SUMMARY:

• An accomplished professional with over 19 years of progressive experience building teams and managing secure IT operations within complex working environments.
• An understanding, innovative individual who multi - tasks and has an excellent sense of teamwork to get results by instilling commitment, trust, fairness, and loyalty.
• Strengths include solid communication and problem-solving skills and adapting to change.

TECHNICAL SKILLS:

Languages: ASP Classic, HTML, XHTML, XML, CSS, T-SQL, C#, VBScript, JavaScript.

Frameworks: ITIL, ITSM, TQM, LEAN, CMMI, .NET, J2EE.

Tools: Remedy ITSM 8, MS Office Suite, MS Visio, MS Project, MS Share point.

Operating Systems: Windows, UNIX, LINUX, and Dos.

PROFESSIONAL EXPERIENCE:

Senior Information Security Engineer

Confidential

Responsibilities:

• Information Security lead working closely with government customers, and subject matter experts to create and execute Information Assurance processes while applying detailed knowledge of Army and DoD and accreditation (C&A) processes. These IA processes include DIARMF, NIST, DOD 8500, DISA/STIGs/IAVM & FISMA.
• Developed IA packages and supported accreditations and implemented DISA STIGs.
• Reviewed security related standard operating procedures and instructions and recommended updates to corporate and project processes.
• Managed and worked with software development teams to ensure that appropriate measures are taken to minimize vulnerabilities and ensure that customer’s security requirements are met.
• Lead and conducted annual security reviews, including DIACAP accreditations.
• Strived to keep abreast of the latest IA issues, technologies and approaches.

Information Technology Delivery Manager

Confidential

Responsibilities:

• Planned, developed and implemented project efforts that utilize information technology solutions.
• Developed, established and maintained project management standards and procedures.
• Developed the project scope, defined project guidelines, obtained business and information technology sponsor approvals and coordinated the resources necessary to successfully complete the projects.
• Managed multiple medium to large-sized, moderate to highly complex enterprise-wide projects.
• Lead Information Technology (IT) / Information Management (IM) related initiatives: (system integration and audit remediation).
• Lead cross-functional teams of more than 15 resources which may consist of employees, contractors, and consulting partners.
• Managed projects at various levels of complexity using different project management methodologies including agile/iterative project management.
• Managed project budgets ranging from $1.5M to 10M.
• Analyzed business needs and worked with cross functional (technical & non-technical) teams to deliver enterprise solutions.
• Lead a matrix project team to define, establish, and ensure completion of all program milestones while adhering to timelines and budgets.

Information Resource Management (IRM) -Infrastructure/Security specialist

Confidential

Responsibilities:

• Lead for the development of the organization's IT security and compliance strategies, including coordinating the implementation of information security standards across the organization's global infrastructure.
• Managed 50+ contractors and subcontractors across all lines of business. I.e. servers, network, workstations, desk top support, system administration and applications.
• Participated in service level agreement (SLA) negotiation and documentation.
• Primary interface for the coordination of efforts between the organization's information technology operations function with the information security and internal audit and compliance functions.
• Collaborated with external and internal consultants, auditors, vendors and outsourced service providers in terms of information assurance and information security including information systems auditing, access control methodologies and corporate governance regulations.
• Responsible for developing and providing communications and presentations to management, including executive level management, and supporting organizations regarding information security requirements, controls and actions.
• Responsible for providing project management oversight and review, including cost-benefit and requirements analysis, task management and direction on IT security architecture projects.
• Lead for the design and development of procedures to continuously test and review the effectiveness of required information security controls, and provide capability for required compliance reporting.
• Assisted with the development of the organization’s information security operations team to facilitate the implementation and maintenance of the compliance methodology, as well as provide capability to address organizations information security needs, including the areas of incident response, forensics, and secure systems architecture.
• Responsible for evaluating information security frameworks and compliance requirements such as NIST, ISO 27001, Sarbanes-Oxley, and DIACAP to determine common and required controls and, based on risk, contractual requirements and budget considerations, provide implementation planning, guidance and oversight.
• Support International Traffic of Arms Regulations (ITAR) and other Government Regulatory functions - - Corporate Governance Regulations (Sarbanes Oxley, etc…).

Information Security Engineer

Confidential

Responsibilities:

• Applied technical expertise to ensure effectiveness and efficiency of performance. Understand and work to anticipate customer needs.
• Proactively seek customer feedback and input to improve team's customer service rating. Consider customer commitments a priority, working with others to ensure customer needs are met on projects and assignments.
• Prioritized work on several concurrent assignments through efficiency, involving project management principals as necessary. Coordinate with others to meet customer needs by delivering projects on time, within budget, and with high quality.
• Worked effectively as a senior team member. Always seeking ways to improve work processes and methodologies. Ensure quality through the encouragement of accountability with sound judgment.
• Supported U.S. Army Tank Automotive Research, Development and Engineering Center (TARDEC) as Lead Information Assurance Security Officer (IASO) in all information assurance security initiatives related to the Defense Research and Engineering Network (DREN) Infrastructure which is the Department of Defense’s (DoD's) recognized research and engineering network infrastructure. Work with the Technical Team Lead to develop the relevant portions of the technical architecture and specifications.
• Responsible for administering U.S. Army TACOM Life Cycle Management Command (TACOM LCMC) in the DOD Information Assurance and Accreditation Process (DIACAP) and to ensure the DIACAP program is implemented across TACOM LCMC community for the CIO G6.
• Comprehensive knowledge of national, Department of Defense (DoD) and Department of Army (DA) regulatory policies relating to Information Assurance (IA), Communications Security (COMSEC), Public Key Infrastructure (PKI), DoD Information Technology Security and Accreditation Process (DIACAP) and Information Assurance Vulnerability Alert (IAVA) in order to insure compliance.
• Reviewed DIACAP documentation, maintaining a central repository for all systems and accreditation (C&A) documentation and modification to support the Designated Approving Authority (DAA), maintain enterprise-level records of DIACAP s, and ensuring that any TACOM sponsored or developed unique systems are properly certified and accredited.

Information Systems Analyst

Confidential

Responsibilities:

• Provided Program Manager Tactical Vehicles (light, medium, and heavy)with Integrated Data Environment/Integrated Business Environment (IDE/IBE) administration and support for the Army Knowledge Online (AKO) system.
• Assist with Program Manager Tactical Vehicles information assurance security initiatives as a certified IASO.
• Review DIACAP documentation, maintaining a repository for all systems C&A documentation and modification to support Designated Approving Authority (DAA), maintaining enterprise-level records of DITSCAP/DIACAP s.
• Project Manager and Web Application Developer; Web development using current web technologies (W3C and government section 508 compliance coding standards). Plan and manage all projects life-cycle with use of MS Project using SEI-CMMI level 3 development standards.
• Coordinate with offices in the development of automated information systems. Develop and implement policies and procedures in accordance of Army regulations AR25-1 and AR25-2.
• Develop and support multiple Access, MySQL, MSSQL databases with ASP Classic and ASP.NET front ends including Crystal Reports.NET.
• Prepare various reports, data