SUMMARY:

Experienced cyber security professional with a broad range of technical skills and a proven record of accomplishment. Strong interpersonal communications skills facilitate working with personnel Confidential all levels across both the public and private sectors.

CORE STRENGTHS:

• NIST Risk Management Framework
• Project Management and Planning
• Security Risk Assessments
• Federal Cybersecurity Policy
• Computer Network Defense
• Technical Writing

PROFESSIONAL EXPERIENCE:

Confidential

Program Manager and Senior Consultant

Responsibilities:

• Serve as program manager for a team of six.
• Team lead for consolidated DOC FISMA analysis and reporting. Developed DOC FISMA improvement plan that provided specific actions to enhance enterprise security in the Cyber Security Cross - Agency Priority (CAP) areas of Information Security Continuous Monitoring (ISCM), Identity and Credential Access Management (ICAM) and Anti-Phishing and Malware Defense (APMD). This work contributed to the DOC’s improvement from meeting seven of 24 CAP metrics in 2015 to meeting 17 of 24 in 2017.
• Provided cybersecurity policy development expertise:
• Led the effort to update the DOC IT Security Baseline Policy. The work included developing an enterprise security policy that includes all NIST SP 800-53 baseline controls. The policy also incorporates OMB A-130, Confidential and parameters from Confidential Binding Operational Directives (BOD).
• Responsible for the development of the Plans of Action and Milestones (POA&M) Minimum Standards. This document provides the required POA&M lifecycle process steps to remediate vulnerabilities in a consistent manner. The DOC CIO issued the POA&M Minimum Standards in July 2017.
• Supported the development of the DOC-CIRT Incident Response (IR) Policy. This policy provides the incident reporting requirements for DOC bureaus (e.g., NIST and NOAA) to the enterprise DOC-CIRT. It also establishes DOC-specific procedures for Major Incident reporting as required by OMB M-17-05. The DOC CIO issued the IR policy in April 2017.
• Supported the Office of Privacy and Open Government ( Confidential ) by reviewing and assessing Privacy Impact Assessments (PIAs). Reviewed the PIAs and associated artifacts in CSAM for the applicable dates for the documents, signatures, and POA&M status.
• Managed the remediation of the Cisco Critical Vulnerability CVE-2016-1287. Consolidated, reviewed and summarized information from the weekly data call. Prepared detailed summary reports for DOC management and developed the response to Confidential .

Confidential

Cyber Security Subject Matter Expert

Responsibilities:

• Provided on-site cyber security expertise to the DoD Education Activity ( Confidential ) in support of the DoD Financial Improvement and Audit Readiness (FIAR) Program.
• Developed Access Control Policy, Configuration Management Policy, IT Access Control Operational Directive, and Access Control Procedures in accordance with NIST SP 800-series guidance. These documents addressed FIAR audit findings.

Confidential

Cyber Security Specialist

Responsibilities:

• Put together an international team to bid on an ISO 27001 scoping and planning contract.
• Provided technical writing, technical editing and graphic design expertise to multiple projects.
• Passed the CISSP examination.

Confidential

Cyber Security Specialist

Responsibilities:

• Acted as the Confidential cyber security lead for National Level Exercise (NLE) 2012. Teamed with Confidential, Confidential, the National Security Staff (NSS), and others to plan and develop exercise scenarios, monitor and evaluate exercise play, provide exercise control and simulation, and document findings and lessons learned.
• Coordinated with IC elements to develop the ICD 502-mandated Concept of Operations (CONOPS) for the Integrated Defense of the IC Information Environment. Researched and wrote technical material for both steady-state and coordinated incident response operations. The steady-state operations included a risk management framework based on the NIST SP 800 series process.
• Served as the Confidential CIO team co-lead and primary technical writer for the Comprehensive National Cybersecurity Initiative “Connect the Centers” ( Confidential 5) implementation plan and the “Increase the Security of Classified Networks” ( Confidential 7) implementation plan. Led the IC working group that established the Confidential 7 CND security architecture baseline capability requirements for both the IC elements and the IC enterprise.

Confidential

Cyber Counterintelligence Analyst

Responsibilities:

• Provided a weekly, classified briefing to the Confidential CIO cyber security office on cyber threats, vulnerabilities and malicious activity. This effort included the collection, review and consolidation of multi-source (e.g., both open source and classified) information to identify evolving threat profiles and provide an early warning of potential cyber-attacks on the Confidential enterprise.
• Led the analysis of cross-laboratory Confidential cyber CI investigations. Wrote detailed Intelligence Information Reports (IIRs) that included malicious IP addresses and tactics, techniques, and procedures ( TTPs) for cyber-attacks. Collaborated with Department of Defense (DoD), IC and federal civilian agencies to share cyber threat intelligence on intrusion sets.
• Founding member and core contributor Confidential the FBI Washington Field Office-led Cyber Investigative Joint Task Force (CIJTF). The CIJTF’s accomplishments in integrated cyber analysis, investigations and operations led to the establishment of the National CIJTF ( Confidential ). As the first Confidential resident Confidential the Confidential, promoted the development of the initial Confidential operational capabilities.

Confidential

Distinguished Member of Technical Staff

Responsibilities:

• Initiated the development of Confidential & Confidential ’s cyber-intelligence capability by developing a daily cyber-intelligence bulletin for Confidential & Confidential management, cyber security and network operations personnel. This bulletin included significant operational cyber security issues and threat information from public and private sources. This cyber-intelligence effort influenced the development of commercial offerings such as “Internet Protect.”
• Acted as the lead penetration tester for the Defense Information System Network (DISN) Video Services and the Hawaii Information Transfer System (HITS) information technology systems. This certification testing of security controls led to their accreditation for operation.
• Provided support for the development of the U. S. Government Network Security Framework Document. Wrote the interoperability section of the Protection for Network Access section. This work culminated in a briefing to an audience of about 200.
• Led the development of the Security Vulnerability Analysis (SVA) methodology used for the Strategic Defense Initiative (SDI) and authored the final draft of the SVA Report delivered to the Government. This methodology met quantitative risk assessment requirements in MIL-STD 1785 - System Security Engineering and the methodology was used for Air Force security training. Applied the SVA methodology to a risk analysis of potential SDI Mobile Command Center architectures.
• Member of the team that developed the Trusted Software Development Methodology (TSDM) for the SDI. This methodology specifies the environmental variables and development processes required to develop software to different levels of trust. Many Government procurements required TSDM-based software.
• Coordinated Confidential & Confidential ’s response to the NSA Key Management Infrastructure (KMI) Request for Proposal (RFP). Served as both team lead and subject matter expert (SME) for Confidential & Confidential ’s capabilities.
• Security consulting highlights include:
• Lead engineer and technical writer for on-site security consulting for the Royal Hong Kong Police. Evaluated a wide range of legacy information systems and networks to develop a “to-be” security architecture and a migration plan to transition the legacy systems and networks to TCP/IP.
• Program manager and lead engineer for a PKI consulting contract Confidential the DISA Interface Standards Analysis (ISA) Laboratory. Evaluated vendor PKI products to verify that they met the applicable standards. The customer renewed the contract two times and doubled the Confidential & Confidential staffing level.
• Provided security engineering for the deployment of the data network for the 1996 Democratic National Convention. Enhanced security, balanced against ease-of-use, by recommending safeguards including: reconfiguring the network to optimize the security provided by firewall; disabling PC CD; installing boot passwords and preloading virus protection software. There were no network security incidents Confidential the convention.