GRC Analyst Master Class
- Prepared, executed, and reported on audit of subset of NIST SP 800-53 cybersecurity controls to include interview, document review, and testing of systems to support compliance audit activities.
- Knowledgeable on NIST Cybersecurity Framework and how the Identify, Protect, Detect, Respond, and Recover categories comprise and facilitate an information security program
- Developed concise, tailored cybersecurity awareness content, improving targeted end-user base cyber hygiene
- Developed Just-In-Time cybersecurity awareness content for emerging threats to reduce operational risk to tailored audiences
- Semi-quantitatively analyzed cybersecurity risk using NIST SP 800-30 methodology to identify highest risk weaknesses for a system
- Executed threat modeling exercise to determine higher likelihood threat events to inform cybersecurity risk modeling
Home Lab
I have created a home lab from networking equipment my previous employer was throwing away. I have created a mock small business network rack, A domain controller with users and groups. Administrators, Helpdesk and employees with access and permissions that adhere to principle of least privilege. A small network that’s starts from my ISP’s modem/router, I have it in bridge mode connecting to my Microtik router. My Mikrotik was set using unconventional ports for basic services like HTTP/HTTPS, FTP. It’s connected to a 5 port Unifi managed switch, I have my access points connected to it. I have 2 Vlans on that switch, the second Vlan is connected to a cisco router. I have turned my Mac pro into a VM workstation where I host most of them using Virtual Box. I have one in VM workstation. I have a vulnerable Vm that sits behind a PFsense firewall with no internet access to keep my hacking and practice secured. Network MikroTik Router Changed Admin Password Changed Default Ports Disabled unused services 5 Port managed switch Created Vlans 2 UAP’s(Broadcast open wifi to watch free network traffic, block certain activities, content filter, tried some wifi attacks) Cisco Switch (Vlans, Port Security) Cisco Router VM Workstation Virtual Box Windows DC (Win 10) AD Win 10 Helpdesk (Splunk(CCU)Nessus, Cisco Packet Tracer(CCNA) Win 10 User Ubuntu (LPI Linux Essentials training) CentOS (LPI Linux Essentials training) Kali Linux (NMAP, John The Ripper, Metasploit) Vulnerable Machine (Vuln Scan, patch and fix) Vmware Workstation ADHD-BHIS VM Fortigate Firewall (content filtering windows user)
Darktrace Soar
Implementing Darktrace in our environment was pretty straight forward. Rack and stacked the dark trace device Connected it to our network Setup the device with a static IP Reserved the IP in our router Set up admin accounts Installed Vsensors on Hyper-V VM Hosts (Linux) Quarantined hosts, and VM in test environment Connected to Taxii server to input threat intel Added Untrusted domains and IP ranges Enabled Antigena Network, and Email Created a test group for autonomous mode
nathandowd.tech website
Signed up to Hostinger/Paid for domain and .tech extension
Downloaded Network Chucks Theme and Plugin
Set my Email domain
Uploaded media(Certifications/Badges)
Input text for fields
Added an about me page linked to my who I am link
Added pages for my see more links(Certifications, projects, what im working on)
Uploaded my resume for download
Added a LinkedIn button
Updated a typo in the MPCORE plugin(Miscellaneous , was causing navigation issues)
Updated CSS Style
I made other changes to css.stylesheet, I have more information on my Github
Knowbe4 Security Awareness Training
Just getting started I sent out a test campaign to get a baseline, and decide what training could help us the most.
Took that baseline and curated a program of different trainings to have our users go through.