Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Andre Nelson

Orange

Summary

Cyber Security Professional Analytical and technically astute professional with demonstrated background in IT and cyber security. Creditable history of protecting organizational computer/networking systems and sensitive information from potential hackers and cyber-attacks by establishing cyber security policies and guidelines. Expertise in RMF assessment and authorization, program / scripting language code analysis, project management, server administration, cloud/virtualization services deployment, and switching/routing. Skilled in providing customer support to troubleshoot and reduce complex issues, technical vulnerabilities, and cyberspace threats. Proven leader with demonstrated ability to train, build, and motivate diverse teams for performance improvement.

Overview

15
15
years of professional experience
1
1
Certification

Work History

Senior Classified Cyber Assurance Analyst

Space Exploration Technologies Corp
Hawthorne
09.2024 - Current
  • Conducted technical assessments to evaluate system and network compliance.
  • Identify security and compliance gaps, partnering with system owners and stakeholders to appropriately remediate.
  • Facilitated preparation and management of system security plans.
  • Develop, maintain, monitor, and improve appropriate internal controls and policies to protect SpaceX systems and data.
  • Identify and drive assessment and audit efficiency through system integration, data utilization, and process improvement.
  • Support third-party risk management efforts including supplier onboarding and periodic cyber assessments, to include risk analysis.
  • Serve as an enabler by partnering with mission management throughout the organization to support risk decisioning and our collective risk management efforts.
  • Manage identification and tracking of audits, assessments and impacted programs and business objectives; identified gaps, corrective action plans/plans of action & milestones, and provide leadership awareness.
  • Work with other SpaceX teams to determine functional needs, implement efficient and sustainable solutions and communicate security policies.
  • Mentor fellow teammates and take an active role in their development.
  • Identify and propose business enabling actions by maintaining an up-to-date understanding of emerging trends in information security risks and new compliance/assurance techniques and trends.
  • Maintain awareness of changes to regulations, compliance guidelines, assessment methodologies, and the emerging TTPs; recommend proactive changes to controls, policies, and procedures in response to these changes.

Information Systems Security Officer

Boeing
Seal Beach
12.2022 - 09.2024
  • Conducted self-compliant test/assessments and security monitoring
  • Delivered security education and awareness to the professional community
  • Managed certification and accreditation documentation, information assurance documentation, and conducted security reviews/inspections to identify and mitigate vulnerabilities
  • Trained and mentored staff, providing performance feedback to managers
  • Collaborated with internal/external security personnel, customers, and government representatives
  • Expert in implementing and verifying security controls according to NIST 800-53A and 800-171 standards
  • Participated in security evaluations, audits, and reviews; identified risks/vulnerabilities in information systems; skilled in automated vulnerability scanning using Tenable Nessus, SCAP
  • Created and maintained certification and accreditation documentation
  • Coordinated duties with Security, Information Technology, and Project Managers
  • Conducted reviews and technical inspections to identify and mitigate security weaknesses
  • Created and maintained information assurance documentation
  • Participated in interdepartmental projects and provided leadership
  • Trained and mentored novice and intermediate ISSOs
  • Provided performance input to managers
  • Interfaced with internal and external Security personnel, customers, and government representatives
  • Performed other duties as assigned by management
  • Experience with auditing Linux and Windows Operating Systems
  • Made revisions on audit policies to streamline the process resulting in a 50% increase in security post
  • Proficient knowledge of security controls contained within NIST 800-53A and NIST 800-171 publications
  • Demonstrated expertise in identifying risks and vulnerabilities of information systems
  • Familiarity with automated vulnerability scans using Tenable Nessus, SCAP, or similar applications
  • Participation in systems security evaluations, audits, and reviews
  • Ability to learn new technologies and skills essential to ISSO roles and responsibilities

