PROFILE

A self-motivated and hands-on Computer Software/Network Specialist, seeking a position in Security Management, Information Assurance and Systems Administration. Superior technical, organizational, people interface and problem-solving skills coupled with the ability to set priorities and manage multiple tasks. Highly analytical, an effective communicator, and a dedicated, responsible team player who follows through to task/project completion. Noted for extremely strong work ethic, the ability to get the job done, achievement of customer satisfaction and capability to perform well under pressure. Currently hold an active Top Secret/SCI.

AREAS OF EXPERTISE

System Planning Integration Troubleshooting Information Assurance/Systems Security Product Documentation/Procedures /Network Design/Implementation/Maintenance Needs Assessment

SOFTWARE

• Windows NT 4.0, 2000, 2003, 2008R2, 2012R2, XP, Vista, Windows 7 MS Exchange Server 5.5/2003/2010
• MS Cluster Server Blackberry Enterprise Server/Client MimeSweeper for SMTP
• Veritas Backup Exec CommVault Backup and Email Archiving Solution McAfee/Norton Anti-Virus
• McAfee ePO Server 4.5 MS SQL 2008

PROFESSIONAL EXPERIENCE ACCOMPLISHMENTS

Confidential

Security Engineer

• Responsible for DIACAP/RMF System Artifacts development, review and updates. This includes the System Security Plan SSP , Configuration Management Plan CMP , Incident response IR and Plan of Actions and Milestones POAM creation/updating.
• Retina scanning, Benchmark and STIG review for control implementation and IAVA compliance.
• Inputting of system documentation/Scans into eMASS for accreditation of new systems or continuous monitoring of systems already in production with an Authorization to Operate ATO
• Provide the Engineering Team with security guidance and compliance for all projects

.

PROFESSIONAL EXPERIENCE ACCOMPLISHMENTS Continued

Confidential

System Engineer/Security Specialist

• Member of an Engineering team supporting the Navy/Marines in an effort to transition its current intranet of Navy/Marine Corps Intranet NMCI to Next Generation Enterprise Network NGEN .
• Engineering system solutions with proper security measures that align with NIST's Risk Management Framework RMF / Intelligence Community Directive ICD 503 utilizing FIPS Special Publications 800 series for compliance.
• Incorporating STIG and GPO lockdown as part of the System Engineering solutions with information and system security as the main focus

Confidential

Senior Systems Security Specialist/Support Administrator

• Supported the Security posture for NIPRnet/SIPRnet/JWICS and Internal Domains for the Joint Personal Recovery Agency JPRA at Fort Belvoir. The effort included supporting the Risk Management Framework RMF /Intelligence Community Directive ICD 503 within all domains with enhance effect on the continuous monitoring Phase of ICD 503.
• Reported and applied IAVM's through monthly security updates and GPO settings which included the pushing of updates utilizing a Microsoft SCCM/WSUS Server.
• VMS reporting of IAVA's and Checklists with the uploading of Retina Scan .xml's and benchmark files for CyberCom compliance.
• DIACAP/ICD 502 Security Artifacts review, updating and writing which would include CONOPS, SSP's and POAM's.
• Supported the security posture of a Windows 2008R2 environment
• Configured and deployed an HBSS EPO Server Ver.4.5 environment for NIPR/SIPR domains for site security compliance mandated by the Defense Information Systems Agency DISA .

Confidential

Senior Systems Engineer/Information Assurance Officer

• Information Assurance Officer IAO for multiple NIPRnet/SIPRnet Domains for the Defense Threat and Reduction Agency DTRA at Fort Belvoir.
• Accreditation analyst responsible for the implementation and guidance of the Defense Information Assurance Certification and Accreditation Process DIACAP / RMF/ICD503 security process, which includes the writing, updating and reviewing of package artifacts, ICD502 CONOP's and running Retina/Gold Disk scans.
• Responsible for updating the System Security Plan SSP , Concept of Operations CONOP / ICD 502, Plan of Actions and Milestones POAMs and the creation of checklists for new systems that are being installed or upgraded within these domains.

PROFESSIONAL EXPERIENCE ACCOMPLISHMENTS Continued

• Utilize DISA Security Technical Implementation Guides STIG /Checklists and NIST SP 800 RMF/ICD 503 guidance documents for the lockdown of servers and services. Implement GPO's for further lockdown of resources. Provide guidance to Administrators to ensure they adhere to policies and maintain FISMA compliance.
• Generate/Upkeep of data within DISA's VMS system for Computing/Non-Computing Assets.
• Knowledge of group policy objects GPO , AD design/replication and system integration. Knowledge of such services as DNS, DHCP and WINS
• Install, configure, and troubleshoot hardware and software running on HP Proliant 585 servers running VMware vSphere ESXi 4.x/5.x host software utilizing Windows Server 2008R2 OS and associated applications.

Confidential

Information Assurance Engineer

• IA team member that created and reviewed DIACAP packages within the Department of Defense DOD which included, System Identification Profile SIP , DIACAP implementation plan DIP , preparation and updating of POAM's and the DIACAP Scorecard.
• Set up and test customer site configurations in a virtual environment within the DREN/DIATECH utilizing VMware ESXi software to foresee any potential risks that might be associated with their environment before site changes were implemented or software was upgraded
• Identify findings utilizing DISA approved tools such as the Army Gold disk, SRR Scripts and Retina Scanner.
• Utilization of DISA STIG's, Security Checklists, NIST SP-800 Series publications and Army Best Business Practices for an automated information system AIS to obtain Authority to Operate ATO
• Assist the IPKeyes team in writing corporate capabilities documents in response to Government Requests for Information.

Senior Principal Engineer

• Spearheaded efforts to develop, plan and analyze requirements for a smooth transition for all Ft. Monmouth Exchange servers from a single NT 4.0 Domain to a Windows 2003 Active Directory Native Domain.
• Perform everyday troubleshooting and problem analysis of Exchange Server 5.5/2003, Windows 2000/2003 server, Blackberry Server 4.1, Network connectivity, Backup and Recovery issues and Mailbox Restoration of Client Email.
• Employ Security measures to all DoD Information Systems that includes applying security templates and performance of patch management. These actions ensure compliance with Information Assurance Vulnerability Assessment IAVA requirements and adherence to DoD AR25-2 Army best Practices and IA Regulations, as well as NETCOM Information Assurance regulatory requirements and policies.
• Scan Network servers utilizing the DoD Vulnerability Assessment Tool Retina Scanner for DoD security compliance.