Subject Matter Expert in Cyber Security, Counter/Anti-Terrorism with combined of 20 years in these particular areas. With an emphasis on Federal, National Security systems, Physical Security, Personnel Security, and Critical Infrastructures Protection. Utilizing when necessary DITSCAP DIACAP DOD 8570, DHS 4300, NIST 800 series, AR 25-2 and DCID 6/3, OMB-130, Sarbanes-Oxley Act, HIPPA, FISMA, NISPOM, FISCAM and PCII standards. Conducting Penetration Testing, RA, ST Es, Vulnerability Analysis, Threat Matrix and Remediation strategy to obtain and or keep the Authority to operate. Making sure Governance, Policy, and Requirements are met, in multiple infrastructures and networks across the country. From small to large Enterprise networks and both government and private security work.
- Corporate Auditing
- PKI Architecture Start to Finish
- Corporate Infrastructure Assessments
- Business Development Cybersecurity
- Healthcare Auditing/Certification/Vulnerability Analysis
- Financial Audits/ Certification/Vulnerability Analysis
- Small Business Enterprise Implementation Server, Mail, Malware protection, Firewall
- Corporate Small Business Policy writing, business processing documents
- Private and Home Security implementations Network, Physical Protection
DIACAP, DITSCAP, NIST, AR 25-2 and HSPD-12 directive/standards and best practices. Creating Security Policies for the project, infrastructure or environment. Core Impact, Splunk, Nipper, NMAP, Wireshark, LANGuard. PKI Architecture install , SamSpade, SSL, PGP encryption, VPN, Network Security. Nessus Enterprise scanning, testing security controls, implementing security Auditing Software. Aruba Networks, Tripwire. Experience with network security management tools e.g. Netegrity, NetIQ, STAT Scanner, and Nessus, CIS Tools, DISA Gold disk Windows 2k3 2k10 server installations, Exchange server deployment, Anti-virus/Malware deployment, Enterprise spam server deployment. Ethical Testing Vulnerability Analysis. Internet Security DMZ in Hosting Environments. Defense in Depth POAM remediation and strategy.
AFFILIATIONS AND INDUSTRY ASSOCIATIONS:
- Industry Advisory Council IAC , Information Security and Homeland Protection special interest groups, chair of the Security Governance committee
- Armed Forces Communications and Electronics Association AFCEA member
- Information Systems Security Association ISSA member
- US CERT Center
- Information Systems Audit Control Association ISACA
Securing the Department of Veteran Affairs against cyber-attack is one of my highest priorities. To achieve this goal, I support the computer network defense systems and security operations teams to defend against a variety of internal and external threats. Many C A processes do not align with the end users that are mandated to follow it. My responsibility is to C A new systems and to obtain an Authority to Operate ATO , and comply with the Office of Management and Budget OMB Federal Information Security Management Act FISMA of 2002.
The IT Security Manager is responsible for such tasks securing networks, both wireless and hardwired handling offsite storage and putting plans in place to deal with stolen laptops. Awareness of internal security threats is as critical as external ones. In addition being able to identify areas of risk, having the knowledge to react to security breaches will certainly prove useful someday. Communication skills especially in areas where diplomacy is needed will help ensure that new policies and procedures gain the support they need to be adopted by the enterprise.
Responsibilities/Duties for Corporate:
- Responsible for liaising with cross government security groups to support the accreditation process and ongoing development of organization s security needs
- Responsible for developing and defining the organization technical security strategy, policies, operating model, threat/risk models and assurance processes
- Ensures security strategies comply with appropriate government and departmental Security Policies, Strategies and Standards.
- Accountable for ensuring that the security strategy provides systems protection to meet organization requirements.
- Supports systems and services for individuals both within and outside the accredited systems
- Provides technical and professional leadership to other IT support personnel at multiple operating facilities.
Computer Security C A Specialist
- Reviews all C A documents for accuracy and completeness in accordance with the DOT Security Policies and Procedures, FAA Certification and Accreditation C A Handbook, FAA Orders including 1370.82A s, OMB Circular No. A-130, Appendix III, Federal Information Security Management Act FISMA 2002, NIST Standards including FIPS 199 and FIPS 200, and NIST Special Publications SP guidelines. Also shared observations with the FAA stakeholders collaborated on document modifications.
