SUMMARY

• Senior Information Assurance Analyst and Network and Server Engineer with over 16 years of enterprise networking/server and Information Assurance experience.
• Currently responsible for review and determination of DISA security controls (IAC) for recommendation to US Confidential Operational DAA for IA worthiness, NIST 800 - 53, ST&E, IV&V, .
• me also teach teh Retina and Glod Disk scan procedures. Previous charges were, design and implementation of LANs with multiple VLANs and WANs, from T 1s to DS3s (Frame Relay, P2P, HDLC, SDLC, and point to point VPNs over Internet with redundant links and IP subnetting.
• Charged with Network Security, DISA STIG Compliance and Incident Handling from virus to Intrusion Prevention and Detection and internal threats. Servers maintained are Windows, Solaris and Linux. Installed and configured Proactive Management software.
• All on schedule and on budget. Great Attitude, Self Motivated and Team Oriented.

TECHNICAL SKILLS

Hardware/Software: Cisco Routers (1600, 25xx, 2600, 3640, 7200, etc.), Enterasys Routers (2000 SSR, 600), Cisco Switches(1600, 1900, 2900, 6500,etc.), Other switches (too numerous to list), Cisco PIX Firewalls, WIRELESS ACCESS POINTS; (Netgear, 3Com, Enterasys) CSU DSUs; (Adtran, Paradyne, Cray), Gateways (Lanyon ALC, IBM Sna 802.2), IBM Compatible Platforms (ISA, EISA, SCSI), Microsoft Windows (NT 3.5, 3.51, 4.0, 2000, XP, ME, 98, 95, 3.11), Sun Solaris (v2.5 thru 2.9), Sparc and Intel.

Network Configuration/Network Management: Cisco Works V3, V4, V6, Ipswitch Whatsup Glod v5,6,7,8, Pro, SolarWinds EE, MRTG, SNMP, Ethernet (10base t, 100base tx, 1000base tx,sx), Token Ring (16/4), Frame Relay, T 1, ISDN, TCP/IP, Netbeui, ALC, SNA, DLC, 3270, 5250

Network Security: Eye Retina, Disa Glod Disk, DISA STIGs, SRRs and Checklists, Army Glod Disk, Pix Firewalls, Air Fortress, Air Magnet, Air Defense, etc.

PROFESSIONAL EXPERIENCE

Confidential

Responsibilities:

• Teh Validator is responsible for teh validation of applicable IA Controls for an assigned Marine Corps system, including teh development of appropriate test procedures, execution test procedures and teh accurate documentation of system security posture based on teh results of security testing.
• Teh Validator develops teh DIACAP Scorecard and Validation Report for teh assigned system(s) and facilitates teh coordination of teh PM, UR, Certifying Authority Representative and MCEN DAA agreement of teh documentation. Teh Validator's critical function is to examine through demonstration, inspectionand/or analysis teh extent to which an IT system meets a set of specified security requirements (as specified by teh DAA and governing instructions and directives).
• Teh requirements focus centers on deploying TEMPeffective countermeasures dat satisfy teh IA objectives of sufficient confidentiality, integrity, availability, and accountability.
• Teh appropriate Certifying Authority approves teh evaluation efforts completed by teh Validator.
• Teh Validator provides technical expertise to teh Certifying Authority or PM and facilitates interaction between teh program office and teh Certifying Authority.
• Teh program office provides teh validator with teh DIACAP Implementation Plan (DIP) and basic system information (mission need statement, schedule, performance, system architecture, CONOPS, etc.) to ensure teh DIACAP Package is accurate.
• Teh validator provides independent verification and validation of teh system's security controls and safeguards designed through teh security engineering process.
• Security engineering is teh term given to teh various processes used in developing teh security controls and safeguards of teh IT system.
• These ensure teh necessary protection assurance for equipment, data, information, applications, and facilities to meet security policy /requirements.

Confidential, Arlington, VA

Senior Information Assurance Engineer/SME

Responsibilities:

• All aspect review, appraisal and customer assist, of Platform Information Technology (PIT) and RDT&E packages from Ech.
• III customers and directly reporting to PDAA (PIT Designated Approval Authority) for teh US Navy.
• From PIT designations to RDT&E PIT Risk Assessment letters (PRA) me review each package and give my recommendations to teh PDAA and write teh PRA letter for teh PDAA to sign when teh package meets all DISA, NIST, DoD and Confidential requirements.
• me has to be an expert in all of those requirements.

