PROFILE

• Results-oriented seasoned Senior Information Security Program Leader with over 15 years of broad cyber security and enterprise risk management experience and a proven record of success. Expert in managing cost-effective, high-performance, information technology security programs that balance enterprise risk with legislative and regulatory compliance in the support of key business objectives.
• Effective communicator skilled at gaining business buy-in to enterprise security initiatives. Expert at creating effective security awareness programs, conducting risk and security control assessments for the information assets of the organization. Known for solid time management and ability to work calmly, accurately under pressure.
• Experience managing all aspects of technology to include: large data center management, software development, enterprise architecture, information security, network operations and management.
• Expert in applying cost-effective risk-based principles to large cyber security programs to support of key business objectives.
• Intensive experience dealing with Cyberspace Operations which includes Signal Intelligence SIGINT , or Computer Network Exploitation CNE , or Digital Network Intelligence DNI Analysis.
• Comprehensive knowledge of Federal, DoD, and DoN IA/Security requirements and policies relating to communications and computer information systems to include but not limited to evaluation, validation, and execution of compliance with DoD 8500 IA Controls, Security Technical Implementation Guides STIG , Computer Tasking Orders CTO , and their references.
• Extensive knowledge of Unix, Apple, Linux, Microsoft Server 2003/2008 Operating System, Microsoft Active Directory, Microsoft Exchange 2003/2007, Microsoft System Management Server, Microsoft XP, Microsoft Vista, ESM,SCCM, VMware and workstation imaging.
• Experience using and/or detailed knowledge of ArcGIS, Military Analyst, Falcon View, APIX, CIDNE, TIGR, MOTHRA, Multimedia Analysis Archive System MAAS , Video Processing Capability VPC , SOCET GXP, Advanced Intelligence Multimedia Exploitation Suite AIMES , Smart-Track, Analyst's Notebook, Digital Video Analyzer DVA , GeoTracker, National Technical Means NTM , Peregrine, Tactical Common Datalink TCDL , RemoteView, and/or Persistent Surveillance and Dissemination of Systems PSDS2 .
• Extensive security knowledge and experience in DoD and special environments - NISPOM NISPOM supplement JAFAN and DCID documentation COMSEC DD254 and Security Classification Guides DSS MDA Security Compliance Reviews SCR . Knowledge of Network Management Systems NMS software, What's Up Gold WUG , Ethernet Automated Protection Switching EAPS , KG-175 TACLANE, KG-75 FASTLANE.
• Familiar with key data correlation tools, data mining SBSS, Clementine, Matlab, etc and visualization Cold Fusion, COGNOS, etc all designed to support insider threat detection.
• Extensive subject matter expertise in IT Services Management ITSM and ITIL, methods, processes, strategic technology infrastructure planning, and developing cost effective solutions to meet customer business requirements.
• Active Top Security Clearance of TS/SCI DCID 1/14 Eligible -DIA/DHS/NGA SCI CLEARED.

