Executive Profile

Certified Information Systems Security Professional CISSP and Project Management Professional PMP . Over 12 years of specialized experience in Program Management, Project Management, Information Assurance, Information Security, Certification and Accreditation, Disaster Recovery Planning, Risk Management, Risk Analysis, Continuous Monitoring, Vulnerability Assessments, Threat Assessments, Incident Response Planning, Change Configuration Management, Security Architecture Analysis and Security Compliance.

Qualification Highlights

• Provide security Program and Project Management to USDA, a network of over 25 agencies and 600 systems
• Managed the Information Assurance Program for DOD's largest travel system, consisting of over 4 million users
• Navigated through multiple DISA CCRI, GAO and OIG/FISMA audits
• Authored complex security plans, policies and procedures for Defense and Federal department agencies
• Deeply experienced with DIACAP, NIST Publications, DOD Instructions/Directives, OMB Circulars/Memoranda, FISMA, PCI, HIPPA, SOX, GBLA, ISO/IEC 27000 series, COBIT, ITIL

Professional Background

Information Security Program Manager

• Provide IT and Security Project and Program Management services to executive management, to include project control, project management and program management.
• Manage program management to a division of over 10 security personnel utilizing the ASOC PMO framework includes governance, EVM and executive reporting .
• Provide cyber security/information assurance support services for management and delivery of operations security program, policies, and procedures.
• Implement the risk management framework RMF and continuous monitoring services consistent with NIST, OMB, and other Federal guidance.
• Develop and implement USDA wide Policy Remediation program to develop FISMA, OMB and NIST compliant security polices for the entire USDA and to assist in the closure of OIG and GAO FISMA audit recommendations.
• In collaboration with other OCIO agencies, provide comprehensive, agile, and a cost-effective approach to the development, implementation, and on-going operational response to the variety of NIST, OMB, FIPS, and other security guidance.
• Manage communication and stakeholder engagement to include business intelligence outreach to the stakeholder community creation and updating of briefing packages and technical and operational guidance documents on-going formulation, tracking, and reporting for internal and external data calls, e.g., OIG/GAO audits, FISMA, FMFIA and OMB.
• Develop long range plans for IT security systems that anticipate, identify, evaluate, mitigate, and minimize risks associated with cybersecurity vulnerabilities.
• Balance information security risks and business constraints to provide risk-based mitigation recommendations to management. Qualitatively measure and articulate the overall risk impact to senior leadership by presenting risk assessment artifacts on a regular basis.
• Prepare project definition including: scope, schedule, risk, quality, resource, communication documentation and plans.
• Ensure the confidentiality, availability and integrity of IT systems through full compliance with FISMA, NIST, and USDA IT security policies and standards.
• Design, plan and execute projects, policies and procedures in collaboration with team members, other OCIO and ASOC divisions, and USDA agencies and staff offices.
• Provide oversight and management of information security awareness, training and educational activities.
• Manage and support day-to-day operations performing mission support functions, to include, security architecture development business process analysis and engineering and performance metric development and tracking.

Senior Information Assurance Consultant

Confidential

• Developed and fostered relationships with DTS and Government executive, senior management, business leaders and enterprise architects.
• Managed technical teams of over 10 security personnel to create an integrated approach that provides data integrity, information confidentiality, and service availability.
• Ensured that risk analysis methods are embedded across architectural programs as new technologies and solutions are implemented.
• Supported the ongoing assessment and measurement of DTS information risk objectively and consistently, and provided leadership to team members and consulting to business leaders in addressing the information risk posture.
• Defined and documented the application security architecture for project solutions as part of the SDLC process, and provided input and governance to the SDLC process.
• Participated in IT strategy planning activities, bringing a current knowledge and future vision of security technology, and how they interact with the DTS application portfolio and business goals and objectives.
• Designed, analyzed and implemented security essential practices and infrastructure at the data, application, service, operating system, and network levels to safeguard all datacenter assets and data.
• Provided hands-on experience in conducting C A activities, which included developing security requirements, developing artifacts, conducting security test and evaluations, developing risk assessments, and documenting the information system in system security plans through all accreditation activities.
• Developed and updated department-level IT security policies, procedures and plans such as, PII/sensitive information handling, risk management, incident handling, contingency planning, secure backup and recovery, account management, personnel security, physical security and rules of behavior.

