Roberto Eger

  • Houston US-TX
Roberto Eger

Work History

Work History
Sep 2012 - Present

Network Security Analyst

University of Texas Health Science Center at Houston
  • Responsible for investigation and incident response to network attack
  • Maintained continuous monitoring of network IDS and harvested malware for submission to IPS vendor
  • Daily analysis network traffic using tools such as Wireshark, Pavuk, Whois, and VirusTotal
  • Routinely analyzed HTML for threats using such tool as Wepawet, and html2text
  • Administered layer 3 Firewall to include rule set management
  • Monitored user Outlook email logs to respond to Phish and Spam incidents
  • Monitor FW1 lograbber logs for signs of compromise to included Sirefef, Fareit, Zbot and other Trojan detection.  This included searching for signs of connection to Botnet (Phoning home).
  • Developed and generated compromise reports for malware infected systems 
Jul 2011 - Sep 2012

Senior Consultant

Booz Allen Hamilton

Client: Department of Veterans Affairs

Project: Virtual Lifetime Electronic Record (VLER)

  • Information Assurance lead in performance of the DIACAP package for the Presidential Directive VLER Initiative.
  • Ensure electronic health record exchange complies with HIPAA Security and Privacy rules
  • Authored numerous IA system documents to include System Security Plan, Continuity of Operations Plan, Configuration Management Plan, Privacy Impact Assessment, and Incident Response Plan.
  • Performed eEye Retina, Nessus and Gold Disk scans on information system
  • Performed security configuration reviews and implemented DoDI 8500.2 IA Controls, DISA STIGs, and Software/Hardware product review for NIAP CCEVS compliance
  • Performed IA Control Validation Procedures for DIACAP compliance
  • Properly planned and prepared team for submission of DIACAP package in a successful ATO determination.
  • Reviewed DPRIS for DoDI 8500.2 IA controls compliance
  • Ensured HIPAA Security and Privacy rules compliance

Client: Department of Defense

Project: DefensePersonnel Records Information System (DPRIS)

  • Performed risk assessments and security configuration reviews
  • Analyzed and updated the System Security Plan, Validation Procedures and the Continuity of Operations Plan in support of a successful ATO determination
  • Reviewed existing Certification and Accreditation package for totality and compliance with DIACAP
  • Reviewed monthly eEye Retina Scan reports and recommended changes to current system configuration
  • Performed application security and development checklist on system
  • Developed a Personally Identifiable Information (PII) handling quick reference guide for DPRIS personnel
  • Maintained continuous monitoring of the DPRIS system for vulnerabilities and IA controls compliance
May 2005 - Oct 2010

Air Defense Control Officer

United States Marine Corps
  • Developed a comprehensive training plan and standard operating procedures (SOP)
  • Planned, organized and prepared organization for a pivotal evaluation by the Federal Aviation Administration
  • Managed an Integrated Air Defense System (IADS)
  • Supervised 24/7 surveillance operations that safely identified over 100,000 aircraft over a 7 month period in western Iraq, resulting in no safety of flight incidents
  • Trained, prepared and qualified over 25 personnel in positions in the surveillance section
  • Managed Tactical Data Link (TDL) network in integrated overseas system
  • Maintained and managed TDL equipment and cryptographic encryption key/equipment ($2.5 million)
  • Developed a comprehensive communications security (COMSEC) plan that included daily, monthly and quarterly security checklists, during an Iraq deployment that resulted in no COMSEC incidents and zero non-reportable practices dangerous to security (PDS) incidents as well as managed MACS-2 Cryptographic Key Infrastructure

Education

Education
May 2007 - Jul 2007

EKMS Manager certificate

United States States Marine Corps Electronic Key Management System course

Information security technicians serve as the primary functional proponent for cryptographic key management infrastructure. These Marines provide day-to-day operation of the Electronic Key Management System (EKMS), as well as other duty areas related to Information Security (INFOSEC), such as Public Key Infrastructure (PKI) and FORTEZZA Card management. 

Aug 1999 - Dec 2006

Bachelor of Science

Louisiana State University

Biological & agricultural engineering integrates applied biology into the fundamental principles of engineering for the purpose of designing processes and systems that influence, control, or utilize biological materials and organisms for the benefit of society. The discipline applies the principles of analysis, synthesis, and design to physical problems and processing systems associated with plants, animals, and humans, and their environments.

Summary

Information Security Professional and former Marine Corps officer with a diverse technical background and a proven record of leading and managing personnel.  Exceeded in areas of great responsibility and succeeded on large scale projects.

Interest

Defense in Depth Strategies

Identifying and Countering Emerging Threats

Firewall Rules

Log Aggregation and Management

Firewall Log Analysis

Continuing Threat Analysis 

Incident Response

Portfolio

Certifications

Certifications
Feb 2012 - Feb 2015

Certified Ethical Hacker

EC Council
Sep 2011 - Sep 2014

Security+

CompTIA

Secret

Department of Defense