SUMMARY:

• Over 26 years of experience in leadership and management in information technology
• Expert knowledge of the Confidential Risk Management Framework (RMF)
• Expert knowledge of MS Windows and Active Directory 2003/8 Admin
• Experience with classified networks, LAN/WAN Administration and Network Security
• Experience in threat management and vulnerability management processes
• Experience with the ITIL Change Management processes
• Experience with IBM App Scan & Nessus Scanning tools
• Experience with (Internet of Things) IOT
• Experience with Splunk
• Knowledge of ServiceNow

TECHNICAL SKILLS:

• HTTP/S
• HTML/XHTML
• LAN/WLAN
• Javascript
• CA Spectrum
• HBSS 4.5
• MS Project

EXPERIENCE:

ASSOCIATE PROJECT MANAGER/SR CYBER SECURITY ANALYST

Confidential

Responsibilities:

• Project management and direct supervision of contractor SME’s supporting Confidential ’s Cyber Security Programs to include, Security Assessments, Technical Writing, Analysis/Response/Operations, Auditing, Privacy, SharePoint and System Development, and Continuous Monitoring
• Proposal writing - Awarded 6M Confidential SOC contract (June 2017)
• Performed ISSO and Security Steward tasks in support of Confidential
• Performed security testing and system audit reviews using COTS vulnerability scanning solutions (Nessus Security Center 4.8.1 and HP Fortify 4.30) and tailored processes and procedures
• Provided assistance in computer incident investigations implementing cyber incident handling tactics, techniques, and procedures utilizing the Risk Vision ticketing system
• Performed security gap and impact analysis on the respective Confidential Cyber Security programs for mitigation strategies and recommendations to Confidential branch leads
• Managed and performed system security control assessments and risk determination for Confidential systems’ ATO, to include Privacy Impact Assessment and POAM creation; following Confidential 800-53 controls and FIPS 199/200 compliance guidelines and standards
• Cloud System Assessments
• Ensured Risk Management Framework (RMF) compliancy across the program areas
• Assisted planning for Confidential ’s FISMA, OIG, and GAO audits

INFORMATION SECURITY ANALYST

Confidential

Responsibilities:

• Served as an advisor to the Chief Information Security Officer CISO for the Confidential on all matters relating to security vulnerabilities and threats to the company’s computer network/systems.
• Follow information security policies, methods, standards, Federal Information Security Management Act (FISMA/National Institutes of Standard and Technology (NIST) standards and practices to organizational information systems, IT reference materials and interpret regulations.
• Implemented security controls, performed ongoing maintenance to prevent, detect, analyze and respond to security incidents.
• Conducted risk/vulnerability assessments of planned and installed information systems to include Cloud and Vendor hosted systems, to identify vulnerabilities, risks, and protection needs according to Confidential SP 800-53 Rev 4.
• Created, developed and modified Confidential Security Assessment and Authorization (SA&A) documents to include SSP, CP, BSI, Privacy and Risk Assessment to ensure that Center systems are conformed to OMB, NIST, HHS and Confidential security policies, standard operating procedures (SOP) and are FISMA compliant.
• Documented the corrective actions required to remediate weaknesses documented in the Center system Plan of Actions and Milestones ( Confidential &Ms) according to scheduled completion dates and projected resource requirements.
• Oversee and documented the results of periodic Center system self-assessments, Contingency Plan (CP) development, and CP testing in accordance with OMB, NIST, HHS and Confidential security policies, procedures, and guidelines.
• Worked with the programs to create an IT secured cloud environment that meets the FedRAMP requirements.
• Performed, documented, and remediated vulnerabilities identified during application scans of Center systems using tools such as IBM Watchfire Appscan as part of the Confidential SA& Confidential process and periodically, as required.
• Performed, documented, and remediated vulnerabilities identified during network mapping and configuration scans of Center systems and network addresses using tools such as Tenable Nessus Network Scanner as part of the Confidential SA& Confidential process and periodically, as required.
• Proactively scanned, identified, and documented the approval of Center system security configuration changes in accordance with the Confidential Office of the Chief Information Security Officer ( Confidential ), Information System Change Management (ISCM) SOP.
• Communicated with IT Security System Officer (ISSO) with the company and its organizational staff.

CYBER SECURITY ANALYST

Confidential

Responsibilities:

• Using Confidential collaborative effort with Confidential &A, Privacy, Confidential and Operations to verify that data is correct and security controls are in place.
• Evaluating cyber security awareness, and ensuring the necessary data protection and security controls are in place.
• Effectively using the Confidential & Confidential data repository, work collaboratively with 6 other Confidential Cyber Security Analysts and Confidential staff and stakeholders to perform Certification and Accreditation activities.
• Providing guidance and assistance to the stakeholders across the spectrum of Confidential & Confidential activities (e.g., analyzing vulnerability scanning results and Confidential &M development and management).
• Reviewing Confidential & Confidential correspondence at least twice daily, and take appropriate actions including logging receipt of Confidential & Confidential packages, forward emails for action, and respond to requests; including self-assessments, confirmation that appropriate Confidential and FIPS controls were tested, I confirm that the necessary documentation is contained in the package (e.g., System Security Plans), and that the documentation is complete and accurate.
• Collecting and update the Confidential & Confidential data repository, to ensure accurate daily, weekly and monthly status reporting.
• Communicating regularly with stakeholders for updates on outstanding items.
• Utilizing experience with use of Trusted Agent, to assist Confidential with further implementation of the tool as practices evolve.

