SUMMARY:

• Senior level Cyber Security and Information Assurance Professional. Well rounded technically, with a good understanding of implementing security tools as well as IA controls and concepts, to sustain secure networked devices within an Enterprise environment.
• Architecture design of integrated security solutions via tools, processes and procedures to facilitate a cost effective delivery of services. Able to perform integration, testing and maintenance of systems and the ability to escalate and resolve problem resolution of systems and/or components.
• In depth understanding of security tools, networked devices, scanning/patch tools, IA controls remediation and risk mitigation strategies.
• Expertise expands into the following key areas: Cyber Security - Computer Network Defense - Incident Handler - ArcSight SME - Building Enterprise Architecture Solutions, Network & Security Design - System Testing - System Integration - Systems Administration & Maintenance (O&M) - Configuration Management--Network Administration - Policy - Information Assurance/ & Accreditation/A&A.

TECHNICAL SKILLS:

Software: MS Windows OS, MS Office Suite, Lotus Notes, Windows Server, Red Hat Linux 5/6, Solaris 9/10, Active Directory, Citrix, Outlook, Exchange, Remote Admin tools, Cisco VPN, Remote Access, Blackberry, C++ programming, Unix, NIST 800.x series, DIACAP, JAFAN ICD guidance, EMASS, eRetina, ACAS, VMS, ArcSight ESM (VER 3.5 - VER 6)-Connector appliances-Logger appliances and various Smart connectors.

Hardware: IBM PCs and compatibles, Solaris servers, DELL & HP servers, Cisco routers & switches, IDS, IPS, Firewall, ArcSight Logger and Smart Connector appliance.

PROFESSIONAL EXPERIENCE:

Confidential

Sr. Principal Analyst

Responsibilities:

• Manage and lead efforts in the review, application, and maintenance of IA policies and C&A/A&A procedures for the Program Acquisition office to obtain an accreditation of information systems and industrial aircraft system components.
• Research DoD/Navy policy to ensure the platform interconnected systems are compliant throughout the systems lifecycle (i.e. FIPS compliance, Data at Rest, password complexity, etc.)
• In-depth knowledge of NAVAIR’s IA program and processes, System Engineering Technical Review (SETR) process for all levels of the acquisition program (ACAT I-IV)
• Hands-on DIACAP (RMF for new acquisitions) accreditation efforts utilizing the following tools/databases of record: VRAM (Navy IAVAs DB), DADMS-DITPR-DON (Navy repository for software), SETR (compiles system engineering steps within acquisition process), RISK Manager (risk assessment tool), STIGs, ACAS, SCAP, and SRR (Security checklists and security readiness review scripts), analyze and compile scan results and develop system accreditation documentation assessing and mitigating applicable IA controls, assessing test results, vulnerability reviews and risk management--compiling the results within eMASS and submission to Echelon II/10th Fleet Cyber Com for ATO/PRA.

Confidential

Sr. Security Engineer

Responsibilities:

• Fast paced, highly visible changing environment, completion of ad-hoc tasks and deliverables from executive management with short suspense dates.
• Security tool Integration Project: A million dollar project to evaluate security tools and update SIEM for security operations center, create content for analysts. Conducted proof of concepts and security evaluations of security tools for integration and build-out of the JS Security operations center (SOC) such as Splunk, ArcSight ESM-Logger-Connector appliances, Raytheon Clear View Security Solutions, McAfee ESM, Tripwire, Tanium. Gather costs from vendor, created course of action (COA’s) and a white paper with product solutions/recommendations, as well as gather preliminary costs from the vendor, created technical slide decks to brief stakeholders, and created project scope document.
• Review JS policies, procedures and standards identifying security gaps and implementing workflows, enhancing internal JS processes, controls and security tools. Make recommendations to executive management to improve overall security posture, recommending tools and solutions to enhance the Incident Response team capabilities.
• Validate the configuration settings of the implemented security tools in production and make recommendations for improvement (HBSS, Blue Coat, HP Fortify).
• Review Cyber Com Task Orders providing guidance of security controls to implement to mitigate and reduce risk/exposure. Assessment of new threats and the impact to the current infrastructure across the enterprise-authoring white papers for executive leadership review.
• Vulnerability Management - Perform analysis of Vulnerability Assessment and Analysis scans from tools such as eRetina, ACAS and HP Fortify.
• Change/Configuration Management (CM) - Analyze the IA controls of a program to include secure configuration management and continuous monitoring, making recommendations to CM stakeholders to mitigate risk prior to implementation to the enterprise network.
• Consult with Incident Response team to automate and create content in SIEM environment.

Confidential

Principal Information Security Engineer

Responsibilities:

• Supporting DHS US-CERT providing technical consultation on current and proposed systems. Assist in the development, testing, implementation and documentation of these systems; encompassing best practices of the systems life cycle to meet business needs and to enhance system performance and stability, security products such as Splunk, ArcSight ESM, Loggers, and Connector Appliances on Linux/Oracle platforms.
• Perform and assist in evaluation of procurement costs/licensing; making recommendations for vendor software/hardware systems to ensure cost-effective and efficient operations.
• Provide escalated technical support handling system related issues; on-call technical support. Perform repairs, system patching, maintenance and upgrades of existing systems and proposed solutions for current and future performance.
• On-site Linux team lead- focusing on keeping projects on track and communication open with Pensacola Linux team.

