PROFILE:

Industry - recognized Senior Information Security Professional with experience in many arenas. Record of successfully implementing and managing security frameworks for to achieve compliance with various compliance requirements. Perform well in high pressure, short deadline situations. Adept at creating measurable security improvements as evidenced by improved IT metrics. Analytical, decisive, and highly-knowledgeable in information security trends, methodologies, and technologies.

CORE COMPETENCIES:

• FISMA
• Security Leadership
• Policy Creation
• OMB Circulars
• Vulnerability Assessments
• Risk Assessment
• ATC, IATO, ATO
• Security Procedure Development
• Information Security Audit
• Confidential 800 series
• Governance in the Cloud

PROFESSIONAL EXPERIENCE:

Confidential, Washington, DC and Miami, FL

Information Security Manager

Responsibilities:

• Physical implementation of Internet lines and monitoring systems for them;
• Instruction, guidance and resources for Special Agents on using un-attributable Internet (anonymous Internet surfing);
• Briefings at both Supervisor’s conferences as well as the “All Hands Meeting”
• Consulting to leadership team and research analysts on issues of Information Security
• Expert Cyber investigative techniques to teams dealing with national and international issues
• Assistance in OSINT and CybINT data gathering
• Responsible for data breaches and incident response of classified “data spills”:
• Initiating protective and corrective measures when a security incident occurred
• Monitoring system recovery processes and ensure the proper restoration of an IS security features
• Provided Security Awareness Refresher to persons involved in computer incidents
• Regional ISSO for the Southeast US; responsible for the Field Offices in Florida, North and South Carolina, Alabama, Mississippi and Puerto Rico
• Traveled to various Field Offices to assist in their Information Security program
• Provided to SAs, Cyber and Terrorism research analysts
• Shared valuable Cyber information to less “tech savvy” offices
• Configuration Management (CM) for security-relevant IS software, hardware, and firmware
• Ensured compliance with all security requirements and updates
• Provided guidance and instruction to the existing personnel
• Solely responsible for enforcing the personal Electronic Device (PED) Policy
• Made sure that all users have appropriate security clearances, authorization, and need-to-know, and are aware of their security responsibilities before they are granted access to Information Assets
• A large geographically dispersed organization of approximately 5,000 users was considering migrating its entire data center to a cloud based solution
• Provided business case scenarios that detailed potential cost savings versus cost of maintaining the status quo
• After the cloud solution was approved, provided Information Security advice about the changes that would occur in the organization’s risk posture
• Provided advice to both the Project Team as well as existing Information Security management on matters as technical as which firewall product would work to items as large as potential changes to the organization’s regulatory compliance
• Evaluated vendor SLAs, MOUs, and MOAs for issues and reported to organizational management

SOC Manager

Confidential

Responsibilities:

• Worked with Red Teams and Blue Teams to improve security posture of the Department’s externally facing websites.
• Black box testing of web applications using AppScan, Burp Suite and various web fuzzers.
• Dynamic and static code testing using Fortify.
• Database scanning with AppDetective, SQLmap and Havij.
• Selective use of Metasploit Framework with Armitage against approved selected assets.
• Led the evaluation process and wrote the business case for selected security software made available on a grant from the DHS.
• Responsible for producing reports synthesizing information from scanning results along with expected results from existing security controls.
• Participated in meetings to spread Information Security awareness among different units.
• Updated and rewrote Standard Operations Procedures.
• Worked with SOC personnel to evaluate IDP/IPS anomalies in Sourcefire Defense Center.
• Resolved various alerts to determine the seriousness of the threat.
• Helped team members analyze dynamic memory captures using HB Gary’s Active Defense.
• Lead computer incident investigations (averaging approximately one per month) and directed team members during these events.
• Worked with computer forensics experts to preserve evidence captured from compromised hard drives.
• Updated the IR processes, personnel and documentation.
• Created a Disaster Recovery plan.
• Mentored less experienced SOC resources.

