- A Cyber Security Subject Matter Expert/Analyst/Architect/Engineer with expertise and experience in multiple areas (e.g., protection needs assessment, requirements elicitation, security architecture, threat assessment, computer security, communication security, networking, security technologies, hardware and software development, test and evaluation, vulnerability assessment, penetration testing with a Graduate degree in Telecommunications, Certified Chief Information Security Officer DoD 8570/8540 Compliant, experienced in Cyber Security/Risk Management Framework/Capability Maturity Model, Critical Infrastructure Protection, Continuous Monitoring, Systems Security Engineering, Security Authorization, Assessment and Authorization, Operating System, Network/Digital Media/Mobile Forensics, Enterprise Resource Planning, Network Applications, Database Security, Technical/Proposal Writing, Request for Information and Information Assurance related fields: Defense - in-Depth, Evaluation of Firewalls, Audit, Intrusion Detection Systems, Identity Access & Management tools, Enterprise Patch and Vulnerability Management, Insider Threat tools, Computer, Network Forensics, Design and Security Analysis, Security Readiness Reviews, Security Test and Evaluation of SOA, Web Services and N-Tier Architectures in accordance with Agency’s Cyber Security Framework for Military/Law Enforcement/IC/Federal Civilian Agencies.
- A generalist who can understand complex systems with an in-depth knowledge of a broad range of convergent areas of Telecom and Computer Networking, concepts of Common Criteria, NIAP, physical, computer, application, communication, personnel, administrative, information, and information systems security disciplines, able to evaluate technical proposals concerning security auditing, intrusion detection, etc., and able to lead evaluation of security control arrangement teams.
- Able to analyze and evaluate a multitude of systems to meet specific Cyber Assessment & Authorization (A&A) requirements, analyze customer requirements and advise on potential solutions, exercise judgment within loosely defined parameters in a dynamic workplace environment.
- Able to write publication-quality deliverables (documents, proposals, presentations, and statements of work). Keeps current with emerging security technologies, communicates with the ability to wear many hats, with engineers responsible for the technical elements involved in designing, developing, and operating advanced information security systems, adapt quickly to challenges in a complex computer environment and exhibits skills.
- Strive to be comfortable with ambiguity, maintain credibility, raise difficult issues, flexible and resilient, curious and creative and willing to work more than traditional work week hours to meet deadlines.
- Assist in developing white papers and coach/mentor customers on projects.
- Worked independently at customer sites, or as part of a team as required.
- Sought by management and staff for advice and direction on information assurance, security, client-server internetworking, messaging, in a complex Local Area and Wide Area Networking environment and an emerging Subject Matter Expert on Information Assurance and Telecommunication Security. Able to provide subject matter expertise support for client information assurance (IA) needs, including system security engineering requirements analysis, system development, integration, test and evaluation.
- Developed System Security and IA documentation, including IA strategies, System Security Plans, A&A packages, Test plans, and Test reports.
- Able to research and track all higher-echelon guidance and mandates defined in DoD/DISA/Army Intelligence policies and documentation. Able to assist with developing secure systems that meet performance and accreditation requirements and work in a proactive collaborative environment and willing to work with people who go the extra mile to get things done with services rendered in highly charged political and schedule driven environments.
- Able to work in a frequently changing and unstructured environment and ambiguity. Self-starter with the ability to run audit or consulting projects independently using subject matter expertise with minimal guidance.
- Able to identify areas of risk, opportunities and improvement. Works under consultative direction towards predetermined long-range goals and objectives with assignments often self-initiated.
