VALUE PROPOSITION

• Solve problems in complex and demanding environments by drawing on a pool of technical experience, business understanding and good judgment. A resourceful, creative, innovative, results-driven and adaptable professional with an expansive analytical skill set.
• A competent designer of mixed-technology solutions with a fascinating ability to lead teams in fast-paced multidisciplinary environments Able to manage information security throughout enterprises to include designing, planning, implementing, and governing enterprise information architectures.
• Proven ability to provide tactical and strategic direction for IT systems. Can identify and articulate risk analysis and mitigating strategies and options that are aligned with business objectives.
• Treats others with courtesy, sensitivity, and respect. Fully commitment to customer satisfaction and the highest ethical standards

CAREER SUMMARY

• Computer Science and Software Engineering professional with years of progressive experiences. I have had a strong combination of applications development, systems testing and Security administration and management experiences. Principal activities have included the management of systems operations, project management and customer liaison.
• I have had hands on experience in operations management, system development, systems testing and security administration. Able to conceptualize ideas and effective make oral presentations.

AREAS OF EXPERTISE

• IT Strategy Planning Execution
• Infrastructure Engineering Operations
• Application and Infrastructure Monitoring
• DoD Architecture Framework
• Data Encryption Cryptography
• Information Security Architecture
• Identity and Access Management
• Directory Services/ LDAP Management
• Web Services, SOA, and Cloud Security
• IT Governance and SDLC
• ISO 27001, SAS70/SSAE16
• DCID 6/3, DIACAP, NIACAP, NIST 800-53 Controls
• Certification and Accreditation Package Development

KNOWLEDGE, SKILLS, AND ABILITIES SUMMARY

Office/Systems Tools

• Red Hat Linux, Windows Platform IBM Z/OS Series
• IBM Rational RequisitePro
• IBM Rational Software Architect
• Microsoft Office Suite
• Nessus, Retina, Nmap, KisMAC, Metasploit, Wireshark Netsparker

Work Experiences

Confidential

Director of Information Security Practice Leader

• Manage a team of resources across a number of client organizations that span commercial and government establishments. Accountable for forecasting non-functional and functional requirements and aligning expertise and team capacity to meet the current and planned needs of the business
• Lead Information Risk Management IRM engagement with SDLC and governance processes and reviews of technical risk for initiatives and business architectures recommend cost effective controls where needed. Work closely and support the IRS Information Risk Governance, Policy and Program Governance, and Incident Response areas and their initiatives.
• Work in active partnership with stakeholders to understand business requirements and develop supporting security principles and objectives that will enable the growth and evolution of Internal Revenue Service and communicating those requirements to security and risk management stakeholders throughout the enterprise .
• Instituted Technical Leadership for a team of Security Engineering staff in support of the Internal Revenue Service IRS CADE 2 program. Continuously interfaces with IRS CADE 2 leadership on tactical and strategic roadmap developments. Develop, maintain, update, and/or assist with implementation of processes to include: Security Incidence Response, Automated access request, Vulnerability assessment and scanning, Patch management, Security metrics and reporting, Security Event Management, HSPD-12 implementation, Protection of PII, Dual factor authentication and Encryption solutions.
• Contribute to the definition of future structures and behavior of security systems and aligning information security architecture with the IRS organization's core goals. Identify and allocate resource s necessary to fulfill opportunities. Aggregate content for inclusion in Statements of Work or RFP responses. Creating Statement of Work SOWs for presentation to customers.
• Recruit, identify training requirements execute performance reviews for technical resources to include Security Architects, Penetration Testers / Security Assessors, Security Analysts and Code Review Analysts on a number of engagements.
• Sign off all Rule of Engagement RoE agreements for penetration tests to ensure that al basis are covered to increase the assurance levels around meaningful and successful executions.

Confidential

Senior Manager

• Supported Defense Information Systems Agency DISA Global Information Grid Operations GIG OPs . Provided Security Architecture SME oversight to the DoD Combined Enterprise Regional Information Exchange System CENTRIXS Cross Enclave Requirement CCER program at DISA.
• Engaged technology partners in areas of Requirement decomposition for a Cross Domain Solution CDS and a Cross Enclave Solution CES in support of the war fighter. Provided leadership/oversight on the C A of the CCER environment.
• Provided SME input across a number of Raytheon programs to include the National Oceanic and Atmospheric Administration NOAA National Polar-orbiting Operational Environmental Satellite System NPOESS program .
• Promoted a consistent risk vocabulary for information risk and controls and aligning that vocabulary with related compliance and business risk disciplines within the organization.

