PROFILE:

Solution-oriented Information Security professional, with broad knowledge of Certification and Accreditation C A process in providing information technology support services for federal client and private organizations. Extensive hands-on experience with over eight years combined professional skill specializing in network infrastructure and performing security risks analysis in a dynamic work environment.

PROFESSIONAL SKILLS:

• Complete knowledge of C A process and NIST documentation, plan of action and milestone POA M , Federal Information Security Management Act 2002 FISMA to protect confidentiality, integrity, and availability of information and information systems
• Ability to work with technical and non-technical professionals to gain necessary information to test and certify IT Systems
• Excellent communication skills with the ability to interface at all levels. An active team player who also can work well independently

PROFESSIONAL EXPERIENCE:

Confidential

Security Engineer

• Continuous monitoring, and C A documentation for new applications, including low, moderate, and high impact systems and application
• Provided technical oversight for new and current systems in Linux, Web Applications, Microsoft Infrastructure active directory, MS SQL, Exchange 2003 2007
• Conducted annual self-assessment of the Information Assurance Program using NIST standards, continuous monitoring, and C A documentation for new applications, including low, moderate, and high impact systems and applications using SIMAS automated tool.
• Responsible for coordinating efforts of system administrators to meet security requirements for ITC systems, including disaster recovery testing
• Validated FIPS-199 Security Categorization, proposed appropriate security controls based on classification of the general support system or major application
• Prepared certification analysis and reports and provided certification recommendations to the client
• Responsible for coordinating efforts of system administrators to meet security requirements for ITC systems, including disaster recovery testing
• Performed in-depth interviews and examined documentation and artifacts in accordance with NIST SP 800-53, reviewed C A and other security documentations. Created the C A documentation packages based on NIST standards provided technical oversight for NWS C A projects
• Performed Security Test and Evaluation ST E for the Consolidated Commerce Business System CBS in compliance with FISMA and NIST for the NOAA Dept of Commerce
• Attended security awareness and related training programs and distributed security awareness information to the user community as appropriate.

Confidential

Information Assurance Engineer

• Prepared Certification and Accreditation documentation packages in accordance with NIST 800-37, NIST 800-53 and 53A for US Army Information Technology Agency.
• Supported the IAPM on matters involving IA Security Awareness Training Development Management, FISMA, IAVM, and IA Vulnerability Assessment Audits.
• Conducted security reviews in accordance with NIST guidelines.
• Developed NIST-compliant policy, guidelines, and standard operating procedures SOPs , reviewed, approved and documented connection to the Pentagon backbone.
• Prepared Security Assessment Report, created Plans of Action and Milestones POAM to mitigate risks and reduce known threats.
• Managed the Army Training Certification Tracking System ATCTS . Reviewed security documentation including C A and other documents. Provided Site assistance visits, Security awareness training and customer support.
• Developed and updated Certification and Accreditation documentation packages based on NIST standards for General Support Systems and major Applications for Department of Veterans Affairs Information Systems within the United States

• Conducted assessment of the security controls, performed ST E evaluations, and interviewed
• Reviewed/edited policies related to security documents
• Developed and maintained Plans of Actions and Milestones to mitigate risks and reduce known threat

Confidential

Security Engineer

• Performed security assessment of Federal Aviation Authority FAA information systems
• Validated FIPS-199 Security Categorization, proposed appropriate security controls based on classification of the general support system or major application
• Reviewed/edited policies related to security documents to include SSPs, RAs, CPs, CPTRs, ST E Plans
• Conducted ST E evaluations, and interview
• Developed and maintained Plans of Actions and Milestones to mitigate risks and reduce known threats
• Prepared Certification and Accreditation documentation packages in accordance with NIST 800-37, NIST 800-53 and 53A.

Provide support for the FISMA 2002 Act by ensuring the implementation of the NIST 800-53 Series guidelines

Confidential

Network Engineer

• Worked with a team of skilled information technology security professionals in planning network layout, programming switches and routers, and running of cables.
• Managed servers and network resources including network applications for the purpose of delivering services in compliance with established guidelines and/or objectives.
• Provided support in restoring ipx routing capability stemming from ipx eigrp neighbors being stuck in active state.
• Diagnose and troubleshoot Netware IP issues resulting from routing ipx via eigrp in certain parts of INS WAN, and routing ipx traffic via ipx RIP on the LAN.
• Involved in a number of initiatives related to improve centralized and automated network management systems to meet corporate goals with minimum capital expenditure.
• Administered systems and servers related to LAN and WAN e.g. email systems, accounts, workstation ID, IP assignments, security, antivirus, spyware, etc. for the purpose of ensuring availability of services to authorized users.

• Responsible in providing on-call support in a 24/7 environment for complex production impacting technical issues and work to troubleshoot and restore service.

Confidential

LAN Administrator

Maintained and administered computer networks and related computing environments including computer hardware, systems software, applications software, and all configurations.

Performed data backups and disaster recovery operations.

Monitored network performance to determine whether adjustments need to be made, and to determine where changes will need to be made in the future.

• Utilized network management tools to monitor, test, and resolve network problems.
• Upgraded, installed and tested various hardware software packages and building NetWare Servers, provided resolution for all Users' with hardware and software problems.

Confidential

LAN Administrator

• Installed and configured Microsoft Windows, NT/2000 NOVELL 3.12, now NOVELL 4.11 for approximately 1000 on site users and 10 remote offices.

• Support includes troubleshooting at system level, all LAN/WAN hardware and software, backup servers.
• Designed and implemented various LAN network architectures.
• Designed and implemented migration of OS platforms from NetWare/OS to a Microsoft Windows NT.
• Coordinated the implementation of Window NT Directory Services interconnecting multiple servers, domain controllers and workstations.
• Installed and configured hardware and software applications for several special projects.