Systems Engineer Resume Profile
Experience
Confidential
Manager, Information Security Support CAP Programs
- Responsible for daily activities of the 8 member CAP Security team, providing information security support to various civilian agencies including EPA, US Courts, and the FCC. Develop documentation for the customer and work with the team complete monthly vulnerability scanning and assessment activities. Work with the VP of Cyber Programs to develop materials to better market CGI's cybersecurity skills to government agencies. With the EPA Program Manager, stood up and managed a Security Program Management Office PMO to more effectively and efficiently deliver security support to our clients and expand CGI's footprint by providing security support to other organizations within the Agency based on level of support provided to our current customers. In the first year of the PMO, security sales to the EPA grew by 8 .
- DOT Account Manager, responsible for growing CGI Federal's footprint at the Department of Transportation generally and the Federal Aviation Administration, specifically. Grew CGI Federal's FAA footprint from zero to 2 FTEs, supporting FAA offices with SOA support.
Confidential
Senior Program Analyst
Acted as liaison between the FAA's Air/Ground Communication Office and the Next Generation NextGen Program Office. Worked with the NextGen Office to complete all checklists, documents, and briefings necessary to move the AeroMACS system through the Investment Analysis process.
Confidential
Deputy Program Manager
- Responsible for oversight of the 100 person, 65M Air Traffic Organization Terminal ATO-T Contract. Duties include interacting with FAA Contracting Officer's Technical Representative COTR to determine level of support needed, tracking funding on individual work authorizations, working with ITT Finance and Contract departments to develop invoices and contract modifications, coordinating activities to bring sub-contractors on board for specific tasking to FAA programs, tracking and reporting on the overall hours, budget, burn rates, and funds received for work performed, developing monthly status reports for delivery to the customer, and taking corrective actions to address deficiencies, personnel management, and acting as the contract's point of contact for all issues related to personnel security including badging, background investigations, incident response, and in/out processing . Work with subcontractors to ensure that their invoices are delivered on time and ensure all subcontractors are paid in a timely manner. Assist in the development of contract proposals and seek new business opportunities.
- Additionally, responsible for the transition of the ATO-T Contract work to the ETASS Contract. Coordinate with current ATO-T customers to ensure they receive the appropriate level of support, work with them to develop task orders and identify resources while working with the ATO-T FAA Program Office to identify areas where funding can be reduced as work transitions to the new contract.
- Manager, NAS ISS Operations Support Team. Responsible for the daily operation of the 1.5M National Airspace System NAS Information System Security ISS Operations Support Team Contract. Manage a team of 12 individuals providing support to multiple organizations within the FAA, including the Technical Operations Certification Team, Aviation Weather Programs, Terminal Surveillance Programs, and Terminal Flight Data Programs. Coordinate the activities of individuals providing security engineering, requirements development, certification and accreditation support, security policy support, Plan of Action and Milestone POA M mitigation activities, and configuration and financial management activities.
- Technical Security Lead for the FAA's Aviation Weather Programs. Function as the Information Security Team Lead for all of the FAA's Aviation Weather Programs. Work with Aviation Weather Product Teams to develop security documentation for each program's Security Certification and Accreditation Package SCAP . Schedule and attend security testing and review and comment on test plans, procedures, and reports. Schedule and attend Contingency/Disaster Recovery testing of Aviation Weather systems. Attend senior level security meetings with FAA and other Federal Department officials.
Confidential
Chief Information Security Officer CISO
Responsible for the overall security posture of the CDFI Bureau. Duties included providing direction and management to a 4 person information security team, managed a 1M security budget, developed Statements of Work SOW , managed the Certification and Accreditation C A process of 3 systems within CDFI, oversaw and approved all security documentation development and testing, including security testing, risk assessments, contingency/disaster recovery testing, and independent penetration testing by third parties. Ensured all documentation required for FISMA reporting was loaded in to the Trusted Agent FISMA TAF Tool. Lead for CDFI's HSPD-12 initiative and disaster planning activities. Coordinated all CDFI activities for the Government's annual disaster preparedness exercise, Eagle Horizon. Reviewed contractor proposals to ensure that all security requirements were met. Responsible for ensuring all new system development programs meet all security requirements. Worked closely with the CIO and COO to ensure that IT budgets and schedules were adequately addressing security requirements. Attended CIO Council meetings and acted as the CIO when the CIO was unavailable. Worked with other Treasury CISOs to develop and disseminate security policies for all of Treasury including CDFI. Attended senior level security meetings with Treasury and other Federal Department officials.
Confidential
Information Systems Architect Principle Leader
- Information Security Lead for the Treasury Communication System TCS ACIO. Duties included providing direction and management of the 5 person information security team, and developed and maintained the security budget and security statement of work. Reviewed, inspected, and evaluated contractor provided products to ensure compliance with contract requirements. Conducted NIST SP 800-53 assessments and assisted in the development of Certification and Accreditation C A packages. Maintained FISMA reports and supported the Capital Improvement Program as required. Evaluated and developed Disaster Recovery Plans/Continuity Plans to ensure they met all security related requirements. Provided quality assurance and independent verification and validation actions for monitoring contractor performance. Participated in surveillance activities including witness of products and services testing and verification, reporting, and tracking of internal discrepancies.
