please hire

ANDREW KIM

DOT COM

Information Security Manager and Air Force veteran with 15 years of experience in communication systems, cyberspace operations, security program and compliance management, and leading technical teams through project lifecycles. I hold a Masters in Cybersecurity and Information Assurance, an active Secret clearance, and certified CISSP and PMP.


Sacramento/SF Bay Area · me@pleasehireandrew.com · 5109261209

Experience

Information Security Manager

23d Combat Communications Squadron, USAF

Implemented security policies across functional departments that resulted in a 30% increase in compliance with Air Force information security directives.

Championed security awareness and education programs, reducing instances of data leaks, security breaches, and unauthorized disclosure by educating both technical and non-technical staff.

Developed unit security strategies and policies in alignment with organizational objectives, risk tolerance, and compliance with governing directives to effectively safeguard sensitive information, assets, and systems.

Oversaw access management program through ongoing monitoring, assessment, and validation of personnel security clearances in accordance with DoD Directives and NIST 800-171 principles.

Conducted security audits, gap analysis, and vulnerability assessments, identifying risks and implementing strategic remediation plans, directly leading to improved unit inspection performance by 20%.

Led response efforts for over 30 security incidents, mitigating threats and executing emergency action plans in alignment with critical organizational objectives.

June 2018 - Present | Travis AFB, CA

Quality Assurance Analyst

23d Combat Communications Squadron, USAF

Improved cyber operations efficacy using DoD Cyberspace quality assurance methodologies, reducing vulnerabilities by 15%.

Delivered detailed reports and strategic recommendations, enhancing operational performance and compliance by 20%.

Standardized processes across 6 cross-functional teams, integrating audit findings into actionable strategies and remediation plans.

Led root cause analysis investigations for quality issues, developing and implementing effective solutions to prevent recurrence.

Monitored and analyzed performance metrics, identifying trends and areas for improvement to enhance overall operational efficiency.

January 2016 - June 2018 | Travis AFB, CA

Senior RF Transmissions Supervisor

23d Combat Communications Squadron, USAF

Oversaw multiple deployments of mobile communication systems, managing the entire system lifecycle from planning to implementation, ensuring timely delivery of IT solutions.

Commended by external auditors for asset management processes, effectively tracking over 200 classified, high-value cryptographic information system assets.

Led response efforts for RF incidents, including signal interference and intrusions, collaborating with higher-level spectrum agencies to restore system functionality and minimize disruptions.

Directed a team of 15 technicians in the deployment and optimization of RF systems, ensuring 100% system uptime and seamless signal coverage.

Developed and implemented training programs for technicians, enhancing their skills in RF system maintenance and troubleshooting.

Conducted regular system diagnostics and preventive maintenance, reducing downtime and extending equipment lifespan.

January 2010 - December 2015 | Travis AFB, CA

Education

Western Governors University

Master of Science
Cybersecurity and Information Assurance
2024

University of California, Berkeley

Bachelor of Arts
Sociology
2012

Projects

Cyber Attack Range
  • Designed and built a simulated enterprise Security Operations Center (SOC) to practice system administration, execute controlled cyber attacks, and evaluate detection and response capabilities including logging, alerting, and incident analysis.

    The lab environment consisted of virtualized Windows and Linux systems, a fully provisioned Active Directory domain, Snort for intrusion detection and prevention, Splunk for centralized log aggregation and analysis, and Tenable Nessus for vulnerability scanning.

    Simulated attacks were conducted using Kali Linux and Atomic Red Team to emulate reconnaissance and adversary behaviors aligned with the MITRE ATT&CK framework. These exercises supported comprehensive analysis of system resilience, threat visibility, and response effectiveness.
Cloud-Based Attack Range
  • The original attack range was re-architected and redeployed in AWS to improve scalability, resilience, and segmentation. Public and private subnets were configured using VPC endpoints and IAM roles to isolate internal traffic from public access.

    Additional features included a VNS3 firewall for segmented control between internal components, FSx for managed domain file sharing, and AWS Elastic Load Balancers for availability and failover support.
Training Record Automation Tool
  • Built a self-contained web application to digitize and manage Air Force training qualification records (AFJQS and DAF 797s), with no server or backend services required.

    Developed using JavaScript and HTML, the tool allows users to import folders of standardized training forms, select multiple records, and convert them into a streamlined, editable interface. It includes bulk-fill functionality for fields such as training dates, trainee initials, trainer names, and certifiers—reducing manual input and improving consistency across documents.

    This solution was designed as a proposed local training management system to address capability gaps left by the decommissioning of the Air Force’s official Training Business Area (TBA), specifically to support automated tracking of AFJQS and DAF 797 records not currently managed in the new MyTraining system.
Instagram Unfollower (Link coming soon)
  • Developed a script in Python to automate unfollowing profiles on Instagram that are not following you back.

    The script leverages Selenium and XPath to log in to a user's Instagram page, navigate to the user's 'Following' list, and identify page elements to determine whether a follow is mutual. If the profile is not following your account, the script automatically unfollows them.
The Cloud Resume Challenge
  • PleaseHireAndrew.com was created using Forrest Brazeal's Cloud Resume Challenge blueprint.

    The resume was designed to leverage AWS services and tools such as S3, Route53, Amplify, Cloudfront, Lambda, and CI/CD pipelines through Git-based source control.

Coursework

Coursework: Network Design
  • Applied vulnerability analysis and industry best practices to design secure physical and logical network architectures, configure network devices, and implement network segmentation strategies.
Coursework: Security Operations
  • Implemented Security Information Event Management (SIEM), XDR tools, Intrusion Detection and Prevention Systems (IDS/IPS) platforms, and vulnerability scanners to detect threats, automate, ingest and interpret data, identify and address vulnerabilities, and remediate compromised hosts to respond and recover from cybersecurity incidents.
Coursework: Penetration Testing
  • Leveraged a comprehensive suite of security tools (Kali, Nmap, Metasploit, Nikto, OpenVAS, Nessus, Wireshark, Burp Suite) to conduct reconnaissance, enumeration, vulnerability assessments, and exploitation for identifying enterprise vulnerabilities.
Coursework: Governance, Risk, and Compliance
  • Applied frameworks (NIST 800-37, NIST 800-171, CIS Critical Security Controls) to establish risk management plans and align organizational information security programs to regulatory requirements (FISMA, PCI-DSS, HIPAA) and strategic business objectives.
Coursework: Cybersecurity Architecture and Engineering
  • Assessed enterprise-wide solutions and cybersecurity readiness in alignment with organizational policy to protect data, evaluate cloud and virtualization solutions, analyze threats and vulnerabilities, and respond to incidents.

Certifications