Vulnerability Scanning & Compliance Enforcement (HBSS Administrator)
In my role supporting Host Based Security System (HBSS) operations, I conducted frequent vulnerability scans across large enterprise networks to identify security weaknesses, misconfigurations, and non‑compliant assets. This work involved using DoD‑approved scanning tools to evaluate system baselines, detect missing patches, and verify compliance with DISA STIGs and Navy cybersecurity policies. I was also certified in McAfee Enterprise Security Manager Administration 201/301 which were required for my position.
Firewall Configuration & Policy Deployment Across Navy Enterprise Networks
As part of my HBSS/OIS administrative responsibilities, I assisted in configuring and deploying firewall policies across Navy enterprise networks. This work involved reviewing security requirements, adjusting rule sets, and ensuring that access control policies aligned with DoD cybersecurity standards and mission‑specific operational needs. I routinely worked with firewall modules and policy management tools to create, modify, and validate rules governing inbound and outbound traffic. After configuration, I published these policies to production networks, ensuring they propagated correctly across distributed systems. This required careful coordination, attention to detail, and verification to prevent service disruptions while maintaining strict security controls. My contributions supported secure network operations by reducing unauthorized access pathways, enforcing least‑privilege principles, and ensuring compliance with Navy cybersecurity directives. This experience strengthened my understanding of enterprise‑level network security, change‑control processes, and the operational impact of firewall policy management. (The example below is very similar to the configuration matrix that would be used in this environment.)

Endpoint Security Configuration & Policy Management (HBSS/OIS)
In my HBSS/OIS role, I supported the configuration, deployment, and management of endpoint security policies across Navy enterprise systems. This included maintaining Host Intrusion Prevention System (HIPS) settings, enforcing compliance modules, and ensuring that endpoint agents were properly installed, updated, and communicating with central management servers. I routinely monitored agent health, validated policy inheritance, and resolved issues related to non‑reporting or misconfigured endpoints. This required understanding how security modules interacted with operating systems, network controls, and mission‑critical applications. My work ensured that thousands of devices remained compliant with DoD cybersecurity requirements and maintained a consistent security posture across distributed environments. This experience strengthened my ability to manage enterprise‑scale endpoint security tools, troubleshoot agent‑level issues, and support continuous monitoring operations in a high‑security environment. (The example below are charts that would typically be used to monitor compliance across a given network.)
