Training / Skills:

• Knowledge of OWASP Top 10 Security Threats for 2013
• Knowledge of Data Loss Prevention DLP
• Knowledge of Assured Compliance Assessment Solution ACAS 4.6.2
• Knowledge of Information Technology Infrastructure Library ITIL V3 standards
• Knowledge of COBIT 4.1
• Knowledge of Ethical Hacking, computer forensics, and SEIM tools
• Knowledge of FIPS Publication 199/200
• Knowledge of routers, firewalls, LAN and wireless networks, and Secure Telephone Equipment STE , DRSN, VOSIP
• Knowledge of Intrusion Detection System IDS tools i.e. IBM AppScan Standard v7.8
• Knowledge of PCI's DSS v1.2 standard as utilized by the DoD
• Knowledge of VeriSign PKI and SSL certificates
• Knowledge of Quest Software's solution to Active Directory Automation
• Knowledge of Microsoft Sharepoint 2007 and integration with Microsoft SQL 2005
• Knowledge of Compliance Tracking tools like LogRhythm to insure adherence to FISMA security requirements
• Expertise in SEI's approach to Software Product Lines SPL
• Project Management Professional certification training PMP
• Supporting Microsoft Systems Management Server SMS
• Fundamentals of UNIX under Sun Solaris
• Object Oriented Analysis and Design using UML OOAD
• Expert knowledge of Software Development Life Cycle SDLC
• Knowledge of OMG's, Model Driven Architecture MDA using Unified Modeling Language
• Knowledge with Six Sigma best practices for software development
• Knowledge with SEI Capability Maturity Model Integration CMMI
• Knowledge of Customer Relationship Management CRM
• Knowledge of FDA regulatory requirements
• Knowledge of HIPAA insurance requirements
• Knowledge of Data Warehousing methodologies
• Knowledge of 21CFR11 and its impact on the Biomedical and pharmaceutical industry
• HTML development
• VB scripting Excel macro development
• C-shell, Bourne shell, Korn shell scripting
• SQL scripting
• Perl scripting

Complete Work History:

Information System Security Manager ISSM

Confidential

• Champion the Risk Management Framework transition from DCID 6/9 to ICD 503 for the Joint Tactical Force's JWICS operations at Guantanamo Naval Station, Cuba
• Implement IPSwitch's Log Management Audit Tool at enterprise level to automate tracking of all audit logs for direct reporting to the DIA
• Report weekly discrepancies and recommendations based upon NIST SP 800-53 v4, JAFAN 6/3, JAFAN 6/9, Circular A-130, OMB Exhibit 300
• Develop RMF documentation for Special Access Program SAP network
• Establish Risk Management Framework RMF for network infrastructure
• Establish security baseline for network posture
• Establish Continuity Plan and DSP
• Manage classified stand-alone information systems
• Lead efforts to bring collateral standalone systems under DIACAP accreditation using Enterprise Mission Assurance Support Service eMass
• Provide oversight over all JWICS system administration and Configuration Management
• Work with SSO to track all physical security issues in support of continued TEMPEST accreditation
• Utilize RETINA BeyondTrust to audit IAVA / ICVA compliance in support of DoDIIS directives
• Participate in weekly Security Management meetings
• Work with Facility Manager in support of SCIF environmental concerns
• Manage all JWICS IA training
• Knowledge of Wonderware SCADA System in support of network hardening and implementing of IA controls

Information Assurance Manager IAM

Confidential

• Developed an automated approach to active monitoring of over five-thousand security logs a day in support of Air Force Global Strike Command's JWICS network at Barksdale AFB.
• Work with JWICS administrators to insure ICVA vulnerability compliance across network domain for Trust and Verify
• Research and develop patches to significantly improve performance of secure workstation environment
• Utilize RETINA Enterprise Suite to audit ICVA compliance in support of DIA directives
• Utilize HP ArcSight for active monitoring of security and system audit reports
• Utilize Wireshark to inspect network packets for anomalies
• Conduct TEMPEST inspections in support of 12 SCIFs
• Participate in DIA accreditation and certification for updated or new SCIF networks
• Participate in monthly Change Configuration Control meetings
• Enforce NIST security controls for secured network environments

