We provide IT Staff Augmentation Services!

Cyber And Information Security: Security Architecture Lead Resume

CORE AREAS OF EXPERTISE:

  • Application/Information Security
  • Standards and Compliance
  • Project Management
  • Cyber Defense Planning
  • Risk/Vulnerability Mgmt
  • Threat models/IOCs
  • Secure Architecture and Design
  • ISO 9000/CMMI/LSS
  • Agile Transformation
  • Configuration Management (CI/CD)
  • Roadmaps/Estimating/LOE
  • Security Automation

SOFTWARE EXPERIENCE:

Security Tools: RSAM, Vormetric, TripWire, Splunk, Fortify, ThreatModeler.com, SDElements, Irius Risk, Checkmarks, Fiddler

Agile and Continuous Integration: BuildMaster, MS Team Foundation Server 2010, Rally, JIRA, Version1, Bamboo

Programming: VB.net, Microsoft Visual Basic 6.0, Microsoft Visual C and Turbo C++, PL1, SQL, C#, PLSQL, Java, JSP, Unix C, JSF

Database: DBArtisan, Benthic, TOAD, SQL Plus, TeraData, Access

Development Suites/Tools: IBM Rad, EMACS, VI, MS Visual Studio, Eclipse, Telerik

EXPERIENCE:

Confidential

Cyber And Information Security: Security Architecture Lead

Responsibilities:

  • Project Management/Agile Security Transformation Lead
  • Coordinate and Manage Business Critical Milestones and Government mandates
  • Oversaw full Agile Security program from planning to implementation
  • Create new organizational processes and artifacts for all service lines
  • Manage Roles/Responsibility/LOE planning and training efforts
  • Responsible for 50 person security training outreach effort (ISC2)
  • Write functional roles for new positions and work with vendors on hiring
  • Insider Risk Program - PKI encryption
  • Led multi-team encryption efforts (Data at Rest) with Vormetric
  • On-boarded critical applications and performed technical feasibility
  • GRC and Standards
  • FISMA technical lead (Multiple systems) covering SSP and POAM activities
  • Led third party risk assessments and developed Meets/Exceeds criteria
  • CJIS technical reviewer (Blue team)
  • Maintained governance data for Security Architecture
  • Authored and Reviewed AWS Technical compliance standards
  • Developed Infrastructure Standards for on prem and cloud solutions including Tripwire continuous monitoring needs.
  • Assisted/trained new and junior resources with GRC activities
  • CyberSecurity
  • Performed On Prem/Cloud (AWS and Azure) Application reviews with manual code inspection as required
  • Conducted threat modeling and latent weakness assessment for full application portfolio
  • Performed Vulnerability assessments and reviewed static analysis tool results
  • Performed RCA for critical application breeches

Confidential

Consultant

Responsibilities:

  • Task Order Management
  • Determined resource needs (LOE) and technical steps to accomplish contract goals
  • Planned and confirmed weekly agendas with external vendors
  • Attained client CM approval via FDA CCB policy utilizing HPSM
  • Managed resources from other teams/vendors for on/off hours support activities
  • Perform CM duties for Oracle Migration to 11G for FDA
  • Planned/Scheduled/Reviewed new DB server hardware
  • Led installs/upgrades across multiple teams and companies
  • Reported to executive management

Confidential

QA Environment Manager and Build and Release Lead

Responsibilities:

  • Budgetary ownership for QA department
  • Generated roadmap and schedules for organization - wide adoption of Continuous Integration
  • Responsible for over 125 .Net applications and 130 servers across 4 environments using TFS 2010, BuildMaster, and Rally.
  • Responsible for security planning and alarm integration
  • ISO Process Owner for QA and Build/Release departments
  • Responsible for maintaining QA metrics for ISO audits via custom .Net (C#) website.
  • Integration with Rally (Agile PM tool) webservices for custom statistics
  • Wrote & maintained process documentation for ISO 9000 series audit
  • Plan and lead test automation efforts from development through production install
  • Coordinate and manage product releases
  • Owned change management processes for all departments
  • Assisted with AWS (Cloud) environment planning for CI and QA
  • Created relevant SOP documentation for Configuration Management, Continuous Integration, and Production release policies.
  • Trained & Mentored QA/IT resources on CI/CM and automation
  • Integrated security features to CI/CD efforts

Confidential

Technical Lead and Compliance Lead

Responsibilities:

  • Lead all organization Governance, Risk, and Compliance efforts
  • Responsible for all organizational CMMI efforts
  • Endpoint management
  • Directed CM policies/practices for 20 development resources.
  • Conducted multiple security and compliance audits
  • Led CPI (PEG) initiatives
  • Management Duties
  • Proposal/Presales Engineering for client executive management (Egypt Post, OSPD, USPS, NPS, IRS, UAE Customs, FedEx)
  • Met with client executives (VP and above) for multiple BPR efforts covering status, risks, milestones, and schedule
  • Lead technical resource for USPS BMA BPR (Lean Six Sigma) with schedule and deliverable review responsibility
  • Reported directly to Technical Director (CIO)
  • Supervisory Trade Show technical representative (GITEX,NPF)
  • Lead and review proposal efforts
  • Managed tasks and schedules for multiple projects/demos in 20 person dev shop
  • Provided tasking to development/analyst team members of all levels
  • Defined solution architectures (technology, data model, security) for .Net and Java web applications
  • Reviewed vendor tools for inclusion in development environment
  • Reviewed work products for technical accuracy and compliance to all corporate policies

Confidential

Software Engineer

Responsibilities:

  • Developed software deployment and migration process documents.
  • Defined security requirements and designed grid enabled RBAC model
  • Developed deployment strategy and timelines
  • Lead developer on ECG Web Annotation and Processing

Confidential, Reston, VA

Consultant

Responsibilities:

  • Responsible for coordinating test planning and execution for ~30 client applications to ensure successful deployment of SOD enhancements.
  • Responsible for ensuring secure access as part of Federal data protection initiative

Confidential

Project Lead

Responsibilities:

  • Managed a team of 3 and had full responsibility for entire software development lifecycle activities
  • Defined and implemented security requirements with executive management to protect internal price/cost model data
  • Responsible for supervising/hiring subcontractors and reviewing invoices

Confidential

PeopleSoft Financials Test Lead

Responsibilities:

  • Managed a team of 3 for tests covering full financial best practices in secured environment
  • Was audited successfully to CMMI level 4 standards
  • Responsible for configuration and synchronization of all system and integration test environments (internal and external)
  • Managed business hours and 24/7 support and release operations
  • Led onsite deployment teams to Eagan Minnesota for deployments
  • Managed functional validation of newly installed software
  • Development Lead & Technical Architect for November 2004 Release
  • Lead and managed all development efforts for a team of 4
  • Had full review authority for all client deliverables
  • Assistant Development Team Lead for August 2004 Release
  • Assigned development tasks for a team of 4

Hire Now