Information Assurance Program Manager
- Direct report to the Deputy CIO for all matters concerning Information Assurance.
- IA Program Manager to multiple unclassified major applications directly supporting the CIDC mission.
- Provide Information Systems Security Engineering activity for all major applications in support of the assigned project managers, user representatives, and customers.
- Perform certification activity for all major applications to ensure they meet the minimum baseline standards of DISA STIG and IAVM compliance.
- Provide Staff Assistant Visits SAV for all USACIDC field sites that have mission systems and applications.
- Registration of all hardware and software for Army Certificate of Networthiness CoN .
- Ensure DoDD 8570 training compliance for the Command personnel.
- Quarterly and Annual FISMA reporting.
DEFENSE SECURITY SERVICE
- Act as the Deputy to the Chief of Certification Engineering, Information Assurance Division.
- Information Systems Security Officer ISSO to multiple unclassified and classified information systems and enclaves NIPRNet, SIPRNet, JWICS . Project Management support to carry out the lifecycle of information systems and enclaves throughout the DIACAP process. Completion of C A artifacts and executive packages.
- Information Systems Security Engineer, reviewing IA, IA-enabled, and non-IA enabled products to ensure they meet regulation and security requirements. Provide technical and security architecture requirements for new systems and platforms built for DSS.
- Carry out the regulation and requirements of DoDD 8500.01, DoDI 8500.2, and DoDI 8510.01 for all DSS programs, systems, and applications.
- Command Cyber Readiness Inspection CCRI Analyst, preparing programs to be compliant and security assured to pass CYBERCOM CCRI assessments.
- Assist in the system security engineering for SIPR over NIPR tunneling and MPLS implementation.
- Work in collaboration with the Defense IA Security Accreditation Working Group DSAWG on the approval of Cross Domain Solutions CDS , GIG Waivers, and any other waiver requiring DSAWG approval.
- Perform and carry out Traditional Security inspections to internal DSS site locations to ensure CCRI compliancy.
- Subject Matter Expert SME in providing risk and vulnerability assessments using automated tools such as: Retina, Flying Squirrel, CORE Impact, Nessus, Gold Disk, SRR, S-CAP, STIGs, SRG.
- Site Assistant Visits SAV for all DSS field sites that had OCIO Information Systems.
- Stand up the Agency's automated C A application Telos Xacta Assessment Engine Continuum .
- Agency representative for external collaboration to include DIACAP Technical Advisory Group TAG , RMF TAG, DoD NICE Working Group.
- Provide system security engineering support for unclassified classified environments including Windows Solaris Operating Systems, Active Directory, DNS, DHCP, Microsoft Exchange, ESXi Virtualization, SMS/SCCM, SQL Database clusters, and everything maintained within the Data Center.
- New systems built to DISA guidelines following DoDI 8500.2 IA controls, 8510.01 DIACAP, including DISA STIG and vendor supported hardening guides to ensure security kept high, risk and vulnerabilities low, and preserving confidentiality, availability, and integrity.
- Provide technical assessment of C A packages for new and existing systems within DIACAP.
- Standing up the N I vulnerability management system for the creation, tracking, and management of each accredited system/service Plan of Action Milestone POA M . Act as a liaison to various PMs that support an accredited system/service to ensure their system/service is meeting all their IA DIACAP requirements, and their system/service have all remediation and mitigation in place. Provide IA and vulnerability management advice and support to all the PMs.
- Creation and understanding of System Accreditation packages for new and existing systems using DOD 8510.1 DIACAP and FISMA guidelines.
- Creation and management of accredited Windows 7 Office 2010 NIPR SIPR image deployed to DSS workforce as directed by the Director and CIO of the agency. Included with the image creation, obtaining an IATT, and managing the various testing phases before being deployed into production.
- Key staff member of the agency BRAC support which included the relocation of the former DSS HQ to the new DSS HQ in Quantico and our other main sites that included BRAC move from Columbus, Ohio to Ft. Meade, Maryland. BRAC included user and system infrastructure relocation and standing up entire new infrastructure.
- Act and serve as a liaison between different personnel within the IAO, IAM, IT staff, providing technical, compliant, and secured guidance for network and system compliancy guidelines.
- Provide, acknowledge, and implement DISA mandated IAVM, CTO, FRAGO, and STIG to agency controlled network and system assets in support of information systems security engineering.
- Knowledgeable in all system and network infrastructure to understand the breakdown of vulnerabilities and intrusions, and the multiple ways of delivering effecting measures of remediation.
- Creation and understanding of System Accreditation packages for new and existing systems using DOD 8510 DIACAP and FISMA guidelines.
- Creation and maintaining of POA M for all new and existing system and network findings.
- Conduct, evaluate, and study various system and network scans and evaluations using various DOD compliant tools including Gold Disk STIG , Retina Scan SCCVI , and Patch Link.
- Assist in standing up DSS IAVM management and acknowledgement policy to be compliant with CYBERCOM and update VMS with IAVM POA M and Mitigation plans.
- Planning, engineering, and installation of SCCM and SMS 2003 environment.
- Package creation including applications, patching, updates, modifications, registry command lines, scripting, and more.
- Collection, package, report creation management.
- Creation of management site, distribution points, central sites, etc.
- Management of Windows Servers and Workstations via WSUS.
- Creation and maintaining of WSUS Central Site repository.
- Understanding and maintaining service with DISA guidelines.
- Patch management with 100 servers and 1500 workstations.
Senior Systems Analyst -
- Technical site lead over IT support.
- Provide system security engineering support including Windows Solaris Operating Systems, Active Directory, DNS, DHCP, Microsoft Exchange, ESXi Virtualization, SMS/SCCM, SQL Database clusters, VoIP, VPN, Citrix, Virtual Disk Infrastructure, Blackberry, Mobile Enterprise Deployment, Application, Print, scripting, and more.
- Understanding and implementation of NIST SP 800-53 new system builds and accreditations.
- Monthly and quarterly briefings directly to executive joint venture staff of Deepwater PMO including VP of Lockheed Martin, Northrop Grumman, and Coast Guard COTR discussing security posture of the unclassified enclave. Reports included number of open and exploitable weaknesses and vulnerabilities, various severities of risks, and closed vulnerabilities and the remediation and mitigation efforts that were made to support availability, confidentiality, and integrity of the network.
- Vulnerability Management, Remediation, and Mitigation.
- Key member of internal Tiger / Blue team to various Lockheed Martin sites for site audits and visits. Site visits included physical security and access control checks. Vulnerability scanning, remediation, and mitigation of all weaknesses and findings. Information briefs were created and presented to various IT site leads, Program Managers, and Lockheed Martin CIO.
- System and Network Vulnerability Scanning with various applications including McAfee Foundstone, Nessus.
- Creation and deployment of SMS SCCM packages. Package creation including applications, patching, updates, modifications, registry command lines, scripting, and more.