- Talented and certified Cyber Security professional with extensive background in Cyber Security/Management, Information Assurance, Certification and Accreditation (C&A), Security Engineering, Consulting, Administration, Team Coordination, and Project/Program Management. Proven ability to manage complete project life cycles as well as subordinate groups and conceptualize, create, and implement security strategies and initiatives.
- Multiple certifications.
- Strong background in technology and able to bridge the gap between technical and non - technical personnel. Outstanding documentation and communication skills.
- Expertise in planning, coordination, and maintenance of an organization's information security defenses to increase awareness and prevent security breaches.
- Capability to respond to cyber attacks, and gather data/evidence to be used in prosecuting cyber crime, essential as cyber attacks increase and become more sophisticated.
- Provides direct training oversight to all employees, affiliate marketing partners, alliances, or third parties to ensure proper information security clearance data, in accordance with established organizational information security directives, instructions, guidelines, guidance, and policies/procedures
- Initiates, facilitates, and promotes activities to create Information Security Awareness within organizations
- Performs information security Risk Assessments; serves as an Internal Auditor for security issues
- Implements information security policies/ procedures for organizations
- Reviews all system-related security plans throughout the organization’s network, acting as a liaison to Information Systems/Combat, Command, Computers, Communications, Control, Intelligence, Surveillance and Reconnaissance (C4IS&R ) systems
- Monitors compliance with information security policies/procedures, referring problems to appropriate upper management
- Coordinates activities of Information Security Committee/Engineering Change Control Board, Air Force Medical systems, Washington, DC
- Advises organizations of current, relevant data on information security technology-related regulatory issues
- Monitors internal control systems to ensure that appropriate access levels and security postures are maintained
- Prepares Contingency Plans, Business Continuity Plans/Disaster Recovery Plans
- Develops Confidential Implementation Plan (DIP) addressing all applicable assigned IA Controls, per DODI 8500.2, as well as Army Regulations (AR) 25-2 ICAN/APC Best Business Practices (BBP)
- Develops IA Control Implementation Plan (IACIP)
- Prepares Tenant Security Plans (Taps)
- Develops recommended allocations of IA Control/IACIP responsibilities
- Performs evaluations of emerging technologies to securely meet organizational requirements, based on operational, procedural, and technical considerations
- Develops Security Concept of Operations (CONOPS) describing basic security philosophy, game planning, as well as Plans of Action and Milestones (Poems) and get-well-planning documentation
- Develops Security Designs that detail how security will be addressed in the designated system, functionality, and how the IA Controls identified in the Security CONOPS are allocated and integrated into the system
- Ensures all final architecture designs address Dodder IA guidance and regulations
- Provides Defense-in-Depth analysis and recommendations to provide the required level of protection throughout the system’s life cycle
- Creates Information Security Plans (ISPs), System Diagrams (Logical, Virtual, and Physical), Hardware/Software/Firmware Inventory Lists, Baseline Configurations, Interface Port data, Protocol and Service listings, Configuration Management (CM) Plans, Engineering Control Board Charters, IA Acquisition data, Contingency/Business Continuity Plans, Personnel and Technical Security data, Physical and Environmental Security data, Incident Response Plans, Reporting Procedures, Vulnerability Management details, Interconnection Agreements, Systems Test Plans, Systems Design Documents, Remote Access Security data, Identification and Authentication material, in addition to Audit Sub-Systems Cryptographic Artifacts in support of Certification and Accreditation (C&A) efforts
- Prepares Security Action Plans and Schedules, describing, documenting, and maintaining anticipated activity, including details, required activities, timelines, and deliverables required to accomplish work effort
- Performs Dodd Information Technology Security Certification Accreditation Processes (Discus) activities, in accordance DODI 8500.01-E, 8500.2, NISPOM 2006, DCID 1/21 and OMB A-130
- Performs Dodd Information Assurance Certification Accreditation Process ( Confidential ) tasks, (Note: Confidential supersedes DITSCAP) as well as DITSCAP to Confidential Transitions for Joint Technical Data Integration (JTDI) on behalf of Marines, Army, Air Force, and Coast Guard.
