SUMMARY:

• 25 - years experience in Communication & Information Security for Department of Defense and Commercial.
• Stealth Watch; Cyber Kill Chain, Tipping Point; HP Service Manager; nGenuisONE; FireEye; Rapid7.
• Qualys; AppDetectivePro; HP WebInspect; HP Fortify; Cisco IronPort; Tenable Nessus; EyeRetina.
• Splunk; Confidential ePoint Orchestra; Confidential WebWasher; Confidential SolidCore; WireShark, KaliLinux.
• Security Center; EnCase; Agent Ransack; NMap; SCAP; URLSnarf; DirBuster; BurpSuite; Group Policy.
• Confidential RMF, EMASS, SCCM 2012, HBSS, Xacta, Ubuntu, VMWare ESXi, Linux, Unix, Solaris, Python.
• FEDRAMP, AWS, FISMA, Confidential 800-53r4, NIPSOM, DCID 6/9, Confidential 8500 Series, DIACAP, POAM, FIPS.
• ISO 17799/27001/27002, Wireless LAN, TCP/IP, LDAP, DNS, WINS, DHCP, eGRC-10, HIPAA Compliance.
• MS Server 2012 R2, Visual Studio 2012, SQL Server 2012, Active Directory, Exchange Server, Project 2010.
• Cisco Network Security, Cisco Email Security C300, Cisco Content Security Management M680, Cisco-VOIP.

AREAS OF EXPERTISE:

• Cyber Threat Analysis
• Security Architecture & Strategy
• Network Security
• Policy Development & Management
• HIPAA/COBIT/SOX/ Confidential /PCI
• IT Governance
• Cyber Security Incident Response
• Security Operations Centers(SOC)
• Vulnerability/ Risk Assessment
• Project Management
• Disaster Recovery PlanningTesting
• Vulnerability Management
• Security Awareness Training
• Security Operations Advancement
• Strategic Planning
• Cyber Threat Intelligence
• Process Improvement
• Relationship Building
• Intrusion Detection
• Executive Leadership
• Penetration Testing
• Data Privacy/Protection
• SIEM Tools
• Cyber Security Strategy

PROFESSIONAL EXPERIENCE:

Confidential, Washington, DC

Senior Cyber Security Engineer

Responsibilities:

• Defining/supporting Confidential vulnerability management and security assessment standards and metrics within a SOC.
• Use Nessus Security Manager to conduct & maintain vulnerability scanning on networks, systems and applications.
• Direct Recertification & Accreditation activities for IP-based networks & assist managing schedule for ATO.
• Produce actionable, risk-based reports on security assessment results & assist with vulnerability remediation.
• Deliver results based on appropriate FISMA score category targets across 11 security automation domains for Continuous Monitoring of system risk.
• Managing, training and mentoring more junior team members and assist other security life cycle activities.
• Develop and maintain security plans and security testing plans and improve risk models, metrics, reports, processes.

Confidential, Fort Meade, MD

Senior Cyber Security Manager

Responsibilities:

• Performed system administration functions to create SSP, SCTM and documenting the security architecture.
• Reviewed security threats and implement effective countermeasures IAW established policies/regulations/directives.
• Analyzed network or system changes/reconfigurations for security impacts (performs risk analysis/assessment).
• Performed functions as required in support of the Confidential Instruction 8510.01 “Risk Management Framework (RMF).
• Performed privacy impact assessments and provide PII data security and monitoring and migration strategies.
• Identified potential vulnerabilities to cyber and. information security using penetration testing and red teams.
• Provided technologies for identification, modeling, and predictive analysis of cyber threats.
• Performed information assurance certification and accreditation analysis, security assessments.
• Provided recommendations to the Information System Security Managers to bring their systems into compliancy. Analyzed and document deficiencies in POA&Ms or requests prepared for Acceptance of Risk (AoR).
• Maintained security posture status in the Government systems of record which is reviewed by Approval Authorities.
• Performed assessments of security controls, identify weaknesses, and track remediation activities in POA&Ms.
• Worked with technical teams to mitigate security control deficiencies for assigned IT systems.
• Advise system owners on all matters, technical and otherwise, involving the security of assigned IT systems.
• Used Fortify, WebInspect and App Detective, ACAS to conduct scans of networks, databases and endpoints.
• Performed Confidential SP 800-37 RMF and DIACAP Assessment &Authorization processes.
• Performed presentations to the ISSM staff concerning the status of each project under my responsibility.

