SUMMARY:

• Talented, competent, and organized Sr. Information Systems Security Officer with extensive analytical experience in investigating and diagnosing network problems, software procurement, installation, administration, testing, POA&Ms NIST 800 - 53A Rev4, CBP 1400-05D, DHS 4300A Sensitive Systems Handbook Ver. 13.1, NIST publications and FIPS publications.
• Extensive knowledge of IT operating systems, to include Window 7, Exchange Server 2013, Windows Server 2008, Windows Server 2012, Vulnerability Scanners and VMware.
• A multi-talented ISSO with good all-around technical and communication skills, as well as, a problem solver who enjoys a challenge and can work well under pressure.
• Possesses strong customer service skills, excellent communication skills and attention to detail which helps develop and maintain close working relationships with clients, support and development teams.
• Has the personal drive required in delivering a service that exceeds the expectations of colleagues and end users through a positive, organized and structured work ethic.

CORE COMPETENCIES:

• Hardware Installation and Configuration
• Software testing and Implementation
• IT Diagnosis, Troubleshooting and Solution Execution
• HP Command View EVA, HP 3PAR Management Console, Dell EqualLogic Group Manager
• Cisco IDS/IPS, McAfee ePO, McAfee SIEM, Wireshark, Web Inspect, Nessus, AppDetective, Languard, Symantec Endpoint Protection, Websense Manager, DBProtect, NMAP/ZENMAP, Integrity, Risk Vision, Gold Disk, SCAP tool
• Standard Operating Procedures Writing, Testing and Implementation
• Disaster Recover and Emergency Response Planning
• Strong Problem Solving Abilities
• Network Design and Architecture Archive
• Incident response, Patch management, Policy and procedures, Physical security, Certification and Accreditation, Security Technical Implementation Guide (STIG)
• LAN\WAN Maintenance and Support
• NIST 800-53 Rev 4, NIST 800-37, NIST 800-37, DOJ 2640.2F and DHS 4300A
• Penlink 8, Penlink PLX, Penlink XNET, JSI Telecom VoiceBox, Microsoft Windows, Windows Server, Exchange Server 2007/2010

PROFESSIONAL EXPERIENCE:

Confidential, Reston, VA

Sr. Information Systems Security Officer

Responsibilities:

• Manage POA&Ms through XACTA build 27766
• Migrate systems from publication NIST 800-53A Rev3 to NIST 800-53A Rev4
• DHS 4300A Sensitive Systems Handbook Ver 12.0 and CBP 1400-05D
• Manage and configure Nessus vulnerability manager server
• Create and manage custom dashboards in Splunk
• Create Shared Services Agreement (SSA) and Service Level Agreement (SLA) for services being provided by CBP information systems
• Create and maintain Risk Acceptance (RA) documentation
• Manage multiple CBP systems in Ongoing Authorization (OA)
• Guide classified systems through Certification and Accreditation
• Manage and maintain ATO for 2 Amazon web Service (AWS) cloud systems
• Manage and maintain Rule of Behavior, Continuity Of Operations Plan (COOP), System Security Plan (SSP), Contingency Plan (CP), Contingency Plan Test (CPT), Incident Response Plan (IRP), System Development Life Cycle (SDL), Configuration Management and Risk Assessment
• Create and manage PKI Certificates using Security Manager Administration tool (SMA)
• Create and distribute PKI Certificates in a secure manner
• Manage Ongoing Authorization (OA) and Security Control Assessment (SCA) for three CBP Information systems.
• Modify and maintain Remediation Plan, (TRAR) Tailed Risk Assessment Report, (TRAP) Tailored Risk Assessment Plan, (PAT) Privacy Threshold Analysis
• Walk CBP systems through the DHS RMF workflow
• Maintain assets for three CBP information system in XACTA
• Attend management level meeting providing guidance, oversight and recommendations
• Conduct Web-based application and database vulnerability scanning using Webinspect, AppDetective, Nessus, Burp Suite and DBprotect
• Guide two CBP AWS systems through the ATO process
• Maintain security posture for multiple CBP systems
• Manage and maintain Remediation Plans for multiple information systems with different classification levels
• Monthly security walkthrough

Confidential, Reston, VA

Sr. Information Systems Security Officer

Responsibilities:

• Managed POA&Ms through XACTA build 27766 and Archer/CDMT
• Migrated systems from publication NIST 800-53A Rev3 to NIST 800-53A Rev4
• DHS 4300A Sensitive Systems Handbook Ver 11.0
• Managed and configure Nessus vulnerability manager server
• Managed and configure McAfee Enterprise Security Manager
• Guided classified systems through Certification and Accreditation
• Managed and maintain Rule of Behavior, Continuity Of Operations Plan (COOP), System Security Plan (SSP), Contingency Plan (CP), Incident Response Plan (IRP), System Development Life Cycle (SDL), Configuration Management and Risk Assessment
• Managed Ongoing Authorization (OA) and Security Control Assessment (SCA) for four Confidential Information system.
• Modified and maintained Remediation Plan, (TRAR) Tailed Risk Assessment Report, (TRAP) Tailored Risk Assessment Plan, (PTA) Privacy Threshold Analysis
• Maintained assets for four Confidential information system in XACTA Continuum
• Attended management level meeting providing guidance, oversight and recommendations
• Conducted Web-based application and database vulnerability scanning using Webinspect, AppDetective, Nessus, Burp Suite and DBprotect
• Maintained security posture for multiple systems
• Managed and maintain Remediation Plans for multiple information systems with different classification levels