- Conducting the ST E testing of the information systems, and developed a Security Testing and Evaluation ST E plan in accordance with the NIST guidelines including NIST-SP-800-37, NIST-SP-800-53, and NIST-SP-800-53A. Conducted ST E testing of the systems at FAA HQ and the FAA Technical Center in Atlantic City, New Jersey.
- Creating and reviewing all artifacts for FAA under AIS systems and performing security assessment when applicable. Responsible for drafting certification memorandums, writing FAA type accreditation templates, updating and managing SSAAs and ISSPs, maintaining POAM tracking and updating artifacts as needed.
Cyber Security Manager, B3 Solutions
- Lead the team of Security professionals On different Programs
- Help build and create an Incident Response Team from the ground up.
- Write to IT/Cyber Security proposals, including Cyber, IA and Policy, C A
- CMMI Development
- Corporate Auditor
- Certification Training FISMA, NIST, DoD, HIPPA, FISCAM, AR-25, NISPOM
- Lab Training McAfee, Retina, Nmap, Nessus, WASSP, SECSCN, etc.
- Support the client's information security risk, assurance and compliance functions.
- Responsible for defining and managing the client's overall Information risk, security and assurance / governance programs, ensuring compliance with established guidelines, external and internal audit requirements, internal group security policy and standards, technical security frameworks and general technical security strategy, and relevant industry related regulations.
- Help to define IT risk policy and assurance strategy, and manage the governance program to improve the IT functions overall IT compliance standpoint Enterprise wide.
- Define and manage the client's overall IT risk and IT compliance activities, develop and maintain IT Security Architecture, develop individual detailed IT Security technical reference models, extract and maintain Security Requirements from Policy, Standards and Best Practices, develop a method of integrating Security Requirements throughout the System Development Life Cycle and update and maintain risk management framework documentation.
Information Assurance Lead
- Lead a team of 20 Security Professionals including preparing documentation for performance, hiring and firing of team members.
- Preparing and reviewing Certification and Accreditation C A documentation for the Coast Guard TISCOM Program Information Systems IS for Approval to Operate ATO on the DOD SIPRNET, NIPRNet and JWICS networks.
- Supported the CIRT team and was a member of the Enterprise change configuration board.
- Assist CG ISSM and train and support other ISSOs with their C A efforts using current accreditation methodologies to include DODIIS, DIACAP and FISMA following ODNI, DOD, DCID, DHS and NIST guidelines and policies.
- Provide review of all Intel system documentation, attend meetings to support efforts and act as a liaison between CG TISCOM, the CG Enterprise engineering team and the CG DAA's offices. Completing DIACAP packages for CG to submit to DISA on the NIPRNet side.
- Assists the program meet their FISMA reporting requirements and drafts the Coast Guard TISCOM Program.
- Responsible for drafting certification memorandums, writing CG type accreditation templates, updating and managing SSAAs and SSPs, maintaining the information security policy library and updating CG system resources in the GIAP Cross Domain System.
- Reviewing all artifacts for FEMA systems and providing feedback and training the ISSOs for FEMA. Applying the principles of Information Assurance and engineering to various FEMA systems including the financial systems across the FEMA backbone, to ensure DHS compliance.
- Working with a wide variety of security tools Nessus Enterprise, Nipper, Core Impact, WebInspect, Wireshark etc.
- Performing full scope Risk Management processes for FEMA, to include using the FISMA TAFT Tool. Conducting on site vulnerability assessments including physical and environmental analysis.
- Conducting Self Assessments, Technical Assessments and Risk Assessments. A strong understanding of how to apply the principles of Info security, in a variety of circumstances.
- Using the DHS 4300 series and attachments to ensure each system meets those security requirements, from Enterprise Program level systems. Provide input on strategies and policy development as a part of my responsibilities.
- Was a part of the Security Operations Team
- Following the NIST Risk Mgmt. and HIPPA provided direct, in-depth security engineering and technical support on analysis and evaluation of multiple health care industry associations. Provided security concepts, defense in depth, designs, and tests over large enterprises. Conducted system security hardening, configuration for server farms.
- Provided strategy and placement of network monitoring tools including data loss prevention methodology. Provided Certification and Accreditation C A support, to include threat assessments, vulnerability assessments, security test and evaluation SC T and risk analysis.
