OBJECTIVES

I am looking for a hands-on compliance, management,business development job ininformation technology IT , information assurance IA ,cybersecurity investigative, defensive, offensive , privacy, identity theft, security engineering, security strategy architecture, healthcare cloud security, secure communication, enterprise network wireless security, IV V, gap analysis, IT risk management, awareness training, security audit, security testing evaluation, assessment authorization A A , certification accreditation C A , continuous monitoring, defense-in-depth, plan of action milestones, cryptography, PKI, policies procedures, emergency ready, contingency planning CP , disaster recovery, continuity of operation COOP , business impact assessment BIA , security operations maintenance, risk reduction, asset protection, regulatory compliance, and customer satisfaction. I am servingfederal state governments, corporations,healthcare organizations, and universities for 35 years. I am a faculty for 15 years at teaching cybersecurity, CISSP, Security classes. My credentials include Doctor of Management e-commerce/cybersecurity/privacy/identity theft , BS/MS IFSM ,MS Biology , andsix 6 security certificates CISSP, CISM, CAP, IAM, IEM, Certificate in Cybersecurity .

PROFESSIONAL TRAINING

IT risk management, information assurance, communications and wireless security, cyberspace, cyberthreats, cyberweapons, cybercrimes, cyberwarfare, cybersecurity, privacy, identity theft, intrusion detection, intrusion prevention, incident response, digital forensics, e-Discovery, chain-of-custody, disaster recovery, business impact assessment, continuity of operation, e-Commerce, enterprise security architecture, identity access management, Cain Abel, Nmap, Wireshark, MBSA, AVG, Nessus,cyber-physical system security, cryptography, hashing, digital signature, cloud security, malware protection, NIST-SP-800 guidelines, security documentation, security audit, IV V, gap analysis, security test evaluation, plan of action milestones, certification accreditation, continuous monitoring, cybersecurity assessment management security acts, regulations, HIPAA, GLBA, Sarbanes-Oxley, FIPS standards, ISO 27000 series, COBIT, SDLC, EVMS, NIST guidelines, regulatory compliance, project management, business development.

RELATED SKILLS

• SME Subject Matter Expert in cybersecurity, digital privacy, policy, procedures, configuration management, hardening, information assurance, building secure system, and IT risk management
• SME in security categorization, system security planning, security testing evaluation, plan of action milestones, certification and accreditation C A , continuous monitoring, and training
• 15 years in teaching Cybersecurity, CISSP, Security , MCSE classes at University of Maryland
• 10 years in business development-strategy, technical writing, implementation methodologies
• SME in enterprise security architecture, disaster recovery,and continuity of operations COOP
• SME in contingency planning, emergency preparedness, and conducting exercise/drills/testing
• SME in defense-in-depth, regulatory compliance FISMA, HIPAA, ISO 27000 series, OWASP, COBIT, GLBA, SOX, FIPS standards , NIST-SP-800, IV V, gap analysis, and common criteria
• SME in FISMA audit and recording in cyber security assessment and management CSAM tool
• SME in e-Commerce, cloud security, managing multicultural and cross-functional team, budget

WORK EXPERIENCE

Position:Project Manager Information Assurance, C A/ITRisk Management Framework

Responsibilities: Responsible for consultancy, business development, and trainingin the area of information technology, information assurance, cybersecurity, policy, procedures, cloud security, network security, wireless security, securearchitecture, identity control, access management, e-Commerce, e-Governance, PII, PHI, privacy impact assessment, healthcare information security, security testing evaluation ST E , IV V, gap analysis, certification accreditation, IT risk management, and IT regulatory compliance. Managecybersecurity/privacy laboratory.Teaching and hands-on practicingNmap, MBSA, AVG, DVWA, Wire shark, SNORT, andNessustools. Helped three 3 large/medium corporations of Washington DC area in IT business development.

Position: Assistant Professor/Course Chair, Cybersecurity/Computer Technology Departments

Responsibilities: Teaching since 2000. Taught cybersecurity,privacy, risk management, CISSP, Security , Network , MCSE, enterprise security architecture, application telecommunication security, and different threat modelingincluding OWASP. Served as a course chair for 3 years and academically supervised 12 faculty members. Served as the content expert of the Network class. Guided projects in security architecture, cyberspace, cyberthreat, cyberweapon, cyberwarfare, cyberattack, cybercrime, cybersecurity, privacy, e-Authentication, PII, privacy impact assessment, cloud security contingency plan,disaster recovery plan, continuity of operation plan COOP , and their exercises/drills secure access control, identity access management IAM , single-sign-on SSO , public key infrastructure PKI , digital signature, IPSec, DNS, and DHCP virtual private networking VPN , demilitarized zone, intrusion detection system IDS , intrusion prevention system IPS , penetration testing, ethical hacking vulnerability scanning, analyzing, reporting threats and threat agents trusted communication networking security categorization, configuration management, system security plan SSP change control management, business impact analysis common, hybrid, and system specific security controls internal/external audit, independent verification validation IV V , gap analysis, risk assessment, security testing evaluation ST E , plan of action milestones POA M , certification accreditation C A , continuous monitoring, patch management, hardening, and defense-in-depth cryptography hashing confidentiality, integrity, and availability CIA incident response, digital forensics, legal evidence, chain-of-custody, risk assessment report, and IT risk management. Evaluated US/International acts and regulations on IT security/privacy including OMB, FISMA, FISCAM, SOX, GLBA, HITECH, and HIPAA mandates FIPS, ISO 27000 series, and PCI-DSS standards industry best practices COBIT, NIACAP, DISTCAP, OCTAVE, and NIST-SP-800 guidelines.

