SUMMARY:

• Diverse Confidential 8570 IA Level III compliant IT Security Analyst, and results - oriented computer information systems expert, with over twenty years of experience.
• Driven by challenges that involve complex solutions.
• Thrives in a diverse, fast-paced work environment.
• Proven ability to manage, assess, and analyze critical and confidential information.
• Maintains and balances unpredictable workload during mission essential tasks to ensure positive end-results.

PROFESSIONAL EXPERIENCE:

Confidential, Washington, DC

Cyber Security Analyst

Responsibilities:

• Reviewed and made recommendations on program - level documentation including requirements specifications, system architecture, design documents, and System Security Plans (SSPs).
• Actively participated in technical exchange meetings and application review boards.
• Assisted in researching, evaluating, and developing information for security policies/guidance.
• Supported development, communication and implementation of a secure architecture/strategy.
• Interfaced with business units to identify gaps in security architecture and recommended practical technical controls to mitigate the risk in accordance with NIST 800-53.
• Interfaced with project teams and delivery leads to address systematic enterprise security.
• Evaluated emerging information security trends and technology and made risk based recommendations for changes to the security strategy.
• Reviewed and made recommendations on program - level documentation including requirements specification, system architecture, design documents, test plans, and security plans.
• Developed and document security evaluation test plans and procedures.
• Briefed management, as needed, on the status of action items and results of relevant activities.
• Clarified security requirements and recommended security countermeasures.
• Authored and analyzed SPs to develop understanding of systems/applications for preparation of Security Operation Plans (SOPs), Contingency Plan (CP), and Contingency Test Plan (CPT).
• Coordinated system testing with project personnel and other program elements conducting security testing in compliance with Office of the Director of National Intelligence (ODNI).
• Lead security testing, analyze results, document risk, and recommend countermeasures.
• Performed network security analysis and risk management for designated corporate networks.
• Assessed/calculated risk based on threats, vulnerabilities, and shortfalls uncovered in testing.
• Identified mitigating countermeasures to identified threats, vulnerabilities, and shortfalls.
• Developed and submitted Certification and Accreditation (C&A) testing results in accordance with Federal Information Processing Standard (FIPS) and Confidential guidance. This includes documentation activity and results to support the creation of risk assessments and testing.
• Identified needs for testing equipment and gaps in testing capabilities; conducted research on and evaluation of automated testing tools and provided summaries and reports to sponsor on the tool: capabilities, in support of potential procurement by sponsor.
• Prepared reports citing system vulnerabilities and suggested courses of action.
• Reviewed findings from Information System Security Scans of corporate systems identifying vulnerabilities to system owners, while pursuing remediation of vulnerabilities found.
• Tracked and monitor outstanding remediation status to include best approaches to action.
• Coordinated scanning activity with appropriate boards and system managers.

Confidential, Washington, DC

Information Systems Security Officer

Responsibilities:

• Assisted with implementation and enforcement of Confidential security policies through all phases of an Confidential ’s lifecycle to include Federal Information Security Management Act ( Confidential ) requirements.
• Initiated the C&A process for new systems and reaccreditation boundary.
• Provided the initial Registration Form and documents based on an Confidential ’s complexity.
• Assisted with ensuring that systems were operated, maintained, and disposed of in accordance with internal security policies and practices outlined in the approved accreditation package.
• Ensured approved procedures were in place for clearing, purging, declassifying, and releasing system memory, media, and output for systems under purview.
• Coordinated Confidential security inspections, tests, and reviews with the Security Controls Assessor.
• During the Operations and Maintenance (O&M) phase, ensured that Confidential security risk assessments were periodically performed and appropriate security measures met in order to maintain compliance with Tier requirements.
• In accordance with Confidential security policy, assisted with the development of security incident response procedures and the reporting of incident findings and security violations to the Enterprise Security Operations Center ( Confidential ).
• Ensured proper protection and corrective measures were taken when an incident or vulnerability had been discovered within a system.
• Assisted with Confidential Representative coordination activities and the development and implementation of procedures authorizing the use of software, hardware, and firmware on an Confidential .
• Initiated, coordinated, and recommended to the Confidential approval of all Information Service
• Requested the closure of liens against systems in concert with security validation.