NETWORK SUPPORT AND SECURITY CENTER ANALYST

Confidential

Responsibilities:

• Supported the Defense Contract Management Agency Network Operations and Security Center ( Confidential ), supported global network and security operations monitoring, incident response, problem isolation, and service/repair coordination for cyber-attacks and network outages.
• Continuously monitored security controls to maintain ongoing awareness of possible vulnerabilities.
• Reacted to higher level incident responses by informing the NETOPS Team Lead and/or notifying Confidential team of Confidential security incidents.
• Analyzed events in Confidential near-real time by monitoring network (server, router, switch, and circuit) and security assets by validating suspicious activities, triaging events and determining appropriate courses of action.
• Performed pro-active monitoring of network elements alarms and alerts to identify those components/elements that may lead to or already are causing network degradation or failure.
• Communicated and interacted with the Confidential customer, vendor service providers, other government entities, and functional peer groups verbally and through electronic correspondence to gain cooperation of others, seek or distribute or coordinate information, and to report.

BAGGAGE HANDLER/RAMP OPERATOR

Confidential

Responsibilities:

• Ensured that applications, networks, and software systems/mobile applications are designed, developed, and implemented according to the highest security standards and practices, including but not limited to DISA Security Technical Implementation (STIG) or NSA Security Configuration Guides.
• Configured and installed firewalls and IDS
• Performed vulnerability assessment scans as necessary using the eEye Retina scanning tool.
• Performed day to day monitoring, analysis, decision-making, and response to firewall rule events, intrusion prevention system events, data loss prevention system events, antivirus events, and host based security events
• Initiated responses, tracked and monitored compliance to directives issued by USCYBERCOM
• Participated in responses to verified cyber-attacks, classified material incident handling and directing cleanup activities.
• Completed regular situational awareness reports and daily reports
• Performed regular management and maintenance of network vulnerability scanning tools and other IA tools
• Provided guidance on vulnerability and malware remediation, Provided Blackberry support and account setup and troubleshoot issues with customers via phone support.
• Provided Active directory support to include user account setup, password reset and group policy setup.
• Provided MS Exchange support troubleshooting customer issues and whitespace cleanup.
• Responsible for managing systems security functions using McAfee Host Base Security System (HBSS).
• Assisted with the installation, configuration, and upgrade of computer hardware, software, printers and peripherals.
• Provided technical support and troubleshooting to network, desktop and/or systems hardware and software for local users and regional users via phone support.

INFORMATION TECHNOLOGY SPECIALIST

Confidential

Responsibilities:

• Project lead for the installation of all LAN drops, the integration of network and telecommunications systems in Confidential new building; to include network switch deployment, server configuration and desktop software/hardware configuration.
• Maintained the day to day network management operation of the Local Area Network (LAN) and Telecommunication Systems.
• Responsible for the deployment, installation, operation, troubleshooting, phone support and unit level maintenance of multifunctional/multi-user information systems for Confidential Division with over 1500 clients.
• Provided Active directory support on users account setup, reset passwords and group policy setup.
• Responsible for the installation and configuration of all printers, faxes, plotters and phones.
• Provided Blackberry Administration support on account setup and troubleshoot issues with customer access exchange services.
• Trained and assisted customers desk side and via phone support with submitting travel request before travel and completing travel vouchers after the completion of travel for the Defense Travel System ( Confidential ).

INFORMATION ASSURANCE SECURITY OFFICER

Confidential

Responsibilities:

• Planned and coordinated the installation, testing, operation, troubleshooting and maintenance of the Headquarters U.S. Army Reserve Command (USARC) classified network IT equipment and software systems.
• Installed, configured, and maintained the desktop operating systems, provided access to the LAN through active directory for over 200 classified microcomputers.
• Imaged microcomputers and installed appropriate software for the classified network.
• Created the content and built the Information Assurance annual training website use by the Army Reserve, and trained the trainer on the use of the annual training website.
• Trained and assisted customers desk side and via phone support with submitting travel request before travel and completing travel vouchers after the completion of travel for the Defense Travel System ( Confidential ).

INFORMATION TECHNOLOGY SPECIALIST

Confidential

Responsibilities:

• Managed Confidential Customer Support Helpdesk team comprised of eight military and two civilian contractors for Confidential total of ten (10) support personnel with Confidential customer base of over 2,500 clients in Confidential five state region.
• Planned, coordinated, and provided technical assistance for computer installations operation, system analyst functions, maintenance, and testing of Information systems.
• Worked as an Exchange administrator; installing Exchange, created, maintained and deleted e-mail accounts. Created and managed user accounts and groups on an NT network. Established connectivity to the network; troubleshooting software, hardware, and networking problems in an NT 4.0 network environment.
• Supervised and performed computer maintenance, from replacing Confidential 's to replacing motherboards.
• Traveled over Confidential five-state region deploying computers, installing software, adding computers to the network and upgrading computer systems.
• Trained end users on the use of various software programs, such as MS Office products.
• Administrator of the Remedy Action request system used to submit, track, and account for customer support/helpdesk request.
• Worked as The Assistant Information Assurance Security Officer (IASO) responsible for the implementation of all security patches and updates.