Skills/Areas of Expertise:
| || || || |
| || || || |
| || || || |
| || || || |
- Report and provide support to Transportation Security Administration TSA Chief Information Security Officer CISO on Information Technology IT security-related duties.
- Serve as Program Manager overseeing ten 10 Information Systems IS and applications to adhere to Department of Homeland Security DHS / TSA Management Directive MD 1400.3 policies and standards set forth in National Institute of Standards and Technology NIST 800 series publications specifically SP800-37, 800-53A, FIPS-199/200, and 800-30 .
- Assist System Owners with security requirements for new developments to include the design and implementation phase of the Information Systems and applications.
- Support management team in collaborative initiatives to foster the exchange of knowledge and expertise
- Assist in developing unified guidelines/procedures for conducting Certifications and Accreditation to evaluate Federal Information Systems and networks which includes critical infrastructure.
- Manage customer's expectation by frequently communicating Program status through weekly meetings with all stakeholders to maintain customer satisfaction.
- Examine and provide recommendation for approval to the Change Management Board CMB .
- Evaluate and provide approval for Project Authorization Document PAD and Functional Requirements Document FRD for various Information Systems.
- Develop Security Assessment Plans SAP and analyze the results of security test activities to evaluate the existence and effectiveness of 800-53 security controls.
- Employ the NIST Risk Management Framework RMF SP800-37 to manage risk to Information Systems.
- Develop, update, and maintain appropriate Security Authorization SA packages based on DHS/TSA and NIST standards for general support systems and major applications.
- Recommend appropriate FIPS 199 impact level designations and identify appropriate security controls based on categorization of the general support system or major application.
- Perform Preliminary Risk Assessment PRA and site survey for newly developed and acquired Information Systems.
- Develop and evaluate Plan of Action Milestones POA M Matrix based security scan findings for various Information Systems.
- Investigate and review security scan results via WebInspect, Burp or Nessus to determine false-positives/false negative and develop remediation plans with stakeholders.
- Manage Out-of-Cycle POA M's with Information System Security Officer ISSO for various Information System and application within Trusted Agent Federal Information Security Management Act TAF to ensure waivers and exceptions are documented and tracked appropriately.
- Served as the key advisor to the Information System Owner, Business Process Owner, and the Chief Information Security Officer CISO on all matters relating to technical and security of the Information System at the Federal Emergency Management Agency FEMA .
- Developed security documentation, including System Security Plan SSP , Security Assessment Report SAR , POA M, and Contingency Plan to ensure compliance with Information Assurance policy.
- Maintained documentation repositories within the Risk Management System RMS and TAF where SA project documentation and artifacts are stored.
- Worked closely with FEMA Information Technology Security Branch stakeholders to evaluate security controls.
- Analyzed and review Information SSPs within the document review process.
- Developed and Tested Contingency Plans to adhere to training and testing requirements.
- Coordinated SA activities and system testing with appropriate security personnel.
- Developed risk assessment reports prior to updates or fixes to Information Systems within testing environments.
- Assembled and submitted SA packages to Primary Accreditation Authority/Designated Accreditation Authority.
- Addressed monthly vulnerability security findings and categorized findings based on the Risk Rating of the Information Systems.
- Reviewed and approved Security Checklist Report for Change Management Request.
- Scheduled and executed monthly vulnerabilities scan using Nessus scanning tool.
- Coordinated technical incident response and remediation activities for third-party client environments.
Executed Information System security assessments within the guidelines of the National Institute of Standards and Technology NIST 800 Series publications, Federal Information Processing Standards FIPS and Federal Risk and Authorization Management Program Fed RAMP .
- Executed SA activities for Microsoft Corporation on the Microsoft Office365 Cloud computing solution project to achieve compliance within Fed RAMP requirements.
- Performed and provided feedback to aid the security assessment of Microsoft Office365Cloud instance
- Provided aid to the stakeholders in the selection of FY2011 Critical Control Review based on the classification of the information system/application for the U.S. Department of the Interior's DOI Fish and Wildlife.
- Provided support with the development of Security Test Plan STP for DOI Fish and Wildlife
- Aided project stakeholders to determine the categorization and minimum security requirements for their Information Systems in accordance with FIPS 199/200.
- Created and update Security Accreditation Report SAR .
- Created and update DOI Fish and Wildlife Plan of Actions and Milestones via Cyber Security Assessment and Management CSAM Security Authorization SA .
- Assisted in the development of security-related policies and procedures documentation.
