SUMMARY:

• cyber security, security policy development, security architecture, security assessment & authorization (SA&A), certification and accreditation (C&A), security requirement, security evaluation, project lead/manager, security lead, security product evaluation, consulting, identity management, FedRAMP, 3PAO, FISMA, CyberScope, XACTA, SecureInfo RMS, CSAM, RMF, POA&M.
• Bachelor of Science in Electrical/Electronics Engineer, Iowa State University, Ames, IA
• C2S AWS Architecture
• Experience in the areas of program/project management, cyber security, security engineering, system engineering, NIACAP, DIACAP, OMB, NIST, FISMA, FBI, DCID, ICD 503, DODIIS Certification & Accreditation, SA&A, Fedramp, National Security Program Operating Manual (NISPOM), Information Systems Security (INFOSEC), SABI, TSABI, Information Assurance (IA) with combined experience working in the DOD, Intelligence Community (IC), federal government and consulting. I have worked with a myriad of security programs and projects within the government and private industry from conceptualization to establishing and implementing security and operations policies and programs from the onset.

PROFESSIONAL EXPERIENCE:

Confidential

Senior Information Systems Security Manager

Support Defense Intelligence Agency (DIA) Enterprise Information Assurance Services (EIAS )contract as a senior information systems security engineer (ISSE) to provide systems security and information assurance engineering services to enhance the security posture of the enterprise. Participate in the development, implementation and review of security controls for the systems under their purview. Coordinate with system security staff to resolve security issues through system lifecycle. Provide guidance and support to self - testing, security control assessment, preparation of Plan of Action and Milestones (POA&M) and development of continuous monitoring plans. Participate in the development and review of system security documentation in support of authorization and continuous monitoring under the Risk Management Framework (RMF).

Confidential

Senior Information Assurance Security Engineer

Supported National Oceanic and Atmospheric Administration (NOAA) Systems Engineering and Technical Services (SETS) contract, specifically NOAA’s National Environmental Satellite, Data, and Information Service (NESDIS) as a senior security engineer to sustain legacy systems and enable the transition of future ground systems for new environmental satellites including Geostationary Operational Environmental Satellite - R series (GOES-R) and Joint Polar Satellite System (JPSS). National Environmental Satellite, Data, and Information Service (NESDIS) provides secure and timely access to global environmental data and information from satellites and other sources to promote and protect the Nation's security, environment, economy, quality of life and to expand our understanding of our dynamic planet through trusted environmental.

Supported DHS/NPPD as a senior information assurance engineer. Performed Information System Security Engineer (ISSE) and Information System Security Officer (ISSO) functions. Served as the main liaison and driving force for all Security Authorization (SA). Developed and maintained POA&Ms in compliance with FISMA requirements. Served as the focal point for all SA activities to the System Owner, ISSM, and Program Managers. Reviewed, determined system security requirements. Involved in selecting commercial off-the-shelf (COTS) software or custom products.

Supported proposal development as needed.

Confidential

Senior Cyber Security Managing Consultant, Security Service Delivery Manager (SDM)

Supported USAID M/CIO/ITO as security service delivery manager/team lead. Managed the information assurance/governance and security operations (SOC) teams. Supported various audits (FISMA, A-123, internal IG, DHS CyberScope, etc.), coordinated with stakeholders to address POA&Ms, updated SSP/A&A/C&A package, represented USAID at audit entrance and exit meetings. Ensured that all security criteria are met. Evaluated and updated security documentation (ie, POA&M, SA&A artifacts). The SOC operated the security tools suite to ensure that the agency is secure. Mr. Tran ensured that the security team meets all the SLAs.

Confidential, Chantilly, VA, US

Provided enterprise security engineer to: cross domain solution (CDS) project, PKI-enable applications, PL-3 study, Identity and Access Management (IdAM), represent CGA at various DNI TEMs. Developed IdAM roadmap for CGA classified and unclassified networks.

