Art Le Bel CISSP

Cyber Security Expert

As a security engineer with over 20 years of IT experience, I possess extensive knowledge and experience in software development, end-user analysis, mass data visualization and prioritization, and networking systems. Throughout my career, I have developed a passion for automation learning and testing, which has become an integral part of my approach to IT security.

I have had the privilege of working at the Pentagon as a cyber security expert and have provided assistance to numerous large organizations in the United States, ranging from large educational institutions to Department of Defense (DoD) and Office of Secretary of Defense (OSD) IT security systems. My focus has always been on developing, maintaining, and reinforcing IT security systems to the highest standards, leveraging my background in software development and utilizing industry Tactics, and Procedures (TTP) research and development for behavioral model development.

To enhance the effectiveness of data analysis, I have utilized software engineering techniques for “big data” analytics, utilizing cost-effective data interrogation. I have employed Java and Python programming languages to develop high-speed algorithms such as kNN, RNN/CNN, NLP, and many others to introduce layered and effective new data points. Through my work, I strive to deliver cutting-edge solutions that meet the highest standards of IT security, while also prioritizing cost-effectiveness and efficiency. 

Professional Experience:

CyberSecurity Special Operations Consulting, AMSYS

Director of Cyber Security Special Operations / Security Architect

          MAR 2022 – Current

As the lead security Subject Matter Expert (SME) in a Managed Security Service Provider (MSSP)/Managed Service Provider (MSP) organization, I have provided consultation services to clients in various industries, including but not limited to, large oil and gas corporations, healthcare data providers, and banking institutions, as well as numerous small and medium-sized businesses.

Deployed WAF’s to large auction sites bringing the number of outages down to 0 from having outages everyday 

My responsibilities have included developing and deploying security programs for both the MSP/MSSP organization and new clients. I have utilized a hands-on approach to ensure the delivery of a risk-based approach to mitigating security problems that may otherwise seem Overcome By Events (OBE).

Throughout my work, I have maintained the highest standards of professionalism and expertise, consistently delivering effective solutions that meet the unique needs and requirements of each client.  

Security Architect Consulting, AMSYS

Director of Information Security / Security Architect

           FEB 2020 – MAR 2022

As a Security Program Manager for AMSYS and its clients, my responsibilities have included providing expert guidance on security architecture, as well as implementing and managing Security Orchestration via APIs to ElasticSearch. Additionally, I have designed and built reporting dashboards for threat hunting, investigations, and status reports.

To ensure the highest levels of security, I have reviewed system diagrams, interviewed stakeholders, and documented findings, remediation plans, and process optimizations for Development/Security Operations.

As a Lead Penetration Tester, I have utilized industry-standard tools such as Metasploit, Zed, Burp, NMAP, Kali Linux, and custom web application proxies using Python to test applications on GCP, Azure, and AWS. Through my work, I have demonstrated a strong commitment to delivering effective security solutions that meet the unique needs and requirements of each client.

Security Architect Consulting, Royal Dutch Shell

Lead Penetration Tester / Security Architect – Short term contract                 MAY 2019 – DEC 2019

Worked with Shell employees to process IRM assessments targeting agile developed applications. Reviewed system diagrams, interviewed stakeholders and documented findings, remediation plans and process optimizations for Development/Security Operations.  Lead penetration tester using Metasploit, Zed, Burp, NMAP, Kali linux tooling and custom web application proxies using python. 

Security Compliance Consulting, Disney

Security Engineer – Short term contract                 OCT 2018 – FEB 2018 

Work with Disney employees to process Data Protection Program (DPP)  assessments targeting EU and other GDPR compliance. Reviewed system diagrams, interviewed stakeholders and documented findings, remediation plans and process optimizations for DPP.    

Software Development Consulting, SecurityKeys – RedLambda

Security Architect, Software Author, R&D Lead                 FEB 2017-JUL 2018

Worked with a team of developers to use Windows Logs to detect malware. Created streaming assessment process for windows applications and end users. Created “behaviors” and signatures to create context for machine learning and AI algorithms. Studied machine learning results to create more effective and explanatory sensors.  Demonstrated hacking techniques for escalation of privileges, reverse TCP, reverse shell, remote code exploits, and various vulnerability exploitations. Dissected malware into log observable behaviors.  

● Subject matter expert for developing a machine learning backed malware detection software using, at first, only windows logs. 

● Created a log-centric assessment process for applications and users on end user machines.