Senior Information Assurance Officer/Engineer

Confidential

• Responsible for developing and executing strategies and programs to ensure the protection of DODEA's information assets.
• From a strategic perspective, implemented security best practices and helped drive compliance in a number of key business areas, including DOD/federal security compliance, industry regulation/standards and compliance frameworks.
• Developed and maintained the IA program to include information assurance requirements, architecture, policy, personnel, processes and procedures.
• Responsible for C A activities to include, but not limited to, COOP planning and testing, incident response management, vulnerability management, continuous monitoring and reporting, PII data protection, user access and audit log monitoring, and drafting and conducting computer security awareness training.
• Designed, tested, evaluated and supported the accreditation and documentation of new technologies and systems that were deployed in the DODEA enterprise network. Developed, reviewed and maintained security Trusted Facility Manuals TFMs and standards on commonly deployed systems, such as HBSS, MS Windows, UNIX/Linux, routers, switches, firewalls, intrusion detection systems, databases, web servers and software applications.
• Engineered architectures to ensure the continued operation and security of all enterprise network assets including routers, switches, NAC, VPNs, firewalls, proxies, wireless and IDS/IPS in an enterprise secured classified and unclassified network environment.
• Focused on application security, intrusion detection, vulnerability assessment, proactive network monitoring and protection, and participated in systems development and deployment decisions from the perspective of security best practices.
• Designed and implemented information assurance and security engineering systems with requirements of business continuity, operations security, cryptography, regulatory compliance, threat detection and mitigation and physical security analysis.
• Performed collaborative reporting on operational security service levels, security event correlation strategy, intrusion prevention system enhancements, identification of security gaps, security enhancement planning, and project based timeline metrics.

Lead Network Security Engineer

Confidential

• Served as the lead in communicating systems and technology project status and direction to client management, peers, and end user communities.
• Worked with the security manager to evaluate services and strategic direction of network security products as well as ensure the network design and architecture is in line with information security policies.
• Contributed to physical and logical data network planning and design. Identified resources capable of addressing performance, reliability, and security requirements.
• Promoted design standardization to facilitate maintenance and troubleshooting.
• Configured and documented LAN and WAN components, including firewalls, routers, switches, proxies and hubs to meet business requirements.
• Assisted in an Active Directory migration consisting of design and implementation of redundant Domain Controllers, DNS, DHCP, Print/File Sharing and Web services.

Computer Security Specialist

Confidential

• Designed and implemented a finger scanning biometric system for secure two-factor authentication.
• Maintained Windows servers and assisted in managing all aspects of the domain to include, DHCP, DNS, WINS, RAS and trust relationships amongst domains.
• Provided secure computer support to a network of over 80 users.

Technical Experience

• McAfee Host Based Security System HBSS : McAfee ePO, McAfee VirusScan, McAfee Host Intrusion Protection HIPS , McAfee Asset Baseline Monitor ABM , McAfee Data Loss Prevention DLP , McAfee Policy Auditor PA .
• Integrity Monitoring: Tripwire Enterprise, McAfee ABM
• Network Security: Sourcefire/Checkpoint/Cisco/Enterasys IDS/IPS, Network Access Control NAC , Cisco PIX/ASA/IOS Firewalls, Juniper/Cisco/Sonicwall IPSec/SSL VPN, RSA Security Appliance/Tokens, Bluecoat/F5 Proxies and Reverse Proxies, Cisco Wireless, Cisco/Foundry Routers, Cisco/Foundry/3COM Switches
• Security Information and Event Management SIEM : Arcsight SIEM, Juniper Security Threat Response Manager STRM , Cisco Security Monitoring Analysis and Response System MARS , Wireshark, NetWitness Investigator
• Vulnerability Penetration Testing: eEye Retina, HP Fortify, HP WebInspect, NMAP, Nessus, Core Impact, Backtrack
• Identity Access Management: Consolidated User Administration, Reduced Sign-On, Password Management, Strong Authentication, Directory Management and Web Access Management
• Operating Systems: MS Windows, UNIX/Solaris, Linux Ubuntu/Redhat/SUSE, VMware ESX
• Databases: Oracle, Microsoft SQL, MySQL
• Applications: MS Active Directory, MS Exchange, MS IIS, MS SMS, Backup Exec, Tivoli TSM, EMC Networker Backup
• Storage: Xiotech Emprise SAN, Dell Poweredge NAS, Brocade Fabric Switch, Qlogic HBA