Information Systems Security Officer

Raytheon
El Segundo
12.2020 - 12.2022
  • Developed and implemented a comprehensive cybersecurity program, including risk management, system security plans, and obtaining authorizations to operate
  • Identified secure system configurations and conducted system/network audits
  • Managed cybersecurity workforce improvement, including training and certifications
  • Interfaced with internal and external customers to provide technical security expertise
  • Conducted Assessment & Authorization processes and managed continuous monitoring/improvement programs
  • Oversaw incident response and administrative inquiries/investigations
  • Directed efforts on small to mid-size projects/programs
  • Managed risk, cost, quality, and schedule performance effectively
  • Developed and oversaw appropriate cybersecurity policies, processes, and procedures
  • Utilized effective writing, speaking, analytical, and customer service skills
  • Identified and documented system deficiencies, recommended solutions for remediation
  • Participated in systems security evaluations, audits, and reviews
  • Recommended and implemented training programs to ensure data users are aware of and adhere to systems security policies and procedures
  • Promoted awareness of security issues and communicated deficiencies to relevant personnel

Defensive Cyberspace Operator

United States Marine Corps
Fort Meade
10.2018 - 12.2020
  • Lead the planning and execution of program / scripting language code analysis to detect and rectify functional errors
  • Assess and mitigate emerging cyberspace threats to ensure security of computer systems
  • Define access privileges, control structures, and resources for protection and management of classified information
  • Monitor network and host system to gain clear understanding of system architectures and behavior
  • Determine potential compromises in network and host systems to meet organizational needs
  • Utilize core hardware and software capabilities to conduct forensic analysis and determine system security incidents
  • Conduct cyber reconnaissance to support federal clients
  • Work with cloud infrastructure
  • Utilize software asset management
  • Implement container or virtual environments (e.g
  • Docker, Kubernetes, VMware, AWS)
  • Utilize in-band and out-of-band test access points for network traffic collection and aggregation (e.g
  • Gigamon)
  • Work with Linux operating systems (Red Hat, CentOS, etc.)
  • Prior experience in a Security Operations Center
  • Experience in mobile and endpoint security
  • Obtain certifications such as CompTIA Security+, CEH, CISSP

Cyber Security Chief

United States Marine Corps
Miramar
08.2015 - 10.2018
  • Developed and executed security policies, plans, and procedures to prevent computer security threats
  • Addressed and responded to security concerns of information systems security manager (ISSM) and information systems security officer (ISSO), while facilitating effective recommendations and corrective actions for risk mitigation
  • Provided proper tools and guidance to subordinates focused on driving smooth running of day-to-day operations
  • Evaluated and maintained maximum availability, integrity, confidentiality, authentication, and non-repudiation of information systems
  • Created and deployed immediate actions to reduce network incidents, including virus infections, unauthorized disclosures / intrusions, service outages, and network attacks
  • Supervised and trained a vulnerability management team (VMT) of four members aimed to improve system security and decrease vulnerability level
  • Implemented incident response program to ensure swift and effective handling of security incidents
  • Collaborated with development and operations teams to ensure timely and effective remediation of identified vulnerabilities
  • Conducted regular security audits and assessments to ensure compliance and identify areas for improvement
  • Identified, assessed, and managed information security risks across the organization
  • Developed and delivered security awareness training programs for employees

Cyber Network Operator

United States Marine Corps
Camp Pendleton South
10.2009 - 08.2015
  • Installed, configured, and managed windows servers, network services (hardware and software), router/switches (CISCO), and data systems within standalone/client server environments
  • Led, built, and directed a battalion-wide help desk of over 1000 people with an aim of fulfilling technical needs and requirements of customer users
  • Assessed and resolved information system problems to ensure maximum satisfaction of intranet users
  • Developed and maintained VoIP telephone systems, satellite connections, and security networks
  • Administrated continuous preventative and corrective maintenance of all data equipment to enhance equipment functionality and data availability, security, and accuracy
  • Maintained functionality of 259 record jackets for SL-3 completeness of assets, valued at $3,135,714
  • Successfully updated 91 Laptops, valued at $176, 904
  • Ensured smooth transition for the DRMO of 91 obsolete Dell Laptops by verifying 91 removable hard drive letters
  • Validated accountability of 153's, 117G, and OE antennas, valued at $1, 432, 830