Security Information Event Manager SIEM / TSgt

Confidential

• Serve as subject matter expert for POA M management and tracking against network vulnerability orders
• Recommended closure of more than 300 TCNOs in support of major CNDSP effort for USCYBERCOM
• Developed the comprehensive USAF Network Order Scorecard that provided a key resource for a Major General to champion NAF enforcement of network compliance orders
• Championed troubleshooting the Air Force Network Operations Compliance Tracking Tool ACTv2 that resolved world-wide tool isolation issues for over a month in just one day of work with developers.
• Discovered more than 32,000 managed assets at a key, USAF PMO base that was wide open to cyber-attack by developed advanced, Microsoft Excel, statistical tracking tool in concert with HBSS module support.
• Provided leadership and ground support in the establishment of the new 24 Air Force Space Command's headquarters for the 624 Operations Center at Lackland AFB.
• Provide quality control and compilation of HBSS statistics from all three INOSCs to adjudicate overall HBSS module health in support of US CYBERCOM mandate for overall AF HBSS health.
• Developed innovative and advanced Excel-based tool utilizing formulas and VB scripting to enhance USAF mission's capacity to comprehensively track and report order statistical data for order compliancy.
• Provide Time Compliance Network Operational TCNO , 24/7 support and active monitoring of real-time, USAF strategic and defense worldwide for cyber-attacks, unscheduled and scheduled network outages using NIPRNET, SIPRNET, JWICS enterprise networks.
• Process VMS notifications following DIACAP governance for certification and accreditation of unclassified and classified network enclaves.
• Interpret notifications on real-time, network intrusion events and forward recommendations to command based on forensics findings with coordination through INOSC regions and the 33 NWS AFCERT .
• Maintain and update DoD checklists for information protection and security tracking
• Coordinate all communication of network outages, scheduled and unscheduled to required agencies for mediation and priority mitigation with Operations Controller and Crew Commander
• Utilize AFNetOps Compliance Tracker ACT and other tools for content management, enterprise and defense management
• Championed updated checklists in support of DGCS, Unit UAV mission support to mediate against preventable network outages.
• Utilize Microsoft 2007 tools under the Microsoft Windows 7 operating system with Microsoft SharePoint Server 2008 for collaboration of all information between respective departments.

Cyber Training Specialist /TSgt

Confidential

• Developed 3 innovative tools in support of the 24th Numbered Air Force, Cyber Training mission at Lackland AFB.
• Reverse-engineered, Microsoft Excel 2007 workbooks using advanced, VB based formulas and macros to develop the first 24AF Cyber Training Scorecard tool.
• Developed Microsoft Word 2007 tool to automate lookup for Cyber course material.
• Developed Microsoft PowerPoint 2007 tool to score automatically, each NAF division's, required courses under an advanced rating system the very first tool developed for the 24th Air Force to automatically track, monitor, and provide statistical analysis up to O-7 level.

Battle Network Manager / SSgt

Confidential

• Provide support and accreditation for base enterprise network under Information Assurance mandate through DIACAP
• Prototype IDS and IPS tools for network and server host monitoring to audit security risks i.e. IBM AppScan, Snort, Wireshark, etc.
• Pursue upgrade level training in Cyber Systems Operations UNIX fundamentals, Windows Active Directory, Microsoft Exchange administration, Microsoft SharePoint, Cisco, etc

IT Compliance Analyst

Confidential

• Led the effort to bring HP-UX v11.31 under SOX / Payment Card Industry PCI compliancy

• Plan, prepare, participate and facilitate meetings with stakeholders to develop, implement and maintain system and database configuration standards and the necessary controls for compliance monitoring

• Participate in the evaluation of standards and compliance related projects by assessing project requirements, completing cost estimates and outlining proposed expenditures for management approval
• Implement project management skills to carry out project related work. Develop scope documents and project plans with approval from customers and management prior to carrying out defined project work
• Aggressively analyze and synthesize data and information collected from the compliance monitoring/management environment for the purpose of improving the overall state of compliance and the operational efficiency, effectiveness and service quality of IT group
• Initiate and track work activities necessary to achieve standards compliance among databases and systems maintained by IT group
• Integrate compliance monitoring/management systems with other operational systems as needed to satisfy business requirements

IBM Systems Engineer

Confidential

• Managed project for Northrop Grumman in support of risk mitigation assessment of client's IBM Base ClearCase environment under the mandate of SEI's Software Product Lines through direct observations and stakeholder interviews and isolated human element issues that impeded adoption to effective tool usage and critical build failures for the company
• Managed project for CSC of Chorley, England servicng BAE Systems to install and configure ClearCase UCM production environment in support of end military avionics customer, SCM tool solution
• Partnered with IT management at Thales Communications in Maryland to develop first ever, web-based CM solution in support of the software development of firmware programs for embedded system, ground radios and other communication equipment
• Won SOW project and developed best-practice approaches for ClearCase UCM in support of production implementation under iSeries with leading Financial Services customer, Practia Consultores of Chile while working effectively under a foreign culture and Spanish language utilized advanced translations tools for SOW project
• Outsourced IBM project for Instructor postion at London, England and led formal training classroom presentation on IBM Rational ClearQuest Test Manager with emphasis on SDLC with additional emphasis on Rational Manual and Functional Tester as integrated under CQTM
• Directed data recovery efforts of corrupt IBM Rational ClearCase PVOB environment in support of Windows 2003 Server to save development costs of up to 100,000 per day due to missed build deadlines
• Audited development and IT environment at Northrop Grumman and prepared report for findings and recommendations to improve performance and viability of Rational ClearCase environment, eliminating a huge workload for IT management by providing code review support for embedded C/C firmware servicing advanced avionics radio systems