Confidential, Washington, DC

Firewall Administration Supervisor

Responsibilities:

• Supervised assigned Information Technology operations and staff while determining work requirements, priorities, and best use of resources for scheduled and unplanned incidents.
• Provided guidance to staff regarding work procedures, technical issues, work priorities, and special requests from customers and VIP staff members.
• Instructed employees in the use of new internal procedures and operating instructions and evaluated employees on assigned shift.
• Troubleshot technical/operational problems and took corrective action to resolve conflicts.
• Ensured security of assigned operational shift and assumed delegated management responsibility for appropriate elevation during emergencies and escalated requirements.
• Supervised and participated in the study of operations and procedures, and recommended changes to improve methods, procedures, service levels, and operational efficiency.
• Managed the perimeter security architecture and surrounding infrastructure for the Confidential (DoS) and United States Embassies.
• • Provided Tier II monitoring, configuration, and support in a large global enterprise firewall environment consisting of over 80,000 users in almost every country in the world.
• Daily tracked system problems to include network hardware and software malfunctions.
• Managed the status of all assigned Integrated Enterprise Management System ( Confidential ) trouble tickets to ensure timely compliance while interfacing with clients.
• Monitored Sidewinder, Blue Coat, and Stone Gate firewall traffic flow into and out of DoS architecture to include investigation of suspicious intrusion activities.

Confidential, Herndon, VA

Network Security Engineer

Responsibilities:

• Provided security solutions and interpretations of organization security policies as they relate to specific architects and projects.
• Maintained Defense Information Infrastructure by authoring documentation for C&A of systems using Department of Defense Information Assurance Certification and Accreditation Process
• ( Confidential ) policy governing security of automated systems/networks.
• Assisted developers in ensuring Confidential security requirements for all Applications and Systems comply with all laws and regulations and that requirements are appropriate and sufficient.
• Supported the C&A process for systems and applications by ensuring that security plans are developed for all applications and other documentation such as security test plans and procedures, risk assessments and security guidelines are developed.
• Requested recommendation from Information Systems Security Officer ( Confidential ) for Approval to Operate ( Confidential ) weighing the risks of system implementation against criticality of mission.
• Authored Systems Security Authorization Agreement (SSAA), Concept of Operations
• (CONOPS), System Security Policy (SSP), C&A Plan, and Incident Response (IR) Plan through all phases of the Confidential process including Confidential 6/3 and ICD 503.
• Coordinated and attended meetings with key individuals to discuss security practices currently in place and future security practices to be implemented.
• Evaluated threats and vulnerabilities of each Confidential to ascertain if additional safeguards needed to be implemented.

Confidential, Washington, DC

Firewall Administration Technician

Responsibilities:

• Managed the perimeter security architecture and surrounding infrastructure as Firewall Administrator for the Confidential (DoS) and United States Embassies.
• Daily tracked system problems to include network hardware and software malfunctions.
• Managed the status of all assigned Integrated Enterprise Management System ( Confidential ) trouble tickets to ensure timely compliance while interfacing with clients.
• Monitored Sidewinders G2, Bluecoats; StoneGate, Raptor and TrueGate firewall traffic flow into and out of architecture to include investigation of suspicious intrusion activities.
• Managed Mail Sweeper for SMTP with MIMESweeper Technology, and Trend Micro
• Interscan logs to keep track of viruses and other malicious codes entering the network and prevent possible virus outbreak.
• Monitored Finjan SurfinGate and Surf control Webfilters to filter web contents and block users to visit unauthorized websites.
• Maintained Radware server’s configuration to insure equal load balance between various cluster servers.
• Ensured the policies and procedures for network security are implemented and enforced while monitoring all cluster firewall servers daily.
• Reviewed and troubleshoots potential problems and new threats related to infrastructure and all inter-agency connections insuring all traffic originating from within complies with Department of State policies.
• Monitored the Customer Processing Bureau classified firewall network traffic for compliance.

Confidential, VA

Information Systems Network Administrator

Responsibilities:

• Confidential Command and Control & Intelligence, Surveillance, and Reconnaissance Center
• Supervised a team of military and contractor systems administrators/technicians.
• Managed the Combined Aerospace Operations Center ( Confidential ) help desk, data computer operations and network control center, consisting of over 2,000 internal/external customers.
• Planned and assured implementation of system administration support including LAN\WAN administration, messaging, Electronic Key Management System, and user account management.
• Troubleshot and administered Remote Access Server, email, Internet, and video teleconferencing systems.
• Directed configuration and installation of new hardware\software applications including local area networks (LAN) and connectivity to wide area networks (WAN).
• Evaluated IT issues, requirements, and submitted Fiscal Year IT budget.