SUMMARY:

• Over 17 years of combined sales engineering, business development, and management consulting experience planning, designing and building solutions to meet client business and mission needs.
• Hands - on experience with design, evaluation, and implementation of client/server and web-based solutions with focus in identity and access management (IdM), public key infrastructure (PKI), cyber security, strong authentication, and credentialing.
• Proficient in requirements management, proposal and business case development, and solutions delivery methodologies.
• Superior client-facing skills in communications, documentation, and configuration modeling.
• Proven track record with federal and commercial clients including extensive experience with DoD and Intelligence Community.

PROFESSIONAL EXPERIENCE:

Confidential

Senior PKI Administrator

Responsibilities:

• Served as the primary PKI administrator for machine-based certificates including SSL server and device-based (Cisco ACS 6.x, firewall certs, etc.) for Confidential .
• Assisted in the design and executed the processes for certificate issuance process using Venafi Certificate Management System (CMS) tools as a front-end to external 3rd party Comodo digital certificates in the backend.
• Assisted in standing up an internal Windows 2008 PKI server prototype for serving internal server certificate requests in the future.

Confidential

Technical Delivery Engineer

Responsibilities:

• Serve as a technical resource to the Pre and Post-Sales Teams supporting new and existing federal and commercial customers with design, implementation, enhancement, and maintenance of our internally developed MyID identity and credential management system (IDCMS).
• Supported the upgrade of an existing MyID system. Worked on installation and configuration of new multi-tiered MyID system environment consisting of multiple Application, Web, and Database servers on Windows 2012 and SQL 2012 server platforms. Integrated MyID system with a Physical Access Control System (PACS) for logical and physical access control.
• Manage the operations and maintenance of our VMWare vCenter server environment including training, documentation, and backups. Create new virtual machines on Windows 2008/2012 Server platforms to replicate internal buildout of customer environment for Post-Sales professional services.
• Performed evaluation and testing of in-house mobile application offerings on iOS and Android platforms.

Confidential

IT Tier 2/3 Operations Engineer

Responsibilities:

• Working with their IAM and PKI Operations Team as a group of Tier 1-3 Help Desk engineers tasked to support cloud computing-based managed security services for multiple federal and commercial clients.
• Manage the operations, maintenance, and troubleshooting of various Identity and Access Management services locally and in the “cloud” including PKI and Certificate Validation Services (CRL, OCSP, SCVP), LDAP, Database, Two-factor authentication, and privileged identities for Federal and Commercial clients with primary focus on government, financial, and healthcare markets.
• Support multi-platform COTS solutions to include: ActivIdentity Corestreet Validation suite, Unicert PKI 5.x, cryptographic devices (nCipher netHSM, SAFENET Luna, and TACS) at FIPS 140-2 compliance, Apache web server, Tomcat Java application server, Oracle Database, and Oracle WebLogic application server.
• Support Red Hat Linux, CentOS, Solaris, and Windows 2003/2008 on physical (Dell, HP, and Oracle) and virtual (vSphere and Microsoft Hyper-V) platforms.
• Assist with the design, development, integration, testing and deployment of new Confidential Business security solutions and services in client or cloud-based Confidential -hosted environments. Integrate security solution offerings with new and existing client systems using a combination of COTS products, scripts, and customizations focusing on security infrastructure and strong authentication.

Confidential

Security/Systems Integration Analyst

Responsibilities:

• Business development and task leadership support for identity management and cross-domain services.
• Successfully completed and passed Sun Identity Manager 8.1 Deployment Fundamentals I and II trainings and certification exams for Sun Technical Architect.

Confidential

Responsibilities:

• Supported new facility standup post follow-on contract award. Helped with planning and logistics for ground up standup of lab environment. Assisted with VMWare ESXi server setup to support small office infrastructure using vSphere for management of VMs. Setup cross domain solution proof of concept on RHEL5 on Dell servers for testing/development.
• Setup small office backup infrastructure using Dell TL2000 tape library and Symantec NetBackup 7. Setup, installed, and configured backup system including configuring tape robots, resource and volume pools, tape rotation schedule, and file server backup job configuration.

Confidential

Responsibilities:

• Assisted with completing user acceptance testing for enterprise directory service test and development primary and failover lab environments. Completed several user acceptance test cases pertaining to LDAP, IdM, PKI, access control, single-sign-on (SSO), etc. Setup, tested, and revised performance tests for Confidential using SLAMD server/clients, test data, and custom scripts.
• Assisted with troubleshooting and reconfiguration of certain Confidential components to successfully pass test cases including RHEL5, Oracle IdM (OIM, OID,OVD), Oracle RAC DB, SNARE (Systems iNtrusion Analysis and Reporting), and Fedora Directory Server.
• Assisted in configuration and troubleshooting of Fedora Directory Server and F5 LTM and GTM to enable synchronization and SSO over WAN across primary and failover sites.

