Serge Campa, MICS

Multidisciplinary Cybersecurity Professional & Educator with IT/OT Expertise

Houston, TX, United States

Details

Education: Master of Business Administration - MBA

Rice Business - Jones Graduate School of Business

2023 : 2025

Master's degree

Information and Cybersecurity

UC Berkeley School of Information

2022 : 2023

Bachelor's in Networking and Security - Summa Cum Laude

Concentration in Computer Science

University of Houston-Victoria

2019 : 2021

Associate Degree in Computer Systems Networking - Highest Honors

Specialization in Cyber Security and Linux Admin

Houston Community College

2017 : 2019

Experience: Chemical Sector :

• Audit and document internal controls, processes, and procedures for disaster recovery and business continuity plan, application change management, and user access management.

• Compare and test disaster recovery and business continuity plans against agreement, ensuring corrective action is taken when recovery times are not met.

• Ensure business continuity plan includes all necessary elements.

• Obtain and document application change management processes, verifying compliance through sample data review.

• Review segregation of duty controls for migrating changes into production environment.

• Assess user access granting, modification, and revocation processes for different systems, confirming appropriate access through sample data.

• Confirm limited access to super-user, administrative, and generic accounts based on business need.

• Complete user access reviews for all active users per required frequency.

Energy Sector :

• Conduct comprehensive Operational Technology (OT) cyber risk assessment using NIST Cybersecurity Framework (CSF) v1.1 to mitigate security risks.

• Identify improvement areas through stakeholder interviews and document review.

• Deliver report on current maturity level and roadmap for achieving next level of security.

Manufacturing Sector :

• Provide expert guidance in designing network segmentation and industrial DMZ (Purdue levels 3+) in OT environment.

• Collaborate with network team to develop zero-trust model for reducing risk and increasing productivity.

2022 : Present

EY

Senior | IT/OT Cybersecurity Consultant

As an adjunct instructor for Continuing Education IT at Houston Community College System, my responsibilities include teaching CompTIA's IT Fundamentals (ITF+) Training Course, CompTIA's A+ Training Course, CompTIA's Network+, and CompTIA's Security+. My main tasks are :

• Developing course outlines and administering weekly tutorials to provide students with a comprehensive understanding of the course materials.

• Creating a conducive online and in-person learning environment that promotes active student participation and engagement.

• Preparing and grading weekly assignments, discussions, and lab seminars to assess student performance and provide timely feedback.

Ensuring the success and retention of every student by providing extra support to those who need it and encouraging student collaboration and discussion

2021 :

Houston Community College

CE IT INSTRUCTOR

• Conducted Claroty EMC alert triage, analyzed technical and functional support processes, and built support documents.

• Provided knowledge transfer to IT and cyber team members on Claroty project, process, and custom modules.

• Developed and enforced telework security policy, including corporate VPN connection.

• Supported ongoing development of ICS Cyber Security program, executed security projects, conducted risk assessments, and implemented policies and procedures.

• Served as subject matter expert on ICS Cyber Security Policy, supported audits and assessments for rig certification programs, and interfaced with rig management and operations leadership.

• Conducted manual and automated security testing, supported compliance with NIST and other security standards, and validated operational technology security processes.

• Participated in on-site containment, remediation, and restoration efforts during cyber security incidents.

• Managed insightIDR (SIEM) custom alert triage, served as Rapid7 MDR escalation contact, and managed phishing triage and Multi-factor Authentication program.

• Managed Advanced Threat Analytics Lightweight Gateway, offshore rig ICS/SCADA malware scanner program, simulated phishing campaigns, and Security Education and Training Program.

• Documented, deployed, reviewed, and maintained cybersecurity policies, standards, guidelines, and procedures, and ensured technical security systems were effectively implemented.

• Maintained security tools, secured remote access servers, laptops, mobiles, and tablets, examined and analyzed electronic media, and conducted incident response activities to identify root cause of compromise.

2019 : 2021

Noble Drilling

IT / OT SECURITY ANALYST

• Installed, configured, and upgraded systems running Windows 7 to Windows 10.