Confidential, Suwanee, GA

Senior Information Assurance Engineer/ Information Assurance Officer

Responsibilities:

• me am teh only 8570-2 compliant engineer inside this office.
• me Show teh way forward for MCD, OPDIR, IAVA and Certification and Accreditation of systems and CCSDs.
• Volunteering expertise on incident handling of security issues as they arise and associated security breach affairs.
• Vulnerability Scanning and report generation and interpretation.
• There and many aspects to this position dat truly defy explanation in this limited space.
• Programs Management Analytics Technologies (PMAT)

Norfolk, VA

Information Assurance Engineer

Responsibilities:

• Provide technical expertise to US Confidential Fleet Forces Command and Military Sealift Command customers to assist their package creation for Certification and Accreditation process with teh Confidential Certificate Authority (CA) and Operational Designated Approval Authority (ODAA).
• Assist in all aspect assistance in all document creation from DITSCAP to DIACAP conversion to Plan of Action and Milestones (POAM) creation or finding appropriate resolutions, Direction and planning for Retina and DISA Glod Disk scanning and teh interpretation of scan results and their incorporation into teh POAM.
• PPSM and CA Plan, Subject Matter Expert in DIACAP and FISMA. SIPR, NIPR, CENTRIX and ONE-NET trained and experienced.

Confidential

Norfolk, VA

Information Assurance Security Analyst

Responsibilities:

• Assigned to teh US Confidential Office of teh Operational Designated Approving Authority (ODAA. Responsible for reviewing Confidential packages from worldwide locations and study them for vulnerabilities, Work involves responsibility for oversight of confidentiality, integrity, and availability of systems, networks, and data through teh analysis of teh Programs documentation of their implementation, maintenance, and overall security of their information systems security programs, policies, procedures, and by closely examining all of their certification and accreditation documentation.
• me am recognized as a technical authority on information security and is responsible for auditing their implementation of all programs.
• Serves as teh principal expert on DISA, FISMA, NIST documents, IA Controls and all scanning tools and their reports.
• Organization specific duties of teh position include: Plan, develop, coordinate and communicate Confidential DAA information assurance authority for information security programs.
• Review their Implementation of high level security requirements such as from DON CIO, DISA, NIST; JTF/GNO, and AEC etc.
• While engaged at teh ODAA’s office me was constantly reviewing RDT&E, PIT and PIT Interface packages, from determination to Risk Assessment afloat and ashore.
• Assist in their development of policies and procedures to ensure information systems reliability and accessibility to prevent and defend against unauthorized access to systems, networks, and data;
• Review their development of long range plans for IT security systems dat anticipate, identify, evaluate, mitigate, and minimize risks associated with IT systems vulnerabilities;
• Approve their systems security contingency plans and disaster recovery procedures; Identify requirements for changes to IA programs and strategies based on new security technology or threats - also their Management of systems security evaluations, audits, and reviews;
• Review their application of information security/information assurance policies, principals, and how they apply them to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data;
• Assess how they conduct and evaluate vulnerability management assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs;
• Review how they conduct systems security evaluations, audits, and reviews;
• Confirm they update teh organizations systems security contingency plans and disaster recovery procedures.
• Evaluate and approve how they acquire, implement, and disseminate IA security tools, procedures, and practices;
• Review how they identify and specify information systems security requirements associated with migration to new environments.
• Review how they plan and implement their migration or countermeasures activities; Confirm teh viability of their Configuration Control Board.
• Watch their development of specifications to ensure compliance with security requirements at teh system or network environment level.
• Monitor their Planning and conduct of security accreditation reviews for installed systems and networks.
• Watch how they recommend new or revised security measures based upon teh results of security review; administer, monitor, and evaluate teh implementation of autantication software or new security autantication
• First hand knowledge of, and experience in, applying IT security principals, methods, and tools
• Indepth knowledge of teh IT security environment
• Indepth experience in evaluation, implementation, and dissemination of IT security tools and procedures Indepth knowledge of IT security certification and accreditation requirements
• me has direct knowledge of, and expertise in, network operations and protocols
• Indepth knowledge of protection of teh total infrastructure environment
• Indepth expertise in systems security certification and accreditation
• Indepth knowledge of Federal information systems security protocols
• Indepth knowledge of firewall technology
• Review beta DISA SRR s and SRG s and provide DAA feedback.

