Serge Campa, MICS
Education:
Master of Business Administration - MBA
Rice Business - Jones Graduate School of Business
2023 : 2025
Master's degree
Information and Cybersecurity
UC Berkeley School of Information
2022 : 2023
Bachelor's in Networking and Security - Summa Cum Laude
Concentration in Computer Science
University of Houston-Victoria
2019 : 2021
Associate Degree in Computer Systems Networking - Highest Honors
Specialization in Cyber Security and Linux Admin
Houston Community College
2017 : 2019
Experience:
Chemical Sector :
• Audit and document internal controls, processes, and procedures for disaster recovery and business continuity plan, application change management, and user access management.
• Compare and test disaster recovery and business continuity plans against agreement, ensuring corrective action is taken when recovery times are not met.
• Ensure business continuity plan includes all necessary elements.
• Obtain and document application change management processes, verifying compliance through sample data review.
• Review segregation of duty controls for migrating changes into production environment.
• Assess user access granting, modification, and revocation processes for different systems, confirming appropriate access through sample data.
• Confirm limited access to super-user, administrative, and generic accounts based on business need.
• Complete user access reviews for all active users per required frequency.
Energy Sector :
• Conduct comprehensive Operational Technology (OT) cyber risk assessment using NIST Cybersecurity Framework (CSF) v1.1 to mitigate security risks.
• Identify improvement areas through stakeholder interviews and document review.
• Deliver report on current maturity level and roadmap for achieving next level of security.
Manufacturing Sector :
• Provide expert guidance in designing network segmentation and industrial DMZ (Purdue levels 3+) in OT environment.
• Collaborate with network team to develop zero-trust model for reducing risk and increasing productivity.
2022 : Present
EY
Senior | IT/OT Cybersecurity Consultant
As an adjunct instructor for Continuing Education IT at Houston Community College System, my responsibilities include teaching CompTIA's IT Fundamentals (ITF+) Training Course, CompTIA's A+ Training Course, CompTIA's Network+, and CompTIA's Security+. My main tasks are :
• Developing course outlines and administering weekly tutorials to provide students with a comprehensive understanding of the course materials.
• Creating a conducive online and in-person learning environment that promotes active student participation and engagement.
• Preparing and grading weekly assignments, discussions, and lab seminars to assess student performance and provide timely feedback.
Ensuring the success and retention of every student by providing extra support to those who need it and encouraging student collaboration and discussion
2021 :
Houston Community College
CE IT INSTRUCTOR
• Conducted Claroty EMC alert triage, analyzed technical and functional support processes, and built support documents.
• Provided knowledge transfer to IT and cyber team members on Claroty project, process, and custom modules.
• Developed and enforced telework security policy, including corporate VPN connection.
• Supported ongoing development of ICS Cyber Security program, executed security projects, conducted risk assessments, and implemented policies and procedures.
• Served as subject matter expert on ICS Cyber Security Policy, supported audits and assessments for rig certification programs, and interfaced with rig management and operations leadership.
• Conducted manual and automated security testing, supported compliance with NIST and other security standards, and validated operational technology security processes.
• Participated in on-site containment, remediation, and restoration efforts during cyber security incidents.
• Managed insightIDR (SIEM) custom alert triage, served as Rapid7 MDR escalation contact, and managed phishing triage and Multi-factor Authentication program.
• Managed Advanced Threat Analytics Lightweight Gateway, offshore rig ICS/SCADA malware scanner program, simulated phishing campaigns, and Security Education and Training Program.
• Documented, deployed, reviewed, and maintained cybersecurity policies, standards, guidelines, and procedures, and ensured technical security systems were effectively implemented.
• Maintained security tools, secured remote access servers, laptops, mobiles, and tablets, examined and analyzed electronic media, and conducted incident response activities to identify root cause of compromise.
2019 : 2021
Noble Drilling
IT / OT SECURITY ANALYST
• Installed, configured, and upgraded systems running Windows 7 to Windows 10.
• Updated customer relationship management (CRM) and invoicing databases.
• Trained new employees on productivity software and CRMs.
• Accomplished project goals on time, on budget, and in alignment with vendors.
• Maintained Active Directory, network file sharing, and CRM servers.
• Maintained virtual private network (VPN) and Cisco firewalls.
• In charge of security education.
• Performed password resets after compromise.
• Pulled machines off-network because of malware compromise and reimaged them.
2018 : 2019
DeHumidification Technologies
NETWORK / SYSTEM ADMINISTRATOR
• Handled service requests through various channels including ticketing system, phone calls, emails, and in-person user walk-ups to ensure timely and effective resolution.
• Provided technical support to the network team by assisting with the troubleshooting and maintenance of Cisco routers, PCs, and domain controllers.
• Installed, configured, and upgraded operating systems on various systems, including the migration of systems from Windows 7 to Windows 10.
• Provided helpdesk support to end-users on proprietary software, addressing and resolving issues related to system and software use.
• Conducted training sessions for new employees on productivity software and proprietary applications to ensure that they are equipped with the necessary skills to perform their roles effectively.
• Successfully completed projects within the set timelines, budget, and aligned with corporate objectives, ensuring that all stakeholders are satisfied with the results.
• Utilized Windows Deployment Services to image workstations and added users on Active Directory to ensure a seamless and secure user experience.
• Conducted password resets in the event of security breaches, ensuring the continued integrity and security of the systems and data.
• Identified and removed malware-compromised machines from the network, re-imaging and configuring them to ensure that they meet the security standards of the organization.
2013 : 2018
Kirby
VESSEL SUPPORT ANALYST II
Company: EY
Years of Experience: 19
Spoken Language: English, Spanish
My leadership instincts have consistently been recognized, allowing me to excel in strategic roles that require both a broad vision and attention to detail. Directing teams toward shared goals, I blend hands-on experience with managerial acumen, navigating high-pressure scenarios with ease and efficiency.
A recent academic highlight was the completion of my capstone project, 'Open Bounty,' as part of my Master of Information and Cybersecurity (MICS) degree from the University of California, Berkeley. The invaluable lessons and relationships forged during this program will be instrumental in my future endeavors. Further feeding my drive for continuous growth, I'm eagerly anticipating the start of my MBA journey at Rice University this October.
In addition to my technical skills, I've played key roles in security infrastructure deployment, risk management, and developing strategic roadmaps. My ability to communicate effectively shines not only in collaborative projects but also in crafting and leading educational programs, ensuring an immersive learning experience for all participants.
In sum, my dedication to cybersecurity, coupled with in-depth IT and OT knowledge, makes me a formidable asset in the field. As I progress in my journey, I remain enthusiastic and prepared to face and embrace the myriad challenges and opportunities the cybersecurity landscape presents.