- Performed execution of the Security Control Assessment SCA to adhere of Information system/applications.
- Developed document support for the Requirement Traceability Matrix RTM to determine the results of the examination, interview and testing phases within Security Authorization.
- Participated in the out brief meetings to address weaknesses and potential mitigation strategy to maintain security controls compliance.
- Managed team of four Technical Support Analysts to support the cross-functional technical environment.
- Acted as the liaison between the stakeholders and all third party vendors for desktop and server support
- Participated in deployment of hardware project that requires coordination between multiple stakeholders
- Developed and implemented project plan for Pacesetter application and hardware deployment.
- Oversaw analyst's schedules and ensured their availability for project deliverables.
- Created and implement best practice process by creating checklist that improved the efficiency of the team.
- Liaison for Blackberry device supported and migration project to an updated device and platforms
- Provided technical support for Executive level management i.e. blackberry, laptop and projector .
- Develop/Deploy/Administer ghost enterprise server images.
- Provided Administrative Support and Management Blackberry Enterprise Server 4 4.1.6.
- Monitor/Manage Altiris Helpdesk system to support and push end-user application.
- Delivered administrative support for Active Directory in Windows 2003/2008 server
- Provided administrator function for Microsoft Exchange 2003 email server.
- Supervised and support Symantec Endpoint Protection servers for server/client local and remote site.
- Maintained and support the CITRIX Presentation 4 server farm Local and Remote Server .
- Installed and support Business Objects and Crystal Reporting application for end-users.
- Supported Intel-Tel phone system and patch new lines of service.
- Oversaw telecommunication accounts with various third party vendors for pagers and cellular phones.
- Installed Microsoft SQL 2005/2008 Server Management tool and support for the developer team.
- Train end-users on new technology relating to Chamberlin Edmonds PACE application.
- Create new technology solutions using VMware Server/VMware player for new business application needs.
- Provided desktop, laptop and printer support for end-users.
- Develop/test SOP for new technologies monitor SLA's.
- Worked with various bridge vendors such as Medisoft, Xlink, Mysis, Ellkay, Greenway, A4 Healthmatic, etc. to develop bridges.
- Worked with various practice management vendors such as Medisoft, Mysis, and Medical Manager to extract insurance carrier list from various databases in ASCII format.
- Troubleshoot all bridge and insurance mapping issues in a timely manner.
- Provided on-site and off-site bridge support to field support team.
- Created customized bridge templates and parameters for vendor specific needs.
- Worked with client vendors in implementing HL7 interfaces for our mutual clients.
Provided installation and support of Quest Diagnostics' Care360 products and services.
- Worked with senior level managers in Sales, IT and Vendor Sales to achieve results.
- Worked with Quest Diagnostics' phlebotomists reviewing customer connectivity networks to provide appropriate networking solutions.
- Compliance with all HIPPA standards.
- Provided on-site training to clients.
- Provided technical support via phone or via on-site visits.
- Utilized Remedy Helpdesk system to monitor/track end-user request.
- Lead technician responsible for server and workstation relocations.
- Provided asset inventory for all computer equipment based on new system acquisitions.
- Provided desktop/ laptop support and configurations for company's Dell PCs.
- Created Ghost imaging for desktops and laptops.
- Deployed Dell desktops and provided configuration of Lotus R5.
- Provided end-user software and network support.
- Performed installation and upgrading of Windows 2000 clients.
- Managed inventory and documentation of installed base.
- Supported troubleshooting and technical support of Win95/2000 MS Office.
- Provided VPN support and configuration for Windows 2000 XP.
- Administered configuration support for GroupWise 6 email.
Technical Support Analyst
- Provided Computer PC Laptop configuration deployment
- Provided helpdesk support for web applications Asset Insight 4, tracking software
- Created user accounts and maintained Oracle 8i database.
- Assisted Project Manager with wireless modem deployment and technical support
- Developed Ghost Image for IBM 300PL desktop and software testing.
- Lead special projects to deploy Windows 2000 server rebuilding and network setup.
- Performed Server and PC repairs/upgrades
- Support Asset Insight website by editing and maintenance content.
- Provided support for end-user email services.
- Performed Data migration special projects.
- Served as primary Computer Repair Technician.
- Provided customer support for Sales team end-user.
- Performed Y2K testing and patching for computer systems.
- Supported software and desktop publishing installation.
- Provided configuration support of printer and other computer peripherals.
- Designed brochures for Jamaica Gleaner Advertisement and the local yellow pages.
- Provided off-site computer system support to customers.