Confidential

Sierra Vista, AZ

Sr. Member of Technical Staff (SrMTS):

Responsibilities:

• Information Assurance Security / Security Test and Evaluation (ST&E) SME.
• Travel to assigned Army Garrisons to provide Guidance, Knowledge and Assistance for passing teh new DIACAP Certification and Accreditation Process and acquire an Approval To Operate (ATO).
• This was done by reviewing their current DITSCAP package and providing insights for its conversion to DIACAP.
• Glod Disk and Retina Scanning to provide reports confirming their current vulnerability status or assisting in teh identification of new or old CAT me or CAT II issues dat require attention.
• Reviewing their audit logs, Contingency Plans, Backup Procedures, and all aspect review and full post visit report.
• And Assist in creation of Configuration Review Boards, Disaster Recovery Plans and testing for DIACAP and FISMA compliance.

Confidential

Network Engineer/Administrator

Responsibilities:

• Information Assurance/Retina and DISA Glod Disk Scans for firewalls, routers, servers and clients.
• Also responsible for installation, upgrade and maintenance of SIPR and NIPR networking equipment utilizing Cisco routers, switches, firewalls and satellite transmitters.
• SIPR, NIPR and UK Centrix Networks.

Confidential, Norfolk, Virginia

Network Field Engineer

Responsibilities:

• Lead Engineer for assigned projects.
• Charged with teh Design and Implementation of wired and wireless networks and network security, using teh latest technology from Cisco.
• For SIPRNet and NIPRnet and other networks belonging to Army Contracts

Confidential

LAN Administrator III / Network Engineer

Responsibilities:

• Responsibilities include design and proactive oversight of Network and Firewall performance and network security for teh entire Corporation.
• Security includes network and client vulnerability testing, IDS and monitoring of firewalls, anti virus activities and MS/SUS implementation.
• Design Engineer and Tier III technical support for MIS technical group and technical decision maker.
• Security oversight and configuration improvement analysis for suggestions for SQL server, Cognos/Impromptu report servers to teh Server Administrator.
• Oversight of all network documentation.

Confidential

Network Engineer

Responsibilities:

• Management of LAN/WAN, design, security, configuration, development, documentation, standards and diagnosis of all Network and Windows Servers, utilizing Cisco Routers and Switches.
• With Microsoft NT, 2000 and Sun Solaris (Sparc and Intel) Servers and Windows clients.
• Engineer and Tier III technical support for MIS support group.
• Lead and coordinate teh operational support and implementation activities for LAN, and WAN. Under broad direction assists leadership in determining tactical and strategic direction of teh organization as it relates to emerging operational support technologies.
• Reviews distributed computing and network designs to select appropriate operational support strategies and ensure efficient use of resources.
• Conducts system support design and performance evaluation reviews. Identifies, develops, and updates operational support standards and procedures.
• Participates with corporate strategic planning teams.
• Keeps abreast of emerging operational support technologies and industry trends. Recommends price/performance improvement opportunities.

Confidential

Senior IT Engineer

Responsibilities:

• Train and manage 2 other technicians.
• Lead and plan implementation phase of many projects onsite.
• Determine standard workstation configuration and maintain.
• Write and maintain NT Server logon scripts.
• Diagnosis and administration of 524 PCs and its associated NT Servers, LAN and WAN.
• This is a three remote mainframe environment.
• AS/400(Chicago), two different S/390s (Atlanta and KCMO) me am thoroughly familiar with installation and configuration of 3270, 5250, ALC and DEC Pathworks emulations and their associated protocols. (SNA, MSDLC, TCP/IP)
• Highly proficient in Cisco Routers and PC Operating Systems and Software diagnosis and configuration including Win NT Workstation 4.0, Win 95, Win 3.11, DOS, MS Office 4.3, 95, 97.
• Server duties include installation, maintenance and diagnosis of Win NT Advanced Server V4.0 and 3.51, base operating system in compliance with corporate and Microsoft standards, IIS v4.0, Y2K compliance, normal proactive maintenance duties. Responsible for creation and administration of individual and specialized roaming profiles and setting domain standards for all user profiles under my direct control with security standards.