- Deployed PKI infrastructure
- Responsible for making an independent technical and non-technical evaluation of a system s based on the security requirements and NIST 800-53 security controls documented in the Systems Security Plan SSP as certification evidence.
- During this four phase process, initiation, certification, and accreditation and continuous monitoring followed specific guidelines to determine adequacy of security controls implemented by NIST HIPPA best practices etc. Scheduled and coordinated security verification activities across the country.
- Generated the accreditation documentation, including SSP/SSAA, SRTM, SC T/CT E, TFM, SFUG, and risk/vulnerability assessments for both DOD and civilian Federal agencies.
- Conducted Business Impact Assessments /Business continuity controls, contingency planning and documents metrics etc.
- Assisted system owners monitor Plan of Action and Milestones POA M as part of their Continuous Monitoring Program. Utilized the POA M Matrix s and Security Assessment Reports SAR for major information systems and major applications including financial systems. Authored and conducted Disaster Recovery plans, Contingency plans. Proficient in writing Interconnection Security Agreements, MOA, MOU, SSP, ISA etc.
- Perform system security categorization, FIPS 199, NIST 800-60, Federal Enterprise Architecture Business Reference Model
- Conducted Privacy Impact Assessments
- Performed Risk Assessments, NIST 800-30
- Performed Risk Analysis Cyber Threat Assessments
IT Security Project Lead for DHS/Immigration Customs Enforcement
- DHS falls under FISMA, which means they use the NIST publications to accredit their systems along with best practices when applicable. As the team lead of twenty-five Security professionals in the establishment and management of information technology infrastructure and across DHS/ICE enterprise.
- Focus was IT governance Compliance and Oversight, to provide significant support to DHS/ICE and executive management.
- Utilizing the Rolling Wave Planning Progressive Elaboration logic and Processes
- Created work breakdown structures, manage a project plan of many task. Lead the Continuous Monitoring Program, which I established, the following: Monitoring, Notification, Remediation, Compliance and Reporting.
- After all systems have been accredited, I was responsible to oversee configuration management changes that the approval mechanisms were built in. This included firewall, IDS, IPS and all network devices for changes to the infrastructure.
- I made sure Security controls were monitored and quarterly assessments was done within the vulnerability mgmt. portion of the Continuous Program. Keeping all documentation/artifacts up and properly maintain for easy review and accessible.
- Coordinated with system owners the development of milestones for POA M reconciliation and remediation, documenting POA M status changes in the RA and SSP and perform ongoing monitoring of security controls based on the frequency monthly, quarterly and annually the system owner had determined.
- I also wrote up in policy the Cyber Security based off of the White House Cyber Security initiative.
- Supported the CIRT Team
- Direct responsibility overseeing multiple C A portfolios and assisting the customer through the C A, process includes all C A artifacts. Performed requirements and design documentation reviews during the requirements phase of the SDLC.
- Reviewing site plans, DR Plans, COOP Plans, and BIA. Managed the SDLC process of new/old systems to obtain and/or keep their ATO.
- Managed multiple teams on multiple projects across the country. Manage the communication and internal coordination of ISSOs, Engrs., and C A Analysts., supporting the infrastructure and Operations teams, and executives. Managed the continuous monitoring program for agencies major information systems.
DHS/Transportation Security Administration
- Lead and trained 16 Security Professionals for this contract.
- Manage the Continuous Monitoring Program which I established the following, Monitoring, Notification, Remediation, Compliance and Reporting.
- After all systems have been accredited, I was responsible to oversee configuration management changes that the approval mechanisms were built in for the two largest systems. This included firewall, IDS, IPS and all network devices for changes to the infrastructure.
- I made sure Security controls were monitored and quarterly assessments was done within the vulnerability mgmt. portion of the Continuous Program.
- Keeping all documentation/artifacts up and properly maintain for easy review and accessible. Developed milestones for POAM reconciliation and remediation, documenting systems changes and ongoing monitoring of security controls.
- I also wrote up in policy the Cyber Security requirements, based off of the White House Cyber Security initiative.
- As the ISSO Lead for TSAs largest systems, perform security assessments for TSA and Government clients, in order to promote agency compliance with various Federal Statutes and regulations, primarily FISMA and OMB A-130.
- Ability to leverage more technically focused personnel into an assessment of both application and general support system security. Having a high-level understanding of application and hardware architecture so as to efficaciously apply the principles of Information Assurance to various information systems across each airport to ensure compliance.
