAP R/3. Corporate PBX Manager: Nortel Meridian 1 with Optivity Telephony Manager (OTM) management software.

  • LAN Support Manager/Network Support Specialist

    Dallas County Community College District (DCCCD)

    (Public Company; 1001-5000 employees; Higher Education industry)

    July 1997May 2000 (2 years 11 months)

    Responsible for the installation, maintenance and enhancement of selected network-based multi-user application software in a Novell 4.11 and 5.0 environment. Also maintaining proficiency in NT4 server and workstation environments. Managed a technical support staff of 8 technicians supporting over 200 employees and 7100 Students.
    * Maintain a high degree of expertise to research, analyze, evaluate and recommend network and microcomputer application and operating system software/hardware. Served as a technical resource.
    * Designed and maintained Help Desk/Call Center management system for the Computer Support Center pc bench repair activities.
    * Participated in (and may lead) the planning, developing, and implementing of network-client software and/or revisions/updates to existing applications.

  • Non-Commissioned Officer In Charge, Procedures and Analysis Section

    United States Air Force - McGuire AFB New Jersey

    (Military industry)

    April 1992November 1994 (2 years 8 months)

    Manages the section responsible for checking, reviewing, and evaluating the operational effectiveness of service provided by McGuire AFB Base Communications Center (BCC) to Twenty-First Air Force, 438th Airlift Wing, and tenant units on McGuire AFB. Continuously monitors circuit status, message traffic and equipment operations of personal computer based Automatic Digital Network (AUTODIN) terminal data communications system and associated communications equipment. Maintain user connectivity and message distribution over local area network (LAN) in a Novell 3.x environment. Collects, compiles and correlates statistical data on electronic transmission by the BCC up to Top Secret classifications. Analyzes variances in the data in relation to standards set by major command and customer requirements, and initiates corrective action plans when required. Prepares performance reports of operations and other managerial correspondence.

  • IINCOMNET/FOSIF Computer Operator

    USAF - Rota Naval Air Station, Spain

    (Military industry)

    October 1990April 1992 (1 year 7 months)

    Operate and monitor VAX/VMS 8350 mainframe computer system in support of the Air Force Intratheater Intelligence Communications Network (IICOMNET) Southern Region Host (SRH) in a Top Secret (SCI) environment. Perform jointly with the Navy’s Fleet Ocean Surveillance Information Facility (FOSIF) Management Information Systems (MIS) Department providing highly sensitive, time critical intelligence data to USAF and Navy operations in the Mediterranean. Operate and maintain the Navy’s TADIX and OTIXS surface to shore satellite cryptographic communications system. Operate and maintain the OSIS Baseline Unit (OBU), 12 different teletype units, and 5 different computer prototype systems. Electronic Collateral Support System (ELCSS) System Manager consisting of Sun SparcStations in an Unix environment. Identifies and troubleshoots all system malfunctions and reports hardware/software incidents to contractor personnel for correction. Provide daily system status briefs to Commander FOSIF.

  • Special Security Office Communications Center Operator (SSO SAC)

    USAF - Offutt AFB Nebraska

    (Military industry)

    March 1989October 1990 (1 year 8 months)

    Provides Top Secret (SCI) and below classifications record and computer communications support to (HQ SAC) Intelligence complex consisting of Central Intelligence Agency (CIA), Defense Intelligence Agency (DIA), National Security Agency (NSA), Joint Strategic Targeting Planning Staff (JSTPS), National Reconnaissance Office (NRO) and additional intelligence agencies. Operates on-line cryptographic equipment.including technical control units in a PDP-11 mini-computer environment. Maintains the Secure Telephone Unit-Third Generation (STU-III) classified telephone communication system. Logs, determines routing, and transmits originated electrical messages through the Department of Defense Automatic Digital Network (AUTODIN). Provide support to POC/ET (Pocket) Proof of Concept/Experimental Testbed mobile satellite communication system. Provide ad hoc communication support to NEACP (National Emergency Airborne Command Post) and Looking Glass intelligence aircraft.

  • Weather Communications Center Specialist

    USAF - Offutt AFB Nebraska

    (Military industry)

    December 1987March 1989 (1 year 4 months)

    Prepares, transmits, and receives messages up to Top Secret classifications over the Automated Weather Network (AWN) and the Automatic Digital Network (AUTODIN), providing Air Force Global Weather Central (AFGWC) with worldwide communications capabilities to both sea and airborne assets. Transmits facsimile and magnetic tape products. Prepares and transmits status charts. Checks traffic for compliance with predetermined Air Force Digital Graphics systems (AFDIGS) schedules and provides critical weather data to over 265 worldwide subscribers. Responsible for the efficient operation of the Inter Data-50 (ID-50) minicomputer in the Weather Facsimile Switching Center (WFSC) and the AUTODIN (Automatic Digital Network) Communications Terminal (ACT). Responsible for the efficient operations of the Communications Front End Processor (CFEP) Sperry/Unisys 1160 and Honeywell mainframe computer systems.

