Summary of Qualifications

• Senior Information Assurance Analyst and Network and Server Engineer with over 16 years of enterprise networking/server and Information Assurance experience. Currently responsible for review and determination of DISA security controls IAC for recommendation to US Navy Operational DAA for IA worthiness, NIST 800 - 53, ST E, IV V, . I also teach the Retina and Gold Disk scan procedures. Previous charges were, design and implementation of LANs with multiple VLANs and WANs, from T 1s to DS3s Frame Relay, P2P, HDLC, SDLC, and point to point VPNs over Internet with redundant links and IP subnetting. Charged with Network Security, DISA STIG Compliance and Incident Handling from virus to Intrusion Prevention and Detection and internal threats. Servers maintained are Windows, Solaris and Linux. Installed and configured Proactive Management software. All on schedule and on budget. Great Attitude, Self Motivated and Team Oriented.
• Related Capabilities
• Hardware/Software:
• Cisco Routers 1600, 25xx, 2600, 3640, 7200, etc., Enterasys Routers 2000 SSR, 600, Cisco Switches 1600, 1900, 2900, 6500,etc., Other switches too numerous to list, Cisco PIX Firewalls, WIRELESS ACCESS POINTS Netgear, 3Com, Enterasys CSU DSUs Adtran, Paradyne, Cray, Gateways Lanyon ALC, IBM Sna 802.2, IBM Compatible Platforms ISA, EISA, SCSI, Microsoft Windows NT 3.5, 3.51, 4.0, 2000, XP, ME, 98, 95, 3.11, Sun Solaris v2.5 thru 2.9, Sparc and Intel.
• Network Configuration/Network Management:
• Cisco Works V3, V4, V6, Ipswitch Whatsup Gold v5,6,7,8, Pro, SolarWinds EE, MRTG, SNMP, Ethernet 10base t, 100base tx, 1000base tx,sx, Token Ring 16/4, Frame Relay, T 1, ISDN, TCP/IP, Netbeui, ALC, SNA, DLC, 3270, 5250

Professional Experience:

CONFIDENTIAL

Senior Information Assurance Engineer/SME

All aspect review, appraisal and customer assist, of Platform Information Technology PIT and RDT E packages from Ech. III customers and directly reporting to PDAA PIT Designated Approval Authority for the US Navy. From PIT designations to RDT E PIT Risk Assessment letters PRA I review each package and give my recommendations to the PDAA and write the PRA letter for the PDAA to sign when the package meets all DISA, NIST, DoD and Navy requirements. I have to be an expert in all of those requirements.

CONFIDENTIAL

Senior Information Assurance EngineerSenior Information Assurance Engineer/ Information Assurance Officer:

I am the only 8570-2 compliant engineer inside this office. I Show the way forward for MCD, OPDIR, IAVA and Certification and Accreditation of systems and CCSDs. Volunteering expertise on incident handling of security issues as they arise and associated security breach affairs. Vulnerability Scanning and report generation and interpretation. There and many aspects to this position that truly defy explanation in this limited space.

CONFIDENTIAL

Information Assurance Engineer:

Provide technical expertise to CONFIDENTIALFleet Forces Command and Military Sealift Command customers to assist their package creation for Certification and Accreditation process with the CONFIDENTIALand Operational Designated Approval Authority ODAA . Assist in all aspect assistance in all document creation from DITSCAP to DIACAP conversion to Plan of Action and Milestones POAM creation or finding appropriate resolutions, Direction and planning for Retina and DISA Gold Disk scanning and the interpretation of scan results and their incorporation into the POAM. PPSM and CA Plan, Subject Matter Expert in DIACAP and FISMA. SIPR, NIPR, CENTRIX and ONE-NET trained and experienced.

CONFIDENTIAL

Information Assurance Security Analyst 3:

• Assigned to the Confidential Office of the Operational Designated Approving Authority ODAA. Responsible for reviewing Navy packages from worldwide locations and study them for vulnerabilities, Work involves responsibility for oversight of confidentiality, integrity, and availability of systems, networks, and data through the analysis of the Programs documentation of their implementation, maintenance, and overall security of their information systems security programs, policies, procedures, and by closely examining all of their certification and accreditation documentation. I am recognized as a technical authority on information security and is responsible for auditing their implementation of all programs. Serves as the principal expert on DISA, FISMA, NIST documents, IA Controls and all scanning tools and their reports. Organization specific duties of the position include:
• Plan, develop, coordinate and communicate Navy DAA information assurance authority for information security programs.
• Review their Implementation of high level security requirements such as from DON CIO, DISA, NIST JTF/GNO, and AEC etc.
• While engaged at the ODAA's office I was constantly reviewing RDT E, PIT and PIT Interface packages, from determination to Risk Assessment afloat and ashore.
• Assist in their development of policies and procedures to ensure information systems reliability and accessibility to prevent and defend against unauthorized access to systems, networks, and data
• Review their development of long range plans for IT security systems that anticipate, identify, evaluate, mitigate, and minimize risks associated with IT systems vulnerabilities
• Approve their systems security contingency plans and disaster recovery procedures Identify requirements for changes to IA programs and strategies based on new security technology or threats also their Management of systems security evaluations, audits, and reviews
• Review their application of information security/information assurance policies, principles, and how they apply them to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data
• Assess how they conduct and evaluate vulnerability management assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs
• Review how they conduct systems security evaluations, audits, and reviews
• Confirm they update the organizations systems security contingency plans and disaster recovery procedures.
• Evaluate and approve how they acquire, implement, and disseminate IA security tools, procedures, and practices
• Review how they identify and specify information systems security requirements associated with migration to new environments.
• Review how they plan and implement their migration or countermeasures activities Confirm the viability of their Configuration Control Board.
• Watch their development of specifications to ensure compliance with security requirements at the system or network environment level.
• Monitor their Planning and conduct of security accreditation reviews for installed systems and networks.
• Watch how they recommend new or revised security measures based upon the results of security review administer, monitor, and evaluate the implementation of authentication software or new security authentication
• First hand knowledge of, and experience in, applying IT security principles, methods, and tools
• Indepth knowledge of the IT security environment
• Indepth experience in evaluation, implementation, and dissemination of IT security tools and procedures Indepth knowledge of IT security certification and accreditation requirements
• I have direct knowledge of, and expertise in, network operations and protocols
• Indepth knowledge of protection of the total infrastructure environment
• Indepth expertise in systems security certification and accreditation
• Indepth knowledge of Federal information systems security protocols
• Indepth knowledge of firewall technology
• Review beta DISA SRR s and SRG s and provide DAA feedback.

