We provide IT Staff Augmentation Services!

Director Of Information Security And Practice Leader Resume

PROFESSIONAL EXPERIENCE:

Confidential

Director of Information Security and Practice Leader

Responsibilities:

  • As Director of Information Security and Practice Leader, manage a team of resources across a number of client organizations that span commercial and government establishments. Accountable for forecasting non - functional and functional requirements and aligning expertise and team capacity to meet the current and planned needs of the business.
  • Serve as the bridge between Application and Security architectures.
  • Provides technical/management leadership on major tasks or technology assignments.
  • Drive the implementation of controls around personally identifiable information (PII).
  • Responsible for timely and cost-effective completion of program deliverables.
  • Participate in formulating responses to external regulatory entities.

Confidential

Senior Manager

Responsibilities:

  • As a Senior Manager, supported DISA Global Information Grid Operations (GIG OPs).
  • Facilitated creation, negotiation, and advocacy of policies across business streams.
  • Responsible for cost effective completion of program deliverables.
  • Securely integrated and applied Department/Agency missions, organization, function, policies, and procedures within the enclave.
  • Served as cybersecurity SME possessing in-depth knowledge of Confidential and Federal policy and regulations.
  • Provided analysis, integration, and implementation guidance for complex cybersecurity risk management initiatives.
  • Evaluated and approved development efforts to ensure that baseline security safeguards were appropriately installed.
  • Provided enclave IA guidance for development of Continuity of Operations Planning (COOP).
  • Obtained and maintained IA baseline certifications appropriate for position.
  • Represented DISA on various technical review teams and maintained AIS security records.
  • Advised and prepared Co-Utilization Agreements for network nodes operating in subordinate government and contractor facilities.
  • Conducted periodic security reviews of all information systems; implemented security safeguards; and monitored attempts to test or circumvent security mechanisms.
  • Assisted across the board with IA activities, supported database activities, and supported certification activities, including certification and accreditation and/or security policy development assistance.
  • Provide IM/IT acquisition team support.

Confidential

Senior Manager

Responsibilities:

  • As a Senior Manager, served as an Interim Chief Information Security Officer for the Confidential.
  • Advised and prepared Co-Utilization Agreements for network nodes operating in various data centers.
  • Ensured compliance of security awareness program, system development lifecycle, disaster recovery, continuity of service, system test and development, physical security, systems integration, and new technology integration.

Confidential

Senior Principal Software Engineer

Responsibilities:

  • As a Senior Principal Software Engineer, served as a Senior SME on information security matters.
  • Ensured IAT Levels I - III, IAM Levels I-III, and anyone with privileged access performing IA functions received the necessary initial and sustaining IA training and certification(s) to carry out their IA duties.
  • Provided technical/management leadership on major tasks or technology assignments.
  • Oversaw, monitored, and mentored ISSMs/ISSOs and IA workforce personnel to ensure adherence to established policies and procedures.
  • Executed FBI change management process that monitored technical and programmatic enhancements and/or upgrades. Ensured that network nodes were operated, maintained, disposed of in accordance with Confidential security policies; reviewed and developed AIS accreditation/certification support documentation; notified the customer when changes occurred that might affect AIS accreditation/certification.
  • Performed system and network self-inspections; provided security coordination and review on all system test plans.

Confidential

Principal IT Security Analyst

Responsibilities:

  • As Principal IT Security Analyst, served as the senior lead on security matters affecting customer systems.
  • Prepared Rule of Engagement agreements used to guide/manage client expectations with PENTEST activities.

Confidential

Lead Security Engineer

Responsibilities:

  • As Lead Security Engineer, supported security management for Confidential OS/390 systems using CA-CONSUL tool for OS/390 security monitoring.
  • Evaluated proposals to determine if proposed security solutions effectively addressed enclave requirements as detailed in solicitation documents.
  • Ensured the development of system certification documentation by reviewing and endorsing such documentation; recommended actions by the DAA; assessed AIS vulnerabilities and implemented countermeasures.
  • Updated Enterprise Mission Assurance Support Service (eMASS) repository with systems specific security artifacts.
  • Analyzed identified security strategies and selected the best approach or practice for the enclave.
  • Maintained a repository for all system certification documentation and modifications; managed procedures for authorizing the use of software, hardware, and firmware on systems.
  • Evaluated and approved development efforts to ensure that baseline security safeguards were appropriately installed.

Confidential

Lead Security Architect

Responsibilities:

  • As Lead Security Architect, managed the deployment and operations of an Enterprise Web Access Control (WAC) infrastructure that supports over 6 million users using a suite of authentication tools that included Netegrity’s Siteminder, OpenNetwork’s DirectorySmart, and IBM Tivoli Directory to control accesses to protected health information (PHI) and personally identifiable information (PII).

Confidential

Senior Systems Analyst/Programmer

Responsibilities:

  • As Senior Systems Analyst/Programmer, led the conversion of a suite of mortgage management software from a WANG (mainframe) based system to Windows 32-bit system.

Confidential

Security Consultant

Responsibilities:

  • As a Security Consultant, provided technical support to customers who ran SAM software as a Security Administration tool on both mainframe and client-server environments. Created and optimized models for role-based Access Control (RBAC) as needed.

Confidential

Software Tester

Responsibilities:

  • As a Software Tester, performed unit and integration testing on a large commercial billing application Confidential .
  • Facilitated the creation of test beds for performance and acceptance testing.
  • Ensured all test beds had test cases for each documented requirement. Maintained test results for regression analysis.

Hire Now