SUMMARY

• Possessing 15+ years of experience, I am a results - driven cyber security executive who has enhanced skills for building successful teams, security standards and customer relationship management.
• I am an EC Council plus Leader Quest professor and certified instructor with over 10 years of IT management experience.
• Able to manage multiple disparate tasks while leading a group toward a positive outcome.
• Detail oriented individual with an analytical mind that quickly assesses and achieves a solution to the most difficult problems.
• Thrives in a team setting with experience prioritizing and executing in a rapid, dynamic environment.

PROFESSIONAL EXPERIENCE

Confidential

Security Manager

Responsibilities:

• Contracted as Confidential Hamilton Lead for Medical Device Isolated Architecture
• Provide oversight of performance related to the VA security architecture, scheduling and collaboration within three different clients and four direct reports.
• Compliance, issue and risk tracking
• Realign audit assessment processes, development and increased operability over 40%.
• Program Coordinator for Federal Security Service (FSS)
• Led audit assessments of the client’s Medical Device Isolated Architecture for over 352 sites
• Ensure proper guidance for access control lists, routers, switches, VPN, IP protocols and firewalls
• Coordinate with network security operations center, clients, and contractors to remediate identified issues and track remediation
• Provide solutions to remediation’s to federal staff, remediation team, contractors and bio-medical engineers
• Provide clients with recommendations for mitigation based on the analysis of security risks, existing and best practices

Confidential

Senior Information Security Specialist

Responsibilities:

• Perform vulnerability assessment and risk analysis for network architecture
• Responsible for the protection and defense of the organization from attacks resulting in extraction of data or infiltration of corporate information assets.
• Customer facing engagements with business customers and third party service providers to discuss services requested and risks associated with these services.
• Coordinate with business customers and third party vendors in order to help with determining the need for the request for access and precautions.
• Protocol and services analysis with emphasis on boundaries
• Coordinate with management and CCB to ensure acceptable risk levels
• Ensure compliance aspects of firewalls, encryption, VPN and network protocols
• Ensure standards are being upheld based on FIPS, DoD 8500.2 and DoD 8551.1

Confidential

Senior Cyber Security / Information Security Specialist

Responsibilities:

• Create Plan of Actions and Mediation to ensure all vulnerabilities are patched and a plan for actions regarding vulnerabilities that require additional methods.
• Ensure based on the Defense Information System Agency (DISA) configuration guidance to harden servers, operating systems and appropriate applications within the secure and non-secure facilities.
• Responsible for the protection and defense of the organization from attacks resulting in extraction of data or infiltration of corporate information assets.
• Manage team of 5 security analysts to monitor security threats and escalations.
• Document assessment results and write assessments report for key stakeholders.
• Lead team and external providers from our remote locations
• Responsible for creating and documenting security controls in software and hardware development.
• Ensure vulnerability assessments and risk mitigation is performed for critical infrastructure components.
• Perform document reviews to ensure changes within the environment were effective and appropriate
• In order to comply with Federal Information Security Management Act performed audit reviews, IT Security policies, standards and actions, developed and reviewed system security plans, plan of actions and milestones,vulnerability scans and information security policy.

Confidential

Senior Industrial Security Specialist/ PM

Responsibilities:

• Manage day to day relationships with clients and handle all oral and written communications that deal with day to day issues
• Realign strategic processes, development and increased operability over 50%
• Streamlined processes to improve efficiency and delivery for the industrial security team from 30% to 98%.
• Responsible for the planning, administration and assessment of policies, standards and procedures
• Responsible for the protection and defense of the organization from attacks resulting in extraction of data or infiltration of corporate information assets.
• Manage team of 4 network security analysts to monitor security threats and escalations including log reviews
• Provide training and implementation of training tools and documentation.
• Responsible for creating and documenting security controls in software and hardware development.
• Lead vulnerability assessments and risk mitigation for applications and critical infrastructure components.
• Document assessment results and write assessments report for key stakeholders.
• Responsible for developing and implementing best practices in vulnerability and patch management.
• Responsible for conducting systems security evaluations, audits, and reviews to assess security events to determine impact and implement corrective actions
• Create Plan of Actions and Mediation to ensure all vulnerabilities are patched and a plan for actions regarding vulnerabilities that require additional methods.
• Responsible for the guarantee of rigorous application of information security/information security policies, principles, and practices in the delivery of all IT services offered.
• Architect solutions for infrastructure in order to meet business requirements and enhance performance
• Policy creation and enforcement for NIST 800, DCID 6/3 and ISO 27000
• National Institute of Standards and Technology (NIST) policies for network security, system development, remote access, business continuity, mobile devices, configuration management, system and log monitoring and application security architecture.
• Coordinate with business customers and third party vendors in order to help with determining the scope of the assessment.
• Propose hardware and software solutions to accomplish business objectives.
• Responsible for management of development and technical risks through the lifecycle of projects.
• In order to comply with Federal Information Security Management Act performed audit reviews, IT Security policies, standards and actions, developed and reviewed system security plans, plan of actions and milestones,vulnerability scans and information security policy.
• Manage and encourage relationships with key stakeholders, vendors and other groups within the organization