SUMMARY:

• Experienced in the fields of Identity & Access Management, PKI, and Information Security with regards to developing, implementing, and overseeing the protection of information, information systems and (IT) requirements.
• Including actions, services and planning employed for preventing and mitigating computer fraud and/or modification of information, whether in storage, processing or transit of information systems or their contents, or theft of information including those measures necessary to detect, document and counter such threats.

PROFESSIONAL EXPERIENCE:

ICAM Engineer

Confidential (Washington, DC)

Responsibilities:

• Support Confidential Identity Services Branch (IS2O) with management of privileged identities and access across various enterprise wide applications
• Responsible for preventing unauthorized authorization and/or modification to Confidential systems and resources
• Establish and deploy of Federated Services and Federation trust configuration process to support SSO applications
• Perform technical planning, system integration, verification and validation
• Mitigate weaknesses within the environment found during monthly vulnerability scans/audits
• Establish Standard Operating Procedures and related documentation for the implementation and transition of Microsoft Azure within the environment
• Utilize Azure to establish and patch Virtual Machines and to establish privileged user accounts
• Managing Group Policy (GPO) creation and modifications
• Review all SCOM health monitoring performance related reports

Systems Engineer III

Confidential (National Harbor, MD)

Responsibilities:

• Support Confidential Identity Services Branch (IS2O) with management of privileged access across various enterprise wide applications
• Established a 24/7 work environment supporting various Enterprise Application owners
• Create and manage privileged accounts access and permissions via Xceedium and Active Directory
• Utilized Microsoft Advance Threat Analytics to monitor enterprise environment for vulnerabilities and anomalies
• Mitigated weaknesses within the environment found during monthly vulnerability scans/audits
• Employed SCOM to monitor the health of the environment and be alerted to threshold exposure
• Support Trusted Identity Exchange environment and patching of designated servers
• Utilized Radiant Logic for Identity Integration, Information Integration and Data Management
• Establish and deploy of Federated Services and Federation trust configuration process to support SSO applications
• Perform technical planning, system integration, verification and validation
• Mitigate weaknesses within the environment found during monthly vulnerability scans/audits

Identity & Access Management Administrator

Confidential (Washington, DC)

Responsibilities:

• Supported Confidential IdAM/Active Directory services across 4 enclaves SCINET, BLACKNET, FBINET, and UNET
• Use and knowledge of Microsoft Forefront Identity Manager (FIM)
• Functioned as Tier 3 to include troubleshooting connectivity issues with firewall endpoints, access and publishing points with consideration of the outward lying network technologies
• Implementation of PKI, services, and single sign on
• Accomplished PKI/Registration Authority duties for Messaging Directory Services Unit to include: Issue, revoke, renew and recover s for the CAC/PKI in compliance with Confidential policy
• Understanding of protocols used for web traffic and troubleshooting tools to diagnose connectivity issues
• Working knowledge of load balancing and replication techniques as they relate to high availability systems
• Completed various tasks utilizing Power Shell and managed GPO via Advanced Group Policy Management
• Working experience utilizing Microsoft Active Directory, Exchange, Lync Services
• Usage of Microsoft Windows Server (i.e. 2012 r2, 2008 r2)
• Working experience and ability to restrict and map shared network drives to end users workstation
• Configure shared group mailboxes and restrict based on a produced Security Group and/or Distribution Group
• Usage of Active Administrator and SCOM for monitoring and recovery purposes

Identity Management (PKI) Specialist

Confidential (Fort Belvoir, VA)

Responsibilities:

• Supported the Army Cyber - Security Directorate Identity Management Directorate in the areas of Army Communications Security to include Cryptographic Modernization, Key Management Infrastructure (KMI), Common Access Card (CAC) and Public Key Infrastructure (PKI)
• Provided specialized expertise as a IdM Specialist which includes assisting the Local Registration Authority personnel in creation of SIPR (Classified) and NIPR (Unclassified) PKI tokens and/or s
• Executed sessions with new IdM specialist utilizing DoD practices, policies, procedures and standards as outlined in the RPS (SIPR/Classified) and CPS (NIPR/Unclassified)
• Issued, revoked, renewed and recovered s for the CAC/PKI office in compliance with DoDI 8520.2
• Managed end-to-end lifecycle of Army digital identities and access controls
• Created PKI Mobile-Code Signing, Group, Role Based s and PKI GO (General Officer) tokens
• Operated, maintained, and ensured successful implementation of the IdM/PKI program
• Understanding of how the NIST 800.53 v4 security controls are implemented in relation to IdM
• Registered and/or terminated of Local Registration Authorities (LRAs) to perform their duties
• Established and maintained distribution, alternate CAC tokens, and CAC pin resets globally
• Resolved customer issues related to smart cards and supports the CAC/PKI service desk coordinator
• Managed smart card process for SIPR (Classified) and NIPR (Unclassified) environments
• Generated ASCL tokens which enables a single, universal sign-on and optimized sign-on infrastructure
• Performed third party key recovery and approving issuance of s to network Non Person Entities (NPEs)
• Created ASCL token lifecycle tracking records and DoD PKI ASCL pins and unlock codes
• Coordinated with Trusted Agents for token request and distribution and/or conducts face-to-face user validation for the issuance of PKI s

Security Specialist/IT Asset Manager

Confidential (Arlington, VA)

Responsibilities:

• Established overall security program management for over 300 Government Contract employees in a fast-paced environment with Facility Security Officer (FSO)
• Enforced standards for a secure environment for the protection of personnel, property and information
• Understanding of the NIST v4 security controls and of activities required for NIST R1 Risk Management Framework, FIPS 199, and POA&M
• Analyzed basic security findings to include sending alert notifications and security incident reports
• Provided support to organization in developing strategies that protect information and counter IT security threats
• Delivered on-site incident response to security and cyber incidents
• Managed access to company facilities and secured areas via Datawatch and Kastle secured systems
• Initiated, processed, and reviewed documentation related to security clearance investigations via e-QIP and JPAS
• Conducted prescreening eligibility interviews and provided recommendations on subject’s clearance acceptability
• Managed and processed required badges and access requirements through Visitor Authorization Requests (VAR)
• Provided counsel to executive and senior management on security guidelines for Federal contract vehicles
• Provided security briefings, debriefings, and awareness for site personnel
• Maintained personnel security records, reports, and correspondence as required by Defense Security Services
• Conducted self-inspections for Annual DSS inspections along with any other inspections required per the GCA
• Managed the maintenance of Government Equipment valued at $1.5 million ensuring property was properly identified and tagged
• Managed Government Equipment inventory via SharePoint in accordance with Federal Acquisition Regulations
• Processed requests (via Remedy) for U.S Government IT equipment
• Orchestrated recurring retrieval of unused, surplus Government equipment, ensuring optimal reutilization of assets or proper disposal
• Organized all government audits & CST Asset Management Quarterly Reports to ensure accuracy
• Developed and maintained standard processes and procedures to support Asset Management activities
• Assisted with the establishment of IT procurement strategies, processes, and procedures consistent with company policy, best practices and other requirements (such as government regulatory, etc.)
• Installed, configured, troubleshoot/fixed, and imaged computer workstations/laptops
• Setup users, troubleshoot connectivity issues, and patch network cables
• Basic Active directory creation, deletion of user accounts and password compliance

IT Support & Asset Manager

Confidential (Clinton, MD)

Responsibilities:

• Analyzed system logs and identified potential issues with computer systems
• Introduced and integrated new technologies into existing data center environments
• Performed computer hardware and software installations to include routine audits of systems and software
• Performed general maintenance tasks, troubleshoot, and repairs of computer systems and peripheral equipment
• Troubleshoot, fix, and image Windows workstations and laptops while maintaining a ready to use inventory
• Implemented and maintained network security, TCP/IP protocols and computer hardware and software
• Installed, programmed and maintained CCTV equipment such as IP and Dome Cameras, PTZ, Analog, and DVR
• Planned and oversaw physical inventory maintaining quantity on hand, stock rotation, and monthly inventory