PROFESSIONAL EXPERIENCE

Confidential

Supervisory IT Specialist

• Chief IT Enterprise Tools Ownership ETO , directs, manages a federal workforce of 20 at the GS-13/GS-14 levels, comprised of four business units Tivoli Environment, Altiris Deployment, Control M EM, and End to End E2E responsible for ensuring that the organization's strategic plan, mission, vision and values are communicated and integrated into the team's strategies, goals, objectives, and work. Employs contemporary, proven, project management techniques. Provides senior technical product and infrastructure support for enterprise utilities, tools, and their standardization in production environments including the modernized enterprise systems management environment. Evaluates project schedules and developer resource allocations to ensure successful development of approved software applications. Tracks, analyzes and coordinates multiple, complex applications development projects using principles and guidelines of the Project Management Institute PMI and Capability Maturity Model Integration CMMI methodologies. Facilitates cross-functional and cross-team planning sessions to ensure integration of critical path development activities.
• Programmatic Leadership and Oversight: Directs agency driven World Class IT initiative by serving as the subject matter expert to support the integration of the Release and Deployment Management Process with other enterprise ITIL-based processes e.g., Change Management and Configuration Management .
• Leads and manages complex computer engineering projects or programs that may have ill-defined requirements, ambiguity, parallel tasks, multiple dependencies, high risks, and multiple interfaces provide technical oversight and initiate, plan, implement, and coordinate activities throughout the life of the project.
• Develops, executes, and communicates a spend plan and assess variances from cost and schedule baseline reallocate resources in response to change, considering impact to project cost, schedule, and quality of deliverables.
• Strategy Planning: Manages complex Cross-Functional Transformations involving ITIL Processes, ITSM and Enterprise Service Automation Service Assurance Tools Implementations across various production environments.
• Participates as a member of the senior management team in governance processes of the ECMS/ERTB organization's security and risk management strategies. Develops and communicates security strategies and plans to executive team, staff, partners, customers, and stakeholders.
• Leads strategic security planning to achieve business goals by prioritizing defense initiatives and coordinating the evaluation, deployment, and management of current and future security technologies.
• Monitors the broad scope of Tivoli Environment, Altiris Deployment, Control M EM, and End to End E2E security technical activities and tracks progress in meeting goals and objectives, resolving technically complex management and operational issues directly with other senior level managers throughout Infrastructure Services Division.
• Evaluates complex programmatic problems, applies Business Process Improvement techniques to evaluate and improve business processes and procedures to enhance effectiveness, efficiency, and productivity of managed business units. Ensures that a disciplined, repeatable systems, and project management approach is used to assess, prioritize, and carry out assigned duties and responsibilities including process improvements and reengineering efforts.
• Guides and directs systems security analysis, vulnerability management and assessments, risk assessments, security surveys, independent certification testing, security test and evaluation, and verifies the accuracy and completeness of the reports associated with each of those activities.
• Tools utilized: IT Service Management Tools like HP Service Manager/ BSM, HP Asset Manager, BMC Control M/Enterprise Manager, HP Service Manager, HP Asset Manager.
• Strategic Human Resources HR Guidance: Ensures the provision of outstanding HR guidance, training and development guidance, and professional support to targeted staff, technical leads and employees. Provides technical expertise, leadership in developing and implementing targeted human capital programs. Identifies developmental training needs of employees and arrange for needed development and training.
• Oversees and leads project implementation and quality assurance by effectively monitoring cost, schedule, and performance assess variances from the plan and take necessary corrective actions, conducts project performance reviews and control gates, gather important information and make decisions about required next steps, and develop and maintain appropriate project documentation.
• Leads technical discussions for complex projects and communicate with customers, information technology IT service providers, and technical components to fully understand problems.

Confidential

• Serves as a Political/military all-source strategic intelligence analyst in the South Asia Division India Branch at the United States Pacific Command Joint Intelligence Operations Center, Pearl Harbor, Hawaii.
• Primarily responsible for researching, developing, presenting and publishing All Source products at the tactical and operational level related to insurgent IED cell activities, and threats to local/regional stability as part of an overall analytical team.
• Develops counterintelligence initiatives, including insider threats and cyber threats, to effectively protect national security and the operational mission of DIA. Identifies information gaps and prepares collection requirements to meet current and anticipated intelligence needs.

Confidential

IT Governance / Cyber Security Test Manager / Contracting Officer's Technical Representative COTR

