Employment History and Experience

Employer

Confidential

Title :Cyber Security Information Assurance IA Manager

• Act as lead subject matter expert SME of a Security Operations Team with a focus on maintaining a proper security posture within a global IT infrastructure.
• Lead the team responsible for identifying and preventing unauthorized intrusions and malicious software, using monitoring tools, IPS/IDS, firewalls, and application intelligent security devices.
• Use a layered security approach through the use of multiple vendors for both IDS/IPS and firewall infrastructure to provide multiple approaches to different areas within the infrastructure.
• Implement firewall rule changes and exceptions to the base security enterprise, including IPS exceptions and web/internet blocks to accomplish use of business critical applications while maintaining a secure infrastructure.
• Provide support to multiple programs as a SME and lead in the technical solutions for proposals to address security relevant issues.
• Coordinate with groups within the organization and external entities to maintain the security infrastructure and resolve infrastructure issues.
• Act as a main point of contact for all security-related events and daily operations.
• Monitor the security infrastructure, including virus or malicious code attempts and security events.
• Provide threat and anomaly detection solutions along with penetration testing within the Security Operations Team.

Confidential

Title Network Forensics Instructor

• Supported RSA's line of forensic security products, particularly NetWitness and Security Analytics.
• Conducted classes designed to teach administration of the NetWitness security suite of hardware packet decoders, log decoders, concentrators, brokers and related software suite, including NetWitness Administrator, Investigator, Informer, Visualize, Spectrum, Live Manager, and Investigator. All hardware platforms ran on CentOS.
• Used reviewed and discussed in class other free and COTS security products such as Wireshark, Nmap, SNORT, WinSCP, PuTTY, RDC, Nessus, Mandiant, Backtrack Linux, Kali Linux, Metasploit, etc.

Employer

Title: Information Security Engineer, Principal

• Provided senior level consultation and technical services for Information Security for the Department of Defense Healthcare Systems Services DHSS Joint Medical Logistics Functional Development Center JMLFDC .
• Supported large-scale programs of national or international scope to ensure all applicable federal regulations system security were being applied.
• Responsible for providing technical leadership focused on information security architecture, including SSL certificate requests, creation, and issuance.
• Designed and helped to build two websites to ensure that users would not have to logon to a Linux server and perform command line instructions. Used Linux, Windows, WinSCP, PuTTY, RDC, HTML, MS Excel, and Adobe Reader to complete and digitally sign PDFs.
• Performed security research and analysis for the prevention, detection, investigation, and response to security threats and attacks managing security alerts, events, and security incidents, including forensic analysis.
• Used various security tools such as WireShark, Nessus, REM/Retina, Lumension, HBSS.
• Developed, implemented, and documented formal security programs and policies throughout the organization.

Confidential

Title Program Manager

• Supported the United States Coast Guard Operations System Center in Kearneysville, WV.
• Served as the program manager for Information Assurance IA , Configuration Management CM , and Quality Assurance QA for the entire command.
• Responsible for recruiting, interviewing, hiring, training, and mentoring all team members.
• Responsible for all IA activities and sub-teams.
• Managed project financials, including workforce and other direct costs totaling over 5M annually.
• Responsible for monthly reports and supported the Information Systems Security Officer's ISSO requirements.
• Served the command as a voting member of the command Architecture Technical Review Board and Information Assurance Configuration Control Board.

Confidential

Title Senior Information Assurance Engineer

• Supported DISA, DHS, and NSA as a SME in the areas of IdAM and PvM.
• Developed, built, and tested solutions for identity and access control management and privileged management.
• Worked with multiple vendors, including Layer 7, Oracle/Sun, Jericho, Dell, and Juniper to help architect a viable solution for dynamic IdAM in support of the war fighter.

Confidential

Title Associate

• Provided support to the Defense Information Systems Agency Perimeter Network Defense project, serving as the Whitelist project manager. The Whitelist is the effort by which DoD is limiting the exposed profile of web sites and services that are internet facing. The establishment of the Whitelist fulfilled the DoD NIPRNet hardening Increment Zero.
• Provided support to the U.S. Army CIO G-6 NETCOM CAC PKI Office in its efforts to expand PKI services to the tactical environment.
• Performed data gathering and analysis for FCS and WIN-T Army programs to determine if any government policies, guidance, and directives required the use of PKI in the tactical arena and the ways in which PKI should be used.
• Wrote the requirements section of the PKI on SIPRNet white paper.
• Provided support to DISA NIPRNet Perimeter Defense project and provided Whitelist project management and support to DISA PEO-MA IA31 and JTF-GNO.
• Provided support to the U.S. Air Force to consolidate all USAF networks and migration to a new Microsoft architecture.
• Provided the planning and design for consolidation and migration testing efforts to ensure the Active Directory and Exchange solutions would meet the system requirements as determined by the design team.

Confidential

Title Associate

• Served as part of the alternate CAC issuance team, producing and refining a system to create and issue alternate CACs as a token for privileged users.
• Led the Integrated Product Team for the Air Force Consolidated Group Policy Object that was used to configure all USAF workstations.
• Served as a team member on the middleware ActivCard Gold 3.0, AF version update for the Confidential.
• As the USAF PKI SPO contractor Lead for Net-Centricity, ensured all products leaving the SPO were in fact Net-Centric in nature and capable of interoperability.

