SUMMARY:

Highly motivated professional software engineer with experience performing systems analysis, project management, implementing cyber security techniques, full - stack web development, information systems sustainment, graphic design and working with innovative technologies to improve the efficiency of desktop and web applications.

PROFESSIONAL EXPERIENCE:

Principal Software Engineer

Confidential, Reston, VA

Responsibilities:

• Worked with an agile team that consisted of software engineers, analyst and data scientist over the course of several sprints.
• Contributed software engineering expertise in the development of a cyber threat intelligence and warning web application, and a data feed ingestion task for the Department of Homeland Security.
• Created project documentation that outlined high-level requirements, test plans and system documentation.
• Used the MVC framework during development.
• Created Node.js, user authentication using Express and MySQL. Also tested with PostgreSQL.
• Created token-based user authentication for the CTI web application using JWT tokens with Node.js, passport and express.
• Refactored the UI/UX of the registration page using AngularJS and Bootstrap.
• Created scripts that used Python 3 to ingest data from an external API and stored the information in either of the requested .csv, tab or json formats.
• Completed Python 3 and webMethods training to meet personal and professional career goals, and to maintain a level of support across various tasks.
• Maintained code changes using Bitbucket.
• Maintained documentation in Confluence.
• Tracked issues and projects using Jira.

Cyber Information Assurance Analyst

Confidential, Linthicum Heights, MD

Responsibilities:

• Examined potential security violations to determine if the Network Environment (NE) has been breached, assess the impact, and preserve evidence.
• Supported, monitored, tested, and troubleshot hardware and software IA problems pertaining to the NE.
• Performed IA related support functions including installation, configuration, troubleshooting, assistance, and/or training, in response to agency requirements for the NE.
• Analyzed patterns of non-compliance and take appropriate administrative or programmatic actions to minimize security risks and insider threats. Manage accounts, network rights, and access to NE systems and equipment.
• Analyzed system performance for potential security problems. Assess the performance of IA security controls within the NE.
• Identified IA vulnerabilities resulting from a departure from the implementation plan or that were not apparent during testing.
• Configured, optimized, and tested network servers, hubs, routers, and switches to ensure they comply with security policy, procedures, and technical requirements.
• With the assistance of the ISSM, ensured systems were accredited under the implementation of the Risk Management Framework (RMF) as directed by the Joint SAP Implementation Guide (JSIG).
• Installed, tested, maintained, and upgraded network operating systems software and hardware to comply with IA requirements.
• Evaluated potential IA security risks and take appropriate corrective and recovery action.
• Ensured that hardware, software, data, and facility resources are archived, sanitized, or disposed of in a manner consistent with system security plans and requirements.
• Performed system audits to assess security related factors within the NE.
• Developed and implement access control lists on routers, firewalls, and other network devices.
• Installed perimeter defense systems including intrusion detection systems, firewalls, grid sensors, etc., and enhance rule sets to block sources of malicious traffic.
• Implemented applicable patches including IAVAs, IAVBs, and TAs for their NE.
• Adhered to IS security laws and regulations to support functional operations for the NE. Implement response actions in reaction to security incidents.
• Supported Security Test and Evaluations (Part of C&A Process).
• Monitored/Managed clients’ firewalls and intrusion detection systems.

Information Assurance Reviewer/OVAL Developer

Confidential, Chambersburg, Pennsylvania

Responsibilities:

• Worked at the tier III level with a team and independently to analyze customer tickets regarding security concerns in the Security Content Automation Protocol ( Confidential ) content.
• Evaluated the manual Security Technical Implementation Guide's (STIGs) for various Information Systems to determine if there was a need for an automated check.
• Participated in weekly and quarterly meetings as a subject matter expert for Internet Explorer 10/11, Windows 2008/2008 R2 MS/DC, 2012/2012 R2 MS/DC, Vista, 7, 8/8.1 and 10. Red Hat Enterprise Linux 5/6, Solaris 10/11 x86/SPARC, AIX 6.1, and HPUX 11.23/11.31 . The meetings consisted of discussing problem tickets and/or systems analysis in an effort to resolve any new or existing security concerns within the Confidential content.
• Developed Confidential content using the XML based Open Vulnerability and Assessment Language (OVAL), researched and revised deprecated OVAL content to be consistent with OVAL version 5.8 and Confidential version 1.1 and 1.2, Performed OVAL validation to ensure the content was error free and met system specifications.
• Tested Confidential content remotely and physically using the DoD vulnerability and Confidential compliant scanning tools such as Confidential ’s Policy Auditor and HBSS ePO, the Confidential Compliance Checker (SCC) and the Nessus Security Center, Assured Compliance Assessment Solution (ACAS) and Ovaldi.
• Performed development in a git repository on a Linux based system to track changes and collaborate with team members throughout the Confidential software development life cycle.
• Participated in annual DoD compliant cyber security training and awareness courses.
• Completed annual training: Cyber Awareness, FedVTE Cisco Network Security 1, Information Assurance Policy & Technology (IAP&T), DoD PKI Training "Using PKI", Version 1.0, Privileged User IA Responsibilites, DISA HBSS Admin MR5 (2013 Version), Domain Name System (DNS) Basic Concepts Overview, Linux Operating Systems Security, DIACAP Review version 1.0, Risk Management Framework (RMF) for DoD Information Technology (IT), Cisco Network Security 2