Provided security engineer support to Military and Readiness Directorate, Experiments and Demonstration Division. Developed Experiments and Demonstration "continuity cell" security requirements and implementation. Identified security requirements on behalf of Experiments and Demonstration Division to support Confidential (CGA) for all exercises.

Security lead for the Mission System Transition (MST) supporting Confidential (CGA). Worked will all IT systems and infrastructures owner/program manager to ensure that the systems meet the security requirements, certified and accredited for the move to meet the BRAC schedule.

Supported Commercial Imagery and Global Broadcast System (GBS) as the security manager project as the security manager. Ensured that the project met the Confidential (CGA) and IC security requirements and policies.

Provided Principal Enterprise Security Engineer Consultant to the Enterprise Engineering Security Team. Advised and assisted program offices and developers on security requirements. Evaluated security documentation and advised for adequacy and improvements. Conducted program design meetings and reviews to evaluate security approaches and determined acceptable options. Conducted site survey to evaluate security implementations, site security testing, and certification.

IBM Technical Project Manager on the IBM DB2 Information Integrator (II) in the DIA Information Exchange (IE) Project. Provided technical direction and managed of IBM project personnel and provided a framework for project planning, communications, reporting with the customers.

Security team lead on an IBM e-government engagement (eBusiness Solutions Project (eSP)) supporting U.S. Mint. Recommended the security audit implementation, secure the overall architecture, identify and implement fixes to secure the systems, develop security architecture, and provide daily information system security (INFOSEC) engineering support.

Security Lead supporting FBI, Developed UAC security architecture to ensure that the system was certifiable and accreditable. Performed as the backup IBM PM. Provided daily technical guidance to the UAC office to ensure that security was part of the development.

Confidential, FL

Senior Principal Information Assurance Engineer/Technical Project Manager

Led and managed the security team supporting JSIMS ACAT 1D program. Grown the Joint Simulation and Modeling System (JSIMS) security business base to 10 personnel with 20 months. Instrumentally gained the customer trust and served as the JSIMS Deputy Security Manager. Provided INFOSEC, IA engineering support to JSIMS. Managed security team daily operations, supported all phases of C&A/A&A of the program.

Confidential

Lead Security Engineer

Provided security engineering support to: the Confidential (DOE) Cyber Security Program, Department of Defense Computer Forensics Laboratory (DCFL), Defense Counter Intelligence Information Systems (DCIIS) Program Management Office Air Intelligence Agency (AIA)/Air Force 497th Intelligence Group (IG), Information Assurance Directorate, ONI, DISA COE, LIWA. I worked with members of the DICAST (DIA, CIA, NSA, IMO, and ONI) and contractors in supporting the design, development and certification and accreditation of the JICPAC MLS system.

Team Leader for the Information Protection Program (IPP). As such, provided program management, systems engineering and consulting support on technical and information systems security aspects of IPP to the Air Force Intelligence Agency (AIA)/Air Force Information Warfare Center (AFIWC). As the MITRE team leader, performed program management functions such as budgeting, task tracking, hiring, and supervising.

Confidential

Senior Electronics Engineer

Served as the Rocky Flats Plant (RFP) technical security manager for computer (COMPUSEC), telecommunications-electronics (COMSEC) systems and networks. I made recommendations concerning the relevancy of cost-effectiveness, technology, security compliance and proposed configurations for $20 million in ADP and capital equipment.

Served as the Nuclear Weapons Complex/Wide Band Communications Network (NWCnet/WBCN) Operations Manager. Developed WBCN System Manager Manual to provide guidance for Albuquerque Complex (13 Nuclear Weapons Complex Sites). Performed as technical staff implementation of NWCnet/WBCN engineering studies, design criteria, and operations and security procedures/standard. Chaired the WBCN System Manager meeting. Provided technical review, engineering evaluation and guidance to Albuquerque organizations and contractors personnel on telecommunications programs.