David Catino's - Resume

Back to Portfolio Home
PDF download

David A. Catino

610-657-0930  |  Easton PA, 18045  |  [email protected]

Summary of Qualifications

        Certified CompTIA Security+ CE and CySA+ CE professional with over a decade of experience in IT and Cybersecurity, encompassing software development, vulnerability assessments, policy implementation, and compliance. Highly motivated with a proven ability to implement and enforce security measures, conduct STIG checks, and contribute to secure system development. Strong understanding of cybersecurity principles and a track record of improving system security.

Accomplishments

  • Implemented security patches for DoD projects, aligning with OWASP recommendations and STIGs, to significantly reduce identified vulnerabilities.
  • Streamlined security processes through SBOM implementation, improving vulnerability detection and response times.
  • Conducted STIG checks and validation on DoD systems to ensure compliance with security standards.
  • Led the creation and implementation of a project funding tracker and audit trail for internal U.S. Department of Defense (DoD) projects, enhancing transparency, accountability, and security audit capabilities.
  • Participated in vulnerability assessments and security reviews of proposed system designs, identifying and mitigating potential risks.
  • Implemented secure data export to Excel and PDF formats, ensuring compliance with government security standards.
  • Streamlined automated testing environments, contributing to secure development practices.

Technical Skills

  • Cybersecurity: Risk Management Framework (RMF), STIGs, Nessus, vulnerability assessments, security audits, security policy implementation, incident response, SBOM, SonarQube (code vulnerability scanning), security patching, vulnerability remediation
  • Programming Languages: C#, Java, Node.js, JavaScript, COBOL
  • Web Development: React, Angular, .NET MVC, Bootstrap, jQuery, TypeScript
  • Databases: MS SQL, MySQL, Azure Cosmos DB (NoSQL), Oracle Database
  • Data Exchange: JSON, XML, RESTful API, OData, WSDL
  • DevOps/Containerization: Docker (including secure secrets injection from Azure Key Vault), Jenkins, CI/CD Pipelines, Git
  • Cloud Computing: Azure App Services (deployment, configuration, maintenance), Azure Virtual Desktops, Azure Cosmos DB, Azure Fundamentals (AZ-900)
  • Additional Skills: Agile Project Management, Problem-Solving, Legacy Systems Adaptability, Team Leadership

Professional Experience

  • Information Technology Specialist (Federal Employee) , December 2024 to Current
  • Internal Revenue Service (IRS), U.S. Department of the Treasury - Bethlehem, PA
    • Rapidly acquired introductory knowledge of mainframe systems and COBOL programming.
    • Assisted in initial phases of security program implementation, focusing on understanding vulnerability assessment processes.
    • Participated in reviews of proposed system designs, contributing to the identification of potential security risks.
    • Contributed to early-stage discussions regarding vulnerability reporting criteria.
  • Senior Software Engineer, July 2023 to Jun 2024
  • B. Braun Medical Inc. – Bethlehem, PA
    • Collaborated effectively with teams to deliver key application features using Ruby on Rails, Angular, and .NET.
    • Streamlined security processes through SBOM implementation.
    • Identified and resolved bugs impacting multiple projects, ensuring optimal functionality and user experience.
  • Web Developer, July 2011 to July 2023
  • Universal Technical Resource Services, Inc. (UTRS) – Dover, NJ Picatinny Arsenal
    • Conducted security patching and vulnerability remediation for DoD applications, ensuring compliance with STIGs and other security standards, and implementing secure data export to PDF and Excel.
    • Developed and implemented secure web applications using .NET, C#, and Java, including a custom library for secure file access, and conducting code reviews for security vulnerabilities.
    • Maintained and optimized applications and database jobs in various environments, ensuring maximum uptime and security compliance.
    • Led my team’s successful transition from Java to .NET MVC, improving efficiency, security, and providing comprehensive training.
    • Ported legacy Oracle ADF/Apache Trinidad applications to .NET MVC Core Entity Framework, modernizing internal systems.
    • Provided technical support and worked closely with end users, clients and stakeholders to develop custom solutions and ensure their ongoing satisfaction.
  • Owner, Catino’s Computer Solutions
    • Worked with clients to accomplish minor computer repairs.
    • Taught new technologies and security solutions to clientele.
    • Worked with small businesses to create and maintain simple websites and solutions.

Education

  • Bachelor of Science in Information Sciences and Technology, May 2011
    • Penn State University - University Park, PA
    • Certificate of Accomplishment for National Training Standard (CCNS) NSTISSI-4011, May 2011
  • CompTIA
    • CySA+ CE
    • CompTIA Security Analytics Professional – CSAP Stackable Certification
    • Security+ CE
  • IBM
    • Introduction to IBM z/OS
  • Infosec Institute
    • OWASP Training
  • Udemy
  • Microsoft
    • Azure Fundamentals (AZ-900)
  • Department of the Army
    • Cyber Security Fundametnals (CSF) 25 CPR Hours
  • Credly Profile
  • LinkedIn Profile