Information Security Program Manager Resume
Dulles, VA
SUMMARY:
- Diligent project manager offering a proven record of success leading all phases of diverse technology projects; ensuring Cybersecurity is risk - based, mission-driven, and addressed early and continually.
- Business strategist; plan and manage multimillion-dollar IT and Cybersecurity projects aligning business goals with technology solutions to drive process improvements, and successfully complete mission objectives.
- Excellent communicator; leverage technical, business and Federal Government acquisitions terminology to communicate effectively with Senior Leadership and their respective teams.
- Expert in NIST, Agile, Waterfall project management methodologies & Risk Management Frameworks. Known for ability to produce high-quality deliverables that meet or exceed timeline, budgetary and mission-driven targets.
TECHNICAL SKILLS:
Project Management: Cybersecurity Lifecycle Acquisitions RMF Governance Project schedules and Cost Enterprise - wide Implementations Governance, Risk & Compliance IT & Cyber Project Lifecycle: Requirements Traceability System Migrations/Integrations Design/T&E/Sustainment/Cross Domain Solution A&A Risk Management Value-Added Leadership: Cross-Functional Supervision Team Building & Mentoring Client Relations & Presentations Vendor Management
PROFESSIONAL EXPERIENCE:
Confidential (Dulles, VA)
INFORMATION SECURITY PROGRAM MANAGER
Responsibilities:
- Conceptualize and drive IT strategic planning that delivers the advanced information capabilities needed to ensure the success of cybersecurity initiatives. Combines expert IT Security Capital Planning, Quality Assurance, Acquisition, and Governance with the people and project management skills needed to lead transformation initiatives for rapid technological expansion. Engage with associates, vendors, and industry stakeholders to develop and implement security policies and procedures.
- Manage a project budget of $3M. Responsible for the successful technical, schedule, and cost performance of an ACAT II Army program within the PEO IEW&S Portfolio. Oversee a team of 11 Cyber Security and Information Technology Subject Matter Experts in accordance with contract data requirements and deliverables. Sustained and maintained over 22 Deployed Information Systems in the CENTCOM AOR.
- Implement effective risk management and tracking to include the identification of all known risks, key assumptions, probability of occurrence, consequences of occurrence (in terms of cost, schedule, and performance) if not mitigated, analysis of mitigation options, decisions about actions to mitigate risk, and execution of those actions.
- Evaluate new and emerging cybersecurity threats and IT trends and develop effective security controls and mitigation strategies. Oversee development of security awareness programs for the enterprise. Develop, review, and test incident response plans to align with the College's business continuity management program goals. Evaluates potential security breaches, coordinates response, and recommends corrective actions.
- Served as the Cyber and IT Project Manager SETA support for the PD Aerostats Program Office. Managed a team of Cyber personnel to perform and document continuous monitoring assessments for Information Systems in accordance with NIST Frameworks and Standards. Initiated, Planned, Executed andmonitored a security management continuous monitoring program that met and exceeded the requirements resulting in approval of multiple Assessment & Authorization packages transitioning from DIACAP to RMF in a 12-month timeframe in order to provide the Army warfighter the Authority to Operate and maintain operations.
- Create and managed cross-functional teams that strengthened the Program Offices’ ability to ensure security engineering was properly captured in program milestones. Risk Management and Probability Analysis.
- Enterprise Risk Management identifying and understanding the various types of risk that the enterprise encounters, determining the probability that these risks will occur, and estimating their potential impact. Applied ERM Playbook and NIST 8626 Methodologies. Responsible for reviewing information security measures regularly and using it for policy, resource allocation and Information System security decisions. Supporting implementation of corrective actions, identified through measuring information security performance to mitigate Insider Risk activities within the organization. Working knowledge of identifying and securing High Value Assets (HVA).
- Develop and maintain an enterprise-wide security strategy, individual security awareness programs, security architecture, and security incident response plans and required artifacts. Provide strategic risk guidance and mitigation strategies for IT projects, including evaluation and recommendation of security and technical controls.
- Project Management and Cybersecurity resource management utilizing Smartsheet’s to develop project plans and project intake forms that roll up into PMO Dashboards. ServiceNow Dashboards and incident management.
Information Systems Security Manager / Information Technology Project Manager
Confidential
Responsibilities:
- Plan, manage, and provide oversight of Information Technology projects including resources, finances, and scope. Utilize standard project management methodologies, tools, and best practices to deliver quality solutions on time, within budget and that achieve the expected business outcomes.Oversee compliance of IT and Project controls to mitigate or prevent risk exposure.
- Managed multiple environments supporting the design, development, evaluation and accreditation of information systems ranging from standalone systems to complex distributed DoD and interconnected (WAN/LAN) computer systems. Developed & Accreditation documentation System Security Plans (SSP), POAM, Security Concept of Operations (CONOPs), Security Architectures, and the Privileged User’s Guide (PUG).National Industrial Security Program (NISP)-National Industrial Security Program Operating Manual (NISPOM).
Information Security Officer / Senior Systems Admin
Confidential
Responsibilities:
- Ensures that system hardware, operating systems, software systems, and related procedures adhere to Systems to Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIG). OS Base lining and IAVA remediation. McAfee HBSS, Windows Server 2008, 2012, Solaris DNS administration and management.
Confidential
Information Assurance Manager / Senior Systems Admin
Responsibilities:
- Supported Bolling AFB 11th Wing Information Assurance office as the Wing EMSEC Manager, enforcing EMSEC policy and doctrine, while coordinating with the other military departments and government agencies.
- Analyzed and troubleshoot networks and operating systems, while performing routine network router management functions, to include repairing network outages, interfacing and providing assistance to the theatre Network Operations Center (NOC) technicians, and reporting corrective actions to restore networks