Summary:

• Sr. Information Assurance/Cyber Security Leadership
• Cyber Security
• Program/Project Management
• Certification Accreditation DIACAP, Type-1, DCID 6/3, DoDIIS, NIACAP
• DIACAP Validator
• FISMA Auditor
• Systems Security Engineering
• Engineering Leadership
• Network Operations Center NOC Management
• Network Security

EXPERIENCE:

Confidential

Program Information Assurance Manager IAM 11B WarFighter Focus Program

• Program Information Assurance Manager IAM 11B WarFighter Focus Program Develop, implements, and enforce policies and procedures reflecting the legislative intent of applicable laws and regulations related to Cyber Security for the Army Combat Training Centers CTC and mobile training systems worldwide. Liaison to Program VP on all Cyber Security related matters.
• Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system s operations.
• Develop CTC's security requirements specific to an IT acquisition for inclusion in procurement documents.
• Recommend resource allocations required to securely operate and maintain an organization's CTC's Information Assurance IA requirements.
• Participate in an IS risk assessment during the Certification and Accreditation C A process.
• Develop security requirements for hardware, software, and services acquisitions specific to CTC's IA security programs.
• Ensure that IA and IA enabled software, hardware, and firmware complies with appropriate DOD regulations, security configuration guidelines, policies, and procedures.
• Identify alternative functional IA security strategies to address organizational CTC's Cybersecurity concerns.
• Review the selected security safeguards to determine that security concerns identified in the approved plan have been fully addressed.
• Evaluate the presence and adequacy of security measures proposed or provided in response to requirements contained in acquisition documents.
• Monitor contract performance and periodically review deliverables for conformance with contract requirements related to CTC's IA, security, and privacy.
• Provide leadership and direction to CTC personnel by ensuring that IA security awareness and IA training are provided to personnel commensurate with their responsibilities.
• Develop and implement programs to ensure that systems, network, and data users are aware of, understand, and follow CTC's and IA policies and procedures.
• Advise the DAA representatives of any changes affecting the CTC's, IA posture.
• Ensure that compliance monitoring occurs, and review results of such monitoring across the CTC's.
• Enforce IAVM dissemination, reporting, compliance, and verification procedures as described in CJCSM 6510.01 and Army regulations.
• Report security violations and incidents to the servicing RCERT in accordance with Army Guidelines and Program Incident and Intrusion Reporting procedures.
• Manage IASOs at the CTC's, to establish the scope of responsibilities and the technical and security training requirements.
• Conduct FISMA Audits at all CTC's to ensure no security changes have been made that weakens the security posture or invalidates the accreditations of our systems.
• Negotiate C A issues with the DAA, or his or her designated representative, for incoming systems and make recommendations to the Army on additional protection mechanisms necessary prior to operation of the incoming ISs.
• Review all IA C A support documentation packages and system fielding, operations, or upgrades requirements to ensure accuracy and completeness, and that they meet minimal risk acceptance standards.
• Maintain a repository for all systems C A documentation and modifications, version control, and management of GOTS, COTS, and non-developmental items NDIs for all CTC's.
• Lead member of the WarFighter Focus Configuration Change Board CCB .

Confidential

Information Assurance/Senior Engineering Manager, Systems Security Engineering SSE

• Responsible for leading a multi-discipline technical team 22 Engineers containing a mix of senior and junior engineers with electrical, software, hardware and systems engineering backgrounds specializing in the design, integration, validation and certification of cryptographic devices for U.S. and international customers.
• Responsible for all phases of Certification and Accreditation DITSCAP, DIACAP, DODIIS, NIACAP, NIST, NSA Type-1
• Functional management, technical leadership, employee development coaching, mentoring and career development , process compliance, and personnel management for an engineering organization. Interface with both internal and external customers different government agencies , program management, and senior management across all business areas
• Guide team members on the utilization of systems and hardware design processes and provide assurance that the design activities are consistent with requirements for product safety, reliability, maintainability, performance, qualification and certification.
• Guide team members on the creation of technical requirements/design baselines, program execution plans, technical risk assessments, and scope, schedule and budget aspects for engineering design activities.
• Work closely with National Security Agency and its requirements documentation Information Assurance Security Requirements Document IASRD
• Areas of responsibility include systems security, information assurance, communication security, computer security, transmission security, key management and cryptography.
• Responsible for Earned Value Management System EVMS across all programs supported by SSE.