• As the DHS-NPPD-OCIO Manager of IT Governance, was responsible for directing, developing, implementing and integrating agency-wide investigative change management practices with a defense in depth strategy to ensure protection of the DHS IT UNCLASS/CLASSIFIED environments managed a robust ITIL/CMMI set of tools and techniques to refine, control the enterprise wide change, approval and implementation phases for maximizing benefit and minimizing impact on workers and processes. Reported to the executive Director of Information Technology with a dotted line to the Department of Homeland Security CIO. Led the design and implementation of IT governance policies, procedures and standards. As the Chair of the Engineer Review Board, participated in change control efforts for the DHS Infrastructure team by setting standards and best practices that defined and maintain appropriate SLAs for the group. Collated team was responsible for evaluating cyber security products, deciding go-forward products, implementing these products, then properly turning them over to the Cyber Security Operations team.
• T Governance Leadership: Provided leadership and management for the Service Operations group. Fulfill customer requests, resolve service failures, fix problems, and carry out routine operational tasks. Chaired the National Protection and Programs Directorate Enterprise Review NPPD ERB change advisory boards to ensure all changes applied within the managed information technology infrastructure are properly approved, tested, documented, and validated.
• Managed and led a team of cyber security test experts responsible testing and assessing the effectiveness of application, system, or network security controls validate risk and vulnerability management programs and demonstrate the risk associated with unaddressed vulnerabilities.
• Addressed means to reduce exploitable software weaknesses and improve capabilities that routinely develop, acquire, and deploy resilient software products. Enhanced development and acquisition processes to address software security needs. Transition software assurance processes and practices into standards, and maturity models
• Team Management: Directed organizational change management strategy and created change management roadmap formulate change management plans, including allocation of resources, determination of risks, and identification of deadlines and deliverables with a goal of successful implementation of tasks which are completed on time while maintaining flexibility that is required to deal with changing conditions.
• Managed phases of the Incident Handling Life Cycle to ensure resolution of cyber incidents within the command.
• Responsible for interfacing daily with high-end IT staff and will be responsible for reconfiguring full life cycle process current Tivoli IDM platform overseeing the planning, installation, component configuration, application configuration, problem determination, and customization of the IBM Tivoli Endpoint Manager VS.2 solution.
• Maintained overall responsibility for system availability, capacity planning, system performance, installation, and configuration of software and hardware for Tivoli Monitoring responsible for planning the implementation of new technologies and technology upgrades and consulting with application support groups relative to Tivoli End Point TEM output.
• Managed IT engineering services such as MS Exchange support MS SharePoint support Blackberry Enterprise support Good for Enterprise support Microsoft .Net support MS SQL Server support Oracle RDBMS support Oracle Java support DHS XaaS support and support for the deployment of new or upgraded platform technologies into TSA's IT production environment.
• Supervised IT project managers responsible for the delivery of highly complex IT projects involving Systems Engineering Lifecycle SELC technical support for TSA mission critical IT services. Overseeing the work of senior level technical staff of other TSA and DHS organizations and contractors to ensure project completion.
• Security Control: Ensured the following Change management activities were executed planning and controlling, change and release scheduling, communications, decision making and change authorization, ensuring remediation plans are in place, measurement and control, management reporting assessing change impact, continual process improvement.
• Planned and coordinated processes for in-depth vulnerability analysis and suggest tools/techniques that may be used to exploit identified vulnerabilities through a combination of manual and automated processes.
• Ensured the proper analysis and validation of test results, documented risks, recommended remediation options, and track outstanding remediation efforts to resolution.
• Developed and monitored standard operating procedures and team documentation, as required. Manage daily operational tasks - provide task coordination / prioritization, and assign resources. Assist in daily operations to include intrusion detection, incident response, unauthorized device monitoring, web application scanning / assessments, and auditing support.
• NIST SP 800-53, f NIST SPs within a security program, including 800-30, 800-37, 800-53A, and 800-18 integration
• Vulnerability Management experience McAfee Nitro Security, Tenable Security Center, McAfee EPO, FireEye direct NSF Vulnerability Management Suite experience a plus
• BMC ProactiveNet Performance Management BPPM ArcSight, netForensics, e-Security, etc

Confidential

Operations all source production Intelligence Analyst

• As Operational All Source Production Intelligence Analyst, supported all aspects of Air Force AMC operations by collating, analyzing, evaluating and disseminating intelligence information. Produced all-source intelligence, situation estimates, order-of-battle studies and other intelligence reports and studies. Advised commanders on force protection and intelligence information for US and allied forces. Compiled, segregated, evaluated, researched, interpreted, analyzed, and disseminated intelligence information.
• Provided intelligence Country Risk Assessments CRAs and estimates at the tactical, operational and strategic levels, supporting AMC A2: Production for USCENTCOM, USPACOM, USEUCOM, USNORTHCOM and USSOUTHCOM flight operations.

