SUMMARY:

Confidential is an exceptional professional with experience in Enterprise Architecture, Business Continuity, Information Security, Disaster Recovery, and Information Assurance skills in support of computer networks and Information Technology security, to include all aspects of certification and accreditation of multiple platforms in and out of the Intelligence community.

WORK EXPERIENCE:

Confidential

Senior IT Security Principle

Responsibilities:

• Provide security support for Xerox MD DHR project development and existing MD DHR applications
• Act as a security liaison to the application developer and project management groups
• Lead the incident response team, including directing engineers and analysts in security incidents
• Assist with updating and implementing the annual security awareness training, annual developer training, and annual administrator security training
• Work with the IT program groups and IT vendors to evaluate and improve IT vendor security posture
• Validate remediation efforts of findings related to vulnerability and system configurations
• Respond to day - to-day IT operations and internal requirements requiring security support
• Assist in identifying security initiative gap assessments
• Implement, test, and maintain defined security solutions
• Define desired state for people, process, and technology solutions that are to be utilized to support other IT efforts;
• RMF or NIST knowledge requirements
• IT network knowledge/implementation experience (e.g., firewalls, secure topologies/architectures, intrusion detection/analysis, Microsoft/UNIX/OS security, vulnerability assessments)
• Experience with reviewing Intrusion Detection reports incident response and computer forensic experience
• Identify application development security concerns and the ability to define and test application security requirements; Understanding of application assessment software (WebInspect or others);
• Previous experience with security information / event manager configuration Analytical thinker who solves problems and develops continually more effective solutions to them;
• Make informed decisions quickly and leverage your communication abilities to implement them

Confidential

Sr. Disaster Recovery Consultant

Responsibilities:

• Applied current Disaster Recovery methodologies and best practices to environment
• Collaborated to architect, design, engineer and implement technical DR strategy and solutions
• Researched options in managed hosting and DR outsourcing for client
• Researched DR tools and technologies, such as NetApp Flexpod, NetApp replication solutions, VMware SRM and other DR solutions for customer
• Reviewed designing, developing, maintaining and exercising/testing efforts for DR Plans
• Applied working knowledge of core IT functions to the company's key functional processes and resources
• Applied knowledge and understanding of current disaster recovery planning techniques and technologies to client alternative site plans
• Continue to grow knowledge of current business continuity planning methodologies
• Collaborate with data management in order to assist in the preparation of recovery procedures

Confidential

Senior Business Continuity Planner

Responsibilities:

• Assist IT units with: Assessment of potential business impact; development and documentation of work area (business function) business continuity plans
• Recommend recovery strategies and options, and assist with the implementation of recovery solutions
• Coordinate business continuity plan exercises up to and including the Sr. VP level
• Develop schedules for training / awareness for all Infrastructure Management teams
• Coordinate development of business unit schedules for annual business continuity documentation maintenance and update, exercises, and independent review and validation
• Report the business continuity status of IMG business units
• Provide expertise and support to management and IT functional areas, as requested, when a business disruption occurs
• Works with vendors of recovery services and facilities
• Studies and recommends outside services for use during a disaster situation
• Acts as a coach and guide to incident command during an emergency situation;
• Maintains contact with outside contingency planning professional organizations and local/regional emergency response groups

Confidential

Mission Assurance Continuity Specialist

Responsibilities:

• Provided Business Continuity and Mission Assurance (MA) services support Facilitated the creation of Continuity of Operations Plans (COOP)
• Guided the implementation of and adherence to MA and COOP policies, standards, and regulations
• Contributed to the design of disaster recovery policies, standards, guidelines, training programs and related quality assurance processes using knowledge of business processes, management structures, and technology programs/platforms
• Provided guidance and training to COOP Planners and Enablers on the use and utility of Living Disaster Recovery Planning System (LDRPS) application

Confidential

Sr. IT Consultant

Responsibilities:

• Responsible for maintaining and enhancing the OCIOs COOP plan and subsequent continuity documents for department of homeland security (DHS)
• Provided support in the areas of risk management and incident management within DHS
• Used superior organizational skills to support DHS
• Worked on team of certified business continuity professional to support DHS efforts
• Applied FCD1, FCD2 requirements to DHS environment
• Applied Risk Assessment, Business Impact Analysis, and Disaster Recovery experience
• Worked to develop work plans for OCIO with emphasis on a COOP Multi-Year Strategy

Confidential

Senior Disaster Recovery Consultant

Responsibilities:

• Provided insight for various clients regarding Disaster Recovery Planning for agencies and organizations to include Disaster Recovery Plan development, identification of critical assets and personnel, testing of current DRP/COOP documents, updates to documentation as necessary

Confidential

Application/Technology Specialist

Responsibilities:

• Requirements definition, facility design, and planning and implementation are the cornerstone skills required for this effort
• Worked with open-systems application and infrastructure teams to coordinate Disaster Recovery (DR) tests on UNIX and Windows server environments. This includes: Identify and engage ITO teams in DR and Business Continuity (BC) planning functions. Provide awareness of BC and DR to teams
• Steer IT teams in DR testing using resources hosted in the Dearborn datacenters.
• Coordinate equipment and resource requirements for DR tests. Facilitate the failover and failback testing of high-end infrastructure and applications
• Participate in any planned data center failover testing events
• Help report metrics on BC/DR compliancy to ITO management. Assist in driving Business Continuity concepts across IT

Confidential

Sr. Disaster Recovery Planner

Responsibilities:

• Senior Disaster Recovery Planner for Defense Intelligence Agency responsible for Business Continuity Management (BCM) program which included both business continuity planning and disaster recovery planning for a client with a world-wide footprint. This required a unique approach that involved training, notification, crisis management, resumption, etc. efforts

Confidential

IT Consultant

Responsibilities:

• Responsibilities included providing support to the Air National Guard (ANG) customers, by insuring the confidentiality, integrity, and availability of systems, networks, and data
• Ensured that ANG customers are in compliance with policies, directives, instructions, and guidance prescribed by Congress, DOD, Air Force ANG, and Office of Management Budget (OMB)
• Demonstrated a systematic understanding of the following core competencies: IT concepts, principles, methods, and practices
• The mission and programs of ANG customer organizations
• The ANG's Enterprise Architecture framework
• IT Information Assurance principles and methods
• IT requirement analysis principles and methods; COTS/GOTS products and components
• Enterprise Information Technology Data Repository (EITDR) compliance; New and emerging information technologies and/or industry trends; Acquisition management policies and methods Analytical methods and practices; Program Management principals and methods; and Oral and written communication techniques

Confidential

Enterprise Architect

Responsibilities:

• Provide insight for clients regarding Enterprise Architecture and Information Security for the organization to include COOP development, artifacts development of System Interface Diagram, System Communication Description, System Interface Matrix, System Data Flow Diagram, System/Operations Matrix, Systems Data Exchange Matrix, System Performance Matrix, System Evolution Diagram and Web Application Diagram
• Helped to develop Federal Enterprise Architecture Service Reference Model artifacts for the customer as well as testing of current COOP documents, updates to documentation as necessary.
• Confidential, Inc., 2007; Senior Business Continuity Consultant
• Provide insight for clients regarding Business Continuity Planning for the organization to include COOP development, identification of critical assets and personnel, testing of current COOP documents, updates to documentation as necessary

Confidential

Senior Disaster Recovery Planner

Responsibilities:

• Provided disaster recovery planning and IT contingency planning to the CIO for the GAO’s Information Systems and Technology Services Division
• Supplied the leadership for the relocation of the backup site to a more secure location
• Maintain a level of engagement with upper management regarding COOP planning for the possible Pandemic crisis. Supported efforts to increase the level of training in the area of awareness for the entire agency

Confidential

Senior Information System Security Representative

Responsibilities:

• Provided support to Federal Bureau of Investigation’s systems for FISMA compliance and System Security Planning for more than 80 systems
• Supported table topic exercises for each of these systems as scheduled. Graduated from the FBI’s Academy training for ISSO’s at Quantico, Virginia per client’s requirement

Confidential

COOP Consultant

Responsibilities:

• Provided Continuity of Operations (COOP) management consulting to the Enterprise Architecture team as an independent contractor
• Evaluated level of preparedness of the organization for COOP events at VA Headquarters and Chinatown locations
• Mahoning County (Youngstown, Ohio) Democratic Headquarters, 2004;
• Field/Volunteer Coordinator
• Met with community leaders, and coordinated volunteer groups to increase the number of registered voters
• Implemented the DNC vision by integrating strategic goals, priorities, and values of the DNC. Scheduled volunteers and interns
• Provided customer service to all staff. Maintained general administrative and technical oversight

Confidential

Deputy Director of Technology

Responsibilities:

• Explains, advocates and expresses facts and ideas (both orally and in writing) in a convincing manner to a diverse group of contractor engineers, including multiple disciplines, Systems Architecture, & Protocol Architecture to include CISCO, Microsoft, Blackberry, IBM, etc.
• Provided daily reports to the Director of Technology to develop and implement the organizational vision by integrating strategic goals, priorities, and values of the DNCC
• Scheduled volunteers and interns. Maintained Vendor accountability
• Provided customer service to all staff. Negotiates with individuals and groups both internally and externally when needed
• Maintains general administrative and technical oversight.
• Supports direction of functional departments for Overall Architecture, Protocol Architecture, Physical Layer Architecture and RF Systems
• Defines overall IT security functions and performance requirements, as well as high-level Security design requirements

Confidential

Associate

Responsibilities:

• Conducted computer security evaluations and develops computer security plans.
• Interfaces with clients to conduct requirement analyses, reviews system security plans, and develops client questionnaires to gather information and dispel misinformation.
• Conducted site visits to determine security enhancements or improvements and then briefs clients on recommendations for improving their computer security.
• Examined ways to secure computer software (encrypting).
• Analyzed client installed software security measures.
• Ensured user adheres to sound security practices.
• Confirmed security procedures are present and properly configured.
• Conducted evaluations to ascertain sufficient software security to protect sensitive client information.
• Performs risk assessments to examine client’s physical environment to assess client-identified vulnerabilities.
• Interviews technical staffs to assess system vulnerabilities and identify possible threats to system integrity or data.