Confidential

Senior Manager

• Served as an Interim Chief Information Security Officer for the UK e-Borders Trusted Borders consortium. Ensured compliance of: Security Awareness Program, System Development Life Cycle, Disaster Recovery, Continuity of Service, System Test and Development, Physical security, Systems integration, and New technology integration.
• Provided effective leadership, strategic and technical vision for the Information Security Integrated Product Team IPT . Developed, and maintained relationships with internal, external customers, and vendors to formulate solutions to the customer's system issues related to information security.
• Accelerated the communication of the UK Home Office business requirements to staff and bolstered the translation of those requirements into specific performance goals. Made recommendations regarding hiring and retention of staff. Managed a team of 20 employees/contractors.

Confidential

Senior Principal Software Engineer

• Served as a senior subject matter expert SME on Information security matters. Provided support to on-going initiatives to include: SOC Transition, Audit response, remediation, and tracking, Data Center Moves and Certification and Accreditation.
• Managed the development of security documentations to include: System Security Plan, Security Awareness program, Rules of Behavior, Privacy Impact Assessment, Plans of Action and Milestones, Corrective Action Plans, Security Event Management, Vulnerability Management and Security policies.
• Contributed to Information Security/Assurance solutions for Enterprise campaigns. Contributed to and manage Information Security processes for proposals Business Development .
• Mentored and developed Information Security Analysts needed for various program implementations. Managed the application of STIG scripts for system hardening. Served as the Information Security manager for FirstGov.gov, Forms.gov and Business.gov sites Raytheon GSA Millennia Contract .

Confidential

Principal IT Security Analyst

• Served as a senior lead on security matters affecting customer systems. Prepared Rule of Engagement RoE agreements that was used in guiding/managing client expectations with PENTEST activities.
• Directed and manage a team of security engineers in helping the Financial Management Service of the United States Treasury Department meet its responsibility of properly protecting Information, which are tied to its fiduciary functions. Assisted FMS prepare respond to TIGTA audits.

Confidential

Lead Security Engineer

• Lead the review and certification of Department of Defense systems Pentagon Army to meet DITSCAP and DISA standards.
• Lead the deployment of a NSA approved Enterprise Firewall StoneGate on an OS/390 platform. Managed the utilization of the CONSUL tool for OS/390 security monitoring.
• Participated in program status reviews and updates.

Confidential

Lead Security Architect

• Managed the deployment and operations of an Enterprise Web Access Control WAC infrastructure that supports over 6 million users, using a suite of authentication tools that included Netegrity's Siteminder, OpenNetwork's DirectorySmart and IBM Tivoli Directory.
• Participated in System, application, and network security reviews and audits. Actively involved in the implementation of the Single-Sign-On technology and password synchronization. Produced periodic status reports on all projects to upper management. Created Project Plans for all assigned projects.
• Lead the development of guidelines and procedures for ensuring the proper protection of all security key rings. Established project priorities, assign work, and ensure timely completion.

Confidential

Senior Systems Analyst/Programmer

• Lead the Conversion of a suite of mortgage management software from a WANG mainframe based system to Windows 32-bit system. Ensured that the re-designed system properly communicated with the various institutions required for verification purposes.
• Converted codes written in Assembly language into a syntax that used a higher level of abstraction COBOL . Met with users to determine what improvements needed to be incorporated into the new system.

Confidential

Security Consultant

• Performed on-site project management functions. Carried out on-site analysis of customers' security system risk analysis . Managed each project in terms of needed resources and scheduling.
• Provided technical support to customers who ran SAM software as a Security Administration tool on both Mainframe and Client-Server environments. Performed customization work on SAM, to meet the specific requirements of various SAM customers. Created maintain models for Role based Access Control RBAC when needed.

Confidential

Software Tester

Performed unit and integration testing on a large commercial billing application at AT T. Facilitated the creation of test beds for performance and acceptance testing. Made sure all test beds had test cases for each documented requirement. Maintained test results for regression analysis.

Confidential

Microcomputer Support Specialist

Lead the help desk support team on H Street Washington, DC . Responded to user inquiries over the phone, E-Mail, through HEAT Help Desk Expert Automated Tool for Windows or Walk-ins. Provided support for Windows 95, MS Office 97, WordPerfect, MS Access, MS Outlook, and Paradox amongst others. Carried out memory upgrades on workstations, replaced defective hard drives, keyboards, etc. Provided on-the-spot training to educate users on better ways of using their systems hardware software .