1. Brian Starr
7914 Kedvale Ave
Skokie, Illinois 60076
Brian.Starr@ProtonMail.com
About Me:
I am part of the embedded staff working directly under and funded by the Director of Cybersecurity in Washington
D.C. The Hines location is one of the largest data centers for the Department of Verterans Affairs. I have visited two
other VA data centers for pre-OIG audits. I take great pride in my prior IT experience and working with federal
agencies.
FISMA: (Federal Information Security Act)
I have worked on FISMA compliance mostly in the special publication 800-53r4. I am leading the DISA STIG’s
implementation at the Department of Veterans Affairs. I work alongside the Windows Domain Controller Team
providing technical security guidance along with associated ancillary member servers/management software. I have
prepared a delta spreadsheet of the changes that need to be applied to become compliant with the VA-6500
Handbook and have created a report using Nessus to correct any non-compliant settings based on USGCB or the
DISA STIG controls. I understand the current applications in the environment along with networking devices that
might be affected by implementing more stringent security controls to eliminate vulnerabilities and become
compliant with federal standards.
Cyber-Security and Compliance:
This is a broad term encompassing all aspects of devices and a defense in depth approach. Many controls and
specialized software can be used to monitor behavior. It's important to establish a baseline and then tune the
controls as needed. Customized alerts can be generated or dynamic protection can be used to isolate or disconnect
connections. Event logging for forensic purposes is critical to trace the breach should one occur.
Network Security:
I have worked with Checkpoint firewalls, UTMs and some ASA devices in the past. I've also programmed Cisco
switches for virtual local area network (VLAN’s) and access control lists (ACL). I understand and have implemented
simple network monitoring protocol (SNMP) in my home lab via Splunk. I have an understanding of security controls
related to various endpoints.
Intrusion Detection Systems (IDS):
My expertise with IDS is mostly on Checkpoint. I like to think of anti-virus management servers as another method
for a multi-layer approach to SPAM, virus, endpoint ransomware detection using the McAfee ePolicy Orchestrator
console.
Event and Incident:
I currently report any security incidents with my managers, the local security officer, and the network operations
security team. On occasion I have asked for guidance from the VA Cybersecurity secretary directly. On many
occasions I have been instructed by either the information security officer (ISO) or privacy officer to work with the
system administrator to remediate the potential vulnerability or misconfigured server to become compliant.
Monitoring Systems (SIEM):
I have worked and programmed Solar Winds as a “SIEM” in the past at Cardinal Intellectual Property.
Active Directory:
I have over 20 years of experience. Most of my consulting experience has been done with Active Directory Users
and Computers, Group Policy Security Settings to be compliant with USGCB or DISA STIG. I am currently working on
the system security plan (SSP) for Active Directory (AD) at the VA. I have provided security guidance for Exchange
2010 as the VA has moved their email infrastructure to the Microsoft Cloud servers.