● Developed cloud, cloud-hybrid and on-site deployments for custom security software. (AWS, Dockers, AWS CLI, AWS SDK)

● Coded in Python, Java, PHP, Javascript, Bash, and Powershell using big data technologies such as ElasticSearch, MongoDB, JSON, Kafka, Kibana, LogStash, Spark, and Neo4J to visualize windows software and user behaviors for automated pre forensic analysis. SDLC using Jira for Agile sprint tracking and Confluence for documentation.    

SecurityKeys

Information Security Consultant                                                 2016-2017

Information Assurance Consultant for TRICARE Management Activity and Navy Morale, Welfare and Recreation (MWR), among other smaller contracting.  Travelled across the US conducting Security Technical Implementation Guide audits, and Application Security Reviews. Assessed major network implementations using a wide range of mixed technologies. Delivered threat models and risk assessments, while assisting the implementation of compensating controls. Some of the standards supported during auditing includes PCI-DSS level 3-4, NIST SP 800-37 RMF, FISMA, HIPAA, Sans Critical Security Controls, Sarbanes-Oxley IT control standards within different levels and fields International Organization for Standardization(ISO) standards certification.

● On site Senior IT Security Consultant responsible for final data collection, review and report delivery. 

● Audited hundreds of “cloud” applications for DoD and DoD related use. (Go and AWS)

● Automated scanning using ACAS, nessus, Nexpose, webInspect and many other tools. 

● Conducted Static Code Reviews for rapid application development environments(Agile/Scrum) using Java, PHP, .Net, and other proprietary languages. 

Ellucian (Formerly Data-tel and SungardHE) Information Security Engineer

Senior Information Security Engineer                                         MAR 2012-JUL 2016

Lead vulnerability engineer. Deployed 50+ schools vulnerability management systems to “Cloud” architecture. Automated over a full time employee of tasks within first 6 months of employment. Worked with hundreds of schools developing and documenting a new threat assessment process. Evaluated perimeter defenses to create more effective compensation measures. Created custom scripts using ruby and proprietary gems to automate testing and reporting. Created custom payloads for near “0 day” vulnerabilities like “heartbleed”. Worked directly with Rapid7 to create and improve one of the first large-scale multi-tenant cloud based  systems. Over 25,000 “critical” devices across 60+ organizations. 

Key Contributions:

● Conducted DoS(virtualized DDoS), Local Privilege escalation, RCE, and web application reviews(Database, Static/Dynamic Source Code, and fuzz/SQL injection). A wide variety of tools used in testing as most tools are very specific to the type the target of the testing.  

● Trained new personnel in Rapid7 Products(Nexpose, metasploit) and related Information Security tools (NMAP, ncat, and many other “basic tools”)

● Worked directly with AWS security team to ensure delivery of a “secure-able ” solution as “Data-tel” information systems where migrated to the “cloud”. Visited AWS main offices to interview security staff. 

●  Became “got to” cloud expert for 700 schools.  

● Worked with Higher Education schools to conduct threat assessment testing using automated toolsets like nexpose/metasploit and nessus

Brandon Technology Consulting, MHS/TMA (TRICARE)        

Senior Information Assurance Engineer SEP 2011 – JAN 2012 

Developed and prepared critical reports for senior officials for certification and accreditation of both commercial and government networks. Used Department of Defense Information Assurance Security and Accreditation Process (DIACAP) process to audit the security practices of networks processing government data. Worked with onsite technicians to suggest solutions to their compliance issues. Quickly became the go to SME on .Net, IIS, Apache, UNIX/*nix, MS SharePoint, and Databases (MS/MySQL, DB2, Oracle).

Key Contributions:

●    Subject matter expert for a team of auditors regarding numerous specialties.

●    Trained new personnel in HP Security Suite, Retina, AppDetective, Burpsuite and Web Inspect.

●    Became a DoD “cloud” expert in auditing cloud infrastructures.  

●    Assisted in recruiting new quality personnel.

Lockheed Martin IS&GS, US Air Force Information Assurance Engineer   

Senior Information Assurance Engineer APR 2010 – SEP 2011

Developed and prepared critical reports for senior Air Force officials for certification and accreditation of Air Force Information Technology networks. Used Air Force and DIACAP and the IT-Lean process to identify operational threat, security architecture, and analysis of cutting edge software and hardware. Worked with the Vulnerability assessment team to set up and use Retina Remote Enterprise Manager to increase performance of network scanning. Consulted with the Risk Assessment team to optimize workflow and created tools to increase management’s visibility of the process. Certified in Emission security and worked with Air Force National Capital Region units to manage TEMPEST security. Worked with Information Technology US Army to create resolutions to POA&M’s for Air Force C&A packages.

Key Contributions:

●  Subject matter expert for new technology and risk assessments.

●  Lead “Retina Remote Enterprise Manager” administrator. 

