Security Clearance:

Top Secret/SCI

Summary of Qualifications

I am a high performing cybersecurity professional and veteran project manager. Over my 25 year career, seven 15 years managing infrastructure project and security audits. I am able to manage and understand the detail of network infrastructure and security issues, because I have work from many years being a network and security engineer. I have managed, monitored, analyzed, and minimized the operational impact of dynamic threats to critical public and private sector IT infrastructures. Domain knowledge of network design, routing protocol, incident handling, remediation, packet analysis, security auditing, intrusion detection, and vulnerability assessment coupled with team leadership, hands on, and financial management capabilities enables me to deliver, redundant, efficient, secure, available infrastructures and systems that defend against attacks and infiltration. I have credentials in industry-leading security and Management certifications e.g. PMP, CISSP, CISA, ITIL, CSM, CCNA , expertise in legal and regulatory compliance e.g., FISMA, NIST, DIACAP, SOX, PCI, NERC , and additional experience in current cyber technologies e.g., Checkpoint, Cisco ASA/PIX Firewall, Blue Coat, ArcSight, SourceFire .

Professional Experience

Confidential

Infrastructure Project Manager

• The Defense Logistics Agency DLA provides logistical support for all branches of the US Military worldwide. There is over 50,000 servers, desktops, laptops, and mobile devices that need software maintain and configured securely. I am responsible for all aspects of the development and implementation of software deployment for the entire Defense Logistics Agency assigned projects and provide a single point of contact for those projects that involve the distribution of software updates, security packages, images upgrades at the enterprise level. I take projects from original concept through final implementation. I Interfaces with all areas affected by the project including senior management, accounting, end users, computer services, vendors, and client services.
• I develop detailed work plans, schedules, project estimates, resource plans, and financial and operational status reports: utilizing SharePoint, MS Project, Scrum and EV. Conducts project meetings and is responsible for project tracking using several tools to include Earned Value and Risk Analysis. Ensures adherence to quality standards and reviews project deliverables. Manages the integration of vendor tasks and tracks and reviews vendor deliverables. Provides technical and analytical guidance to all team members. Recommends and takes action to direct the analysis and solutions of problems.

Confidential

Security Auditor

Responsible include performing Security Audits for conforming to the NERC and CIP 005 and 007 guidelines. Nessus Security Manager and scanner, Nipper, are some of the tools used. Create/modify Visio diagrams and create detail findings/remediation report. Use the scrum process for project execution. Compiled complete list of devices to be scanned/audited using network diagrams and asset management systems. Developed scanning schedule based on system type, owners input, and system sensitivity/criticality to PJMs mission. Conducted scans and analyses of results

Confidential

Team Lead/Manager

• Lead and managed the FEMA Support SOC Team supporting the 24/7/365 SOC that monitors intrusion detection systems IDSs at the DHS SOC, working with SourceFire sensors through the Defense Center Management Console and ArcSight Enterprise Management System
• Creates effective security event notifications through increased communication between the SOC team and the FEMA security team at the Mount Weather Emergency Operations Center, ensuring quick resolution to incidents
• Identified strong performers in the group and designated shift leads, assigning additional duties that included monitoring and mentoring the performance of shift personnel
• Implemented a three-point program to reduce false positives: correctly defining the Home Net for all sensors correctly identifying infrastructure devices and creating an IP address process for unrecorded networking devices, including rule changes.

Confidential

Information Assurance System Engineer IV/Manager

• Managed the installing and securing of control platforms of Drone Aircraft being built for the US Army
• Used Earned Value Management for reviewing project progress, enabling early forecasting and resolution of cost and schedule issues.
• Provided technical and managerial support to Information Assurance Certification Accreditation activities, including analysis and evaluation of security concepts, designs, and tests threat, risk, and vulnerability assessments security certification ST E and risk analysis in a software development lifecycle
• Team assessed system vulnerabilities and determined the adequacy of security controls and the level of residual risk in networking devices and software custom and COTS
• Managed multiple projects Used DIACAP to secure servers, networking devices, and software directed running Gold Disk and SRR scans directed and performed Retina and Nmap scans and developed Plans of Action and Milestones POA Ms all leading to Authorization to Operate

Confidential

Senior Information Assurance Security Analyst

• Analyzed requests for connection to the SIPRNet to ensure that they met government standards based on the DoDI 8500 series and NIST Special Publication 800 series
• Reviewed network diagrams, scorecards, POA Ms, and Designated Approving Authority Interim Authorization to Communicate and Authorization to Communicate requests

Confidential

Project Manager/Lead Auditor

• Defined scope, gathered requirements, developed tasks and tasks sequence, developed communications plan and risk matrix Managed projects from requirements gathering through closure. Provided SME guidance and Project Manager over site to security audits, risk assessments, and system T E ST E providing instruction on writing of System Security Plans in compliance with government regulations e.g., FISMA, NIST, DIACAP, SOX reviewed, edited, and approved documentation to be given to the customer. Assisted clients write Disaster Recovery Plans and Business Continuity Plans
• Advised team members on conducting ST E and the execution of scans using Foundstone Enterprise, Nessus, ISS, Retina, and Burp Suite scanners, also on proper document results and updating earlier documents
• Performed a NIST VOIP audit hearing to NIST's SP 800-58 requirement.

