- Perform risk, threat vulnerability assessments and provide risk mitigation recommendations that are appropriate for the intended use of information systems, and determine if additional attention is required and ensure issues are promptly resolved.
- Provide Federal Information Security Management Act FISMA , Health Insurance Portability Accountability Act 1996 HIPPA, The Sarbanes-Oxley Act SOX 2002, The DOD Information Technology Security Certification and Accreditation Process DITSCAP and OMB matter expertise and communicate inefficiencies deficiencies related to processes to management.
- Support the analysis and review of information security programs and systems to ensure compliance to Federal agency policies and assign teams to resolve day-to-day problems to ensure required compliance.
- Summary of information system security analysis, design and implementation projects reviewed and/or led
- I am a problem-solving, experienced decision-maker, with strong oral and written communication skills. A candidate that brings twenty years of excellent customer service, ten years of consultative, result-oriented and hands-on information technology management experiences. I have great people leadership skills, ready and seeking opportunity in a challenging technical environment that demands outstanding industry's expertise.
- Collaborated with executive management and department leaders to maintain ITIL centric set of concepts and practices for managing Information Technology, IT and Information Technology Service Management, ITSM to assure near and long-term technical security needs by creating and maintaining documents of Systems and Service Acquisition, Certification and Accreditation in compliance with respective government regulations.
- Provide guidance on security threats, technology, standards, and practices being applied in other government and commercial enterprises to evolve the clients information security program to adapt to changing threats and technological advances.
- Conduct research on information security products, services, protocols, and standards to remain abreast of developments in Information Assurance IA and Information Security IS programs.
- Develop, implement and maintain policies, procedures, and required training plans for technical security administration programs to enable Business Continuity Plan BCP and Disaster Recovery Plan DRP
- Provide Federal Information Security Management Act FISMA and OMB matter expertise. Manage Special Publication 800-series, SP-800-37, SP-800-60, SP-800-53, SP-800-50 and reports on ITIL's research, guidelines, and outreach efforts in information system security and its collaborative activities with industry, government, and academic organizations.
- Recommend best practices regarding secure configurations, defense-in-depth strategies for protecting systems, networks, and critical data and assets, and incident prevention perform or participate in vulnerability assessment and handling, artifact analysis, computer forensics evidence collection and analysis, systems and network monitoring, security policy development, and security and awareness training and education
- Provide input into or participate in security audits or assessments such as infrastructure reviews, best practice reviews, vulnerability scanning, or penetration testing
- Conduct public monitoring or technology watch activities such as reviewing security Web sites, mailing list, or general news and vendor sites to identify new or emerging technical developments, intruder activities, future threats, legal and legislative rulings, social or political threats, or new defensive strategies
- Support legal and law enforcement efforts through the collection and analysis of forensic evidence provided that staff have the appropriate expertise, training, and tools
- Provide project management support by establishing goals, assigning tasks and deadlines for the team, and provide cost and scheduling reporting support.
- Maintained best practices in project management, organizational behavioral theory, and communications theory to determine computer incident response development and strategic plans, root cause of failure and ensure no outstanding issues exits.
- Security Scan Tools Nmap, Unicorn scan, NetScanTools Pro 2004, Nessus and Snort
- Operating System UNIX Windows
- Cisco Routers Firewalls Configuration and Implementation of Security Policy
- Office Applications MS Office, Excel, Word, Project, PowerPoint, Access Point
- Active Directory Transitive Trusted Domain Trees, Servers and Network Schemas
Chief Security Consultant
- Responsible for enhancing and improving physical IT security.
- Identify organizational protection goals and objectives, ensuring they're consistent with their organizations' strategic plans.
- Work with other executives to decide on the priority of security needs and then spend according to an organization's financial constraints and directives.
- Oversee a network of security directors, managers and staff and work with local, state and federal law enforcement and other security agencies.
Sr. IT Specialist/Security Engineer
- Preparation and Staging for Active Directory and Exchange Migration.
- Plan Execute and Develop and Support Work Station Migrations.
- Maintain Operational Support for Network, Infrastructure and Security Changes.
- Establish Information Security Architecture via clear explication of the security parameter.
- Maintained Security Program focused on business objectives to reduce system security risks.
- Designed, Installed and Implemented Network Intrusion Detection Systems IDS Network Intrusion Prevention Systems NIPS and disrupted intended attacks.
- Performed high level Risk Assessment and Risk Analysis, Penetration Testing and identified significant risks.
- Performed compliance review of Security Policy supporting FISMA, recommended and maintained practice to mitigate potential liabilities of regulatory violations of state and federal compliances.
- Participated in designing, writing and implementing security programs and standard policies as related to specific environment, architectures, enterprises, projects and users clients.
Technical Systems Design
- Assisted in the development of access-controls, separation of duties, and roles.
- Conducted technical risk evaluation of hardware, software, and installed audio video systems and networks.
- Assisted with testing of installed systems to ensure protection strategies are properly implemented and working as intended.
- Assisted in incident response and recommend corrective actions.
- Participated in forensic recovery and analysis of physical and logical security breaches.
- Participated in development and maintenance of information security policy and programs
- Designed and installed physical and logical security access controls, IDS and IPS, Active directory to ensure authenticated user's access only as authorized to maintain the integrity, confidentiality, and availability of company's valuable assets.
- Lead Technology Products Specialist Trainer and mentor in-charge of new hires. Designed security policies and put program in place that enhanced ROI while focus on business objectives.
- Managed the daily activities of fifteen full and part employees.
- Structured, implemented and managed business models, policies and procedures that produced profits
- Maintained leadership and productivity improvement.
- Managed international marketing and built strong customer service and retained relationship both in Europe, Africa, Central America and the United States.
- In-charge of imports and exports of goods via US custom brokers.
- One of the Most Profitable Sales Counselor, Million Dollars President's club four out five years.
- Lead Sales Counselor in Electronics Audio Department.
- Lead Product Specialist Trainer.
- Won Harmon Kardon Audio Specialist context and was indoctrinated into the Audio Society of America in 1993
- Lead Customers technical products information support hot-lines.