- Creates the following documents, per DoDI 8500.01-E/8500.2, Risk Management Guide for Information Technology Systems Recommendations of National Institute of Standards Technology( Confidential ) 800-30, NISPOM 2006 DCID 1/21 OMB A-130, IA Acquisition Policy AR 70-1, Information Assurance AR 25-2, and ICAN Army BBP: IA Acquisition Plans, Configuration Management Plans/Change Control Board Charters, Contingency/Business Continuity Plans, Personnel and Technical Security Plans, Physical and Environmental Security documentation, Incident Response Plans (IRTs) and Reporting Procedures, Vulnerability Management information, Interconnection Agreements, Systems Test Plans, Systems Design Documents, Remote Access Security data, Identification & Authentication reporting data, Audit Sub-Systems Cryptographic artifacts in support of Certification and Accreditation (C&A) efforts
- Prepare (163) Test Cases to check-out/assimilate the implementation of IA Controls per DoDI 8500.2, and an additional (45) Test Cases per AR 25-2 BBP
- Participate in system/equipment vulnerability activities and management, eRetina Scans, Harris Stat Scans, and Gold Disk Scans.
- Collect raw data for Interim Authority to Operate (IATO)/Authority to Operate ( Confidential ) requests
SPECIFIC AREAS OF CONCENTRATION/INTEREST:
- Cyber Security
- IT Security Governance
- Strategic Planning
- Team Leadership
- Risk Assessments
- Project Management
- Change Management
- Secure Development
- Process Reengineering
- Negotiations / Procurement
- Information Security Architecture
- Privacy and Data Protection
- Fraud Identification/ Prevention
- Access Control/ Provisioning
- Cloud Computing
- ISO 27001/ Confidential 800/ CobiT
- IT Governance/ Policy Development
- Disaster Recovery/Business Continuity
- SAS 70/ SSAE 16
- Vendor Management/ Outsourcing
- Cyber Incident Response
- IT Governance and strategic security management
- Vendor management and negotiation
- Aligning and balancing IT and business requirements
- Mentoring and coaching
- Corporate Governance
- Information Security Program Management
- IT Security Operations and Administration
- Policies and Standards
- Business Continuity Planning
- Security Awareness
- Outsourcing Risk
- Project Management
- Secure Development
- Penetration Testing
- Cyber Incident/ Security Breaches
- Security Architecture
- Forensics and investigations
- Network and System security
- Database Security
- Firewall/ Intrusion Detection
- Anti-Malware & Content Filtering
- Massachusetts Privacy Laws
- IT Regulatory & Audit Mgt. (SEC, SOX, SAS 70, HIPAA/, State security laws)
- ISO 17799/ 27001
- IT Auditing
- Vendor Risk Reviews eDiscovery/ Electronic Records Management
- FISMA/ Confidential
- Cloud Computing
- Application Development: Java, ASP Perl, COBOL
- DB: Oracle, SQL Server, DB2, SQL, Access, Excel
- O/S: Windows, UNIX, MVS (RACF/Top Secret)
Networking: DNS, LDAP, LAN, WAN, VPN, TCP/IP, Active Directory, Radius
Software: Penetration Testing (Metasploit, Backtrack, Kali, SET, SAINT, Core Impact)
Vulnerability Assessment: Nessus, Retina, Nmap, Nexpose, Gold Disk, SCAP, OpenVAS
Debug and Disassemble: IDA, ImmunityDbg, OllyDbg, WinDbg
Packet Analysis: Wireshark, tshark, tcpdump, Scapy, PacketEth
Web Application Testing: Burpsuite, Fiddler, WebScarab, Zed Attack Proxy
Wireless Assessment: Kismet, Aircrack-ng Suite, Wifite
Other: Endpoint Security Tools, PKI, Certificate Management, VeriSign, Quest TPAM, CyberArk, Password Vaults, HP Quality Center, BMC Remedy ITSM, MS Office
Confidential, Alexandria, VA
Senior Security Engineer
- Planned, directed and controlled the implementation and ongoing oversight of the in-house Cyber Security program to ensure compliance with applicable Federal government laws, regulations and other specified requirements.
- Established a Cyber Security "Center of Excellence" to formalize and standardize Cyber Security program management practices, processes and operations leading to consistent repeatable results and greater probability of successful projects.
- Performed consulting on information security matters; focusing, primarily, on identifying and solving the issues of incorporating sound Information Assurance (IA) into complex secure systems.
- Hands-on security experience with the following FISMA Certification and Accreditation (C&A) processes and supporting tools:
- System Security Authorization Agreement (SSAA) / System Security Plan (SSP)
- Data Vulnerability scans and penetration tests against every system to ensure FISMA and Confidential compliancy.