Confidential

Chief Computer Network Operations CNO / CISO 40HRS

• Organizational Leadership: Leadership of strategic and tactical decisions surrounding virtualization, storage, backups, wireless, telecommunications, infrastructure, business continuity and other technical systems as needed. Planned and managed financial and human resources for IT operations while ensuring the development of high-quality technology solutions for the business. These solutions must be developed at the best possible cost and be aligned with customer and business needs while establishing relationships with vendors, customers, employees and key internal and external stakeholders. Organized sectional teams around continuous delivery principles to increase organizational throughput as well as automate processes to deliver predictable services consistently.Served as Chief of Computer Network Operations Branch, was responsible for developing and implementing measures/controls to deny unauthorized persons information derived from telecommunications and ensuring the authenticity of such telecommunications including: crypto security, transmission security, emission security, traffic-flow security and physical security of COM SEC material. Maintained continuous surveillance over the operations, to include resources, networks and associated assets upon identification of a network disruption, assesses the extent and operational impact of the disruption and initiates service restoration actions. Responsible for auditing existing systems, while directing the administration of security policies, activities, and standards.
• Operations and Maintenance: Managed the communication-computer security COMPUSEC program, Air Force Electronic Key Management System AFEKMS , Emission Security, and Information Assurance Awareness Programs.
• Managed the regular event analysis searching for and extracting information, and incident response from the suite of security tools and system security features HBSS, IDS, Insider Threat, Anti-Virus, Firewall, System security logs and events, etc.
• Filtered information collected from a variety of computer network defense resources including, but not limited to, intrusion detection system alerts, firewall and network traffic logs, and host system logs to identify, analyze, and report events that occur or might occur within their environment.
• Established the necessary capabilities for conducting penetration testing and risk assessments of applications and hosting infrastructure through consistent methodology using a variety of automated and manual tools, and producing uniform reporting standards.
• Architecture of CND Tools utilized- enterprise SIEM platform e.g. Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk, IDA, OllyDbg
• HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics, IST 800-53 Rev 4, HIPPA, SOX, and Remote Access Service.

Confidential

Physical Regional Security Officer

• As Regional Security Officer RSO , served as the authoritative source and subject matter expert on all matters relative to multiple security disciplines, issues, guidance and assistance in the evaluation/analysis of security needs. Adhered to security policy guidance to formulate facility, program, and personnel resource requirements for program security. Developed a comprehensive and ongoing security awareness program administering a multi-faceted security awareness program consisting of briefings, directives, computer based training and audiovisual presentations. Primarily for the physical protection of sensitive or classified information, personnel, facilities, installations, or other sensitive materials, resources, or processes against criminal, terrorist, or hostile intelligence activities.
• Exercised security regulations policies for multiple security specializations within the required operating areas. Established security SOPs. Planned, prepared, presented security briefings, and conducted site specific security briefings.
• Coordinated the commands' crime prevention and physical security awareness program to ensure adequate security relating to issues such as protection of assets, alarm responses, and card use.

Confidential

SENIOR Information Systems Security Professional Project Manager

• As Senior Information Systems Security Professional Project Manager, directed the on-going enterprise-wide security oversight, infrastructure support, guidance, and the reviewing of the Agile IT environments including supporting large technology integration projects ensuring appropriate technology alignment ensuring security is integrated as a major component when implementing new technology e.g. mobile devices, wireless connectivity, remote access systems developing standards for specific devices e.g. hard drives, flash drives and providing the examples of best practices to build a secure foundation leveraged by all HP Enterprise federal contracts.
• Served as Information Center IC Action Officer, responsible for providing consulting/installation/training/technical support to computer end-users. For each request for technical assistance, determined procedures required to solve problems of the affected IT infrastructure.
• Evaluated, acquired, configured and used software intended to ensure that automated systems were secure from unauthorized use, viral infection and other problems that would compromise sensitive information in terms of confidentiality, integrity, and availability, or would compromise other aspects of overall system security.
• Responsible for all activities associated with providing management, program direction, and guidance to ensure a highly effective Composite Adversary Team capable of conducting performance tests of protective forces and security systems.
• Assisted in the development of security controls and counter measures as well as their positioning within the architecture to support the desired cyber security architecture requirement at the individual system and at the enterprise-level.
• Web Services and related technologies e.g. cloud computing, XML, XML-Schema WS-Security, XACML, SAML, WSDL UDDI