- Cyber Security Framework, A&A, IA, ST&E, Risk, Vulnerability Assessment, Penetration Testing, Dynamic Application Security Testing (DAST), PKI auditing, RFI, Proposal Writing, Technical Writing, Documentation of User/Technical Manuals, Identity and Access Management, Content Security, Insider Threat Evaluation, Collection, handling and preservation of digital evidence from mobile devices
- HP Fortify/Webinspect/IBM Rational AppScan/Internet Security Scanner, Retina, Nessus, NMAP, MS Gold Disk, SRR/STIG, STAT, Ethereal, NetCat, TCPDump, Crack/Lophtcrack, AppDetective, SOATest, LoadRunner, JMeter, Center for Internet Security, System Architect, Amazon Web Services, Kali Linux/Backtrack, WASSP, SECSCN, VMware, Virtual Box, Horizon View, IBM BigInsight, Webmin,eReadbook, AWS/Cloud Trail/Rekognition, Sharepoint, MS Project, APMS Primavera Prosight, JIRA, Samsung Galaxy/Microsoft Surface/LG Tablet, Test and Evaluation of Android Security App, Mobile Device Forensics using Cellebrite, UFED Examiner
- Confidential CyberSecurity Framework, CNSSI, ICD503, DARMA/XACTA/Continuum, Confidential CSF/RMF, DIACAP/NIACAP, FISMA, DoDAF, IETF, JTA, NSA SNAC, NSTISSI-1000, FISCAM, PCI, SOX, HIPAA. DoD M&R, DoD CIP, Agency Regulations, SCAP, NVD/ Confidential -SAMATE/CVE/CWSS/CVSS, Capability Maturity Model (C2M2; DOE2014a), OWASP Top 10/SANS Top 25/WASC Top 49, DOT/FAA, DLA, NIAP, DISA/FSO, Marine Corps, Joint Staff, Army Information Management, Assurance, VB.Net, Sharepoint, AKO/DKO, Data Transfer, Confidential 800 Series, Control Families, Special Publications(SP), Interagency Reports (NISTIR), Federal Information Processing Standards(FIPS), Acts of Congress, OMB Circulars, Memos, HSPD, Executive Orders (EO)
- SQL, Windows(SRR/Gold Disk Evaluation), Security Evaluation using Linux Unix(Solaris/HP) Tools, WordPress, Security Evaluation of Oracle, MSSQL, MySQL, MS Access, DISA coding standards for Java, C# Visual Basic.Net, ADS, NDS, LDAP, SOA, Web Services/MS Office, Access, Visio, Project 2007, DoD/DISA/Contract Vehicles Support, AICIG, JITC/NCES, DISA/CIO, I-Assure, NexGen, DLA, US Army, US Airforce, Navy
- DOT/FAA, Dept of State, US Customs, DOJ/INS, Treasury Communication Systems, USDA, OSD/CIO, DISA/CIO, HPCMP, SIPRNet, NIPRNet, DISANet, DISN, GUARDNet, OpenNet, NAVSEA, JFRG, INS, DMS, IAESO, DISN ATM, BWM, GDS/JEDS, DIMHRS, GFEBS, TSMO, ABIS, AKO/DKO, NCES, G-2, ADN/AIN FAA/CSIRC, SPAWAR New Orleans, ARL/Aberdeen Proving Ground, Naval Oceanographic Lab/Stennis Space Center, INS Reston, JIIDCS/Va, NCTAMS/Norfolk/Hawaii, DECC-D Chambersburg, Army National Guard-Md, Va, Pa, TSMO-Huntsville, BWM/ATM, ABIS/Fairmont/Wv, G-2 Pentagon.
- Army Intelligence Campaign - Intelligence Initiative (AIC-IG)
- Contract Management System (CMS) - DIA
- Cross-Domain Solution (RFI) - DISA PEO-MA
- Joint Staff Thin Client Task Execution Plan(TEP)/DISA
- JEDS Task Execution Plan(TEP)/DISA
- GIG Network Management Architecture/DISA.
- Joint Staff Information Network (JSIN) Information Assurance
- Insider Threat and Content Security RFI - AKO/DKO
- IA WBS/Project Plan - US Army GFEBS
- OSSEC/Host Based Intrusion Detection System
- DevSecOps/DevOps/Lean and Agile/Containers-Lynda
- Red Hat Ansible Tower/Openshift 101 Workshop
- Identity Management - Learning Tree International
- DAST/Application Security/Software Security with HP Fortify SCA and SSC/WebInspect
Sr Principal Cyber Security Engineer/Technical Security Control Assessor
- Support the Agency by conducting technical security assessments of Sponsor’s IT systems.
- Evaluation of Customer systems against, ICD 503, Confidential 800.53 R4/A, RMF, and other security standards and publications, as well as the sponsor’s internal security regulations.
- Provide analysis of vulnerabilities identified by compliance tools.
- Conduct TEM’s to verify and validate systems against Confidential, RMF Sponsor internal security regulations.
- Identify mitigating countermeasures to identified threats, vulnerabilities, and shortfalls.
- Experience in understanding, applying and testing IT systems against Confidential 800-53/A and CIS/DISA Industry Standards.
- Experienced in testing active directories and group policy objects against security controls.
- Experienced with traditional A&A using Confidential Special Publications (SPs) including SP800-53 Rev 3/4 and SP800-37.
- Experienced with cyber security policies and guidance, as well as assisting in researching, evaluating, and developing relevant security policies and guidance.
- Evaluate Agency systems with Continuous Risk Engine (CRE) and C2S Access Portal (CAP) and document findings in XACTA in accordance with ICD 503 guidelines
Cyber Security Subject Matter Expert
- Member of a team supporting the Agency CIO/Cyber Risk Executive (CRE) to identify gaps in the Agency Cyber Security Framework (CSF) based on Confidential Critical Infrastructure Cybersecurity Framework/Cybersecurity Capability Maturity Model (C2M2). Assist with the development and institution of a Cyber Security framework that can be used to measure progress and success.
- Implement a practical risk management approach, highlight best practice and perform research/review references such as Confidential /ISO/IEC/COBIT/ISA/SANS/CCS CIS standards to find effective cyber security practice in use today that are relevant to the Sponsor. Qualitatively and quantitatively, (where practical) evaluate current practices, identify and document changes to improve cyber security posture.
