Summary

Information Technology Professional Entrepreneurial Technical Self MotivatedOver 17 years of experience in providing IT, Systems Development, Systems Integration and Information Security projects supporting federal government customers. My energetic spirit, work ethic, along with my understanding of Cyber Security has allowed me to adapt and succeed in numerous IT security related roles. I have worked on Information Assurance IA projects focused on Architecture, Certification and Accreditation C A , Vulnerability Management, Policy, Categorization and Intrusion Detection.

Technical Summary

Core Competencies Telecommute and work remotely to perform Cyber Security, C A, and A A testing. Implement IT Security and Risk Management Framework. Utilize various tools to perform security assessment and testing of hardware and software. Develop security policy and procedures based on NIST, DFARS, FedRAMP, and FISMA guidance. Perform C A testing of systems in accordance with NIST 800-53. Perform vulnerability management and POA M tracking and resolution. Collaborated with internal and external teams to test and harden servers. Facilitate meetings with ISSO's to ensure adherence to security policies. Develop, document and deliver security user training. Develop security documentation, SSP, ST E and SAR. Professional Experience

Confidential

Sr. Information Security Analyst,

• Work remote 85 to perform C A, A A testing of Booz Allen internal systems.
• Perform ST E testing against systems as part of the C A process.
• Internal assessment of Booz Allen Security Controls in accordance with NIST 800-53, DFARS.
• Document IT security related findings and vulnerabilities as result of C A testing.
• Develop status reports on the state of the internal IA program using MS Excel for senior management.
• Schedule and interview system Point of Contacts POC's to gather IA related documentation to complete A A testing.
• Review system/application artifacts for C A package review.
• Work with system POCs to remediate POA M items and maintain system/application ATO.

Confidential

Sr. Information Security Analyst, Federal Communications Commission FCC

• Perform ST E testing against systems as part of the C A process.
• Assess Security Controls in accordance with NIST 800-53.
• Generate POA M document of vulnerabilities for system ISSO.
• Run vulnerability scans using nCircle and Webinspect tools.
• Use Xacta Risk Management tool to reconcile findings from system assessments, audits and vulnerability scans.
• Work with senior agency officials, system owners and information security officers to develop processes to measure agency performance.
• Provide agency-wide support to system owners transitioning system certification data to Xacta.

Confidential

Project Manager, Information Technology Department,

• Establish and Implement IT Security Management framework.
• Develop and document Information Assurance policy and procedures.
• Develop disaster recovery plan.
• Implement and maintain vulnerability management process.
• Provide full range of Physical, Application and Network assessment and penetration testing.
• Develop individualized IT security training program. Evaluate new architectural design software applications.

Confidential

Sr. Information Security Analyst, Environmental Protection Agency EPA

• Implemented and maintained vulnerability management process.
• Use Xacta Risk Management tool to reconcile findings from system assessments, audits and vulnerability scans.
• Work with senior agency officials, system owners and information security officers to develop processes to measure agency performance.
• Developed information assurance policy and procedures based on NIST 800-53 and FedRAMP guidance.
• Provide agency-wide support to system owners transitioning system certification data to Xacta.

Confidential Information Assurance Engineer, National Archives and Records Administration NARA

• Evaluated IT Security Architecture under guidance Sr. Security Architect.
• Performed C A testing of NARA systems and applications utilizing Xacta risk management tool and NIST 800-53 standards.
• Provided technical guidance with SSP, ST E, SAR, POA M documentation.
• Consulted with system ISSO's as well as technical system administrators providing support with systems engineering, systems architecture, security management and IA security planning.
• Tested systems in the following technical environments: Windows Server, Unix/Linux, Solaris, RedHat and Web technologies.
• Interpreted patterns of non-compliance to determine their impacts on levels of risk and/or overall effectiveness of IA programs.
• Provided technical suggestions to implement safeguards to insure intended level of protection.