- Responsible for evaluating formal security documentation, including Security Test and Evaluation (ST&E) plans, traceability matrices, and residual risk assessments that were constructed based on the instructions presented in FISMA, DoDI 8500.2 (DITSCAP), DoDI 8510.01 ( Confidential ) and Confidential 800-series publications. These duties include, but are not limited to assisting clients with system security hardening and baseline development, analysis, and auditing as well as analyzing detailed system design documents, network topologies, operational procedures, and other security centric documentation in order to obtain and maintain an Confidential in their industry.
- Function as a liaison for the program managers, system administrators, user representatives and developers to complete an entire C&A package in a timely, professional and organized manner. This includes, but is not limited to the following: gathering and organizing technical information about an organization’s mission goals and needs, existing security products, and on-going programs in the security arena. Defining and analyzing security requirements. Designing, developing, engineering and implementing security solutions to achieve business objectives. Performing risk analyses to include, identifying and periodically evaluating information security controls and countermeasures to mitigate risk to acceptable levels as well as reporting significant changes in information risk to appropriate levels of management for acceptance on both a periodic and event-driven basis.
- Performed Security Technical Implementation Guideline (STIG) OS hardening on Windows machine.
- Performed and Supported Information Assurance (IA) support calls on weekends.
- Performed drafting of Network rack diagrams, and as well as racking and stacking of servers.
- Performed and stayed abreast of the latest Cyber Security and malicious threats in the “wild.”
- Attended training on Tandberg, VidyoConferencing and demos from PolyCom Video devices.
- Initiated CompTIA Security+ and Certified Ethical Hacker (CEH) Certification.
- Attended leadership and managerial skills boot-camp on how to achieve and visualize goals and ideas.
- Performed network Vulnerability Analyses on multiple networks.
- Tracked malicious behavior based on watch officer instructions.
- Traced the traffic patterns back to source IP.
- Attended briefings and kept up-to-date on latest global cyber security threats and vulnerabilities.
- Predicted opponent behavior to prevent/protect/predict attacker's vector.
- Verified antivirus/malware with online analysis tools to confirm findings.
- Conducted security inspections and surveillance operations with other MIS team personnel.
- Provided security protection to the company's data, documents, financial records and other relevant information.
- Coordinated with law enforcement agencies on some reported cases of cyber crime.
- Conducted initial reviews of audit logs pertaining to critical information systems encompassing review of weekly-generated reports and identification suspicious activities.
- Coordinated and delegated security assurance activities to subordinates; main tasks involved identification and gathering of evidences to verify compliance to approved security baselines for various operating systems and internal server databases.
- Managed enterprise-wide server virtualization effort, including vendor/hardware qualifications, architecture/design, installation, configuration, migration and documentation. Reduced the server hardware footprint by 60% leading to savings in power and cooling. Leveraged highly available VMware Virtual Infrastructure (VI3) environment to improve server availability, reduce workload for IT staff, and automate server deployment for various business units. The virtual environment supports both production and development environments containing hundreds of servers running SQL, IIS, Exchange, SharePoint, SAP, Oracle, and PeopleSoft software.
- Provided innovation, technology- and architecture-related thought leadership, strategic direction, and long-term vision.
- Areas of concentration include Cyber Security, Enterprise Architecture, and Transformative IT Technologies including Cloud Computing, SOA, and Social Medial/Web 2.0.
- Led proposal/bid response and business development activities as an enterprise solution/technology Subject Matter Expert (SME).
- Served as an Enterprise Architecture SME on federal agency projects aimed at achieving mission-related objectives, using transformational technologies such as SOA, Virtualization, and Cloud Computing.
- Spearheaded development of a comprehensive e-commerce security framework. Protected current revenue streams within company, while providing a 3rd party certified PCI-DSS secure foundation for offerings marketed to new customers. The technical implementation included a tiered approach to mitigate risk and empower the business, leveraging solutions with tokenization, encryption, SIEM and IDS services, file integrity monitoring, and web application firewalls.
- Monitored electronic account and transactions to help in identifying any possible fraud.
- Investigated and regulated improper transactions to aid the end users in reducing risks.
- Defined and implemented new strategies in fraud analysis. Informed management personnel regarding the severity and prioritization of potential security threats. Worked within a team of ten employees in identifying and researching security-related issues. Identified areas requiring increased and advanced security and recommend proper techniques for alleviation of the threats.
- Published numerous information security articles, white papers, books, and related documentation.
Confidential, Falls Church, VA
CONSULTANT/Senior Security Engineer.
- Managed the Confidential Surgeon General cyber configuration management program and patch management of hardware and software cyber assets; managed the Change Control Board and patch management process, records and implementation activities.
