PROFESSIONAL EXPERIENCE:

Confidential

Responsibilities:

• As Director of Information Security and Practice Leader, manage a team of resources across a number of client organizations that span commercial and government establishments. Accountable for forecasting non - functional and functional requirements and aligning expertise and team capacity to meet the current and planned needs of the business.
• Serve as the bridge between Application and Security architectures.
• Provides technical/management leadership on major tasks or technology assignments.
• Drive the implementation of controls around personally identifiable information (PII).
• Responsible for timely and cost-effective completion of program deliverables.
• Participate in formulating responses to external regulatory entities.

Confidential

Responsibilities:

• As a Senior Manager, supported DISA Global Information Grid Operations (GIG OPs).
• Facilitated creation, negotiation, and advocacy of policies across business streams.
• Responsible for cost effective completion of program deliverables.
• Securely integrated and applied Department/Agency missions, organization, function, policies, and procedures within the enclave.
• Served as cybersecurity SME possessing in-depth knowledge of Confidential and Federal policy and regulations.
• Provided analysis, integration, and implementation guidance for complex cybersecurity risk management initiatives.
• Evaluated and approved development efforts to ensure that baseline security safeguards were appropriately installed.
• Provided enclave IA guidance for development of Continuity of Operations Planning (COOP).
• Obtained and maintained IA baseline certifications appropriate for position.
• Represented DISA on various technical review teams and maintained AIS security records.
• Advised and prepared Co-Utilization Agreements for network nodes operating in subordinate government and contractor facilities.
• Conducted periodic security reviews of all information systems; implemented security safeguards; and monitored attempts to test or circumvent security mechanisms.
• Assisted across the board with IA activities, supported database activities, and supported certification activities, including certification and accreditation and/or security policy development assistance.
• Provide IM/IT acquisition team support.

Confidential

Responsibilities:

• As a Senior Manager, served as an Interim Chief Information Security Officer for the Confidential.
• Advised and prepared Co-Utilization Agreements for network nodes operating in various data centers.
• Ensured compliance of security awareness program, system development lifecycle, disaster recovery, continuity of service, system test and development, physical security, systems integration, and new technology integration.

Confidential

Responsibilities:

• As a Senior Principal Software Engineer, served as a Senior SME on information security matters.
• Ensured IAT Levels I - III, IAM Levels I-III, and anyone with privileged access performing IA functions received the necessary initial and sustaining IA training and certification(s) to carry out their IA duties.
• Provided technical/management leadership on major tasks or technology assignments.
• Oversaw, monitored, and mentored ISSMs/ISSOs and IA workforce personnel to ensure adherence to established policies and procedures.
• Executed FBI change management process that monitored technical and programmatic enhancements and/or upgrades. Ensured that network nodes were operated, maintained, disposed of in accordance with Confidential security policies; reviewed and developed AIS accreditation/certification support documentation; notified the customer when changes occurred that might affect AIS accreditation/certification.
• Performed system and network self-inspections; provided security coordination and review on all system test plans.

Confidential

Responsibilities:

• As Principal IT Security Analyst, served as the senior lead on security matters affecting customer systems.
• Prepared Rule of Engagement agreements used to guide/manage client expectations with PENTEST activities.

Confidential

Responsibilities:

• As Lead Security Engineer, supported security management for Confidential OS/390 systems using CA-CONSUL tool for OS/390 security monitoring.
• Evaluated proposals to determine if proposed security solutions effectively addressed enclave requirements as detailed in solicitation documents.
• Ensured the development of system certification documentation by reviewing and endorsing such documentation; recommended actions by the DAA; assessed AIS vulnerabilities and implemented countermeasures.
• Updated Enterprise Mission Assurance Support Service (eMASS) repository with systems specific security artifacts.
• Analyzed identified security strategies and selected the best approach or practice for the enclave.
• Maintained a repository for all system certification documentation and modifications; managed procedures for authorizing the use of software, hardware, and firmware on systems.
• Evaluated and approved development efforts to ensure that baseline security safeguards were appropriately installed.

Confidential

Responsibilities:

• As Lead Security Architect, managed the deployment and operations of an Enterprise Web Access Control (WAC) infrastructure that supports over 6 million users using a suite of authentication tools that included Netegrity’s Siteminder, OpenNetwork’s DirectorySmart, and IBM Tivoli Directory to control accesses to protected health information (PHI) and personally identifiable information (PII).

Confidential

Responsibilities:

• As Senior Systems Analyst/Programmer, led the conversion of a suite of mortgage management software from a WANG (mainframe) based system to Windows 32-bit system.

Confidential

Responsibilities:

• As a Security Consultant, provided technical support to customers who ran SAM software as a Security Administration tool on both mainframe and client-server environments. Created and optimized models for role-based Access Control (RBAC) as needed.

Confidential

Responsibilities:

• As a Software Tester, performed unit and integration testing on a large commercial billing application Confidential .
• Facilitated the creation of test beds for performance and acceptance testing.
• Ensured all test beds had test cases for each documented requirement. Maintained test results for regression analysis.