Confidential

Responsibilities:

• Perform systems and security engineering support for Confidential on cross-domain-security initiatives to include design, development, systems and enterprise architecture, and implementation for enterprise One-Way Transfer and Two-Way Transfer solutions on Trusted Solaris 8 and Confidential Linux with SELinux.
• Setup and evaluated the OWL one-way transfer suite in a test lab environment using Confidential Linux 5 with SELinux and the OWL solution suite including SNTS, RFTS, DFTS, and OSMS. Also, developed a Project Sizing document with a notional WBS for implementing a production system.
• Performed requirements gathering and developed the System Requirements and System Design deliverable documents for a two-way cross-domain solution using Raytheon High Speed Guard (RHSG). Actively engaged in various project meetings including technical interchange meetings (TIMs), status meetings, etc. with the client and technology partners.

Confidential

Senior Consultant/Senior Architectural Specialist

Responsibilities:

• Performed requirements analysis for SOA-F user access and directory integration with AKO portal.
• Supported systems integration of BEA WebLogic Portal 9.1 with CA Siteminder 6.x for forms-based and CAC authentication. In addition, SOA-F portal integration with Army Knowledge Online (AKO) enterprise portal for AKO community single-sign-on (SSO).
• Developed Configuration Management (CM) Plan for Confidential SOA-F 2.0 release
• Tested and evaluated Microsoft SharePoint 2007 COTS migration tools for content migration between two untrusted Windows 2003 security domains. Developed a comprehensive white paper detailing scope, migration business processes, and summary of performance and capability tradeoffs for User, Application, and Security content migration. Evaluated best of breed COTS applications that support functionality.

Confidential

Senior Principal Consultant

Responsibilities:

• Developed requirements and installed, configured, and evaluated Oracle identity management and security products for Army client.
• Led vendor section of technical exchange meetings to establish credibility and build problem-solving partnerships with clients and partners including U.S. Army and Mantech.
• Developed CDSS deployment methodology templates for accelerating CDSS solution deployment and delivery.
• Developed the Confidential ITAR compliance policy which outlined operations and business process requirements and controls for physical and logical access control, secure labeling of media and documents, file and data encryption, and laptop physical security. Developed and conducted training to CDSS projects members.

Confidential, Hamilton

Responsibilities:

• Provided operations, help desk, and systems administration of the DoDIIS PKI and Full Service Directory (FSD). Performed daily/weekly backups of critical systems including Netscape PKI CA and iPlanet Directory Server. Monitored and analyzed server logs during downtime to assess and repair any technical issues.
• Served as DoDIIS Trusted Agent and managed the issuance of DoD and DoDIIS credentials and PKI certificates compliant with HSPD-12 using FIPS 201 verification process. Registered, synchronized, and reconciled user identities in the DoDIIS FSD with other identity repositories. Setup directory synchronization and resolved reconciliation issues between the DoDIIS FSD and geographically dispersed Active Directory and Oracle identity repositories.
• Assessed, evaluated, and designed configuration models for the IC Authorization Service (ICAS) systems architecture consisting of identity management, PKI, LDAP, and Oracle DB components. Analyzed systems architecture compliance with IC policies and mandates and assisted in developing the security CONOPS for federated authorization decisions enablement.

Director of National Intelligence

Confidential

Responsibilities:

• Co-authored the first Confidential IC Policy Memorandum for Identity Management compliant with DCID 8/1 IC Information Sharing to facilitate federated identity and access management using ABAC across IC agencies. Enforced requirements and guidelines for IC Agencies to securely share, synchronize, and exchange identity information with a centralized IC Identity Repository.
• Led vendor section of technical exchange meetings with the Confidential CIO, Enterprise Architecture and Enterprise Services team.

Confidential

Responsibilities:

• Developed the draft NGA PKI Certification Practices Statement (CPS) in newly adopted RFC 3647 standard.
• Tested CPS compliance with IC Root PKI CPS.
• Facilitated cross-team peer reviews and draft delivery to the IC PKI Working Group (ICPKIWG) for final review and determination.

Confidential

Responsibilities:

• Developed security documentation for the DoD ECA PKI including the Operation Test & Evaluation (OT&E) Plan, CONOPS, Certificate Practice Statement (CPS) and Security Requirements Traceability Matrix (SRTM) for DCID PL2.
• Tested and evaluated system security controls and developed certification and accreditation (C&A) documentation in accordance with NIST methodology and supporting interface specifications.
• Evaluated system architectures, capabilities, and security components of the DoD PKI to support the transition to Key Management Infrastructure (KMI) Capability Increment One (CI-1). Performed analysis and revision of KMI system and interface requirements including Internal Requirements Specifications, System Subsystem Specifications, and External Interface Design.
• Setup, tested, and evaluated MS Windows 2003 PKI for next generation DoD PKI.