SUMMARY:

• Cybersecurity - Cyber Intelligence with information technology and information assurance. Progressive years of cybersecurity intelligence experience in the field of IT IN multi-fabric program, procurement, and asset and cybersecurity management.
• Expert in the field of cybersecurity architecture and cyber intelligence skills on innovation technology. Cybersecurity project management and leadership, harnessing emerging technologies to drive business performance improvements, operational strategies and best-in-class cybersecurity solutions.
• Provides primary liaison to the U.S. cyber intelligence unit and inspector general law enforcement relative to cybersecurity criminals and insider threat issues regarding cyber incidents on fraud and abuse.
• Cybersecurity leadership of both functional supporting the non-technical and technical teams, with excellent communication skills and a superior track record of forging ally business partnerships with top-tier vendors including Splunk, Fidelis Security, BMC-Remedy, CISCO, EMC, HP, Microsoft and Verizon.
• Strong background and knowledgeably with hands-on work flow on Cybersecurity architect with cyber intelligence SME building and leading teams in Federal U.S. Government Cybersecurity environment.

PROFESSIONAL EXPERIENCE:

Confidential

Systematic Management Solutions Contractor

• Cybersecurity - Cyber Intelligence SME supporting innovation forward-thinking business leader recommend the best approach to make the enterprise network’s cybersecurity resilient. Resilience focuses on the ability to stay in business and minimize damage to the DOE customers, and proactive introduce innovation ideas supporting the next generation for the cybersecurity - cyber intelligence community.
• Support the cyber intelligence community outreach task, successful in communication bringing gaps into productive solutions and services. Provides cyber intelligence awareness and information security SME advisory, serves as primary liaison with Federal clients, participating in meetings to ensure client needs are met. Draft policy, experience in design workflow providing evidentiary activities to include evidence handling, chain of custody development standard operating procedures and enhance contract tasks. Intelligence communications, and cybersecurity problem-solving and liaison support within and outside the department, particularly for national-level cybersecurity threats, vulnerability, and risk management issues. Reviews design, completion and implementation of system additions and/or enhancements and makes recommendations to client’s management. Develop technical roadmaps for future implementations of security components and controls. Compares the enterprise security stance using intelligence data processing measuring the risk parameters including risk tolerance, data categorization, risk framework, risk assessment, and experienced in identification of malicious user behavior. Diplomacy subject matter expert collaborate with 90+ DOE program sites highly technical teams of Cybersecurity incident handlers and analysts who provided security monitoring, incident analysis, incident response activities, subject matter expertise, vulnerability identification and analysis, and central incident coordination, communication, and repository functions of the most advanced Cybersecurity threats.
• Cyber Fusion Intelligence task provide support to the DOE ECC and program site’s all aspects of Cybersecurity possible indicator of compromised research and analysis as well as in core organizational activities communication with the Intelligence Community Security Coordination Center (IC SCC). Role of Cyber Analyst integrate team and engages in the DOE ECC iJC3’s project planning, primary on cyber intelligence analysis, as well as reviewing and analyzing information provided by the program site’s Cybersecurity. Essential Responsibilities:
• Conduct open-source and classified research on emerging/trending threats and vulnerabilities
• Coordinate and create finished, all-source analytical products (CIU reports)
• Collaborates with the IN NSOC and iJC3 watch floor to ensure continuity of fusion analysis
• Communicate to the DOE OCIO regarding cyber intelligence analysis reports related to the detection, characterization, monitoring and warning of suspected unauthorized network activity and relationships that may pose a threat
• Provides immediate Cybersecurity intelligence tipper awareness analysis, may also provide personal briefings to the appropriate federal management
• Reviews reported tips and leads for threat information and situational awareness, including determining location, activity, severity and reporting trends
• Compares and contrasts new data with information already in intelligence databases; seeks corroborative data; assesses individual pieces of information in the context of broader assessments or operations; and disseminates significant computer network defense intelligence as appropriate
• Closely monitors and great experience in the cyber intelligence threat and risk management situation through analysis of Cybersecurity intelligence reports and intelligence briefings. Cyber threat matters have serve as the DOE representative to other government organizations, including United States-Computer Emergency Response Team (US-CERT), Department of Defense (DOD), National Security Agency (NSA), Defense Information Systems Agency (DISA), the Federal Bureau of Investigation, and other appropriate elements of the USIC. Provides expert advice and develops technical roadmaps for future implementations of security components and controls. Diplomatic recommendations and communicate to higher DOE management levels on matters relating to Cybersecurity risk, threat, and vulnerability management services, as well as the integration of cyber risk management requirements into the budget formulation and execution processes, policies and procedures for the organization.