Confidential

Title Associate

• Developed the concept for a Security Software Engineering Team, presented concept to group partner then hired, trained and drove revenue for the Security Software Engineering Test Team. Lead 18 software engineers who specialized in software security as well as design and development of secure code and provided code reviews and guidance on multiple projects for military and civil agencies.
• Developed the Web Services Security Answer Book and the Secure Developer's Guides for DISA.
• Served as project manager for DISA Ports and Protocols Registration System PnP and managed the project with an annual budget growing each year from 250,000 for the first year to 5M in the fourth year.
• Guided the PnP team in all aspects of the project from requirements gathering and analysis to hardware and software selection. This project received accolades from the FSO when it was tested against DISA's Security Technical Implementation Guides STIG and for security best practices. The security design of this system resulted in this team writing secure software engineering guides for both DISA and NSA.
• Provided support to the IRS's efforts to develop a new Certification and Accreditation process.
• Supported the IRS integrated security engineering team to develop secure architectures for the IRS.
• Supported DISA Information Assurance Engineering office on security architectures and secure infrastructure solutions.
• Designed and supervised the building of the Strategic Tactical Entry Point STEP LAN VPN solution.
• Provided the design interface for a terrestrial LAN-based VPN to the STEP satellite architecture.
• Supervised the development of a proof-of-concept system built in a DISA IA laboratory.
• Supported the development of a security architecture for the U.S. Air Force Geospatial data system.

Confidential

Title Principal Consultant

• Supported the Confidential Postal Service in obtaining Certification and Accreditation for all systems.
• Developed the Certification and Accreditation process for the Postal Service's PKI architecture.
• Participated in the design of PKI architecture using Windows 2000 with Active Directory.

Confidential

Title Associate

• Supported Anti-Drug Enforcement Network ADNET and Office of Thrift Supervision OTS in researching and analyzing IDS and firewalls.
• Supported Department of Justice Wireless Management Office WMO on the design of a new secure Land Mobile Radio LMR system.
• Supported NAVSEASYS command on secure design of new sonar system for ballistic missile and fast attack submarines.
• Provided support to the Veterans Administration in developing WAN security architecture, which was built on an ATM backbone.
• Provided information assurance support to Joint Task Force Computer Network Defense JTF-CND .
• Presented Unix and Network Security classes for Department of Energy.
• Supported efforts to develop IDS capabilities in the Booz Allen Hamilton Information Assurance Center IAC lab.

Confidential

Title Senior Security Engineer

• Provided support for Federal Network Systems Security Services Group of GTEI/BBNT.
• Supported business development and engineering of network security for both commercial and government clients.
• Performed enterprise and system security needs assessments, determined risk mitigation strategies, defined security requirements, developed security architectures, and helped determine and develop security policy.
• Delivered briefs on security-related topics such as encryption, firewall technology, Public Key Infrastructure PKI solutions, and Intrusion Detection Systems IDS .
• Analyzed and addressed telecommunication security requirements, identified potential threats and vulnerabilities, and provided cost-effective technology solutions to mitigate security risks.

Confidential

Title Senior Systems Engineer

• Supported both commercial and government clients.
• Performed enterprise and system security assessments, determined risk mitigation strategies, defined security requirements, and developed security architectures.
• Performed market surveys and product evaluations of Virtual Private Networks, public-key encryption, intrusion detection, and security analysis tools.
• Performed security vulnerability testing against financial organizations such as Donaldson, Lufkin, Jenrette and FinCin Financial Crimes Enforcement Network.

Confidential

Title Senior Network Security Analyst

• Supported Government and commercial clients in planning, evaluating, designing, implementing, and maintaining emerging technologies i.e., encryption, firewall, and digital signature to address telecommunication security requirements.
• Analyzed telecommunications environments to identify potential threats and vulnerabilities and recommended cost-effective technology solutions to mitigate security risks.
• Supported the Entrust product family, including Entrust Manager, Entrust Client, and Entrust ICE.
• Co-authored Concept of Operations for FDIC Public Key Infrastructure Solution.
• Researched and recommended Virtual Private Network VPN technologies for the FDIC.
• Supported BATF encryption efforts using Cylink's Securegate encryption solution.
• Wrote troubleshooting guide for Cylink's Securegate link encryption system for BATF.

Confidential

Title Systems Engineer

• Provided network security services to Europe's largest bank then Swiss Bank, now United Bank of Switzerland or UBS .
• Worked with commercial vendors to design communication servers for secure environments using encryption devices, authentication servers, and firewalls.
• Installed and implemented secure communication servers that provided access to remote users and secure dial-out capabilities.
• Researched, analyzed, and evaluated VPN products to prepare for implementation.
• Installed, programmed, and maintained BayNetworks HUBS, SecurityDynamics ACE servers, TIS Gauntlet firewalls, Cylink Securegate, Digi ports concentrators, and Shiva LAN Rover and Access Switches.
• Implemented the installation and use of Sun Microsystems Common Desktop Environment.
• Co-authored the Systems Administrator's Manual for the Secure Communications Gateway.
• Served as a systems engineer for a Local Area Network LAN running Windows, Sun Solaris, an e-mail server, and firewall and was responsible for all system maintenance, updates, and repair of these servers.
• Implemented a process to track the inventory of all computer hardware and software used by three divisions.
• Maintained the following platforms: Windows 95, Windows NT, Windows for Workgroups, Macintosh O/S, Sun Solaris, and Linux.
• Tracked software usage to ensure that divisions stayed within their allotted number of licenses for the number of users.
• Contacted vendors and used SAIC's SAP system to purchase any necessary equipment to repair problems that occurred to minimize network downtime.

Confidential

Title Systems Account Representative

Field service engineer for precision laser imagers and medical imaging equipment.