We provide IT Staff Augmentation Services!

Information Systems Security Officer Resume

Silver Spring, MD

SUMMARY:

  • Information Systems Security Manager with extensive experience in configurations management, strategic plans for assessment, and network operations support.
  • Possess knowledge of Intelligence Community best practices, policies, directives, regulations, standards, guidelines, laws and provisions; Federal Information Technology Security Assessment and Risk Management Frameworks; various System Assessment and Authorization frameworks.
  • Articulate communicator who can fluently speak the languages of both people and technology, blending technical expertise with exceptional interpersonal skills while interacting effectively with senior management, customers, sales staff, and technical/engineering teams.
  • Skilled in supporting users in a corporate/military headquarters level environment; with exceptional written, verbal and interpersonal communication skills.
  • Proven ability to lead and motivate to ensure success.

SKILLS SUMMARY

  • Project Management and Accreditation SCAP/STIG
  • Technical Support & Configurations, Upgrades Workflow Planning
  • Customer Service NISPOM/NIST/FISMA Database Management
  • DSS/DISA/DOD Systems and Network Administration System Security, Backup and Recovery
  • Verbal/Written Communication Documentation of Procedures Technical Writing
  • Comptia - Security + -2015
  • Defense Security Service- Information Systems Security in the National Industrial Security Program -2013
  • Defense Security Service- Technical Implementation of and Accreditation Process -2013
  • Certified Information Systems Auditor - 2014
  • DSS Certified and Accreditation
  • MS Office Suite cert
  • LAN Technical
  • MS Essentials
  • Workgroup Management
  • Information Assurance
  • VMware vSphere
  • Computer/Network Fundamentals
  • Completed the Information Systems Management Career Development Course
  • DSS Certified and Accreditation

TECHNICAL SKILLS:

  • Microsoft Windows 2012/2008/2003/2000/ NT4
  • Server/Workstation
  • Windows 7/Vista/XP
  • UNIX
  • LINUX
  • RedHat
  • SIGINT and IA Missions, High Assurance Products, IA Strategies to Protect and Defend, Collaboration, Sharing.
  • Trusted Agent, PKI, Secure Facility Management, Team Management, Staffing and Supervision, Asset Management, COMSEC Custodian, Configuration Management, Data Transfer Authority, Virus Scans, Classification and Management, Sanitization, Downgrading and Declassification, Requirements Analysis, Risk Assessment and Mitigation, Security Review Team and TS interactions, Information Security. acquisition security, integration and testing, access control, authorization, security risk assessment, operational (facility and personnel) security, identification and authentication, network and enterprise security, vulnerability assessment, security risk analysis. Solid understanding of SAA processes, NITSCAP, DCID, DITSCAP, DIACAP processes, Technical, Managerial and Operational Controls, Supplemental Controls, Process, policy creation and implementation, Systems and Technical Documentation: SSAAs, SSPs, SECONOPs, SFUGs, COOPs, POA&Ms, Reaccreditation Recommendation Reports, Test Plans and Procedures, User and Configuration Guides, Business Impact Analysis (BIA), Incident Response Plans (IRP), Disaster Recovery Plans (DRP), and Business Continuity Plans (BCP).

EMPLOYMENT HISTORY:

Confidential, Silver Spring, MD

Information Systems Security Officer

Responsibilities:

  • Provide mission support to protect Confidential networks, computers, programs, and data, of all Confidential Federal Information System Management Act (FISMA) identified systems within the required NIST requirements
  • Utilize software and applications toward compliance and control implementation; SCCM, TSC, EPO, RH Satellite, ECMO, FireEye, Nagios
  • Collaborate with Incident Response team on incident response procedures, user and PII handling
  • Develop and maintain System Security Plans (SSP); ensure systems are operated, maintained, and disposed of in accordance with SSPs; ensure configuration management is maintained and documented
  • Manage access to the systems and ensure users are aware of their security responsibilities; conduct periodic reviews to ensure compliance with the SSPs
  • Analyze vulnerability and compliance scan results on Windows and Linux systems utilizing Nessus Tenable Security Center
  • Manage and maintain the Configuration Management Plan; overseeing the Change Management Process and Procedure
  • Coordinate multiple simultaneous security assessments throughout the year and ensures the system is current with all annual requirements for security testing, reporting and maintaining current Authorizations to Operate (ATO)
  • Generate Plans of Action and Milestones (POA&M) findings for the non - compliant settings and security deficiencies
  • Develop recommended actions based on vulnerabilities or control deficiencies identified during the System Assessment and Authorization (SAA) in the Security Assessment Report (SAR)
  • Respond to organizational and agency level data calls
  • Provide support during testing of all systems and applications involved in scheduled fallovers and fallbacks, documenting lessons learned and any necessary corrective actions
  • Conduct re-test of failed security controls to officially close-out documented POA&M
  • Work special security issues and interact with Laboratory upper management
  • Run system and vulnerability scans to ensure systems are in compliance
  • Responsible for ensuring all required documentation and artifacts are maintained in the security system plan repository system, and building ATO/SA package, via Cyber Security Assessment and Maintenance (CSAM), TWIKI and Archer

Confidential, Laurel, MD

Systems Security Plan Coordinator

Responsibilities:

  • Provide Information Assurance (IA) and & Accreditation (C&A) support for various program offices at JHU/APL. Ensure that Master Security Plans (MSSP)/ System Security Plans (SSP), Network Security Plan (NSP) and Information System Security Officers (ISSO), and classified systems are in compliance with established policies of the Department of Defense (DoD), Defense Security Services (DSS), National Industrial Security Program Operation Manual (NISPOM), and DSS Industrial Security Field Operation (ISFO) operation manual
  • Review System Security Plans (SSP) that are submitted to CISSO to ensure compliance with DSS/ODAA, DoD, NISPOM, sponsor and our policies and procedures
  • Developed Risk Assessments in accordance with NIST SP and developed Security Plans in accordance with NIST SP
  • Support the Classified Information Systems Security Office (CISSO) in the implementation and administration of Information Systems security program, utilizing both technical and good inter-personal communication skills in a dynamic team environment
  • Developed and completed security plans based on the NIST SP Revision 3; conducted self-assessments against the controls
  • Certify classified systems to be technically compliance with DSS/ ODAA, NISPOM and DSS Industrial Security Operation Manual (ISFO)
  • Collaborate with Information Systems Security Officers (ISSO) and Department Security Representatives on classified systems configurations in support of the sponsor’s requirements and coordinate the classified system authorization approval process.
  • Customer Service Representative to large Sector; providing guidance, support for all Security Plans, coordinates updates, changes and new Security Plan with efforts to continue processing while remaining compliant.
  • Support and review DoD systems to include SIPRNET, MDACNET and DREN

Confidential, Harbor Twp, NJ

Systems Admin

Responsibilities:

  • Performed ISSO, system administration, back-ups and maintenance for Windows and Linux systems in a Windows environment; maintaining systems and policies within Coast Guard enterprise standard
  • Administered Computer Security Awareness to ensure the systems were operated, used, maintained and disposed of in accordance with security policies and practices
  • Utilized several system administration utilities in a Server 2008 R2 Enterprise environment, including SCAP, Microsoft SCCM, VMware vSphere, Event Sentry, and Remedy
  • Provided Subject Matter Expert customer support to all base personnel and off site technicians for MS Server 2008/2003, Exchange 2003, Terminal Server, Active Directory, Office, XP, Vista, and Security policies/procedures
  • Information Systems Security officer; audit logs, document, implement and review security plans for base classified networks
  • Worked with system owners to ensure audit trails are reviewed periodically and audits records are archived for future
  • Managed department systems and equipment upgrades; POC for contractors, employee, troubleshooting and provided project update briefings to commander
  • Ensured the Sensitive Compartmented Information Facility (SCIF) and Network Ops Center (NOC) stayed in compliance with Freedom of Information Act (FOIA) procedures, DoD, DISA, and collateral areas in compliance with DSS and assigned Approving authority
  • Oversaw department operations and provide impeccable customer service; resulting in 100% completion rate for request

Confidential

Network Administrator

Responsibilities:

  • Rectified many issues by instituting best practices in system log analysis, backups, network operating center security, user account/permissions management and systems/software auditing
  • Supported LAN/WAN issues, to include network access servers, UNIX, Active Directory, switches, routers, Linux, VPN, wireless access connections and network protocols, such as TCP/IP, DNS, SMTP
  • Assistant Information Systems Security Officer; responsible for new projects and implementation plan for the network.
  • Hardware/software installations; oversaw major server upgrade/expansion project that improved terminal services and network performance; and integrated new technologies into existing data-center environments

Confidential

Network Administrator and Video Teleconference Admin

Responsibilities:

  • Prepared complex reports for commander and department leads, ensuring compliance with government and military requirements and tight deadlines.
  • Produced and distributed end-user technical documentation for use of info systems, software, and databases
  • Created standard operation procedure documents for all technical procedures provided by IT operations.
  • Supported LAN systems (NIPR/SIPR/JWICS) and performed LAN Security duties, requiring a Top Secret level security clearance
  • Responsible for creating the monthly and quarterly operations support reports and briefing commander and section chiefs of status
  • Responsible for coordinating Center’s Bio-metric project between Center, military and government agencies.

Application Engineer

Confidential, Atlanta, GA

Responsibilities:

  • Provided Help Desk support; Configuration and support of hardware, switches, routers and firewalls, wireless networking, VLAN/WLAN configuration, VPN configuration
  • Investigated issues reported by customers and staff/users in a timely and efficient manner
  • Provided Oracle/PL-SQL administrative support to customers and staff
  • Provided on-call database and level 1 & 2 technical support
  • Generated reports from the database using PL/SQL and SQL for customers and staff/users

Desktop Support/Network Administrator

Confidential, Atlanta, GA

Responsibilities:

  • Performed daily administrative tasks including adding and deleting users, setting up shared areas, mapping network drives, controlling data access, and managing print queues.
  • Support LAN/WAN issues, to include network access servers, Active Directory, switches, routers, Lotus Notes, VPN, wireless access connections and network protocols; TCP/IP, DNS, SMTP.
  • Upgraded an automatic call distribution system and managed an Avaya PBX phone system.
  • Responsible for planning and migration of a Windows 2003 environment from one domain to another.
  • Researched technical equipment requirement and tracked budget plan and issues; resulting 100% project completion while 15% under budget plan

Information Systems Manager

Confidential, Fort Dix, NJ

Responsibilities:

  • Monitored and managed information systems security programs. Performed maintenance on servers, system backups.
  • Installed, configured, and maintained computers, file servers, networks, network cabling, media equipment and other related equipment.
  • Assisted in managing the entire multimedia and video conference support system at ACC Langley Air Force Base, VA and full remote support to deployed units overseas
  • Provided support to local and remote users for software and hardware issues pertaining to desktop and some network computer systems, administer and maintain phone and voicemail system, as well as building security system.
  • Maintained software updates and security patches on desktop computer systems, operating systems and user applications.
  • Produced IT equipment risk model and recommendation to provide the Commanding General with best suitable equipment on travel
  • Successfully obtained and Accreditation (C&A) system and application Authorities to Operate (ATO) during re-accreditation process

Telecommunications Specialist

Confidential

Responsibilities:

  • Produced IT equipment risk model and recommendation to provide the Commanding General with best suitable equipment on travel
  • Provided a 24-hour point of contact for liaison with the Department of Defense, Joint Chiefs of Staff, United State Embassies, Confidential organizations and various VIPs.
  • Processes and controls all messages, facsimile and File Transfer Protocol traffic up to Top Secret.
  • Set up Defense Message System computer and created over 500 user profiles.
  • Conducted periodic inspections of the VTC Network using the Tandberg Management System (TMS)
  • Maintained configurations and settings of equipment that supported the VTC network

Telecommunications (Security) Specialist

Confidential

Responsibilities:

  • Provided support to local and remote users for software/hardware issues pertaining to desktop, network security, and multi-media/Video teleconferencing support, as well as building security system.
  • Maintained security of encryption keys and all other communication security (COMSEC)
  • Performed technical end-to-end testing on VTC command and control communications circuits
  • Administrator for VTC scheduling and day-to-day coordination; Initiated, tested and maintained new and established VTC links

Hire Now