Confidential, Falls Church, VA

Senior Cyber Security Engineer

Responsibilities:

• Perform ISSO tasks for IT systems in accordance with Confidential SP 800-37 requirements.
• Perform information assurance certification and accreditation analysis, security assessments.
• Provide recommendations to the Information System Security Managers to bring their systems into compliancy.
• Analyze and document deficiencies in POA&Ms or requests prepared for Acceptance of Risk (AoR).
• Maintain security posture status in the Government systems of record where this information can be reviewed by Approval Authorities or other external IA organizations when necessary.
• Perform assessments of security controls, identify weaknesses, and track remediation activities in POA&Ms.
• Work with technical teams to mitigate security control deficiencies for assigned IT systems.
• Advise system owners on all matters, technical and otherwise, involving the security of assigned IT systems.
• Use Fortify, WebInspect and App Detective to conduct scans of networks, databases and endpoints.
• Perform Confidential SP 800-37 RMF for Assessment & Authorization processes.

Confidential, Atlanta, GA

Senior Cyber Security Officer

Responsibilities:

• Information Technology officer for 500 personnel on computer networks and satellite & radio communications.
• Spearheaded creation of two-year strategic road maps instrumental in executive team planning for IT departments.
• Implemented security using Confidential Information Assurance DIACAP, FISMA, FIPS, Confidential and IAVA.
• Managed & installed IAVA update patches to the servers and network using proper Confidential procedures and security.
• Performed vulnerability checks using Confidential intrusion detection tools Army Confidential Gold, Nessus, AR 25-1, AR 25-2.
• Provided system security for electronic data communications, network and data security, electronic commerce.
• Interfaced with government agencies to implement information system security mechanisms & requirements.
• Configured & installed servers on the LAN network and in correct zones and assigned IP addresses.
• Assisted in implementing RAID architect onto the servers, proper disk space for number of drives required on SAN.
• Designed Disk Groups, assign Failover/Failback per Virtual Disks & assigned port connections for SAN.

Confidential, Atlanta, GA

Senior Cyber Security Consultant

Responsibilities:

• Designed & maintained a large enterprise deployment of server anti-virus and host intrusion prevention software.
• Strong knowledge and hands on experience with security best practice approaches to application coding.
• Performed as lead in the Information Security Operations team in building the critical security infrastructure.
• Worked as a security lead to assist in developing and improving the company’s Information Security program.
• Recognized and identified potential threats to corporate information systems and data.
• Lead security investigations and mitigated security incidents and working knowledge of scripting languages.
• Experience with Windows and Unix operating systems and performing deep packet network analysis.
• Worked with data loss prevention tools, web browsing filters, email filters, vulnerability scans, SIEMs, and IPSs.
• Used the following tools to detect, deny disrupt, degrade, deceive and contain information for cyber chain kill.
• Prevented reconnaissance, weaponization, delivery, exploitation, spread, command & control by remote attackers.
• Used Tipping Point for Intrusion Detection deep packet inspection, threat reputation, and malware analysis .
• Used FireEye to proactively detect Advanced Persistent Threats (APTs), manage intrusions and isolate the threat.
• Used FireEye for Endpoint Threat Detection by tracing alerts directly to compromised devices.
• Used HP Fortify to assist Java and Jenkins Developers by building VM processes along with installation boxes.
• Used HP Fortify Software Security Center (SSC) to manage developers access credentials and project information.
• Used Qualys to perform dynamic scanning of endpoint inventory and HP Fortify for static scanning.
• Used Splunk to perform SIEM Intrusion Detection and read logs and write Windows scripts and alerts.
• Used IronPort (Cisco Email Server & Cisco Management Server) to manage email and TLS access request.
• Used Active Directory to manage the authorization for user permissions and credentials.
• Used Confidential ePO Web Washer firewall for department access and deciding on which URLs to access network.
• Used StealthWatch to track network flow, user-identity tracking and perform analysis for malicious behavior.
• Used StealthWatch to perform real-time network monitoring and detected Advance Persistent Threats (APTs).