Confidential

Lead Information System Security Officer ISSO / NETWORK INTELLIGENCE ANALYSIS

• As Lead ISSO, provided expert technical advice and guidance to Operational Division Chiefs/ CND Planners on significant risk management and assessment activities that were undertaken to improve cyber security in critical infrastructures. Developed, maintained and implemented IT Security Training and Awareness Programs in Classified/Unclassified environments. Served as the subject matter expert and technical authority of CI cyber threats, as well as, IT forensic analysis procedures, investigations and mitigating techniques.
• As ISSO was responsible for the investigation and reporting of all TSC, LS and Unit s including system specification, configuration, maintenance, rationalization and account access control.
• Conducted cyber risk, malware/vulnerability, cyber related infrastructure inter-dependency analysis and the reporting of foreign computer exploitation capabilities directed against the United States.
• Provided oversight and served as an expert consultant regarding COMSEC, COMPUSEC, Systems Certification and Accreditation along with emerging technology related to IA. Provided management oversight of the Information Assurance Vulnerability Management Program IAVM .
• Conducted intelligence analysis relative to the cyber fields of information processing, data communications, network intrusion, and indications/warning to computer networks streamlining cyber analytical support for counterintelligence investigations, and operations.
• Managed the network physical security systems SIPRNet Security, Protected Distribution System PDS and IP enabled Anti-terrorism/Force protection AT/FP network devices. Coordinated IA technicians, systems administrators in monitoring the network for vulnerabilities and compromises. Conducted security audits and inspections and provides audit/inspection results to the CAR for compliance reporting.

Confidential

Information Systems Security Manager/Computer Network Defense IA/CND Manager

• As Information Systems Security Manager provided technical knowledge and project management skills for complex information technologies. Orchestrated enterprise-level responses to IT security incidents ensuring coordination with operational users, incident response teams, network security personnel. Provided technical support, analysis, and recommendations in areas of: Surveillance and Reconnaissance Perimeter Defense Malicious Code Analysis attack vector analysis Computer Network Defense CND Incident Handling Vulnerability Management/Reporting and Risk Analysis and Readiness.
• Assigned as Terminal Area Security Officer TASO responsible for the information security support to all IT Division TASOs onboard USN naval vessels. Recommended corrective actions to the Designated Accreditation Authority DAA as necessary.
• Managed daily unclassified and classified network operations to include network management, control, security and administration within Network Management NM , Help Desk HD , Information Protection Operations IPO , and Network Administration NA work centers. Administered and maintained database.
• Led team members and administrative support personnel, and for providing guidance and advice integrating team efforts to assure systematic, thorough, and professional performance of inspections, assessments and special reviews.
• Prepared and reviewed documentation to include System Security Plans SSPs , Risk Assessment Reports, Certification and Accreditation C A packages, etc.
• Core utilization, configuration, and implementation of industry capabilities to include: Intrusion Detection Systems IDS , Intrusion Prevention Systems IPS , Security Event and Incident Manager SEIM , advanced log analysis, network monitoring, packet capture analysis, and UNIX command line.
• Expert utilization of the following tools: Cadence, Surrey, Traffic Thief, CNE Portal and X-Key score.

Confidential

Global Network Exploitation and Vulnerability Analyst

• As Network Exploitation and Vulnerability Analyst, was the subject matter expert SME responsible for Non-Secure Internet Protocol Router Network NIPRNET and Secret Internet Protocol Router Network SIPRNET Change Management. Implemented, maintained, and analyzed procedures and security connection requirements in order to evaluate overall technical features and security protection required for systems and networks processing all sensitivity levels of information.
• Performed a full range of first-level supervisory responsibilities including assigning work to subordinates based on priorities, selective consideration of the difficulty and requirements of assignments, and the capabilities of junior sailors.
• Monitored and evaluated ONE-NET, IT-21 and legacy network systems compliance with IT security requirements. Led 3 teams in monitoring, reviewing and analyzing Intrusion Detection System IDS logs and reporting/taking action when anomalies exist. Conducted CI related computer inquiries and investigations.
• Performed forensic analysis, evaluated malware code, fuzzing techniques, identified techniques used by attackers to exploit and gain access, and performed reverse engineering to determine actual root causes of incidents.
• GFI Event Log Manager, Splunk, or equivalent log management software knowledge
• Secure Technical Implementation Guides STIGs , Information Assurance Vulnerability Alert IAVA , DCID 6/3, Federal Information Security Management Act FISMA and other tools using industry best practices