CONFIDENTIAL

Sr. Member of Technical Staff SrMTS:

Information Assurance Security / Security Test and Evaluation ST E SME. Travel to assigned Army Garrisons to provide Guidance, Knowledge and Assistance for passing the new DIACAP Certification and Accreditation Process and acquire an Approval To Operate ATO . This was done by reviewing their current DITSCAP package and providing insights for its conversion to DIACAP. Gold Disk and Retina Scanning to provide reports confirming their current vulnerability status or assisting in the identification of new or old CAT I or CAT II issues that require attention. Reviewing their audit logs, Contingency Plans, Backup Procedures, and all aspect review and full post visit report. And Assist in creation of Configuration Review Boards, Disaster Recovery Plans and testing for DIACAP and FISMA compliance.

CONFIDENTIAL

Network Engineer/Administrator

Information Assurance/Retina and DISA Gold Disk Scans for firewalls, routers, servers and clients. Also responsible for installation, upgrade and maintenance of SIPR and NIPR networking equipment utilizing Cisco routers, switches, firewalls and satellite transmitters. SIPR, NIPR and UK Centrix Networks.

CONFIDENTIAL

Network Field Engineer

Lead Engineer for assigned projects. Charged with the Design and Implementation of wired and wireless networks and network security, using the latest technology from Cisco. For SIPRNet and NIPRnet and other networks belonging to Army Contracts

CONFIDENTIAL

LAN Administrator III / Network Engineer

Responsibilities include design and proactive oversight of Network and Firewall performance and network security for the entire Corporation. Security includes network and client vulnerability testing, IDS and monitoring of firewalls, anti virus activities and MS/SUS implementation. Design Engineer and Tier III technical support for MIS technical group and technical decision maker. Security oversight and configuration improvement analysis for suggestions for SQL server, Cognos/Impromptu report servers to the Server Administrator. Oversight of all network documentation.

CONFIDENTIAL

Network Engineer Chesapeake, Virginia

• Management of LAN/WAN, design, security, configuration, development, documentation, standards and diagnosis of all Network and Windows Servers, utilizing Cisco Routers and Switches. With Microsoft NT, 2000 and Sun Solaris Sparc and Intel Servers and Windows clients. Engineer and Tier III technical support for MIS support group.
• Lead and coordinate the operational support and implementation activities for LAN, and WAN. Under broad direction assists leadership in determining tactical and strategic direction of the organization as it relates to emerging operational support technologies. Reviews distributed computing and network designs to select appropriate operational support strategies and ensure efficient use of resources. Conducts system support design and performance evaluation reviews. Identifies, develops, and updates operational support standards and procedures. Participates with corporate strategic planning teams. Keeps abreast of emerging operational support technologies and industry trends. Recommends price/performance improvement opportunities.

CONFIDENTIAL

Senior IT Engineer,

• Senior Engineer at this Norfolk Reservation Office. Train and manage 2 other technicians. Lead and plan implementation phase of many projects onsite. Determine standard workstation configuration and maintain. Write and maintain NT Server logon scripts. Diagnosis and administration of 524 PCs and its associated NT Servers, LAN and WAN.
• This is a three remote mainframe environment. AS/400 Chicago, two different S/390s Atlanta and KCMO I am thoroughly familiar with installation and configuration of 3270, 5250, ALC and DEC Pathworks emulations and their associated protocols. SNA, MSDLC, TCP/IP
• Highly proficient in Cisco Routers and PC Operating Systems and Software diagnosis and configuration including Win NT Workstation 4.0, Win 95, Win 3.11, DOS, MS Office 4.3, 95, 97.
• Server duties include installation, maintenance and diagnosis of Win NT Advanced Server V4.0 and 3.51, base operating system in compliance with corporate and Microsoft standards, IIS v4.0, Y2K compliance, normal proactive maintenance duties. Responsible for creation and administration of individual and specialized roaming profiles and setting domain standards for all user profiles under my direct control with security standards.