Confidential

Deputy Security IPT Lead, Cryptographic Modernization Program

• Deputy Security IPT Lead, Cryptographic Modernization Program Working in the Government Systems Information Assurance department performing systems engineering tasks in the areas of Information Assurance and Information Security. Responsible for systems security engineering, including system requirements and design, evaluation and certification for embedded security devices within communications and navigation equipment.
• Responsible for transitioning current programs supporting DITSCAP to DIACAP. Also responsible for developing all certification artifacts to achieve DIACAP certification.
• Responsible for ensuring proper design and analysis is performed to receive NSA certification for cryptographic devices and/or systems embedding cryptographic devices.
• Responsible for reviewing, writing and evaluating all types of security related papers and documentation that is required for product certification.
• Responsible for information assurance and security engineering principles involving communications and/or navigation security, network security, computer security, key management and other areas of information assurance.
• Responsible for working with a large team involved in the implementation of security solutions that will be embedded in Government Systems products.
• Ensures that system requirements are correctly implemented into the overall system architecture, and will help oversee security related testing for the system.
• Responsible for briefing and interfacing directly with other Rockwell Collins business areas, external customers as well as the National Security Agency NSA on a variety of design and security related issues.

Confidential

Network Security Team Lead, System Security Engineering SSE Joint Strike Fighter F-35 Program

• Network Security Team Lead, System Security Engineering SSE Joint Strike Fighter F-35 Program Responsible for interfacing with multiple Air Air Vehicle and Ground-based system Autonomic Logistics Integrated Product Leads IPT , the JSF Program Office and NSA regarding all aspects of security design, certification and accreditation for the F-35 Program.
• Influencing the design of all ground base infrastructure network architecture, network security through regular engineering reviews with the Lead Security Engineers from the JSF Program Office, Design IPTs, and suppliers.
• Chaired the Integrated System Security Working Group meetings with the JSF Program Office, NSA and Certifying Communities. Provided detailed program status on all systems security, information assurance, transmission security, key management and crypto issues.
• Identified and helped resolve security related risks, requirements and implementation issues associated with the Certification and Accreditation and cryptographic endorsement within all security relevant JSF systems and subsystems.
• Managed subcontractor to Lockheed martin for the generation of all DITSCAP certification and accreditation evidence and requirements documentation.
• Interfaced with NSA on the delivery of required documents for cryptographic equipment.
• Interfaced with the IPTs of cryptographic equipment being developed and ensuring that all Certification and Evaluation Evidence List CEEL documentation is submitted to NSA for certification of cryptographic devices.
• Provided guidance to the IPTs, supporting the development of the ground infrastructure, on FIPS 140-2 requirements for certain external network communications.
• General responsibility to perform requirements analysis, requirements verification, engineering trade studies and risk analysis a Team Lead for Systems Security Engineering.
• Responsible for guiding security relevant IPTs in their selection of products to ensure compliance with Common Criteria.
• Performed technical planning, system integration, verification and validation, cost and risk and supportability and effectiveness analyses for total systems.
• Responsibilities included performing analysis at all levels of total system product to include: concept, design, fabrication, test, installation, operations, maintenance and disposal.
• Ensured the logical and systematic conversion of customer or product requirements into total systems solutions that acknowledge technical, schedule and cost constraints.
• Performed functional analysis, timeline analysis, detail trade studies, requirements allocation and interface definition studies to translate customer requirements into hardware and software specifications.

