Andrew Kapaldo

Dedicated cybersecurity professional with over 10 years of supporting information technology and leadership experience. B.S. in CyberSecurity and Information Assurance. (ISC)2 CCSP and SSCP, EC-Council Certified Encryption Specialist, CompTIA PenTest+, Security+, Network+, and A+. Passionate about keeping systems secure and private. Skilled purple teamer focusing on securing systems and internal threat hunting.

Technical Proficiencies:

Security Tools:
Splunk; Tenable.SC; Cisco FirePower; Cisco ISE; Trelix (McAfee) ePO; Gigamon

Languages:
SQL; Python; PowerShell; HTML; CSS; JavaScript

Platforms:
Windows 10 & 11; Mac OS X; iOS; Android; Linux

Software:
SharePoint; Active Directory; Microsoft Office

Professional Experience

Office of Legacy Management Logo
US Department of Energy - Office of Legacy Management
IT Cybersecurity Specialist, Since July 2023
Morgantown, WV

Make risk-based decisions for implementation of hardware, software, and polices for the Office of Legacy Management. Perform analysis and verification of policies, procedures, and network hardware in the organization to ensure it conforms with all US government and Department of Energy directives, orders, and policies.
• Support network security and risk analysis of network threats and policies for a geographically distributed network across the US.
• Responsible for Morgantown, WV data center.
• Perform oversight of Information Technology contractor staff.


Amentum for the US Department of Energy - Office of Legacy Management
Cybersecurity Analyst, December 2022 - July 2023
Morgantown, WV

Ensure the secure operation of computer hardware, software systems, and network infrastructure, including routers, switches, servers, and VOIP telephony. Supporting confidentiality, integrity, and availability of information systems owned by the Department of Energy.
• Create and monitor dashboards in Tenable.SC to identify vulnerabilities and compliance issues that are applicable to systems and applications to assess their severity and urgency.
• Perform daily monitoring activities, including analysis of logs and reports from firewalls and other boundary protection devices to identify and investigate anomalous log entries which impact the confidentiality, integrity, or availability of information systems using Splunk and other tools.
• Work with system administrators and network administrators to track corrective action, resolution progress, and mitigation of vulnerabilities.
• Support Security Operations Center (SOC) operations on a rotating basis for event and incident response.
• Participate in security control reviews and provide improvement guidance using NIST and CIS guidelines.


Amentum for the US Department of Energy - Office of Legacy Management
Help Desk Technician, April 2021 - December 2022
ATA Services for the US Department of Energy - Office of Legacy Management
Help Desk Technician, November 2019 - March 2021
Morgantown, WV

Supporting end users and capturing information regarding their needs and requests via phone, email, and in person requests. Entering them into the ticket tracking system and following up to completion. Educating users on the use of hardware such as PCs, printers, scanners, and IP phones and a wide range of software such as Adobe Creative Cloud, ArcGIS, and Office 365.
• Resolve end user requests and verified full functionality of repairs.
• Collaborate with End User Services, Networking, Database, Solutions, and Cyber Security teams to complete user requests and maintenance projects.
• Provide end user education on general computer use and various software use.
• Basic Cisco switch configuration (Port descriptions, sticky MAC addresses, VLAN lookups).
• Update user's information, distribution groups, and certificate mappings in Active Directory.


ATA Services for the US Department of Energy - Office of Legacy Management
Records Management Specialist, January 2019 - November 2019
Morgantown, WV

Supporting all aspects of managing the lifecycle of Federal records, including, creation, capture, retrieval, operations, disposition, deliverables, projects, and new records initiatives. Working seamlessly with a geographically dispersed team of resources and requestors.
• Design and implement SharePoint 2016 pages for the records group and assist in the transition from SharePoint 2010. Implemented security policies on records team pages.
• Perform searches and record requests from internal and external agencies for the Energy Employees Occupational Injury Compensation Program Act, Privacy Act, and Freedom of Information Act.
• Protect and identify sensitive information from unauthorized disclosure according to policy and regulatory guidance.

Barnes & Noble Logo
Barnes & Noble Booksellers
Community Business Development Manager, October 2015 - June 2018
Morgantown, WV

Content and device management, troubleshooting, and support of NOOK and Samsung branded Android devices for end users in enterprise settings. Respond via email, phone, and in person to customers with questions or wanting to place orders, manage devices, or set up purchasing accounts. Outside sales and marketing to schools and businesses to drive interest in discount programs, events, and purchasing of books and digital devices.
• Top outside sales over goal for the Pittsburgh district for 2017 with 22.5% over goal.
• Social media marketing and content curation for the store’s social media channels to drive interest in programs, products, and events - store was in the top 10 most Facebook likes in the company, just behind stores in New York City, Dallas, and Los Angeles.


Barnes & Noble Booksellers
Assistant Store Manager, January 2019 - November 2019
Morgantown, WV

Managed all store operations including opening, securing at closing, safe balancing, sales goals, employee schedules, employee and customer service issues. Creating weekly employee schedules and daily assignment sheets.
• Troubleshoot and repair customer owned Nook devices. Work with store support team to diagnose and repair issues with store PCs, Servers, and Point-of-Sale systems.
• Interview, hire, and onboard booksellers, department leads, and managers. Coach and develop booksellers to create bench for future leadership positions.

Volunteer Experience

Mountainner Area Rescue Group Logo
Mountaineer Area Rescue Group
Search & Rescue; President; Social Media, Since September 2017
Morgantown, WV

• Search for lost and missing persons and, when found, medically stabilize and evacuate them in wilderness and urban-facing environments. Assisting in and leading rope rescue of lost and missing persons.
• Content curation and social media marketing for the group’s Facebook page.
• Serving on the board of directors as the Secretary, Treasurer, Vice President, and now as President. Also serving as the Assistant Information Technology Officer of Social Media.
• Assisted in creation of Standard Operating Procedures/Guidelines (SOPs/SOGs) for systems and operations.


Education

WGU Logo
Western Governors University
B.S. Cybersecurity and Information Assurance, January 2023
Salt Lake City, UT


Pierpont College Logo
Pierpont Community and Technical College
A.A.S. Information Systems: Cybersecurity, May 2021
Fairmont, WV

Certifications/Training

Information Technology

(ISC)2 - CCSP
(ISC)2 - SSCP
EC-Council Certified Encryption Specialist
CompTIA - PenTest+
CompTIA - Security+
CompTIA - Network+
CompTIA - A+
Microsoft Virtual Academy – Getting Started with PowerShell
LinkedIn Learning - Windows Server 2012: Active Directory
LinkedIn Learning - IT Service Desk: Customer Service Fundamentals
Learning Tree - Introduction to SharePoint 2016 Technologies
Learning Tree - Branding and Customizing SharePoint 2016 Sites


First Responder

NREMT - Emergency Medical Responder
ECSI - Wilderness First Aid
WV Public Service - Rope Rescue Awareness, Operations, and Technician
WV Public Service - Water Rescue Awareness
FEMA - ICS 100 (Introduction to Incident Command System)
FEMA - ICS 200 (ICS for Single Resources and Initial Action)
FEMA - ICS 300 (ICS for Expanding Incidents)
FEMA - ICS 400 (Advanced ICS)
FEMA - ICS 700 (Introduction to NIMS)
FEMA - ICS 800 (Introduction to the National Response Framework)
FEMA - IS 546 (Continuity of Operations Awareness)
FEMA - IS 547 (Introduction to Continuity of Operations)
FEMA - IS 5 (Introduction to Hazardous Materials)