OVAL Developer

Confidential, Chambersburg, Pennsylvania

Responsibilities:

• Provided technical security guidance for the Defense Information System Agency (DISA), Field Security Operations (FSO).
• Worked with a team, and with minimal supervision to meet quarterly Security Technical Implementation Guide (STIG) deadlines for release.
• Analyzed security requirements for inclusion into an Confidential data stream, developing OVAL checks for security requirements, testing OVAL definitions, and utilizing Confidential compliant scanning tools such as Confidential ’s Policy Auditor and the Confidential Compliance Checker (SCC).
• Contract to hire position for Confidential Enterprise.

Software Engineer

Confidential, Beavercreek, Ohio

Responsibilities:

• Worked with team members from Kratos Defense as a junior developer in support of a Wright-Patterson Air Force Base task to maintain the Command Management System (CMS), a web application that automated the Confidential ’s planning, programming, budgeting, and execution process.
• Provided tier III support for the customer.
• Researched the working yahoo user interface (YUI) JavaScript framework against the jQuery framework to determine if migrating to jQuery would be the best solution for upgrading the web applications menu functionality and improving usability.
• Refactored PL\SQL email point of contact and row update email scripts that built and sent an email to the CMS administrators when the contact row in the CMS point of contact table changed within 3 days.
• Refactored PL/SQL scripts that re-queried the database to optimize performance.
• Worked with CA certificates in Red Hat Enterprise Linux 6 to add a new trusted certificate. Manually created root certificates and generated user certificates from the signed certificate with the Orapki commands and installed the root certificate directly into the certificate database on the RHEL 6 system.
• Analyzed different browser features for Internet Explorer (IE) users, including chrome padding and height, focusing on the vertical characteristics of the various IE releases when displaying the CMS application.
• Minimized the recording of browser resolution sizes in the Oracle11g database by collecting the user’s browser information during the initial application launch. This task was implemented due to the CMS application sending the user’s browser information to the database twice during launch.
• Worked with the Senior Architect and learned how to perform a manual extract transform and load (ETL) of customer generated data in an effort to add the data to a new table and present the information in the correct fields within the CMS application for customer use.

Webmaster

Confidential, Dayton, Ohio

Responsibilities:

• Volunteered as the chapter’s webmaster and monthly luncheon photographer, updated chapter news, event notifications and monthly luncheon registration.
• Maintained the chapter’s Drupal based content management system and coordinated the efforts to update the Drupal version with Confidential International due to outdated security features.
• Modified the homepage design by implementing snippets of HTML to split chapter contents into sections, and to make it easier for chapter members to access information.
• Modified chapter photos by resizing, cropping and correcting color balances using Adobe Photoshop CS6.

Admissions Officer

Confidential, Ohio

Responsibilities:

• Communicated and explained admission policies and decisions to potential applicants, parents, transfer students, and high school guidance counselors.
• Participated in public speaking engagements with a crowd size ranging from 5 to 700 people, setup and worked college fairs and open house events.
• Looked up student records by ID and/or PII, and notated information received from phone calls, faxes and emails using the Banner software by Ellucian.
• Extracted student and territory information from an Access database into an Excel spreadsheet on a weekly basis for conversion analysis.
• Created an email template for each student without an active phone number on record in an effort to maximize the usage of student data, and efficiently contact students regarding upcoming campus events, and events held at our satellite sites throughout the Ohio Valley Region.
• Made data-driven decisions based on test scores, grades, prior academic achievements, enrollment records at other higher education institutions and financial need for awarding scholarships and/or granting the acceptance of new first time, non-traditional, transfer and returning students.
• Researched graduation rates, standardized test scores and matriculation patterns for the assigned recruiting territories in Detroit, MI and surrounding cities, Cleveland, OH, Lima, OH, Toledo, OH and Northern KY to form new and innovated conversion strategies.
• Maintained a travel log for recruitment trips that included car rental and hotel reservations, gas and food expenses, as well as recruitment materials (signs, banners, brochures, applications).

Research Consultant

Confidential, Ohio

Responsibilities:

• Researched different techniques used to capture, monitor, and analyze gait data.
• Wrote several abstracts and technical papers, and submitted to undergraduate research organizations.
• Developed a Graphical User Interface (GUI) MATLAB program called Motion to process and visualize gait data. Motion imported prerecorded data of a human subject from an excel spreadsheet, and used the Grobner Basis Theory, an algebraic technique to compute wrist and elbow placement in radian, and generated a graph to visualize patterns during a gait cycle when a subject is carrying load and no load.
• Created a detailed PowerPoint to discuss conclusions based upon graphs, images, and gait data.
• Presented research findings in undergraduate symposiums and submitted multiple manuscripts for publication in biomedical and undergraduate journals.
• See link in presentations and publications section.