Confidential Sr. Engineer, Intranet Developer, NARA

• Full life-cycle development for the NARA Enterprise information Technology Repository NEITR .
• Technical Lead, for NEITR program responsible for requirements analysis, project plan development, risk analysis, design documentation, life cycle documentation SDLC , test strategies and test plans.
• Worked with customer to ensure requirements interpreted to technical team.
• Designed, developed and delivered customer and end user training documentation.
• Responsible for maintenance and population of the NEITR Publication Portal.
• Responsible for publication of the NARA Enterprise Architecture life-cycle documentation to NEITR.

Confidential Mission Oriented Systems Engineering Support MOSES Program

• Performed full life cycle development for the Veterans Health Administration VHA Metadata Registry MDR SQL server database.
• Responsibilities included requirements analysis, risk analysis, developing life-cycle documentation, conferences and meetings with the client, loading metadata into the MDR, and interfacing between the data team and development team.
• Supported the preparation of a VHA metadata registry implementation plan, and worked with the customer to identify candidate metadata registry content.
• Provided guidance on metadata preparation and loading into database.

Confidential Sr. Systems Analyst

• Performed full life-cycle development for the Veterans Operation and Programs Activity Report VOPAR designed to capture crucial veteran's information used by the Office of the Chief Information Officer OCIO to report to the Office of Management and Budget OMB and the President of the United States.
• Responsible for requirements analysis, project plan development, risk analysis, design documentation, life-cycle documentation.
• Provided monthly status reports to project manager and client.
• Scheduled and facilitated conferences and meetings with the client.
• Created system test plans, functional requirements, reports, database specifications and user guides.
• Performed as application DBA.
• Developed and delivered training to application staff and end users.

Confidential Department of Labor DOL Resource Justification Model RJM

• Performed full life-cycle development for the Unemployment Insurance UI program developed to compile national unemployment data used to report to OMB and the president for the distribution of over a billion dollars of funding.
• Responsible for requirements analysis, design documentation, project plan, risk analysis, database specifications and reports development.
• Provided weekly and monthly status reports.
• Trained application staff.

Confidential

Data Warehouse Engineer Housing and Urban Development HUD

• Worked with another contractor to develop an Enterprise Data Warehouse and repository PRMVS.
• Analyzed systems in the entire agency to provide standard enterprise data elements as part of the Enterprise Data Standardization.
• Defined and developed client requirements from statements of work.
• Proposed technical software solutions for new Data Warehouse.
• Provided technical support of CA software.
• Developed test strategies and test plans.
• Provided full life-cycle design and development of CA/Platinum MVS Repository.
• Designed and implemented metadata management and data quality strategies.
• Maintained, updated and loaded acquisition data from Excel, Access, Oracle, SQL Server, Sybase, DB2 and flat files to warehouse using CA/Platinum tools, CA/Platinum Repository for MVS, CA Data Shopper.

Confidential

Systems Integration Engineer HUD

• Worked with a small team of consultants on HUD's Enterprise Data Warehouse project.
• Responsible for SQL Server database development, design, and security.
• Performed data warehouse development and implementation.
• Developed design documentation.
• Implemented the Platinum InfoPump data replication tool.
• Developed and scheduled replication of data to a SQL Server, Sybase, DB2, and Oracle RDBMS.
• Team lead of Y2K compliance testing.
• Developed and generated reports with Cognos Impromptu.

Confidential

Systems Integration Testing Engineer HUD

• Performed systems tasks supporting Integrated Business System IBS .
• Provided application support to multiple agency-wide programs, databases, in a client/server environment.
• Maintained project development, testing, and training environments.
• Performed as DBA for DB2, Sybase, and SQL Server RDBMS.
• Implemented the Platinum InfoPump data replication tool.
• Provided technical support for project team and user community.

Confidential

Computer/Technology Instructor

• Delivered a new computer and technology curriculum to middle school students.
• Prepared daily lesson plans.
• Participated with the Technology Instructors committee, which was tasked to develop a standard Middle School Technology Curriculum.