●  Trained new personnel in Risk Assessments, EMSEC/TEMPEST, and Vulnerability Management.

●  Wrote Application Risk Assessments after reviewing software and code with tools like IBM Rational AppScan and Proprietary USAF scripts, .

●  Worked with project manager, customers, and senior staff to provide solutions for cutting edge IT needs and developed tools to enhance managerial visibility and standards.

●   Created Documentation for new technology and developed processes to support the growth of new software/hardware

Note: Retired from service for Injuries occurring in a designated imminent danger pay area. (Disabled veteran)

US Army, 3-159 Attack Recon Batt. 12th cab Task Force 34:

DEPLOYED                                               2008 – 2009 (Retired from service for injuries, Service dates OCT 2006 – MAR 2010)

Information Management Officer, Information Assurance Security Officer (IMO, IASO)

Maintained 300+ computers for combat operations by AH-64s (Apaches) on multiple networks. Worked with sections to develop a battle planning system, incorporating all available software. Planned and set-up equipment for a 1.5 mile WiFi shot, to enable testing pilots to send real-time data to the Battle Captain and commanders. Maintained the largest map server deployed (2009). Assisted users and supporting administrators in optimizing work-flow and security standards. Ensured that all security systems were set up properly, upgraded or replaced. These systems included Cisco Routers, Symantec, IA evaluations, Software Approval, Multi-segment Exchange Servers, Backup systems, Data Management, Remedy (for documentation), and Remedy scripting. While deployed, I quickly became the Cyber Warfare subject matter expert.

Key Contributions:

●    Created custom software to investigate and document vulnerability and security events.

●    Assisted users with initial setup of network and management systems.

●    Provided training on a one on one basis to improve or fix workflow.

●    Provided 100% uptime to critical users.

●    Protected multi segment networks by identifying major threats before 0 day.

●    Medically Retired for combat zone injuries with awards, medals and Honors

US Army, 12th CAB 5th Corp., Illeshiem, GE                                                2007-2008

Information Management Officer, Information Assurance Security Officer (IMO, IASO)

Managed digital training environments for 3-159 ARB operations, including remote data management, real time networking, and digital security systems. Implemented security, application, and custom log tracking and inventorying. Conducted “appropriate use” evaluations and made recommendations to the immediate leadership. Maintained the operational network, including McAfee Enterprise, IA evaluations, Software Consulting, Active Directory, WSH, Software Inventories, Cisco Networking Windows server/client administration. Trained in wireless Combat Service Support Automated Information System Interface (CAISI) and Very Small Aperture Terminal (VSAT). 

Key Contributions:

●    Served as the IT SME

●    Worked with immediate and upper leadership to create most realistic Network Training environment for the commanders, pilots and 400+ users.

●    Trained IT/Radio staff in Active Directory management and security risk management.

Education, Credentials, and Awards:

CISSP          2012-2020

Security+             2010  

Many US Army certifications. (pages available on request)

Overseas Ribbons

Army Commendation Medal

Outstanding service during deployment. 

Army Achievement Medal

Outstanding service during pre-deployment.

National Defense Service Medal

Global War on Terrorism Medal

Iraq Campaign Medal with Campaign star. 

Army Good Conduct Medal

US Army Signal Corp.                                     2006

Ft. Gordon, GA 

Information systems specialist

FullSail, University.                                        SEP 2001- MAR 2003

Orlando, FL 

Digital Media, AS. 

Advanced Space Academy, NASA                  2000 

Huntsville, AL 

“Right Stuff” Medal, NASA

Example of Technical Proficiencies (Keywords):

Operating Systems: Microsoft Windows ( XP, Server 2003/2008, Vista, Windows 7), Unix flavors (Red Hat, Fedora, Ubuntu, SUSE Solaris)

Platforms: Microsoft Exchange, Oracle and SQL server, IIS, Active Directory, VMware, Apache web-servers

– Networking: Cisco, TCP/IP, DHCP, DNS, (S)FTP(S), SSH/Telnet, 802.1 a/b/g/n, AirFortress, QOS, Load Balancing, SMTPS

– Security: Vulnerability scanners, Anti-Malicious software, Intrusion Detection Systems, Firewall configuration, and many reporting systems. Software testing, patching, implementation and documentation.

– Tools: Remedy, Retina, metasploit, Hercules, ngrep, Wireshark, nmap, Nessus, nexpose, Netcat, Kismet, GFI Languard, Citrix, AppDetective, Web Inspect, OpenVAS, Greenbone and many other Open-Source tools.

Scripting: PHP, Perl, Ruby, WSH, Bash, VB, Java, Python, C (IoT)