Confidential

Operations Manager and Cyber Program collaboration

• Knowledgeable and experienced in analyzing and defining computer and network security requirements
• Subject matter expert leading various technical projects supporting Cyber Threat Fusion efforts utilizing Fire-Eye, HB Gary (Razor and Responder Pro), Norman and other HQ - Program enterprise-wide tools
• Performing outreach for collaboration and partnership efforts with other agency programs
• Create and maintain Cyber Incident Management documentation to evaluate strategic alignment with IT security SLA policy, strategy, and incident operations
• Work with Enterprise use of Big Fix and Patch link tools for software management
• Perform risk assessments and forensics on IT systems and identify potential security risks
• DNS Alerts - Defense Enhance Cybersecurity Services aka DEX
• Assisting with the review and evaluation of existing policies and procedures governing security incident response/recovery to determine areas needing modification or improvement
• Provide on-site incident response to Cybersecurity incidents using Forensic Recovery Evidence Device (FRED)
• Evaluate existing and proposed systems, networks, or software designs for potential security risks utilizing McAfee - Enterprise Security Manager aka NITRO
• Provide support to agencies and organizations in developing strategies that counter evolving information and IT systems security threats utilizing:
• Encase Enterprise OCIO sponsor program
• Splunk Enterprise OCIO sponsor program
• Paolo Alto OCIO sponsor program
• HB Gary Active Defense
• BRO open source - program site enterprise
• Perform forensic and malware analytical activities in response to Cybersecurity incidents utilizing:
• Solera / Deep see forensic analytic
• GFI sandbox analyzer
• FireEye sandbox analyzer
• Norman sandbox analyzer
• SCOT program site intelligence analytic
• Gather, evaluate, and verify vulnerability of information technology systems and networks utilizing:
• FireEye Web MPS iSight Partners / US CERT
• NCCIC US CERT
• Cyber Federated Model
• Conduct analysis on current or emerging cyber threats to support developing strategies that improve understanding and help mitigate future threats
• CyberIR Matrix
• JC3 RADAR
• JC3 / Cyber Federated Model
• Responsible for DOE cyber incident management concerning security event reporting on cyber-related activity, vulnerabilities, risk managements, JC3 joint NNSA SVTC and enhance contract tasks as defined by the JC3 cyber intelligence units and JC3 Call Center operation guide and SOPs. Provide day to day intelligence operational awareness of the reported incidents. This includes incident data flow, oversight of response, Google analytic content management, and incident remediation.
• Provide direction and oversight on agency Cybersecurity and other related Information Technology (IT) strategies, policies and programs in the context of current and emerging Federal law, guidance, priorities and initiatives. Ensure timeliness and quality standards are met; provide technical collaboration advice, counsel, and instruction on complex Cybersecurity issues and network penetration testing; and develop individually and/or as part of a team reports which assess the integrity of DOE computer networks and the effectiveness of network intrusion monitoring, support strengths and weaknesses resulting from review activities.
• Participate in the collection and analysis of technical and management data associated with DOE Cybersecurity programs. Make authoritative determinations on issues associated with implementation of Cybersecurity policy and requirements in general and specific situations. Maintain continued Cybersecurity intelligence technical liaison with the appropriate staff elements throughout the DOE, other Federal entities, private industry, and with key representatives at facilities of security interest to exchange information in connection with Cybersecurity requirements.
• Provides guidance and work leadership to less-experienced security architects, security analysts and Experience in analysis and correlation of disparate cyber related data to determine the root cause of cyber related events and incidents. Lead cyber intelligence unit responsibilities and supports the execution of special projects to ensure interaction and planning with the DOE Joint Cybersecurity Collaboration Center, DOE Office Intelligence and Counterintelligence, and the Office of the Inspector General.

Information Technology Assistant Manager

Confidential, ROCKVILLE, MD

• Development and Deliver management on strategic technology infrastructure solutions for distributed in a mid-scale heterogeneous data-center environments. Managed a mid-range datacenter, fulfillment CRM implemented in supporting an e-commerce newsletter client; which involved significant management of business out-sourcing.
• Participated in the qualification and selection of the Service Desk Solution and Service Desk Provider. Helped qualify and select a managed network services provider and restructure change provision the WAN infrastructure, comprising both primary and backup circuits for Internet and for Multi-Protocol Label Switch (MPLS) Cisco circuits. Development of the Service Delivery Model for the IT organization based on ITIL Service Management.
• Server Virtualization and Refresh Efforts: Assisted with planning and managing the virtualization and migration of applications into the new Data Center. We were required to migrate applications into new servers for the new Data Center as the old Data Center servers were at the end of their useful life.
• Assisted with a data center move involving over 40 servers and more than 130 desktops – with no significant downtime for users. Primary Windows environment.
• Restructured network architecture folder permissions and consolidated share folders on the file server.
• Technology project management: managing SDLC applications user validation, systems test and validation for upgrade using ARGIVision; execute upgraded backup CA ARCserve software version 11.5 to R12.
• Procurement management: met the Yearly budget allowable expense within $450,000.
• Professionally outsourced customer care center technical supported 25 customer representatives in Pennsylvania; change management supporting 175 user clients with a business partner on outsourced fulfillment center in New Jersey.