SUMMARY:

• Confidential is a Certified Information Systems Security Professional with over 15 years of System Engineering/Information Security experience that includes extensive working knowledge of Information Assurance, System Engineering, Requirements Management and Analysis dealing with the implementation of software systems, security systems, and physical infrastructure build - outs to support enterprise-level acquisitions.
• He also has expertise in Information Security Governance, Risk Management, Enterprise Architecture, Business Process Management, and Change Management.
• Strong interpersonal, oral and written communication skills. Master of Business Administration with concentration in information technology consulting.

PROFESSIONAL EXPERIENCE:

Confidential

Senior Management/Security Consultant

Responsibilities:

• Establishes and manages 4-person Program Management Office to provide supporting, controlling, and/or directive project management support services to Dept. of Education OCIO. Services included defining the scope of the PMO, monitoring the activities, and evaluating the effectiveness of the PMO;
• Responsible for developing/managing project schedules for multiple ongoing initiatives within the Department;
• Performs analysis of OCIO processes and procedures to find where efficiencies can be gained;
• Serves as a member of the Enterprise Architecture Review Board where IT investments are reviewed for security impact to Department infrastructure;
• Provides oversight of inter- and intra-building departmental IT asset moves.
• Develops Risk Management Plan which identifies our organizations’ methods for identifying, assessing, mitigating, and monitoring program risks;
• Develops Communications Management Plan which outlined the communication framework for how each team within the organization interacted with one another and external entities;
• Responsible for the development of all system security plans for systems/applications in use within the corporate organization;
• Responsible for developing standard operating procedures for information system security management which resulted in successful CMMI level 3 certification and ISO 27000 certification for the organization;
• Responsible for monitoring and investigating security and privacy incidents and breaches that impact organizational security;
• Responsible for planning and conducting security testing to include vulnerability and compliance scans;
• Responsible for performing FIPS 199/200 assessments of information and information systems under the organization’s purview;
• Responsible for validating the implementation of security controls and performing the ongoing maintenance required to ensure the security posture of the information systems remain consistent;
• Ensure organization follows information security policies, methods, standards, FISMA/NIST standards and practices to organizational information systems;
• Assists with the development of security technical responses associated with business development activities.

Confidential

Senior Management Consultant/ System Engineer/Information System Security Manager

Responsibilities:

• Serve as project lead managing a team of 7 to provide PMO support to the Defense Finance and Accounting Service (DFAS) in order to assist them in transitioning from a legacy mainframe environment to a new Commercial-of-the-shelf (COTS) human capital management/ financial system;
• Responsible for developing/validating Certification and Accreditation (C&A) documentation in support of agency accreditation decisions to include IATTs and ATOs;
• Possesses extensive knowledge of the DoD 8510.01, and the transition from DIACAP to RMF;
• Responsible for registering information systems, analyzing test results, drafting Risk Assessment Reports (RAR), C&A Plans, Plan of Actions and Milestones (POAM's), crafting mitigation statements, and entry into agency C&A repository system (eMASS);
• Development of the Cybersecurity Strategy and Program Protection Plans which outline RMF methodology for conducting mission critical certification and accreditation of the new system and identifies threats to the system as well as their proposed mitigations;
• Responsible for maintaining the security posture of the system by continuously monitoring ACAS/Web Inspect scan results and mitigating POAM items;
• Affirm that procedures and resources are in place to support IA Compliance Reviews and all other applicable, internal and external reviews/assessments (e.g., third-party penetration testing, Red Team exercises, etc.) for the assigned system;
• Coordinate with the assigned IA Architect/Engineer to assure that the security design is properly and completely implemented by reference to a defined set of controls;
• Create Enterprise Architecture documentation to convey operational/system context as well as conceptual designs to demonstrate design intent to the customer;
• Develop Requirements Management Plan which outlined the organizations’ approach to capturing and maintaining customer requirements. Deliverables include development of process maps, traceability matrix, use cases, etc.;
• Develop Risk Management Plan which identifies our organizations’ methods for identifying, assessing, mitigating, and monitoring program risks;
• Perform analysis of alternatives to evaluate potential COTS products where necessary and provide a recommendation to the customer.

Confidential

Facility Security Officer

Responsibilities:

• Responsible for all aspects of security management for the Confidential, Inc. organization, including performing personnel and facility security management, indoctrinations, document control, visit requests, and security education and training;
• Responsible for working closely with the Defense Security Service (DSS) Industrial Security Representative to ensure security compliance with NISPOM security requirements;
• Implement the National Industrial Security Program within Confidential organization
• Successfully obtained/maintained facility clearance and personnel clearances for all employees utilizing JPAS, e-FCL, and other industry tools;
• Established and conducted security education and staff training programs per NISP guidelines

Confidential

Systems Engineer/Business Analyst

Responsibilities:

• Responsible for capturing and maintaining customer requirements throughout entire project life cycle from initial site surveys through deployment for large-scale operational center build-outs to include centers for the Department of Defense located outside the Continental United States as well as the Federal Emergency Management Agency in several locations throughout the United States.
• Develop requirements elicitation scripts and facilitate several requirements sessions with Transportation Security Agency to provide a new Public Address system, establish Situational Awareness capabilities, and provide a Test, Evaluation, and Monitoring Network system to be installed in the new 128,000 square-foot facility located at Reagan National Airport.
• Responsible for developing standard operating procedures for requirements management which resulted in successful CMMI level 3 certification for the capabilities assurance division.
• Interface with customers and stakeholders at all levels from senior executives to technology specialists to facility providers
• Interface with a diverse group of customers to develop requirements documentation for a wide variety of technologies and environments
• Capture customer/stakeholder operational objectives and intent linked to customer mission
• Generate enterprise architecture concepts and documentation to convey operational/system context
• Generate conceptual designs to demonstrate design intent to the customer
• Develop budgetary ROM estimates (cost and schedule) and support customers in decisions on funding acquisition/allocation
• Generate and maintains detailed documentation on customer requirements
• Review engineering designs to make sure that the designs meet the contractual requirements
• Act as the customer advocate to ensure that proposals and solutions meet the customer’s needs from operational, functional, and performance perspectives
• Provide customer communications to manage expectations and schedule coordination
• Review processes and procedures to determine effectiveness and accuracy
• Work with program teams in the pursuit and capture of performance-based acquisition opportunities

Confidential, Arlington, VA

Management Assistant

Responsibilities:

• Evaluated administrative workflow and processes to improve operations
• Gathered and analyzed requirements for agency-wide action management software implementation
• Maintained Agency-wide correspondence tracking system
• Developed and maintain database for maintaining files and reporting systems for both classified and unclassified material
• Assisted in preparation of annual budget reports and five-year plan
• Managed travel budget for 56 government personnel
• Prepared, reviewed, and edited correspondence for inter- and intra-agency distribution and coordination
• Assembled Weekly Activity Report for Director, System Test and Assessment
• Established Standard Operating Procedures for organization to use when coordinating correspondence