Stephen Pullum CISSP CISA’s Education

  • Kilgore College

    AAS , Information Technology , 19951997

  • Community College of the Air Force

    AAS , Information Technology , 19841994

    USAF Level 1 Records Management General Awareness
    USAF Information Assurance Awareness
    Law of Armed Conflict (#ZZ132007)
    USAF - DOD Combating Trafficking in Persons (CTIP)
    DLI - Iran Familiarization
    AETC - Use of Force
    AETC - Basic Expeditionary Airman Orientation Course
    AFCESA - Explosive Ordnance Reconnaissance (EOR)
    AFCESA - HST - Field Sanitation and Personal Hygiene
    HQ AFSFC - M16A1/A2 Rifle--Combat Arms
    AFCESA - HST - Defensive Fighting Positions
    HQ AFSFC - M9 Beretta Pistol--Combat Arms
    AFCESA - HST - Extreme Climate Deployment Course
    AFCESA - Introduction to Night Vision Devices
    AFCESA - Basic Unexploded Ordnance (UXO) Safety Orientation Course

    Activities and Societies:
    USAF Security Specialist Course
    USAF GLCM SP Dispersal Training(CCAF)
    USAF NCO Prep Course
    USAF Comm-Computer Ops Course(CCAF)
    USAF Leadership and Communications(Cen. Tx College)
    USAF Effective Writing Course (U. of Nebraska)
    USN Alcohol and Drug Safety Program(U. of Arizona)
    USAF Bench Stock Supply Mgmt Course
    USAF PC-based Communications Crse
    USAFR Combat Arms Training Crse(CCAF)
    USAFR NCO Leadership Dev. Program(Cen. Tx College)
    USAFR MK19 Machine Gun Qual Crse(CCAF)

Additional Information

Stephen Pullum CISSP CISA’s Websites:

Stephen Pullum CISSP CISA’s Interests:

UNITED STATES AIR FORCE. Communications-Computer Systems Supervisor – 2006-Present Garland AGS, Texas; NAS JRB Fort Worth, Texas, 1998-2004; Garland AGS, Texas, 1994-1995; McGuire AFB, New Jersey, 1991-1994; Rota NAS, Spain, 1990-1991; Offutt AFB, Nebraska, 1988-1990. Security Specialist - Comiso AS, Sicily, 1986-1987; Barksdale AFB, Louisiana, 1985-1986.

Stephen Pullum CISSP CISA’s Groups:

Prince Hall Masonic Lodge,
PromiseKeepers Ministry,
Cisco Networking Academy,
United States Air Force
ISACA
ISC2
Black Data Processing Association - BDPA (Dallas Chapter)

  •    USAFNetwork
  •    Christian Professionals
  •    BDPA
  •    Information Systems Security Association (ISSA)
  •    Skype for Business
  •    Black Hat
  •    GIAC, Global Information Assurance Certification
  •    Information Security Community (30,000+ Members)
  •    Certified Information Systems Auditor
  •    Perot Systems Employees and Alumni
  •    SANS Institute Alumni
  •    DEFCON
  •    Computer Security and Forensics
  •    ISACA Professionals
  •    NSA-IAM
  •    NSA-IEM
  •    Community College of the Air Force Alumni
  •    Affiliated Computer Services Employees and Alumni Group
  •    VFW
  •    Iraq War Veterans
  •    ClearedPro Network
  •    Information Security Network
  •    Professionals For Christ
  •    CISSP
  •    Snort
  •    US Government Security Clearance
  •    Verizon Alumni
  •    GMAC ResCapped Network
  •    Kilgore College Alumni
  •    Persian Gulf War Veterans
  •    Free and Accepted Masonic Professionals
  •    USAF Veterans
  •    Bank of America Employees & Alumni Network
  •    USAF Defensor Fortis
  •    USAF Security Forces
  •    Multi-National Force - Iraq
  •    USAF GLCM Ranger Alumni
  •    Pround Air Force Veterans
  •    Strategic Air Command (SAC) Alumni
  •    PK-Spokes-Men
  •    THE TEXAS CISSP ONLINE NETWORK
  •    FISMA / DIACAP / HIPAA / ISO 27002 Policy, Process, and Technology
  •    CYBER WARFARE Forum Initiative - CWFI

Stephen Pullum CISSP CISA’s Honors:

USAF Commendation Medal,
USAF Achievement Medal w/3 Oak Leaf Clusters,
USAF Outstanding Unit Award w/1 Oak Leaf Cluster,
USN Meritorious Unit Commendation
US Army Good Conduct Medal w/3 Knot Bar,
USAFR Forces Meritorious Service Medal w/2 Oak Leaf Clusters,
USAF Small Arms Expert Marksmanship Ribbon w/Bronze Star,
USAF Longevity Service Ribbon w/2 Oak Leaf Clusters,
National Defense Service Medal,
USAF NonCommisioned Officer Professional Military Education Graduate Ribbon,

Stephen Pullum CISSP CISA’s Contact Settings

Interested In:

  • career opportunities
  • consulting offers
  • new ventures
  • job inquiries
  • expertise requests
  • reference requests
  • getting back in touch

View Full Profile

Public profile powered by: LinkedIn

Create a public profile: Sign In or Join Now

View Stephen Pullum CISSP CISA’s full profile:

  • See who you and Stephen Pullum CISSP CISA know in common
  • Get introduced to Stephen Pullum CISSP CISA
  • Contact Stephen Pullum CISSP CISA directly

View Full Profile