- Working with a wide variety of technologies, be well versed in the current state of Information Security, and be able to interpret the requirements of relevant governing bodies NIST, OMB, GAO, DIACAP etc. . Performing full scope Risk Management processes for TSA, to include using the FISMA TAFT Tool.
- Conducting Self Assessments, Technical Assessments Vulnerability analysis, penetration testing , and Risk Assessments.
- A strong understanding of how to apply the principles of InfoSec, in a variety of circumstances. Add in Security Requirements for SOWs. Help train other ISSOs on team.
- Conducting Privacy Impact Assessments to FISMA guidelines and the NIST Risk Mgmt. Framework
- Conducting Business Impact Assessments /Business continuity controls and documents metrics etc.
- Conducting C A POAM Matrix and SAR for multiple systems on major applications including financial applications.
- Lead the VoIP Cisco phone deployment installing phones in airports across the country
- Wrote and conducted Disaster Recovery plans, Contingency plans, Interconnection Security Agreements, MOA, MOU, SSP, ISA etc. Perform system categorization, system test and evaluation. Perform security configuration reviews.
- Do full site auditing on all C A artifacts.
- Perform Full Risk Assessments
- Performed Risk Analysis Threat Assessments
Sr. Information Systems Security Engineer Lead for Department of Treasury
- Work in a fast paced SOC environment
- Participated in budget reviews and provided estimated to include:
- Wrote up estimated budgets for different projects including:
- Budgeted cost for work performed BCWP or earned value.
- Actual cost of work performed ACWP .
- Budget at completion BAC .
- Estimate at completion EAC which is comprised of the cumulative to date actual cost of work performed plus the estimate to complete the remaining work.
- Cost variance CV which is calculated as BCWP minus ACWP.
- As the ISSO and Technical Team Lead, providing guidance and standards for the NT and Unix Teams according to US Treasury regulations. Securing applications from an infrastructure and web server farms PeopleSoft .
- Performing risk analysis for Unix Solaris 8, Windows NT, and Windows 2000 platforms, which include a mitigation process. A part of the Life cycle process and the lead for the Continuous Monitoring Program, for Treasury's Certification Accreditation within an Enterprise Human Resource environment.
- PKI Infrastructure implementation
- Using the FISMA, when applicable also NIST 800 series, OMB-130, NSA and Treasury guidelines and best practices. Assisting the Security Manager Implement policies, attend executive meetings and represent at other government agencies. Coordinate and come up with the strategy on how to implement: Installs, configure, monitor and audit information security related hardware and software, including all firewalls, IDS, encryption, and anti-virus/content filtering tools.
- Conducting C A on major applications including financial applications.
- Utilizing the Rolling Wave Planning Progressive Elaboration logic and Processes
- Monitor all operating systems and applications security logs.
- Review, approve and maintain access and control for all directory, file, and application access PeopleSoft permissions. Coordinate changes to directory/file/application access through the appropriate systems group, and ensure all changes are documented.
- Participate in the evaluation and testing of all hardware/software changes, modifications.
- Maintain patch management for all servers, workstations and laptops for the project. Also, manage VPN Account set-up and deployment.
- Web Application testing and deployment including continuous monitoring.
- Detect, verify, and report all suspected information security breaches to the Security Manager.
- Maintain encryption keys, for the PKI Smartcard system for single sign on.
- Work with Division leads to ensure they use encryption when appropriate.
- Ensure that all project employees, both Full-Time and Contractor/Temp, have read and signed the Department of Treasury Rules of Behavior Policy prior to being given access to any systems/data.
- Full site assessments and all documentation and metrics.
- Conduct internal vulnerability assessments and security reviews as required.
- Verify access/account termination for all departed/separated employees.
- Work with other technical staff to ensure proper security procedures and controls are in place and being followed.
- Identify applicable security related patches, determine their criticality, and ensure they are processed through the direction of the Security Manager, implemented in a timely manner.
- Assist in testing and auditing the project's Business Continuity Planning/Disaster Recovery policies and procedures including back-ups and off-site storage.
- Assist the Security Manager of Security in providing security related training and briefings.