• Updated customer relationship management (CRM) and invoicing databases.

• Trained new employees on productivity software and CRMs.

• Accomplished project goals on time, on budget, and in alignment with vendors.

• Maintained Active Directory, network file sharing, and CRM servers.

• Maintained virtual private network (VPN) and Cisco firewalls.

• In charge of security education.

• Performed password resets after compromise.

• Pulled machines off-network because of malware compromise and reimaged them.

2018 : 2019

DeHumidification Technologies

NETWORK / SYSTEM ADMINISTRATOR

• Handled service requests through various channels including ticketing system, phone calls, emails, and in-person user walk-ups to ensure timely and effective resolution.

• Provided technical support to the network team by assisting with the troubleshooting and maintenance of Cisco routers, PCs, and domain controllers.

• Installed, configured, and upgraded operating systems on various systems, including the migration of systems from Windows 7 to Windows 10.

• Provided helpdesk support to end-users on proprietary software, addressing and resolving issues related to system and software use.

• Conducted training sessions for new employees on productivity software and proprietary applications to ensure that they are equipped with the necessary skills to perform their roles effectively.

• Successfully completed projects within the set timelines, budget, and aligned with corporate objectives, ensuring that all stakeholders are satisfied with the results.

• Utilized Windows Deployment Services to image workstations and added users on Active Directory to ensure a seamless and secure user experience.

• Conducted password resets in the event of security breaches, ensuring the continued integrity and security of the systems and data.

• Identified and removed malware-compromised machines from the network, re-imaging and configuring them to ensure that they meet the security standards of the organization.

2013 : 2018

Kirby

VESSEL SUPPORT ANALYST II

Company: EY

Years of Experience: 19

Spoken Language: English, Spanish

Skills Azure, C++, Cisco IOS, Cloud App Security, Critical Thinking, Customer Service, Cybersecurity, Cyber Security / Information Security, Cylance, Data Analysis, Data Leakage, Domain Name System (DNS), Fireeye, ICS / SCADA, IDS, insightIDR, Interface Management, Intrusion Detection, IT Audit, Kali Linux, Leadership, Linux, Linux System Administration, Malware Analysis, MetaDefender, Microsoft ATA, Microsoft Exchange Online Protection, Networking, Network Security, O365 Security & Compliance, Phishing Campaigns, Process Improvement, Project Management, ProtectWise, Python (Programming Language), SCADA Malware Scanners, SCCM, Secure Shell (SSH), Security Training, Silverfort, Solarwinds, Splunk, SQL, System Administration, Teamwork, Technical Support, Virtual Private Network (VPN), Vulnerability Assessment, Windows, Windows Server

About With over 17 years as a network and systems administrator, I've built a solid technical foundation that allowed me to transition into the realm of OT security in 2019. This evolution in my career path has expanded my cybersecurity expertise across various sectors such as Chemical, Energy, Healthcare, Manufacturing, Oil and Gas, among others.

My leadership instincts have consistently been recognized, allowing me to excel in strategic roles that require both a broad vision and attention to detail. Directing teams toward shared goals, I blend hands-on experience with managerial acumen, navigating high-pressure scenarios with ease and efficiency.

A recent academic highlight was the completion of my capstone project, 'Open Bounty,' as part of my Master of Information and Cybersecurity (MICS) degree from the University of California, Berkeley. The invaluable lessons and relationships forged during this program will be instrumental in my future endeavors. Further feeding my drive for continuous growth, I'm eagerly anticipating the start of my MBA journey at Rice University this October.

In addition to my technical skills, I've played key roles in security infrastructure deployment, risk management, and developing strategic roadmaps. My ability to communicate effectively shines not only in collaborative projects but also in crafting and leading educational programs, ensuring an immersive learning experience for all participants.

In sum, my dedication to cybersecurity, coupled with in-depth IT and OT knowledge, makes me a formidable asset in the field. As I progress in my journey, I remain enthusiastic and prepared to face and embrace the myriad challenges and opportunities the cybersecurity landscape presents.