IBM Systems Engineer

Confidential

• Managed project at HCSC BCBSIL developing strategies and solutions for addressing tool, server, and network performance issues with IBM Rational ClearQuest v7.0.0.1 in support of Windows 2003 Server
• Managed technical and sales support for BSD Group's Oracle extension for IBM Rational Performance Tester v7.0.0.2 for the City of Atlanta
• Managed project at Southern California Edison SoCal , developing innovative, client solution without vendor support for exporting test scripts from IBM Rational Manual Tester v6.1.1.1 to Word 2002 using manual and automated processes through VB script development
• Managed project for AmeriGroup in the development of the first CRM solution using IBM Rational ClearQuest v7.0.1.0 and provided technical direction and individualized and classroom workshops of proposed virtual prototype

IBM Systems Engineer

Confidential

• Led project consultation of Sogeti's, IBM service solutions for its Rational tool clientele throughout the Midwest as distinguished, subject matter expert for the entire company
• Managed project for Union Central Insurance by working with internal IT department to create installation image of Rational Application Developer v7.0.0.3 in support of local desktop and Citrix implementation as subject matter expert
• Managed project at BCBSKS to present a SOW for upgrading existing performance testing tool that serviced company web-based solutions based upon WebSphere
• Managed project at Ameritas Insurance company in the mentoring of stakeholders on the use of existing functional testing tool using the latest use case and test case design concepts.
• Serviced SOW project at Medtronic of Minnepolis to upgrade IBM Rational tool, product line
• Instructor at Barnes Jewish Christian Health Care that accredited and mentored team of test developers on best practices for the use of IBM Rational automated testing
• Led project initiative at BCBSKS in the configuration of IBM Rational Performance Tester in the baselinning of WebSphere java applications to determine level of capcity against future user base
• Administered and configured BCBSM's first IBM Rational production, Windows 2003 server for the company in the deployment of Doors requirements management tool and CRM solution, worked with outsourced testing team in Mumbai, India
• Managed IBM Rational tool assessment project for Fidelity through remote administration leveraging, home-based Cisco VPN technology.
• Managed IBM Rational tool assessment project for BCBSKC in leading the company's IBM Rational testing solution with formal use case and test case design and standard operating procedures.
• Delivered first IBM Rational tool solution for BCBSM in support of company's System Integration Testing group
• Provided expertise for IBM Rational tool assessment for IT testing staff at Freddie Mac and processed evaluation results with IBM for support
• Championed the use of IBM Rational Requirements Management solution to enforce the requirements management discipline at National City Mortgage Corporation through importation and analysis of functional design specifications

Test Manager / IBM Systems Engineer

Confidential

• Led project leadership on IT tasking to deliver a ITT's first performance strategy engineering solution for Oracle8i project IRIS Exeter using IBM Rational Robot in automated testing
• Worked with MIS Director in development of Test Management process framework and enterprise level CM plan
• Configured Robot data pool configuration information for JREE and Oracle forms applications
• Worked with project management to gather requirements in support of the Sarbanes Oxley Act of 2002 SOX to develop a workflow process and meet auditory requirements
• Served as Subject Matter Expert on RUP methodologies and business disciplines to achieve higher levels of CMMI compliancy and meet SOX auditing mandates
• Provided solutions for ClearCase LT under base configuration for WSAD JREE implementation
• Senior support in use case, functional design and implementation
• Provided sequence diagrams and logical workflows in Rose using UML in support of proposed change management solutions using Rational ClearQuest
• Reverse engineered Oracle databases in Rational XDE
• Served as Quality Assurance Manager for IT department and Requirements Management SME

IBM Systems Engineer

Confidential

• Championed project delivery efforts for Roche's global mandate to adopting IBM Rational Tools and RUP to meet CSV and CFR Part 11, FDA requirements for their software development life cycle through complete certification process

• Assumed PM responsibilities to manage business relationship between DC R D and IT departments

• Mentored business partners on RUP in CMM compliancy and new Requirements Management directive from Global
• Provided full Rational tool support for RequisitePro, TestManager, Rational Administrator, and ClearQuest including Business Object's Crystal Reports and SQL Anywhere
• Developed a Requirements Management Plan and document SOPs for all business processes affecting software development and quality
• Developed external vendor solution for Rational tools through Citrix MetaFrame 1.8 using VPN LAN WAN
• Administered Rational relational databases under Microsoft SQL Server 2000 SP-3a
• Resolved issues with R D department with their test management process and SQL AnyWhere implementation of TestManager

Information Assurance Specialist C4 Information Security

Confidential

• Served as SME by assisting and providing timely and pertinent information for the publication of the sections Cyberbytes.
• Cyberbytes is a monthly news bulletin that is distributed to the base that covers Information Assurance subjects to educate the base computer users on proper computer security practices.
• Developed a trial version of the Pigeon Communications System for testing purposes. The implementation required him to install and configure the server and clients for the test was able to accomplish the test implementation during a weekend Unit Training Assembly.
• Trained the personnel who would test the program and also completed a detailed document on installation and operation procedures. His work on this project, lead to a successful test of the application program. The success of the testing phase allowed us to purchase an enterprise edition license to implement the program base wide.
• Served as SME for Microsoft's System Management Software SMS which aided the 122nd Network Control Center to produce update packages to update all network computers with required security patches also provided training on how to produce reports within the SMS.