- Develop a transition plan from current to future capabilities, evaluate on-going cyber security efforts and propose changes to improve institution of processes, implementation of capabilities, and coverage of solutions across multiple areas, and overall effectiveness of the cyber risk program. Provide Agency’s Bi-weekly Cyber Defense Working Group (CDWG) proceedings to the CRE.
Cyber Security SME/ Sr Information Assurance Engineer
- Lead/conduct A&A and security assessments, in compliance with FISMA and Confidential RMF, with emphasis on 800-37, 800-53, 800-53A and CNSSI 1253/Overlays for National Security Systems.
- Draft Security Assessment Plans, assess and authorize Agency Systems with Agency Guides, conduct interviews, review scan reports and draft findings for coordinators to authorize to operate.
- Discuss/draft findings, security assessment Plans, conduct, interviews on site, test and document systems for Office of Inspector General/Teammate/ATO.
- Assess and Authorize Client’s OpenStack/AWS Hybrid Cloud in a Hadoop/Big Data Framework in accordance with ICD503, support migration of applications to the AWS/OpenStack/vMware Private/Hybrid Cloud, conduct assessments and monitoring using Nessus, HP Web Inspect and Splunk
Cyber Security Analyst/Architect
- Member of a DevOps/Google Cloud Platform team to perform security administration/information assurance analyses/ISSO services, accreditation and certification tasks, maintain and ensure continued Information Assurance Vulnerability Alert (IAVA) compliance. Assist in creating POA&Ms and provide recommendations for mitigation strategies.
- Support the Information Assurance (IA) and Accreditation tasks, aid in IA activities required for the effective sustainment of the systems in accordance with ICD503
- Monitored AWS platform with Cloud Watch to configure ingress and egress traffic
- Supported the Cross-Domain Team and a Data Transfer Officer, moving data from the Hi-to Low
Sr Cyber Security Infosec Engineer
- Member of the System Technical Requirements, Engineering and Execution Team to conduct Assessment/Authorization of legacy Agency Web-based/Social networking apps -Widget to Amazon Web Services (AWS) Virtual Private Cloud
- Drafted Systems Security Plans and Questionnaires for Agency Web applications migrating to AWS.
- Participated in Scrum and Software Development Life Cycle using JIRA.
- Conducted unit/functional/regression tests on Centos Apache Tomcat Web application
- Coordinated with Agency’s Information Systems Security Managers (ISSM) to obtain Authorization to develop Agency’s AWS Web/Centos/Apache/Tomcat Applications
- Reviewed Security Control Technical Matrix with Security Control Assessors and Information System Security Managers and mitigated vulnerabilities
- Presented/Participated in Agency’s Engineering Review Board (ERB), Operational Review Board (ORB) and Program Review Board (PRB) and Application Review Boards and Technical Exchange Meetings (TEMs)
- Supported the Cross-Domain Team and a Data Transfer Officer, moving data from the Hi-to Low
Confidential, Reston, VA
Principal Systems Engineer
- Member of the Sponsor Partner’s projects in obtaining Assessment and Authorization (A&A), Initial Authorization to Operate (IATO), Authorization to Operate (ATO), to include performing and analyzing the output of all required security scans with required tools and reporting of results to security staff for approval, respond to all IT security directives.
- Member of the Sponsor Partner’s compliance with standards and policies (AR, AN, DCID 6/3, IC, ICD503 ) review and develop System Security Plans (SSPs), Security Offices’ customer relationship management and communication, system security recommendations, assessments, and analysis to include security patch alerts for all software and hardware.
- Member of the Sponsor’s Team to conduct Vulnerability Tests using MBSA, WASSP, SECScan, WebInspect, Fortify and AppDetective on applications and draft POAM for remediation and mitigation in a Apache HTTP Stack/Centos/VMWare/Windows7 environment.
- Serve as Information Systems Security Officer (ISSO) in accordance with DNI Risk Mgt and Authorization (DARMA) ICD 503 and provide Tier-2 24X7 pager support on a rotation basis
Confidential, Herndon, VA
- Member of the Agency’s Continuous Monitoring Division (CMD) to monitor Agency’s Network in accordance with Confidential /800-37/137 and support Agency’s DCID 6/3 migration effort to ICD503/CNSSI 1253 R3 Confidential 800-53 R 3
- Migrate Agency’s Common/Hybrid/System Specific Control Families Contingency Plan, Maintenance and Media Protection, Incidence Response Control Families to XACTA Information Assurance Management
- Member of the Agency’s Situational Awareness Division (SAD), supported opening and closing IAVA help desk tickets, initiated construction of Sharepoint POAM site, initiated IAVM working group meeting with IAVM Managers, updated Situational Awareness Sharepoint site with IAVA updates