SUMMARY:

• A highly - technical information assurance manager with over 15 years of extensive experience in security program development, security architecture, compliance, vulnerability assessment, and penetration testing for Confidential and commercial sectors.
• Proven experience in execution of organizational security programs, personnel management, compliance, and information technology (IT) operations.
• Hold industry certifications including Certified Information Systems Security Professional (CISSP) and Project Management Professional (PMP).

KEY SKILLS:

• Project/Program Management/Development, FISMA/SOX Compliance
• Systems/Security Architecture
• Penetration Testing, Application Security
• Business Analysis, Client/Stakeholder/Engagement management

CAREER HISTORY:

Confidential, Arlington, VA

Service Delivery Manager

Responsibilities:

• Works with C-level leadership and senior-level stakeholders ensuring effective planning and execution of all multiple projects.
• Works with multiple divisions, functional groups, and third-party vendors.
• Provides financial oversight, controls resource utilization, performs continuous project risk assessment, and drives many other activities to ensure end-to-end delivery of projects and new business capabilities.
• Supporting compliance with GDPR, California and Brazil Privacy Laws
• Vulnerability Management program
• Secure SDLC
• End-point device protection
• Governance framework, policies, procedures
• Data Management System (Data taxonomy and Catalog)
• Expert-level knowledge of FISMP and FedRAMP.

Confidential, Chantilly, VA

Cyber Security Manager

Responsibilities:

• In the capacity of the Cyber Security Manager leads a team of cyber security professionals. On behalf of the CISO ensures strong execution of the overall security program.
• Manages new strategic initiatives such as Secure Software Development Life Cycle, Secure Systems Engineering Life Cycle, database security, FedRAMP, Disaster Recovery Planing, Contingency Planning, COOP, Federal Enterprise Architecture, and internal audits.
• Managed security aspects of multiple application migrations and deployments into AWS.

Confidential, McLean, VA

Sr. Cyber Security Advisor

Responsibilities:

• Acted as the Senior Cyber Security Advisor at the Library of Congress.
• Project activities included capturing and documenting existing security architecture utilizing TOGAF ADM and taxonomy, performing security assessments, threat modeling, implementing Information Security Continuous Monitoring program, and performing security assessment of Progress OpenEdge databases.
• Current tools of trade include MS Project, MS Threat Modeling Tool, Nmap, Nessus, WebInspect, AppScan, AppDetective, NGSquirrel, SoapUI, WebScarab, Burp, dsniff, tcpdump, OpenLDAP, Nikto, onesixtyone, Metasploit, John (the Ripper), Qubes OS, Linux, OpenBSD, MS Windows, and many others.

Confidential, McLean, VA

Program Manager

Responsibilities:

• Identifying and interpreting all applicable regulations and ensuring compliance
• Reconciling competing priorities and agendas of multiple stakeholders to ensure continuous support of the entity CIO’s vision and strategy
• Defining and prioritizing projects, subprojects, tasks and assignments
• Ensuring strong execution of all processes associated with tasks
• Developing effective compliance approaches for FISMA, FISCAM, PCI and other regulatory frameworks
• Aggressively driving implementation of all applicable security controls and the development of the supporting documentation
• Aggressively driving certification activities to ensure all systems are fully authorized to operate in compliance with the entity’s process
• Travel as necessary to perform on-site technical security work such as vulnerability assessments, facility inspections, and stakeholder interviews

Confidential, Herndon, VA

Managing Consultant

Responsibilities:

• Worked on penetration testing and compliance projects as a consultant, pen tester, and a project manager.

Confidential, Herndon, VA

Managing Consultant

Responsibilities:

• Development of security program
• Providing leadership and direction through technical subject matter expertise
• Acting as the security evangelist
• Working with multiple technical groups
• Design and analysis of security architecture
• Alignment of new products and technologies with the existing Enterprise Architecture
• Development of the security infrastructure strategies
• Successfully completed every task and engagement in a timely fashion, while maintaining professional relations with clients and colleagues.

Confidential, Fairfax, VA

Project Manager/Team Lead

Responsibilities:

• Managing project teams
• Controlling, monitoring, and directing various scheduled project activities
• Design and analysis of security architecture
• Preparing and delivering client briefings
• In addition to security assessments, developed and conducted a number of educational seminars training junior engineers in the use of various security tools and verifying (exploiting) discovered vulnerabilities.

Confidential, Rockville, MD

Project Manager/Senior Consultant

Responsibilities:

• Planned and executed projects related to securing large UNIX and Storage Area networks.
• Developed architecture for fiber Storage Area Networks.
• Was responsible for a large Oracle ( Confidential ) development environment.
• Contributed to compliance and Accreditation efforts by preparing various deliverables and advising on UNIX security issues.
• Was actively involved in various modernization efforts including deployment of Directory Services and role-based access controls ( Confidential ).

Confidential, Arlington, VA

Technical Project Manager

Responsibilities:

• Managed a team of 15 UNIX administrators at a major telecommunications company responsible for systems that generated billing information for over one million phone calls per day.
• Planed, initiated, executed, and closed UNIX infrastructure projects.

Confidential, Washington, DC

Project Manager

Responsibilities:

• Subprojects included OpenLDAP-based messaging services authentication, anti-virus gateways, load-balancers, security, and compliance.

Confidential, Washington, DC

Network Manager

Responsibilities:

• Managed the acquisition of the network equipment, and managed the installation, configuration, and maintenance of all network components.
• Managed the development of a Web site including a custom Content Management System (CMS) to allow easy content creation and updates.
• Performed security assessments and developed security policies. Provided training and supervised IT interns.

Confidential, Washington, DC

IT Specialist

Responsibilities:

• Designed and maintained a Web portal for the Confidential national lab.
• Built and maintained an Apache Web server environment, a file transfer protocol (FTP) server, and development environments.