Confidential, Washington, DC

Senior Cyber Security Engineer

Responsibilities:

• Developed Security Assessment scripts for vulnerability scans & conduct and assess automated vulnerability scan.
• Discussed requirement descriptions, weaknesses, affected elements, severity levels, and recommended remediation.
• Used industry testing tools to include, Nessus, Tenable, WebInspect, AppDetective, DBProtect and XACTA.
• Assessed security findings, develop testing plans, develops Security Assessment Reports (SAR).
• Answered the RTM management, operational and technical questions and support findings to the system.
• Validated client documents that are then presented to Confidential -ISD department for approval.
• Interfaced the client, providing information system security engineering support for system security configuration.
• Created SAR, SCAP, RTM, along with editing the SSP and validating POAMs for ongoing assessments.
• Completed security assignments for Confidential RMF Revision 4, AWS, FISMA and FEDRAMP environments.

Confidential, Falls Church, VA

Senior Cyber Security Engineer

Responsibilities:

• Initiated protective or corrective measures when an IA incident or vulnerability is discovered.
• Confirmed IA-enabled software, hardware, and firmware comply with appropriate security configuration guidelines.
• Ensured Confidential information system recovery processes are monitored & IA components are properly restored.
• Implemented & enforced Confidential information system IA policies & procedures as defined by C&A documentation.
• Supporting the Confidential in RMF lifecycle support for twenty health care systems/applications.
• Performed risk assessments, annual reviews, ATOs and sustained ATOs, and Branch Service Accreditation.
• Used eMASS, POAMs, DIACAP/RMF packages, remediation, mitigations, risk assessments and security analysis.
• Performed scans and vulnerability assessments using AppDetective, WebInspect, HP Fortify and Nessus scanner.
• Managed Confidential Security Readiness Reviews (SRR) and provide technical leadership/consulting support to staff.
• Developed Security Test Reports, POA&Ms, Certification&Accreditation security packages and documents.
• Evaluated security vulnerabilities and mitigation strategies for networked and non-networked systems.
• Performed evaluation of information security principles, Confidential STIGs, and C&A processes for technical systems.

Confidential, Falls Church, VA

Senior Cyber Security Engineer

Responsibilities:

• Conducted Confidential Risk Management Framework (RMF) validation for Department of Defense clients.
• Performed scans and Manual Reviews using AppDetective, WebInspect, HP Fortify, Nessus, SCAP.
• Developed Security Test Reports, POA&Ms, Certification&Accreditation security packages and documents.
• Evaluated security vulnerabilities and mitigation strategies for networked and non-networked systems.
• Performed evaluation of information security principles, Confidential STIGs, and C&A processes for technical systems.
• Interfaced the client, providing information system security engineering support for system security configuration.
• Perform testing and analytical activities, including security administration, vulnerability assessments.
• Conducted application security, client reporting, authoring documentation and C&A preparation.
• Provided information protection needs via system security, security CONOPS, and security development.
• Analyzed functional architectures, design constraints, life cycle support needs and provide recommendations.
• Reviewed vulnerability scans to identify false positives, mitigation strategies, and system fixes.
• Develop technical documentation e.g. network diagrams, inventory control, data flows and perform reviews.

Confidential, Charleston, SC

Senior Cyber Security Engineer

Responsibilities:

• Team Lead in a Virtual Cloud Environment for Veteran Benefits Management System (VBMS) project.
• Performed Systems Analysis, Systems Architecture, Systems/Equipment Support, Test and Evaluation.
• Conducted Confidential SP 800-53, FIPS 140-2, DIACAP, POAM, ISO 27001, Disaster Recovery Planning and Policies.
• Performed research, design, development, testing and validation of information assurance measures via SOA.
• Provided in-depth knowledge for monitoring and documenting system threats, vulnerabilities and security measures.
• Monitored and documented risk factors (i.e. operational criticality of the system & associated security environment).
• Designed, configured and managed security within an iCloud environment concerning servers, databases and files.
• Provided security solution/mitigation development and validation testing for iCloud Information System.
• SPLUNK Administrator for performing Audit Logging on both Windows and Linux servers and operating systems.
• Created alert scripts and dashboard scripts to function on the Linux and Windows server operating systems.
• Designed incident response planning and management of security incidents and to protect enterprise-wide IT.