- Other responsibilities and duties as assigned by the Security Manager
Information Security Engineer
- As an IRS consultant providing full life cycle of system security development for clients to include: Defining the overall mission and supporting objectives, concept of operations, project planning, requirements definition, system specification, system architecture, system design, system implementation, system testing and system evolution.
- Contribute to comprehensive system security architecture, engineering and standards that bring DITSCAP NIACAP assurances to the IT systems under evaluation.
- Ensuring that appropriate management, operational, and technical controls are in place to ensure that the least privilege, separation of duties, and need-to-know principles are effectively implemented and maintained.
- Ensure users have the appropriate level of clearance prior to being granted access to IT assets.
- Ensure users have valid requirement, need-to-know, prior to being granted access to IT systems.
- Ensure that all active user IDs are revalidated at least annually and verify that all approved users have a continued need to access the system.
- Require that each system user sign an acknowledgment of responsibility for the security of IS and classified information.
- Ensure that operational security is maintained during test or recovery activities.
- Ensure that all users are appropriately cleared for accessing the NSS.
- Ensure that SCI-cleared users receive the necessary NSS training.
- Apply the certification and accreditation aspects of the NIACAP to existing and new systems operated and/or developed by the government.
Information Systems Security Engineer Information Systems Security Officer
- Working in a Security Operations Center, role was to help develop and analyze technical aspects of security policies, procedures, programs and strategies for large financial institutions Life Cycle Process. Responsible to define the overall mission and supporting objectives, concept of operations, project planning, requirements definition, system specification, system architecture, system implementation, system evolution.
- By using DITSCAP, NIST, OMB-130 best practices and guidelines to conform and put together policies and procedures. While supervising a four-man team responsibilities included: 1 Assisting in the design and development of network security architectures, system level security policies, secure configuration management baselines, software engineering testing, web server security engineering using PKI technology. 2 Developing Disaster Recovery Plans which includes Contingency Plans incident response team . Developed and implemented comprehensive security audit plans and procedures to validate compliance for security plans, policies, procedures, standards and guidelines. 3 Developed detailed risk assessments strategies and mitigation plans once assessment is done, dealing with NT/Win 2k and Solaris 8 issues. Maintains liaison with other Federal agencies, industry groups, and vendors to keep abreast of new development in the Information Security Industry.
- As an ISSO Information Systems Security Officer , worked in a supervisory role of personnel, with authority to bring a server s offline if a subject to a threat. Conducted risk assessments, risk analysis, penetration testing, setting up VPN server, ISS Realsecure. Using ISS Internet Scanner, Nesses, Cybercop, What's up Gold etc. Deployed smartcard/chipcard technology for gaining access to certain systems. Assisted the firewall administrator/engineer with setting up the firewall Checkpoint and file management software Tripwire installs.
- Working in a Network Operations Center I was to monitor data and provide security reports for all platforms Unix 2.6, Windows NT, and Mainframes . Supported the migration from Novell to Windows NT and changes as they occurred. Identified security and control risks/violations and notified supervisor for corrective actions. Recommended additional reports as new circumstances developed.
- Assisted in the security awareness program and preparation for training others. Administered multiple data security software applications on classified platforms. Provided accounts and physical access to certain machines and areas. Helped with technical support with system engineers with the implementation of operating systems and security software upgrades.
- Responsible for user access to restricted classified areas along with processing security passwords by regulations pertaining to Diplomat Security procedures and regulations.
Network Analyst for Vice Squad
- Installed, configured and managed NT / Unix 2.6 hardware, operating systems, security and applications in a mixed networking environment for clinical research, and administrative systems. Monitored for security breaches of network servers, workstations and system performance.
- Provided server related support of administrative database and repositories in a Client/Web Server farm. Diagnosed and troubleshoot hardware, software and connectivity problems.
- Assisted with the deployment, installing and management of Windows NT, NetWare, and applications software according to the department standards.
- Coordinated the collection of data, forms and other seized content from the Vice Unit, to be used in the department's court cases.
Computer Specialist/Intelligence Analyst
- Trained in the area of computer and intelligence and used during specialized weapons and tactics.
- Worked with high-speed network interfaces, sensor interfaces on defense systems.
- Supported a state of the art computer center that ensures consistent, reliable, high availability of intelligence and other classified information.
- As a part Special Operations for foreign and domestic countries under the guidance of the US Army. Provided intelligence-gathering operations, deployed on military missions around the world.