Information Security Engineer with 6+ years of experience in the field. Have developed and implemented technical and administrative controls. Extensive knowledge deploying solutions that meet PCI, HIPPA, JFAN6/3,NISPOM standards. Goals: To continually gain knowledge in the field of information security and network security through applied use and continued studies.

Information Security Engineer @ Worked to develop solutions to increase security posture of athenahealth while taking business considerations into account during the design, testing, and roll out phases. Gained experience working in a fast pace, high growth environment requiring flexibility in prioritization of tasks as well as closely looking at scalability of solutions to compliment athenahealth's aggressive growth rate. Worked heavily on engineering SANS TOP 20 as well as network and host based security solutions. From December 2013 to Present (2 years 1 month) IA Engineer @ I work as an Information Security Engineer for Booz Allen Hamilton. I currently provide the client my expertise in applying DIACAP and NIST guidance when hardening their information systems. I currently perform vulnerability assessment and mitigation strategies for the client using vulnerability assessment tools such as Retina, Tenable ACAS, McAfee HBSS Policy Auditor, (Security Center, NESSUS, PVS) and STIG Complaince v3.01. I also work heavily with Active Directory (including AD Group Policy) and have extensive knowledge with the administration of McAfee's HBSS. I have also been a performing member of an internal audit team that has assessed the client's offsite locations' security postures. From October 2011 to November 2013 (2 years 2 months) Information Systems Security Officer @ · Teamed with multiple organizations including Information System Security Managers, System Administrators, and the customer's management team to create an effective network topography resulting in a cost savings of $200,000. · Reduction of insider threat vulnerability through weekly auditing tasks composing of multiple operating systems such as Windows, Linux Red Hat, Solaris Sun, and AIX; performed timely investigations with users associated with suspicious behaviors. · Worked collectively with System Administrators and Information System Security Managers to ensure system hardening was consistent amongst multiple information systems without hemorrhaging productivity. · Standardized audit practices to ensure maximum compliance with government regulations; these practices have been implemented across multiple Raytheon IDS centers. From August 2008 to October 2011 (3 years 3 months) Information Security Analyst Intern @ · Utilized Forensic Toolkit (FTK) to perform a thorough analysis on hard drives from a suspended employee with a scope of recovering deleted files. · Performed thorough forensic analysis using FTK on 50 retired computers identifying any potential PII leakage. · Performed vulnerability and risk assessments on the university's subnets using Nessus Vulnerability Scanner. Configured and launched the applicable audits against university's subnets and forwarded the reports to my supervsor. · Developed multiple techniques to execute a forensic analysis on drives containing virtual machine files. From June 2008 to August 2008 (3 months) Student Activities @ Co-founder and president of the school's ski and ride club. Upon graduating, club had the most active members and largest operating budget of any student ran club at Champlain College. From 2005 to 2008 (3 years) Residential Assistant @ • Managed Residence Hall with fellow RA. o Demonstrated leadership through preparing and executing activities in the hall o Crisis Management training and use o Use of authority while upholding Champlain College’s policies o Strengthened conflict management skills while mediating between individuals and groups alike From August 2005 to May 2007 (1 year 10 months)

Master of Business Administration, Global Studies @ Southern New Hampshire University From 2009 to 2011 B.S, Computer and Digital Forensics @ Champlain College From 2004 to 2008 Michael McGinnis is skilled in: Certification and accreditation, Computer Forensics, Security, Network Security, Operating Systems, Leadership, Computer Security, Information Assurance, Nessus, Information Security, Vulnerability Assessment, Linux, XP, Network Administration, Active Directory, DoD