- Information System Security Manager for CSC's Regulatory Major Application System Enhancement RMASE program for Treasury. Duties included review and editing of security documentation and policies including the System Security Plan, Contingency Plan and Risk Assessment.
- Completed CSC's Project Management Development Program PMDP to gain a further understanding of CSC's Project Management activities and prepare for the PMP Exam. Participated in proposal activities to bring in new business to CSC.
Confidential
Senior Information Assurance Engineer/Team Lead
- Provided day-to-day management support to the 2M OSD-CIO/WHS Information Assurance IA I-ASSURE Support Program. Duties included day-to-day management and tasking responsibility of 8 team members in 2 separate locations. Responsible for monthly invoice and budget review, interviewed personnel for open positions, developed monthly status reports for the customer and Pragmatics senior management, reviewed team deliverables, reviewed and commented on OSD Enclave and WHS Enclave DITSCAP SSAA's and DIACAP security packages, developed policy documents for OSD and WHS, worked with the customer to develop briefings.
- Provided information security support to the NOAA Ground Systems Division Information Technology System Security Officer ITSSO . Duties included development of INFOSEC Policies for the Division, as well as individual programs, writing security best practices documents, provided INFOSEC support to individual programs, HSPD-12 support, assisted in the management of the contract, developed and presented INFOSEC briefings to the ITSSO and his team, reviewed firewall rulesets against NOAA policy, and developed security certification and accreditation documentation for individual systems within NOAA. Additionally, conducted 800-53 Security Controls reviews of systems and provided recommendations to fix outstanding issues.
- Information Security Lead for the Department of Justice Federated Identity Management Pilot. Responsible for developing all security documentation and obtaining Certification and Accreditation C A of the system. Used DoJ's CSAM tool to develop all necessary security documents and conducted a NIST 800-53 assessment of the system and developed a POA M of outstanding items.
- Ensured the programs maintained compliance with the CMMI Level 4 standards implemented within Pragmatics and developed documentation and processes to assist with the effort to bring the company to CMMI Level 5.
Confidential
Associate
Provided project management support to the IRS Information Security Certification and Accreditation C A Program. Duties included coordination of team activities in the development of C A documentation based on NIST Special Publications, coordinated security testing activities, reviewed security documentation, and interacted with the IRS client to ensure satisfactory delivery of all documentation and work.
Confidential
Information System Security Manager
- Responsible for the overall information security posture of the IDENT1 Automated Fingerprint Identification System. Duties included developing information security policies and procedures, monitoring the health of the IDENT1 system, developing and submitting all documentation to achieve Certification and Authorization of the IDENT1 system based on UK Information Security Standards, participating in security testing, and evaluating security management applications for appropriateness to the program.
- Additionally, responsible for developing and maintaining information security training of the 200-member team, and auditing the system to ensure the program maintains compliance with the ISO 27001 Standard. Completed training as an ISO 27001 Auditor. Worked with a team of senior members to develop the IDENT1 Business Continuity and Disaster Recovery Plans. Acted as SME for all applicable security standards, both Federal and international.
- Developed Risk Assessments and Risk Mitigation Plans using the UK's CRAMM risk methodology.
Confidential
Deputy Program Manager
- Worked with the Program Manager on the day-to-day operation of the 6M Safeguard contract. Duties included acting as Program Manager when the Program Manager is unavailable, developing monthly activity reports and briefings for the FAA customer, developing the monthly invoice memo to the customer, providing inputs related to hiring individuals, providing tasking and direction to junior-level employees, and working with the accounting department on financial issues relating to the contract. Additional duties included coordinating activities to bring sub-contractors on board for specific tasking to FAA programs, developing the contract's Program Management and Conflict of Interest Plans, and tracking and reporting on the overall hours, budget, burn rates, and funds received for work performed on the Safeguard contract.
- Technical Security Lead for the FAA's Advanced Technologies Oceanic Program ATOP and Weather and Radar Processor WARP Program. Worked with the ATOP and WARP Product Teams to review and integrate Contractor documentation into the FAA's Security Certification and Accreditation Package SCAP . Scheduled and attended security testing and reviewed and commented on test plans, procedures, and reports.
Confidential
Systems Analyst
Developed a Cost-Benefit Analysis for the deployment of additional Automated Surface Observation Systems ASOS to airports nationwide and was a database administrator for the Aviation databases.
Confidential
Systems Engineer III
Lead for the FAA's Direct User Access Terminal DUAT Service Program. Duties included development of documents relating to the contract including the Specification and Statement of Work, reviewed the contractors' deliverables, day-to-day management of the contract, witnessed contractor and FAA system testing, and scheduled all activities to bring the contractors on contract on time. As the Security Lead, was responsible for the development of the Security Certification and Accreditation Packages SCAP for both the OASIS and DUAT Systems.