Desired position: Chief Information Security Officer CISO Director of Information Security Information System Security Manager ISSM /Cyber Security Manager Experience: Currently possess 15 years of communication background, with 9 directly in information security, and the last 4 as an Information Systems Security Manager ISSM . Currently hold an active TS/SCI clearance and a CISSP certification in good standing. Jobs performed/Titles held: Information Systems Security Manager ISSM /Cyber Security Manager Level III Emission Security EMSEC Manager Information Systems Security Engineer ISSE Software Assurance SwA Manager CND-SP Manager CND Analyst CND Auditor CND Incident Responder Public Key Infrastructure Trusted Agent Cyber Surety Awareness Manager Network Security Supervisor Intrusion Detection Specialist Firewall/Proxy/DNS Administrator Vulnerability Assessment/Remediation Specialist Help Desk Supervisor Ground Aerospace Radar Maintainer Experience: Confidential Served as the principle advisor on all matters, technical and otherwise, involving the security and/or accreditation of 61 geographically separated locations spanning 15 networks and multiple classifications. The largest of these with a net worth of 16 million in IT assets and a 3.3 million in IT budget. Intimate knowledge of the nuances and rigors associated with the JAFAN series, JSIG, NIST SP series, and numerous DoD cyber surety regulatory requirements also, exposed to DJSIG, ICD series, ISO 27000 series, PII, and HIPAA requirements. Most of the networks fell under 1 of the 3 following processes: Certification Accreditation C A DIACAP and/or Risk Management Framework RMF . Managed all aspects in transitioning from C A to RMF including the review, validation, and rewriting of all applicable policies e.g., and configurations in accordance with IAW JSIG and NIST regulations. Championed 7 Authority to Operates ATO , 3 System Security Plans SSP , 12 System Security Authorization Agreements SSAA , 2 Authority to Connects ATC , 7 Interim Approval to Operates IATO , 2 Interconnecting Service Agreements ISA , 1 Memorandum of Agreements MOA , 3 Co-utilization Agreements CUA , 4 Interim Approval to Tests IATT , and 71 External System Agreements. Lead and mentored a team of 15 Information Systems Security Officers ISSO and 9 Information Security Representatives IS-Rep dispersed throughout locations under purview. Interpreted and translated technical jargon into easily understandable terms for stakeholder understanding. Coordinated 217 IS security self-reviews and 3 official network wide inspections. Acted as liaison on matters concerning IS and network security to the Designated Approval Authority DAA , Program Security Officer PSO , and to the appropriate service component's IA provider and served with veto authority on the unit's Change Management Board CMB . Monitored to ensure no attempts were made to strain/test security mechanisms, perform network line monitoring, or keystroke monitoring without appropriate authorization. Reviewed all requests seeking to bypass, strain, or test security mechanisms, conduct network/keystroke monitoring. Certified industry best practice safeguards and features and STIGs were implemented for all IT components. Established EMSEC compliance requirements at all stages of building constructions/renovation and IS life-cycle per applicable regulations. Wrote and implemented procedures for identifying, investigating, responding, and recording all security incidents and violations. Created and maintained unit's Training and Awareness program ensuring compliance by providing role-based education in conjunction with DoD 8570 baseline. Ensured all ISSOs attended cyber surety and IS related courses, conferences, and community forums. Developed unique cyber surety courses and materials according to the vision of the unit. Maintained a level of expertise by attending IS and network security conferences, symposiums, and training courses sponsored by other agencies. Evaluated the applicability of threats, vulnerabilities, and countermeasures identified within weekly bulletins and advisories that impact security of IS to include: Air Force Computer Emergency Response Team AFCERT Army CERT ACERT Navy Computer Incident Response Team NAVCIRT U.S. Computer Emergency Readiness Team US-CERT Information Assurance Vulnerability Alert IAVA Defense Information Systems Agency DISA Automated Systems Security Incident Support Team ASSIST bulletins Coordinated approval for all major additions, changes, and/or modifications to unit owned hardware, software, firmware, and configuration sets. Along with the ISSM roles and responsibilities, also fulfilled the day to day roles and responsibilities of the CND Analyst, Information Systems Security Engineer ISSE , Software Assurance SwA Specialist, and local Information Systems Security Officer ISSO as the positions were unmanned for the time I was employed. Ensured that system design is developed and implemented with required security features and safeguards during all phases of the System Development Lifecycle SDLC process and that enhancement to existing systems provide equal or improved security features and safeguards. Validated, documented, and issued tokens for Public Key Infrastructure PKI security. Developed and oversaw the following policy and procedures: General User Guide, Privileged User Guide, Insider Threat, Assured File Transfer, Media Access, Hard Drive Tracker, Software Tracker, Media Tracker, Maintenance Tracker, IA Portal, and all associated training. Managed Splunk auditing , XACTA IA Manager/Flux/Continuous Assessment Certification and Accreditation , Symantec, McAfee, Retina, NDepend, and dotTest vulnerability scanners , Device Control and USB Detect peripheral detection/protection , PuriFile dirty-word search , and HBSS Host Based software. For a more comprehensive description of what each position entails, see the supporting document available upon request . Confidential Responsible for overseeing the direct security of 5000 DoD workstations and servers spanning 2 networks. Managed e.g., performance reports, assigning tasks, counseling 4 person network security team. Performed vulnerability assessments, interpreted results, and remediated vulnerabilities via a combination of vulnerability scanners, patch and remediation tools, and compliance scanners IAW MAJCOM vulnerability alerts and notifications. Secured and monitored the base's boundary infrastructure via combination of Sidewinder firewalls, DNS, Bluecoat proxies, and RAS IAW DoD mandates. Configured and monitored intrusion detection devices thwarting 142 attempted attacks against base boundary infrastructure. Built the base's incident response team. Served as the focal point for all investigations conducted by Office of Special Investigation OSI and the base's security forces.