Education

Bachelor of Science - Global Information Assurance Certification, Security Leadership, Systems Security Certified Practitioner, CompTIA Security+, CISSP course, C|CISO course, CISM course, Splunk Fundamentals, CompTIA Linux+ course, CompTIA A+ course, Discover and Counter Infiltration course, Navy Spin 2 Key Management Infrastructure (KMI) course, HBSS 501 course, Cyber Network Exploitation course, Intermediate Cyber Core course, FireEye Troubleshooting and Endpoint Security course

SANS Technology Institute
Online
03-2026

Skills

  • Cyber Security
  • IT Security
  • Risk Management Framework (RMF)
  • Security Controls (NIST 800-53A, 800-171)
  • Vulnerability Assessment
  • Incident Response
  • Project Management
  • Security auditing
  • Server Administration
  • Cloud Services
  • Technical Support
  • Logging monitoring
  • Continuous monitoring

Certification

  • GIAC Security Leadership
  • Systems Security Certified Practitioner
  • CompTIA Security+
  • GIAC Information Security Fundamentals
  • GIAC Foundational Cybersecuirty Technologies
  • CISSP course
  • C|CISO course
  • CISM course
  • Splunk Fundamentals
  • CompTIA Linux+ course
  • CompTIA A+ course
  • Discover and Counter Infiltration course
  • Navy Spin 2 Key Management Infrastructure (KMI) course
  • HBSS 501 course
  • Cyber Network Exploitation course
  • Intermediate Cyber Core course
  • FireEye Troubleshooting and Endpoint Security course

Timeline

Senior Classified Cyber Assurance Analyst

Space Exploration Technologies Corp
09.2024 - Current

Information Systems Security Officer

Boeing
12.2022 - 09.2024

Information Systems Security Officer

Raytheon
12.2020 - 12.2022

Defensive Cyberspace Operator

United States Marine Corps
10.2018 - 12.2020

Cyber Security Chief

United States Marine Corps
08.2015 - 10.2018

Cyber Network Operator

United States Marine Corps
10.2009 - 08.2015

Bachelor of Science - Global Information Assurance Certification, Security Leadership, Systems Security Certified Practitioner, CompTIA Security+, CISSP course, C|CISO course, CISM course, Splunk Fundamentals, CompTIA Linux+ course, CompTIA A+ course, Discover and Counter Infiltration course, Navy Spin 2 Key Management Infrastructure (KMI) course, HBSS 501 course, Cyber Network Exploitation course, Intermediate Cyber Core course, FireEye Troubleshooting and Endpoint Security course

SANS Technology Institute

Similar Profiles

  • Ricardo Posada

    Ricardo PosadaRicardo Posada

    Friction Stir Welder Level 4 at Space Exploration Technologies Corp (Space X)Friction Stir Welder Level 4 at Space Exploration Technologies Corp (Space X)

  • Melissa Figueroa

    Melissa FigueroaMelissa Figueroa

    Technical Writer at Space Exploration Technologies CorpTechnical Writer at Space Exploration Technologies Corp

  • Matthew Vargas

    Matthew VargasMatthew Vargas

    Integration Technician at Space Exploration Technologies CorpIntegration Technician at Space Exploration Technologies Corp

  • Matthew Krusko

    Matthew KruskoMatthew Krusko

    Security Officer Level 3 at Space Exploration Technologies CorpSecurity Officer Level 3 at Space Exploration Technologies Corp

  • Miguel Riano

    Miguel RianoMiguel Riano

    Franchise Cook/Crew Team Member at Guzman Y GomezFranchise Cook/Crew Team Member at Guzman Y Gomez

CREATE PROFILE
Andre Nelson