Confidential

Systems Engineering Manager, Requirements Development Team

• Requirements Development Team Manager. Lead a team of Sr Systems Engineers in the development of functional requirements, requirements analysis, system architectures, trade studies, integration test plans/procedures for communication systems networking systems.
• Perform system functions of requirement analysis, requirements development, integration test plans/procedures, and perform system test and evaluation for communication systems networking systems.
• Primary coach for professional development of section employees Coordinate and support mentoring of section employees.
• Provide technical leadership for section employees and programs in accordance with standard engineering processes.
• Review proposals including cost, schedule and reconciliation Supervise IRAD projects and pursuit of new business Coordinate Technology insertion with programs.
• Assure compliance to standard functional processes recommend tailoring of standard processes.
• Ensure metrics are collected and reported in a uniform manner Use metrics to improve processes.
• Collaborate with IPT and capture lessons learned design, processes and metrics Collaborate with IPT Leaders and Program Managers on employee task assignments based on skill requirements and development needs.
• Assist Department Manager with solutions to staffing and deployment issues. Screen resumes, participate in interviews, and make hire/salary recommendations to Department Manager.
• Work with IPT Leaders to understand Manpower needs.
• Review and implement training and development plans Conduct regular staff meetings.

Confidential

Information Security Project Engineer/Program Manager

• Responsible for the management and over sight of Raytheon Transition Department, comprising all IA Design, Installation, and Certification/Accreditation, initiatives supporting the Navy Marine Corps Intranet NMCI .
• Responsible for meeting all contractual Transition Service Level Agreements SLA on the NMCI program.
• Responsible for Network Operations Center, server farm and remote site design, materials, build, test and all aspects of DITSCAP certification leading to IATO/ATO.
• Directly responsible for the management of all Subcontractors supporting Information Assurance initiatives.
• Primary Government liaison, responsible for operational oversight all Transition IA activities, pertaining to NMCI.
• Transition Cost Account Manager responsible for ensuring all transition initiatives were charged correctly and stayed within budget.
• As the Transition Project Engineer, responsible for ensuring all tasks were completed on time and in accordance with the NMCI Integrated Master Plan.
• Responsible for closing the Raytheon NCS NMCI account and turning over all remaining transition actives to EDS.

Confidential

Information Security/Certification and Accreditation C A Manager

• Manage professionals in the creating of security documentation for certification and accreditation of over 1500 US Navy and Marine Corps networks and computer systems.
• Responsible for interpreting and developing policies, procedures and strategies governing the planning and delivery of information security services.
• Responsible for making recommendations to management based on new laws governing IT Security. -Specialized experience in ensuring confidentiality, integrity, and availability of information systems. -Responsible for the planning, analyzing, development, implementation and enhancement of security programs.
• Responsible for staying abreast of all Federal requirements for certification accreditation.
• Clear and demonstrable knowledge of the integration of security in the System Development Life Cycle.
• Expert knowledge of Federal Security Requirements and ability to interpret federal laws and regulations that govern IT Security Programs in federal agency. These laws include FIMSA, OMB A-130, and NIST Special Publications.
• Responsible for the on-going update and eventually re-accreditation of Sensitive But Unclassified SBU and Classified DOD systems with regards to the DoD Security Certification and Accreditation Program DITSCAP .
• Provided analytical support for the research and development of IA/CND concepts, policies, and strategies, particularly within the national security framework.

Confidential

Information Security Design Systems Test Evaluation ST E Manager

• Manage professionals in the Security architecture development Firewall/VPN/IDS/Network Security Management Consoles for over 700 US Navy and Marine Corps networks and computer systems.
• Interfaced with the client in the strategic design process to translate security and business requirements into technical designs.
• Developed and reviewed security documentation in support of Certification and Accreditation of information systems.
• Responsible for compliance validations of security requirements within the Security Tests and Evaluations ST E .
• Conducted risk assessments of planned and operational information systems to identify vulnerabilities, risks, and security controls needed.
• Conducted regular audits to ensure that systems are being operated securely, and computer security policies and procedures are being implemented as defined in security plans.
• Interface point for all IT vendors on all Network Security equipment Firewall/VPN/IDS/Network Security Consoles being order for NMCI.