Confidential

Sr. Information Assurance Specialist

Responsibilities:

• Provided IA C&A support toward accreditation efforts for the Pentagon’s Backbone Enterprise systems in accordance with Army AR 25/2, DIACAP, RMF, NIST, DISA’s CAP office & FISMA guidance. Created IA Readiness Reviews reports, reviewed scanning reports and created vulnerability risk management analysis reports, standard operating procedures (SOP’s) and the development of swim lanes across teams within the organization.
• Providing C&A efforts for Special Access Programs (SAP) SCI programs implementing and assessing controls and artifacts from JAFAN 6/3, ICD 503 guidance.

Confidential

Information Assurance Officer

Responsibilities:

• Information Assurance Officer for seven of the OSD components, liaison supporting the organizations security policies, initiatives and Information Assurance efforts for new hires within WHS and OSD as well as support the IT transition plan with WHS/Mark Center.
• Work closely with the CIRT team toward mitigation of cyber threats, data spills and spillage remediation; the C&A team toward accreditation efforts of Enterprise systems; assisting the PKI team for the classified token rollout and the Risk Management team/cross domain networked boundaries. Participated in policy discussions and changes made to policies, developing SOP’s and the for the policy regarding data transfers (CTO-133) and made strategic recommendations for the ArcSight infrastructure and O&M support team projects.

Confidential

Principal Information Security Engineer

Responsibilities:

• Supported civil and defense markets in Information Assurance, CND and Cyber Security.
• Led the business development effort for CND capabilities, building and leading a team of SME’s (conducting interviews, providing, reach back support, developing career paths & yearly assessments) and proposal efforts.
• Managing individual programs to include compiling and reporting the monthly financials and Project status (quad charts) to executive leadership.
• Led a 25 million dollar program to design and re-architect the Army’s security infrastructure for each SOC location (total of 15).
• Army contract, as technical lead analyzed current infrastructure and redesigned the architecture to include latest ArcSight functionality and security tools, which also included a refresh of underlying systems (OS, servers, databases, and SAN storage), team members for implementation support, and creating system documentation of the security rollout.
• DISA contract as the IAO, providing C&A support toward IA accreditation of program systems.
• DLA contract as the IAM providing IA/C&A oversight & support for the program
• Served as ArcSight SME Functional Lead to DLA and IRS agencies.
• BAH Lab: ArcSight SME- Led and performed the integration testing/proof of concept of ArcSight in a “Cloud environment”, VM Ware host installation and configuration

Confidential

HBSS Administrator - Cyber Security

Responsibilities:

• Part of the Infrastructure support team, as HBSS administrator tasked to complete the requirement for 100% compliance of McAfee HBSS host based application on all Marine Corps assets.
• Used ArcSight SME skills on this assignment as well when there were technical issues with the existing systems.

Confidential

Sr. ArcSight Engineer

Responsibilities:

• I provided O&M support for FAA’s current SIEM infrastructure and underlying systems (Oracle, servers, and security tools).
• Designed and implemented two additional ArcSight SIEM instances to provide MSSP support to the Department of Transportation and Department of .
• Configured the log feeds which included Source Fire/Snort sensors, Cisco IDS, Found Stone, ISS HIPS, ISS Site Protector, UNIX syslog events, kiwi syslog, McAfee ePolicy, and Windows Security Events. Worked with the analysts to create content within the SIEM. Developed procedures and solutions documentation (SOP’s) for the client regarding policies and forensics/remediation efforts.

Confidential

System Security Integration

Responsibilities:

• Information Security Project: With a small team, I led a three-year, 1 ½ million dollar project to implement a SIEM solution at Northrop’s security operations center (SOC) and to configure all internal network traffic/system logs to the SIEM for analysis with the final phase building out a disaster recovery site.
• Coordinated the business aspects as well as the technical - including system design, purchasing, testing, deployment, server-database-storage configurations, configuring device log feeds to the SIEM, developing SIEM content, OS system scans and patch compliance, analysis of security vulnerabilities/risk assessments, OS/SIEM system upgrades, and SQL/Oracle database administrative tasks on both a Linux and Windows platform.
• Created work instructions/procedures, technical manuals, the Disaster Recovery plan, vulnerability mitigation plans and the incident response SOP.
• I worked closely with the analysts analyzing network traffic and security events, conducting remediation efforts and creating content within the SIEM (filter/channels, dashboards, rules, reports, active lists, trends, etc.). Also providing administrative O&M support for the following security tools: E-Security, ArcSight ESM-Logger-Smart Connector appliances, Cisco IDS/IPS, Internet Security Scanner (ISS), Symantec AV, Bluecoat, Cisco, Checkpoint & Juniper Firewalls, Nessus, Altiris, ISS Black Ice, Proventia host based IDS, Wireshark, HBSS, Mandiant System File Scanner, AppDetective, WebInspect, Whitelisting, Windows Security Events, War Dialing and Air Defense (managed wireless access points).
• Confidential ’s President of Excellence for the integration of the Information Security Project.

Confidential

Helpdesk Analyst / Computer Technician

Responsibilities:

• Valued contributor to team objectives, participating in team projects, which included resolving PC Tech / Desktop Support calls and assisting in LAN / WAN Administrator project work (configuring switches and troubleshooting an Ethernet LAN).
• Installed configured, and troubleshoot Win2K workstations and network / local print devices, using Ghost software. Troubleshot Outlook, Groupwise, Exchange, Citrix, Office 2000, connectivity, Active Directory, permission levels, logon, file sharing and network connectivity.