Confidential

Network Administrator in Iraq

• Performing network support operations for the US Army. I was responsible for maintaining 25 routers, 30 switches and 4 Cisco Pix Firewalls.
• I have implemented all networking devices to send their logs to a syslog server and enabled SSH on several networking devices. Have made several changes to the routers and Pix firewalls on both the NIPR and SIPR networks. Enabled switch port security throughout the network and implemented a new process for attaching new computers to the network. I implemented Websense for web filtering and WhatsUp Gold for network monitoring. Performed troubleshooting on several non-working Dell Edge Servers, identified the problem and order replacement parts, when parts arrived mother boards installed them. Eventually these servers were the servers I used for Web Sense and WhatsUp Gold servers.

Confidential

Data Center and Security Manager

• Managed data center operations, leading the design/implementation of WAN connectivity for secure VPN tunneling and for monitoring critical/noncritical systems worldwide
• Designed and implemented a companywide infrastructure plan using VPN and consolidating three companies/networks, including three major sites and 15 remote sites
• Planned and implemented a Windows Active Directory network merger/upgrade and developed and implemented a companywide end-user support process plan
• Information Technology Project Manager
• Oversaw the design, implementation, and management of infrastructure related projects in corporate and regional offices including an IPSEC VPN implementation using Cisco 3640, 2600, and 1700 series routers and Checkpoint FW1 that connected three locations
• Migrated newly purchased companies to Windows 2000/Exchange from Novell NDS based networks and performed security analysis of remote offices and main data center
• Senior Network Engineer Lead Technician
• Oversaw data center security and networking design/installation implemented Checkpoint RealSecure IDS and performed monitoring and packet analysis
• Monitored network health by installing CiscoWorks, BigBrother, and IPSentry to provide real time alert notifications to pagers/cell phones for network outages, security breaches, etc.

Confidential

Senior Network Engineer/Architect

• Responsible for the research and development of new network operating systems implementations and upgrades for the North American network.
• I performed troubleshooting, maintaining and instruction on existing systems, and making recommendations for improvements in standard operating procedures. Designed and implemented the upgrade of the corporation North American network and implementing NDS, DNS, and UNIX print services, FTP, and DHCP. This included the hardware redesign and upgrade. Managed a small team that integrated with construction elements for 5 new office build-outs . This included placements of electrical outlets and cable drops for workstations to switching closets. Designed and installed Deloitte Consulting European Remote Access Center, which included infrastructure design Corebuilder 3500 , Compaq servers, and Windows workstations.

Confidential

Security Engineer/Consultant

Responsible for the technical design and pre-sales support of security solutions. Assisted in the design for a security solution for a major brokerage clearing house in NYC and implemented the firewalls using three Checkpoint's Firewall-1 firewalls. Designed a wide area Windows networks using, implementing DHCP/WINS/DNS, for all of General Motors Truck Plants. Conducted pre-sales support by consulting and designing a nationwide upgrade plan for GMAC's network.

Manager/Senior Network Engineer

Supervised 10 full times engineers and up to10 temporary engineers. Responsible for the technical aspects of all LAN related projects, to include the cost estimation and technical review. Track all department projects to ensure jobs were completed on time and within budget. Mentored junior engineers and conducting annual reviews. Conduct pre-sales support and implement technically high-end projects. I was responsible for interviewing and hiring engineers for out-placement assignments and for permanent positions...

Confidential

Network Manager/Operations Project Manager

• Maintained and upgraded 20 LANs, 3,500 desktops, and 40 servers supervised five employees and designed, scheduled, and developed computer training classes
• Serviced more than 100 computers and 15 servers installed/upgraded 10 LANs and developed a long-term plan for upgrading all company LANs to one 4.1 WAN
• Developed and maintained documentation for LANs, including geographical maps inventory of key network equipment, with critical settings and software information cabling documentation past problems and trouble report log and baseline usage patterns
• Managed ongoing projects for the Saudi Arabian National Guard Modernization Program, including defining scope, developing statements of work, and allocating resources
• Wrote a 10-year, 10 million plan for reorganization of three brigades developed a 3 year Work Breakdown Structure developed job requirements for 300 employees and identified and scheduled resources, including cost estimation, risk assessment, and monitoring