TECHNICAL PROFICIENCIES:

Platforms: Windows 7/8/8.1/10, Windows Server 2012 R2, SQL Server, UNIX (Solaris, HP - UX), Linux (Red Hat, Ubuntu), Mac OS, Android, iOS

GRC: NIST 800-53, FING, SOX 404, GLBA, HIPPA, PCI, ISO 27001/2, Vendor Management, Identity and Access Management

Languages: C#, ASP.NET, HTML/HTML 5, FileMaker, PHP, CSS, SQL

Tools: RSA Archer v5.x/6.x, VMware

PROFESSIONAL EXPERIENCE:

Confidential, Washington, DC

Archer SME

Responsibilities:

• Built bronze medal award winning Customer Automated Security Information System
• Implemented automatic record permissions to allow bureaus access to view their own records related to their business unit
• Established data feeds from bureau records questionnaires to security incidents application to include multiple bureau tracking IDs associated with one parent record

Confidential, Richmond, VA

Archer Developer

Responsibilities:

• Responsible for integration between Confidential asset scanning solution to archer platform
• Created data feeds to associate vulnerabilities feed from Dell Secure Works to Archer platform
• Built Technologies Application feed to load IT assets to hardware application, software application, and applications application

Confidential, Fairfax, VA

Sr. RSA Archer Developer

Responsibilities:

• Supported implementation of CDM platform integration to track and monitor federal assets, vulnerabilities, and metrics to DHS for tracking assets with Federal Information Security Modernization Act ( Confidential ) Framework
• Converted FY17 Confidential Documents to Questionnaires with Advanced workflow functionality based on workflow diagrams provided by CDM PMO
• Conducted quality assurance testing and training amongst CDM contributors on a quarterly basis

Confidential, Phoenix, Arizona

Information Security Analyst

Responsibilities:

• Produce security plans using RSA Archer questionnaires to determine threat and vulnerability impact calculations for Confidential Devices, Software, and Data Transmissions
• Identified appropriate security controls based on risk and business impact for enterprise and vendor assets
• Evaluate network diagrams to determine vulnerabilities and lack of security controls between network transmissions in a relevant data set
• Determine GLBA relevant assets based on questionnaire responses
• Evaluate the adequacy and effectiveness of IT controls, policies, procedures, processes, initiatives, products and identified issues resulting from internal or external examinations
• Review effectiveness of SOX controls by running vulnerability scans of the environment to provide evidence of any ineffective general, internal or external controls

Confidential, Phoenix, Arizona

Information Security Analyst

Responsibilities:

• Developed and maintained a secure database application to track and audit cargo delivery driver wait times using Filemaker Pro 13 and SQL Server
• Implemented Splunk software to monitor logs, traffic, servers and devices for 6 airport locations.
• Implement, maintain, and oversee all aspects of the information technology systems, solutions and information forensic events at airport locations
• Provide high level recommendations on upcoming technology needs and priorities based on airport security and infrastructure standards for technology hardware and software

Confidential, Scottsdale, Arizona

Information Security Analyst

Responsibilities:

• Implemented security standards for confidential data records stored in school districts student information system to comply with Arizona state HIPPA standards
• Administrate district's infrastructure environment for students and staff to provide efficient and secure communications and data transmissions.
• Developed information security and disaster recovery plans in compliance with state standards for mandatory settings and controls for mobile, web, internal and external facing technologies
• Implemented, monitored and enforced IT-related security procedures, infrastructure processes and best IT practices for students, teachers and administrators based on Arizona Department of Education standards

Confidential, Washington, DC

Information Security Analyst

Responsibilities:

• Utilized QRadar for vulnerability management within internal applications that correlated with data collection for the accounting audit department
• Effectively managed the Windows deployment server, patch configurations, capture and create deployment images to keep systems updated and running efficiently
• Successfully managed virtual computing environment for remote employees, providing patches, port management and VPN configurations
• Maintained systems high availability and performance monitoring with ITIL best practices

Confidential, Arlington, VA

Information Technology Consultant

Responsibilities:

• Engineered company network, firewall and server infrastructure for student/employee environment
• Oversee the daily performance of windows computer systems, server 2008 R2 and network functionality to ensure minimal end user downtime
• Prepared evaluations of software and hardware, and implement improvements or upgrades to prevent external international risk
• Conducted office automation feasibility studies, including workflow analysis, space design or cost comparison analysis

Confidential, Falls Church, VA

Database and Technology Coordinator

Responsibilities:

• Established file sharing system to share files across the organization with a centralized cloud storage system using Confidential protocol
• Responded to the organization's technology use and needs and recommended improvements, such as hardware and software upgrades for office feasibility
• Coordinated recruitment and selection of project personnel for development of new web application to automate form submissions
• Evaluated the organization's technology use and needs and recommended improvements, such as hardware and software upgrades, and security standards requirements for accredited institutions