- Responsible for providing Certification and Accreditation (C&A) support for multiple information systems programs:
- Provide technical support for the creation of Confidential Information Assurance Certification and Accreditation Process ( Confidential )-compliant system security activities and relevant documentation, in accordance with Confidential Instruction Number 8510.01 of November 28, 2007 (ASD(NII)/ Confidential CIO).
- Provide technical support for the development of Confidential -compliant data and documentation related to applications and data bases in both development and sustainment phases.
- Research, analyze and understand log sources, particularly security and networking devices (such as firewalls, routers, anti-virus products, and operating systems).
- Appropriately categorize the messages generated by security and networking devices into the multi-dimensional ArcSight, HP OpenView (and other) normalization schema.
- Research and develop content for ArcSight ESM, including correlation rules, dashboards, reports, and visualizations.
- Research and develop content to address use cases based on customer requests and feedback.
- Coordinated review of logs and user access data availability and programs for both regular and privileged users.
- Assisted in the development and implementation of information security policies, laws, standards, and processes for corporate governance.
- Drafted and edited prevailing internal regulatory compliance laws on email and network security.
- Recommended hardware and software upgrades and purchase approvals to help secure the company’s valuable information and prevent Distributed Denial of Service (DDoS) attacks.
- Educated employee teams on the procedures to be followed should they be faced with Distributed Denial of Service (DDoS) attacks.
Confidential, Rockville, MD
CONSULTANT/Senior Security Engineer
- Managed and provided technical direction for the development, implementation, installation and operational support of wireless network solutions for various government, healthcare, retail, and manufacturing customers worldwide.
- Developed comprehensive marketing plans describing market trends, product definitions, pricing, distribution channels, and sales and advertising methods for wireless solutions and products.
- Developed, implemented and maintained system software and hardware essential in the prevention of cyber security attacks on both corporate individuals and company.
- Created, improved and enhanced the existing company information security policies, standards, and processes.
- Researched, analyzed and implemented cyber security plans/policies and created information security policies, standards, and processes.
- Reported and reviewed findings from incident investigations, facilities inspections, and environmental testing.
- Maintained and applied knowledge of current policies, regulations, and industrial processes.
Confidential, Rockville, MD
CONSULTANT/Senior Security Engineer
- Performed professional consulting services specializing in Information Assurance (IA) and Information System (IS) Security Services with an emphasis on Federal, State and Local governments.
- Configured various network devices including switches, routers, firewalls, Network Intrusion Detection Systems (NIDS), Network Intrusion Prevention Systems (NIPS), load balancers, sniffers, DNS servers, RADIUS ( Confidential ) servers and DHCP.
Confidential, Columbia, MD
CONSULTANT/Senior Security Engineer
- Provide technical leadership in the planning, investigation, design, and implementation of systems/security engineering-related projects and tasks,
- System Security Plans and Documentation, Certification and Accreditation, Common Criteria Security Target and Protection Profiles, Penetration Testing, Risk/Vulnerability Assessments, Cyber Security Policies, Guidelines and Processes, Security Solutions Identification, Contingency Planning, Common Criteria Security Target and Protection Profile creation, analysis, and production.
Confidential, McLean, VA
Senior Systems Engineer
- Translated customer and organizational objectives and critical success factors into actionable business, organization, and technology strategies. Created information technology plans based on an understanding of the customer's organization, strategic direction, technology context, and business needs.
- Instrumental in the initial build of the Navy Marine Corps Integration ( Confidential ) Security Operations Center (SOC) located at General Dynamics Information Technology Center, Needham, MA. Provided protection to the Microsoft Windows 2000 information technology (IT) Confidential systems. Used the tools and processes of the SOC to protect the IT software and systems of the federal agency from potential hackers and other technological security breaches. Responsible for detecting the vulnerabilities and weaknesses in the systems and rectify them. Improved quality results by evaluating, suggesting upgrades and directing pertinent changes. Provided information by collecting, analyzing, and summarizing data and trends in new technologies for security purposes. Maintained constant vigilance for any abnormal activity that might signal network/computer system invasion.
- Responsible for analyzing, defining, establishing and managing a cohesive information security team to provide security consulting services to a variety of federal and commercial customers. Responsibilities include setting up and maintaining customer interactions with a focus on satisfying the customer along with maximizing short and long-term revenues as well as marketing the services of the information security team.
- Conducted extensive Security Certification and Accreditations.