Confidential

Technical Solutions Consultant

Responsibilities:

• Serves as an Information Security generalist with a background in enterprise level security, security process re-engineering and managing security practices to maximize the IT investment to enable and maintain business goals and objectives.
• Provided services to both the Federal Government, as well as Commercial clientele.

Confidential

Senior Information Security Engineer

Responsibilities:

• Served as Task Leader for Army Backdoor Initiative to detect the five categories of backdoors on the client’s UNIX, NT and DOS based LANs.
• Provided Certification and Accreditation support for the Pentagon Renovation Project for the various backbone networks and the worldwide Army Lodging system.

Confidential

Senior Management Analyst

Responsibilities:

• Made recommendations for consolidating or developing information security systems (ISS) policy, and reviewed and recommended ISS solutions based on major products for various INFOSEC tasking.
• Coordinated tasks between various team members to meet deliverable deadlines.
• Worked independently or under only general direction to compile, analyze, and monitor quantitative information regarding the progress and compliance of program activities.
• Lead instructor for the Certified Information System Security Professional study course held in house.
• Developed and evaluated policies and business practices associated with migration strategies.

Confidential

Senior Electronic Information Security Specialist

Responsibilities:

• Responsible for the day-to-day operations for Information Security at the customer site.
• Interacted daily with customer to consult on a wide variety of technical issues involving Windows NT, UNIX, Firewall evaluation, Virus Detection, Security Investigations, removal of sensitive equipment from the site, etc.
• Responsible for Information Security Engineering in a networked environment using IBM 3090/Es9000, SUN and PC systems.
• Supported all facets of operations to include physical security, product production, communications security, personnel security, software upgrades, etc.
• Provided technical support and analysis of current and proposed system architectures, and security capabilities.
• Evaluated new security products and security audits. Responsible for security audits, configuration controls of security systems and as required, design security for current information systems.
• Led a team of three junior Information Security Specialists via delegation of duties and daily guidance.
• Monitored local system usage and audit trails. Responsible for reviewing proposals for any additions, modifications or deletions of security access information.
• Assisted with IC&T preparation activities and tests for all involved sites.

Confidential

Senior Consultant

Responsibilities:

• Conducted computer security evaluations and developed computer security plans.
• Interfaced with clients to conduct requirement analyses, reviewed system security plans developed client questionnaires to gather information and dispel misinformation.
• Conducted site visits to determine security enhancements or improvements and then briefed clients about recommendations for improving computer security.
• Examined ways to secure computer software (encrypting).
• Analyzed client installed software security measures.
• Ensured user adherence to sound security practices.
• Confirmed that client built-in security procedures were in place and properly configured.
• Conducted evaluations to ascertain whether software security was sufficient to protect sensitive client information.
• Performed risk assessments examining the client’s physical environment to assess client-identified vulnerabilities.
• Interviewed client technical staffs to assess system vulnerabilities and to identify possible threats to the system integrity or data.

Confidential

Computer Specialist

Responsibilities:

• Project leader for automated processing projects, which involved USDA policy initiatives, technical procedures and security standards. Performed site visits to assess remote sites’ compliance with USDA’s Information Resources Management requirements.
• Acted to negotiate agreements to standardize automated data processing systems so connectivity could be provided and departments could communicate with other USDA departments.
• Evaluated different software packages to determine the best method for providing connectivity between two disparate departments.
• Evaluated USDA policy to determine if it should be adapted to maximize department compliance with Information Resource Management (IRM) regulations.
• Coordinated the automated data processing procurement process for USDA.
• Initiated, devised and directed new IRM and ADP policies covering systems, information security, data administration, system standards development, and CASE tools use and to help standardize the hardware and software procurement process.

Confidential

Computer Security Officer

Responsibilities:

• Disseminated Navy computer security requirements information to NSWC personnel;
• Conducted quarterly meetings; showed educational films; booked experts in computer security to present seminars on password maintenance, encrypting, and determining what constituted a security vulnerability, threat, etc.
• Provided technical direction and guidance to laboratory and field personnel in the areas of computer security research, design, and implementation and testing.
• Supported design, code requirements; and verification analyses and testing of software security packages developed by outside contractors and other agencies.
• Conducted pre-acquisition software evaluations; installed and tested software upgrades on large-scale machines and microprocessors;
• Assisted in customizing control and computational software; and advised users, managers and contractors on information security technical issues.