SUMMARY

Confidential is experienced in team building, IT Security, Project and task management. He possesses on the job knowledge of IT Security and Network Engineering and experience to manage the analysis, implementation, maintenance, and support of Security Assessments DIACAP , and IT operations. He is also experienced in establishing contact and interacting with the management, technical, and administrative staff to present and resolve issues and problems.Confidential has more than 20 years of program management experience directing personnel and subcontractors assigned to the installation, maintenance, enhancement, and conversion of COTS applications for theConfidential Navy and other branches of the U.S. armed forces. He has managed large software teams 120 software engineering and support professionals located at multiple performance sites CONUS and OCONUS . His systems engineering experience include 10 years in the definition, analysis and design, implementation, and deployment of administrative, scientific, communications, and logistical systems. Customers supported include the Confidential.

Classes Taken:

• CISA Review 04/2013
• Fully Qualified Naval Validator Training 04/2012
• Unix level I II, Frame Relay, Network Cabling Systems, ATM Internetworking, Intro to WAN, Understanding DSL, Intro to TCP/IP, Building Scalable Networks, Intro To Cisco Router/Advanced Cisco Routers, etcetera
• Juniper Routing, Architecture, Configuration and MPLS Traffic Engineering
• Project Management Principles
• Introduction To Project Management, Microsoft Project 2003
• CISSP Class
• IA C A Boot Camp C A Boundary Determination, Assessment Tools Gold Disk, AppDetective,Web Inspect, Retina , Mitigation Strategy Reports, DID Defense In Depth

EXPERIENCE

Confidential

Information Assurance Manager,

Confidential erves as an Information Assurance Manager IAM and Subject Matter Expert SME within the DLA Information Operations, IA Directorate in support of the Agency's Chief Information Officer. Supports the program/system manager in implementing the DLA Certification Accreditation process DIACAP .Acts as a primary IA technical advisor to the respective program/system manager and when necessary, formally notify the Designated Approval Authority and/or Certification Authority of any changes impacting the information system's IA posture.Performs IA studies to ensure security controls are in place in order to facilitate confidentiality, integrity, authentication, and non-repudiation Incumbent is responsible for targeted project plan development and management, policy and process development, technical IA technology assessments and analysis, and related IA guidance interpretation and dissemination.Ensures security instructions, guidance, and standard operating procedures are prepared, maintained, and implemented for the information system under her purview.Evaluates and provides IA related consent on development efforts to ensure that baseline security safeguards are appropriately implemented.Confidential worked as an Information Assurance Validator/Auditor/Analyst and provided information assurance support for NAVFAC by working with various NAVFAC clients/stakeholders and Command IAM with a focus on IA Policies, discipline, and practices required by NAVY and DoD. He worked with all project/package stakeholders as required to provide written DIACAP Validation strategy for NAVFAC packages using acceptable practices, processes, strategies, and approaches. He helped engineers to determine IA controls and associated tests that would be used during the ST E process. He also participated in the Completion of C A documents for Industrial Control Systems ICS and Business Systems, as well as reviewed, maintained, and disseminated information relating to NAVFAC C A procedures and business processes. Mr. Lancaster assisted in the performance of Risk Analysis and provided recommendations on mitigations in support of C A requirements. In addition, he acted on behalf of the Navy Certification Authority to validate and document the proper implementation of IACs using eMASSand other reporting resources. He served as the approval authority for package release to the Navy CA and ODAA office.

Information Assurance Lead,

• As Information Assurance Lead, Confidential supported the BRAC BP 198 Project Defense Health Headquarters task to move the Office of Health Affairs, Tricare Management Activity TMA , ConfidentialBureau of Medicine, Office of the Surgeon General,Surgeon General's Office, Force Health and Readiness FHP R and Pentagon Force Protection Agency PFPA into a single collocated site known as the Defense Health Headquarters DHHQ . He led a team of IA Analysts and IA Engineers in the support of system certification and accreditation CA efforts with government accreditation authorities. Furthermore, he was responsible for the overall direction, coordination, implementation, execution, control, and completion of the Security C A efforts in accordance with regulatory guidelines. He maintained verbal and written communications in an effort to articulate project related challenges, recommendations, and status to senior Company, Government executives, and stakeholders.
• Confidential supportedDoN Dept. of Navy Information Assurance/C A Initiatives in accordance with DIACAP policy 8510.01. He assessed security assessments, gathered artifacts, and assembled C A packages utilizing DISA FSO Manual Security Checklists such as 8500.2. He was responsible for working with system administrators, engineers, and stakeholders to conduct interviews and execute questionnaires concerning system assessments. In addition, he was responsible for assembling C A packages based on DoNHandbook, DoD IA Policies DoDI8510.01, DoDI8500.2, COMSCINST 5239.3a and the MSC C A Handbook , and other established standards and best practices. Mr. Lancaster worked DIACAP Executive package and full DIACAP to include the following Artifacts: SIP, C A Plan, POA M, and all other associated artifacts that speak to the system's current security posture. He attended weekly system briefing meetings and was responsible for posting all minutes and briefing stakeholders and upper management on system statuses.
• Confidential was Subject Matter Expert SME on all IA related matters for Military Health Systems Distributed Development Toolbox project. He provided technical and non-technical user guidance on DoD information technology programs to address life cycle security from inception of the program through accreditation and obsolescence. He performed reviews and provided technical documentation required for the application, system, network, and site certification and accreditation process. He also utilized DISA FSO manual security checklists, for example, the Application Security Development Checklist. He was responsible for monitoring the implementation of and compliance with C A standards within Distributed Development to ensure uniform application of standards and consistency in security of accredited DoD information systems. Mr. Lancaster also acted as a liaison and communicatedwith DoD, Services Army, Navy, and Air Force , Military Health Systems MHS , and Tricare Management Activity TMA/IA on DIACAP standards and procedures. He attended user group and vendor meetings, and presentations to discern possible use of benefits or products being discussed to add to the Distributed Development Division's toolbox.
• IA security posture IS systems using tools such as Gold Disk and Retina for Military Health Systems/Tricare Management Activity. He was also responsible for providing documentation of assessments effort to the Certification Authority CA and the DAA Designated Approving Authority . He also submitted Security Test plans and associated documentation, and traveled to customer sites to conduct Baseline visit security testing. Additionally, Mr. Lancaster was responsible for working with the customers to ensure the accuracy of their submitted documentation and for review before submitting it to Quality Assurance and inserting it in the final package. He also assisted and supported the annual self-assessment for the Certification and Accreditation effort of the MHS/TMA campus by conducting vulnerability scans and executing contingency tests.