Confidential, Calverton, MD

Subject Matter Expert

Responsibilities:

• Due to previous work experience and intimate knowledge of the "computer underworld", was hired as SME for an Confidential contract to develop and teach Confidential Special Agents the current threats in the Cyber Intrusions field and how criminal actors are able to gain access to computer networks.
• Developed curriculum for the Confidential Cyber Intrusion course to teach Special Agents techniques and methods for investigating cyber crimes
• Using real world experience, created laboratory exercises to investigate multiple types of malware, including several of the most current versions of APT, root kits and worms
• Used personal contacts to acquire "live" and "in the wild" copies of Zeus, Poison Ivy, Toto, Allaple, CSRSC, Dark Eye Cryptor, and Storm.
• Provided Subject Matter Expertise to the Confidential regarding Incident Response procedures.
• Led the development of a new Cyber Crime Investigation Toolkit.
• Created a flowchart of questions for new Cyber Agents to ask of the victim's technical personnel.

Confidential, Washington, DC

Principal Consultant

Responsibilities:

• Information Assurance Manager (IAM) for a Confidential financial project. Responsibilities included:
• Translating FISMA requirements into actionable plans;
• Knowledge of Confidential 800 series of special publications;
• Mastery of DISA’s vulnerability management tools;
• Preparation of C&A packages and artifacts;
• Validating system vulnerabilities and preparing POAMs to mitigate them;
• Wrote and tested Business Continuity Plan;
• Lead annual Incident Response exercise;
• Participated in building security into the Unified Master Project Plan;
• Provided PPS (Ports, Protocols and Services) information to out hosting facility;
• Trained developers on some of the dangers of insecure coding practices;
• Helped program management mitigate urgent security vulnerabilities.
• Interacted daily with stakeholders: software development, engineering and database managers.
• Instrumental in a successful re-bid of the contract.
• Managed the Information Security staff.
• Provided Information Security advice to management on project initiatives.
• Researched, compared and presented cost saving measures to C-Level stake holders.
• Improved the program’s regulatory compliance posture as measured by vulnerability tracking.
• Advised both program management and our hosting provider on additional security features in hardware that we were already using.
• Evaluated client locations for Cloud Computing applicability.
• Analyzed applications and systems for security concerns.
• Audited client's policies and procedures against appropriate regulations.
• Produced detailed documents regarding the "Current State" with new insights to the customer.
• Presented all findings in the report to the client.
• The security recommendation was critical in the client's decision.
• All security deliverables were finished below budget and ahead of schedule.
• Examples of my Cloud Security experience follow:
• Evaluated the client's overall information security posture and recommended applications that could be securely moved to the Cloud.
• Accessed programs that resided on NIPR, SIPR and Top Secret networks.
• Performed security assessments of client's programs.
• Worked in secure client facilities to identify new and potential threats.
• Met with Special Access Programs to identify projects that may be appropriate for inclusion into the Command’s new Cyber project.
• Produced the Security Section of the final report that was critical to the Command in meeting Confidential mandates for Cloud Computing adoption
• Lead a research effort into certain technology that would be used in a secure cloud environment.
• Evaluated different vendors' solutions for security and scalability.
• Assessed classified and unclassified programs for feasibility to move to Cloud.
• Provided a briefing to General Officer staff on the research and Cloud recommendation
• Participated in a joint conference with the Army, DISA and several COCOMS evaluating Cloud offerings
• Provided security input regarding different types of Cloud implementation (Private, Hybrid, Community, etc).
• Assisted DISA in their presentation to the General Officers present.
• Presented a potential new security mechanism for Cloud adoptions.
• Was the Cloud Security SME for critical and very large Confidential bids.
• Evaluated Cloud types and implementations for suitability for the Confidential .
• Wrote sections relating to Cloud and Cloud Security for various Confidential RFPs.
• Worked closely with potential Cloud Providers to craft an appropriate service offering.
• Evaluated different types of security mechanisms for feasibility.
• Provided input to all team members involved with the RFP effort.
• Wrote and distributed a security risk assessment on the Vendor's Cloud offering.
• Wrote and edited all security sections for both RFPs.
• Assessed various Cloud Solutions Cloud for security. These results were provided to a large commercial (E-commerce) client.
• Continued to assist this client as they began the migration of their data center to their new Cloud provider.