Confidential, Ashburn, VA

System Engineer/Team Lead

Responsibilities:

• Supported and secure critical classified networks systems and applications
• Managed Nessus Vulnerability scanner
• Scanned databases/application servers using DBProtect, AppDetective, Webinspect and Nessus for Vulnerabilities
• Managed, deploy, configure and maintain Digital Guardian 6.2
• Managed McAfee Vulnerability manager 7.0
• Helped create and track POA&M Items for government systems
• Verified system compliance with FISMA, DHS 4300A, NIST 800-30, NIST 800-37 REV. 1, NIST 800-53 REV. 3 and NIST 800-53 REV. 4
• Risk assessment and incident prevention
• Penetration testing
• Updated CSAM database
• Developed and Maintain SDL (System Development Lifecycle), COOP (Continuity of Operations Plan), IRP (Incident Response Plan) and Configuration Management.
• Created and update standard physical and virtual workstations/server images
• Created, performance monitoring & tuning, installing, configuring and maintaining Virtual Machines (VM) via VMware ESXi 4.1 - 5.5, VMware vCenter Server 4.1 - 5.5, VMware Horizon View 5.2 converting VM from template
• Configured HP ProCurve, Cisco Switches/Routers and Cisco ASA via HyperTerminal and Web GUI.
• Supported and managed infrastructure migrations
• Managed daily, weekly and monthly backups of all SQL databases, server images and end user files using Acronis
• Staged workstations/servers with software/hardware imaging tools
• Manage and configure Microsoft Exchange 2007/Microsoft Exchange 2013
• Manage, create, configure and assign Group Policy Objects and required by the department DOJ standards, manage logon scripts. Patch management via WSUS
• Managed and configured Group Policies (GPO)
• Built, configured, maintained and troubleshot both physical and virtual servers and desktop hardware and operating system; Windows 2003, Windows 2008, Windows 2012 and Windows 7 Operating systems.
• Created and updated standard physical and virtual workstations/servers images performance monitoring & tuning, installing, configuring and maintaining Virtual Machines (VM) via VMWare vSphere Client 5.5, through cloning or converting to VM from template.
• Supported Microsoft environment: Active directory-User accounts, security groups, user rights
• Managed network resource access/permissions at folder and files level
• Wrote and maintained SOPs
• Coordinated with third-party vendors/developers to resolve any issues with proprietary software application
• Managed workstations, servers, printers, and network devices
• Identified and resolve critical system issues
• Installed, configure and maintain workstations, servers, printers, and other peripheral devices
• Troubleshoot software/hardware problems on workstation, servers and network devices
• Troubleshoot network connectivity and other LAN issues
• Troubleshoot Microsoft operating systems and office products

Confidential, Reston, VA

Desktop Support

Responsibilities:

• Assisted users with hardware/network problems
• Installed network and local printer parts
• Configured blackberries and added the to the BES server
• Evaluated hardware, firmware, peripherals, software packages, etc., for use by staff and provides recommendations to management
• Ensured technical safeguards are maintained to provide controlled user access, integrity of electronic mail, applications and user data
• Ran hardware and software utilities to optimize user’s workstations
• Remotely troubleshoots issues with Magic Land disk
• Installed computer hardware components, hard drives, optical drives, memory, video cards, mother boards, card readers and network cards
• Configured and install home grown ad-hoc application
• Troubleshoot laptop hardware and software issues

Confidential, Reston, VA

Help Desk Analyst/Tier 2/ Acting Supervisor

Responsibilities:

• Responded to telephone, electronic mail, and or walk-in requests for support for all systems and equipment within the DOL environment in accordance with current or revised help desk SOP’s
• Troubleshoot issues with Remote assistant and remote desktop
• Used remedy 5.0 and 7.0 to create tickets
• Ran hardware and software utilities to optimize user’s workstations
• Ensured technical safeguards are maintained to provide controlled user access, integrity of electronic mail, applications and user data

Confidential, Reston, VA

Help Desk Analyst

Responsibilities:

• Responded to telephone, electronic mail, and or walk-in requests for support for all systems and equipment within pentagon environment in accordance with current or revised help desk SOP’s and or service level agreements
• Created tickets using remedy 6.0
• Provides limited one-on-one desk side training for customers requiring assistance on standard software applications and/or IT equipment.
• Provided general technical support for all dial in/remote access systems and other remote systems
• Evaluated hardware, firmware, peripherals, software packages, etc., for use by staff and provide recommendations to accomplish the desired objectives
• Ensured technical safeguards are maintained to provide controlled user access, integrity of electronic mail, applications and user data