Professional Summary

Business-focused Information Technology Professional with over 18 years of experience providing leadership and subject matter expertise in Information Technology IT management, development, team management, technical security assessments, auditing, and program/policy development. Specialize in analyzing problems and finding innovative solutions while minimizing operational risk to organizations while maintaining functionality. Have proven ability to motivate teams and promote partnerships with other business units and executives.

Security Clearance

Current TS/SBPR with DCID 6/4 eligibility

Core Competencies

Information Technology IT Management, Project Management, Configuration Management, Information Assurance, Risk Management, Enterprise Security, IT Controls Compliance Validation and Testing, Vulnerability Management, DoD Information Assurance Certification and Accreditation Process DIACAP , Gramm Leach Bliley Act GLBA , Sarbanes Oxley Act SOX , National Institute of Standards and Technology NIST Standards

Computer Proficiency

Active Directory, BackTrack, Cisco firewalls and IPS, DoD Gold Disk, GFI Languard, Linux McAfee ePO, Microsoft Office Suite, Microsoft Project, Microsoft Visio, Nessus, NMap, Retina, Routing and Switching, Security Compliance Checker SCC , Scripting- Perl, bash, SharePoint 2010, Symantec Antivirus, Symantec NetBackup, Symantec VMware, Windows Server 2000--2008, Windows XP 7, WireShark

Professional Experience

Program Manager

• Manage the operational planning, establishment, execution, and evaluation of an IT staff of 100 professionals providing Network Engineering, Systems Administration, Service Desk, Information Assurance, and Desktop support services for the U.S. Army Network Enterprise Center at Detroit Arsenal NEC-DA .
• Responsible for overall management and performance of all task activities and requirements.
• Provide day-to-day technical/professional guidance and leadership as appropriate to the area of expertise.
• Oversee fiscal, operational, administrative, and human resource management of the program
• Serve as principal point of representation and liaison with external constituencies on operational matters.
• Responsible for ensuring coordination between personnel and all management functions within the organization and between those management functions and appropriate Government personnel.
• Interpret policies, purposes, and goals of the contractor's organization and the Government's policies and procedures applicable to this contract to subordinates.
• Apply quality assurance measures to the management and performance of all tasks. Design and prepare technical reports and related documentation.
• Prepare and deliver reports and briefings as required by each task.
• Assign, schedule, and review work of all tasks.

Confidential

Security Software Engineer

• Security software engineer for the Air Force Integrated Space Command Control ISC2 Program. Work with system and software engineering teams to integrate, embed and assess the security design throughout the development lifecycle to include all technical issues related to security vulnerabilities and their resolution.
• Provide security engineering expertise in all aspects of Information Assurance and Information Security Engineering.
• Develop tools and automation scripts with Perl and bash to automate security configuration requirements for Windows and Unix/Linux systems.
• Assess and mitigate system security threats/risks throughout the program life cycle
• Validate system security requirements definition and analysis
• Establish system security designs
• Performs system certification and accreditation planning, testing and liaison activities
• Supports secure systems operations and maintenance
• Windows and Unix/Linux account management
• Source control with ClearCase

Confidential

IT Systems Security Manager

• Developed and implemented a security program that included developing the corporate security policy and providing technical expertise and leadership to staff, partners and customers.
• Provided leadership and security management to a system administration and help desk staff of 16 personnel.
• Managed an IT infrastructure team to maintain and secure the corporate network across five geographical locations.
• Directed the enforcement of disaster recovery and contingency issues. Guided IT infrastructure team to develop and implement disaster recovery DR and business continuity plans BCP for the enterprise.
• Developed and implemented security standards, procedures, and guidelines to prevent the unauthorized use, release, modification or destruction of data across multiple platforms and environments.
• Promoted the development, communication and support for all information security awareness campaigns.
• Implemented an end-point security solution utilizing McAfee ePO and Malwarebytes.
• Implemented enterprise-wide vulnerability scanning to measure compliance.
• Maintained contact with industry security standard setting groups, and an awareness of State and Federal legislation and regulations pertaining to information security.
• Researched and developed Sarbanes Oxley SOX compliance policies.

Deputy Information Assurance Department Lead

• Supported the Confidential and Space Operations Center Weapons System Integrator AOC-WSI contract, with a full security engineering and DIACAP team consisting of approximately 25 personnel. Provided tasking and subject matter expertise in security requirements, vulnerability assessments, secure systems engineering, gathering artifacts for Certification and Accreditation C A packages and preparing for Certification Test and Evaluations CT E .
• Was the site lead for the employer managing coordination of personnel matters with the corporate office for approximately 10 individuals.
• Managed security engineering tasking and directed certification and accreditation efforts as required.
• Participated in all configuration control boards and system engineering requirements gathering for security.
• Performed security vulnerability assessments using DoD Security Technical Implementation Guides STIGS , Gold Disk, System Readiness Review SRR scripts and Retina on numerous mission applications, servers and desktops.
• Applied and managed TCNOs, patches, and IAVAs in support of security testing activities for the Air and Space Operations Center AOC Weapon System.
• Executed Information System Security Engineering ISSE efforts for systems being added or modified to baseline release s included IA Control implementation and compliance requirements, security impact analysis, and vulnerability/risk analysis.
• Led security engineering team during multiple site surveys to assess and audit security posture of Air Operation Centers and provide artifacts for the DoD Information Assurance Certification, and Accreditation Process DIACAP .

Confidential

Senior IT Auditor

• Worked with Community Banks across the country as a third-party IT auditor to meet applicable regulations such as Federal Financial Institutions Examination Council FFIEC and GLBA.
• Executed penetration testing and network assessments using Nessus, GFI Languard, Nmap and WireShark.
• Performed risk assessments and information security policy reviews for Business Continuity Plans BCP , Business Impact Analysis BIA , Disaster Recovery Plans DRP and On-site Annual Security Awareness Training AST for community banks encompassing the entire IT auditing requirements of GLBAs Section 501b.
• Provided subject matter expertise for system security engineering, architecture studies, and security accreditations.

Confidential

Senior Consultant

• Designed, developed, and recommended integrated security system solutions to protect, certify, and accredit systems required by state, federal and Department of Defense regulations.
• Specialized in multi-level security MLS using Sun's SNAP architecture.
• Performed secure systems engineering, security program development and management, and system certification and accreditation using Department of Defense DoD and National Institute of Standards and Technology NIST guidance.
• Drafted Security Test and Evaluation ST E plans, contingency plans, incident response plans, mitigation reports and other security policies and procedures.
• Executed penetration tests, risk assessments.

Confidential

Senior Information Security INFOSEC Engineer

• Served as the Senior INFOSEC Engineer for the Joint National Integration Center's JNIC technical advisory and assistance contract directly supporting the mission of the Missile Defense Agency MDA .
• Oversaw the Information Assurance Program of approximately 20 personnel within the JNIC and provided solutions through security engineering, scheduling, planning, budgeting, sustainment and evaluation assistance to the organization regarding systems and networks.
• Developed System Security Authorization Agreements SSAA in accordance with DoD regulations in support of JNIC and MDA missions and ensured IT auditing of systems and networks for compliance and governance.
• Performed advance network security architecture studies and security accreditation master planning.

Confidential

Systems Security Engineer

• Researched, tested, and evaluated new technologies and concepts and worked in accordance with organizational and DoD directives and industry best practices to deploy systems within an acceptable level of risk to the Designated Approving Authority.
• Developed SSAAs in accordance with DITSCAP.
• Provided subject matter expertise for IDS implementation, log auditing, monitoring, and performed vulnerability assessments.

Confidential

Remote Access Administrator

• Managed, configured, and maintained Authentication Authorization and Accounting AAA servers and services.
• Provided authentication and access controls to remote users and business partners.
• Provided on-call support and served as the primary point-of-contact for all AAA issues and inquiries for North America.
• Developed Perl scripts for administrative tasks.
• Documented all processes and troubleshooting procedures for business continuity and administrator training.

Confidential

PIX Firewall Instructor

• Trained confidential personnel in basic setup, configuration, and management of the Cisco Private Internet Exchange PIX Firewall.
• Developed the program courseware for the program and designed the configuration of the mobile classroom.

Confidential

• Rank: Sergeant Grade: E-5 MOS: 4066-Small Computer Systems Specialist
• Assistant Network Chief:
• Supported a help desk for two main organizations.
• Banyan Vines and NT server administration
• Windows workstation support
• Oversaw server upgrades, cable conversions, hardware installations
• Daily supervision, guidance and tasking
• Terminal Area Security Officer:
• Mainframe security
• 3270 service support
• scripting