Position:Director Cybersecurity, Privacy, Information Assurance, and IT Risk Management

Responsibilities: Was responsible for designing, developing, operating, and managing its new national international consultancy services in information technology,information assurance, cybersecurity, digital privacy, network security, healthcare information security, cloud security, identity control and access management, e-Commerce, disaster recovery, COOP, and IT risk management. The scope included the gas petroleum industries in Nigeria, workshops, training, testing, certification, conferences. Conducted an IV V, gap analysis, and security compliance testing of personally identifiable information, protected health information, and completeda privacy impact assessment PIA for the Health ExchangeProgram of Hawaii State and its stake holders including healthcare providers and insurance companies using Center for Medicare and Medicaid Services CMS guidelines.Completed design, planning, and projection oftwo state-of-the-art facilities for research/trainingon investigative, defensive, and offensive cybersecurity.

Position:Senior Manager Information Assurance, Cybersecurity, Certification Accreditation

Responsibilities: Wasresponsible for security policy, procedures, architecture, identity access management, cybersecurity, privacy, cloud security, e-Commerce, assessment validation, plan of action milestones POA M , certification accreditation C A , continuous monitoring, hardening, patching, andregulatory compliance. Designed, tested, and documented C A of fourDOT/FAA IT systems Information Security Business Portal, Logical Access and Authorization Control Service, Investment Management Tools, and System Architect and sevenDHS/FLETC systems Financial Accounting Budgeting System, Emergency Security Solution, Information Security Architecture, FLETC Collaboration System, Artesia Administrative Network, Internet System, and Environmental Data Integration System . Implemented federal regulations, FISMA, OMB circulars/memorandums FAA, FLETC, DOT, and DHS orders/guidelines FIPSstandards, NIST guidelines 800-18, 800-30, 800-34, 800-37, 800-39, 800-47, 800-53 R4, 800-53A, 800-60, 800-83, 800-122, 800-137, 800-153, etc. security requirements traceability matrix SRTM , and industry best practices. Designed, developed, reviewed, examined, and tested security policies, procedures, system security plan SSP , IAM plan, configuration management, IT change management process, disaster recovery plan, COOP, business impact analysis BIA , security categorization, privacy threshold analysis, privacy impact assessment, contingency plan CP CP training, testing, and drills security testing and evaluation ST E plan, ST E testing, and reporting security posture, risk assessment, POA M, security assessment report SAR , executive summary, certification and authorization memorandums, and continuity of operations. Designed Cybersecurity, Privacy, and Information Assurance division for the company. Attended management retreat. Participated in the 5/15 years corporate strategic planning. Wrote technical contents for business development. Helped in customer satisfaction/retention process.

Confidential

Position:Project Manager Information Assurance, C A/ITRisk Management Framework

Responsibilities: Subject matter expert SME in cybersecurity, information assurance FISMA, FISCAM, and OMB compliances certification and accreditation C A ,IT governance,IT risk management framework,FIPS standard and NIST-SP-800 guidelines,cloud security,enterprise cyber security architecture,security program planning, policy, procedure, personally identifiable information PII , privacy impact assessment, identity theft, data privacy, awareness andtraining, contingency plan CP , disaster recovery plan DRP , continuity of operations COOP , incident response and exercise, and business impact assessment BIA was responsible for cybersecurity, information assurance, C A program management, business process development, staff training, mentoring, technical guidance, customer satisfaction. Lead cross functional teams. Facilitated, communicated, and reported activities. Conducted risk assessment, security testing evaluation ST E , management assessment, continuous monitoring, independent verification validation IV V , gap analysis. Developed computer based trainingon incident response IR . Developed security categorization, systems security plan SSP , configuration managementplan,security assessment report, executive summary, and plan of action milestones POA M .Was author of CSAM Cyber Security Assessment and Management tools for risk assessment and POA M management visited FAA facilities in Boston MA and Washington DC, and completed C A and authorization of five systemsof ARP ASTline-of-business. Analyzed RFP/RFI, mappedorganizational resources to clients' need, providedtechnical contents, and developed IT business.

Confidential

Position: Program Manager Information Assurance, C A,Risk Management, Secure Software

Responsibilities:Served as a subject matter expert in information security, security architecture, C A, cybersecurity in NOAA/NESDIS and provided program management services FISMA, FISCAM, and OMB regulatory compliance technical guidance, customer satisfaction guided and conducted FISMA audits, risk assessment, security categorization, vulnerability scanning, system security planning SSP , privacy, contingency planning CP , disaster recovery planning DRP , continuity of operation COOP planning, contingency exercise, personally identifiable information, privacy impact assessment, access control, IV V, gap analysis, security testing and evaluation ST E , plan of action milestones POA M , certification accreditation C A , and continuous monitoring for critical infrastructures, major application, general support system, and industrial control system ICS reviewed policy, procedures, SOP, SOW was responsible to procure, recruit, train, assign, facilitate, mentor, monitor, deliver, and report on contractual tasks provided consultancy service in building secure systems by incorporating security during SDLC.

Confidential

Position:Information Security Consultant C A, IT risk Management, Regulatory Compliance

Responsibilities: Developed business.Served Bureau of Alcohol, Tobacco, and Firearms ATF and Department of Commerce DOC as a lead certification and accreditation C A consultant and subject matter expert SME in information assurance, cybersecurity, security architecture, media protection, FISMA audit, and CSAM tools. Contributed in policies, procedures, security categorization, system security plan SSP , access and audit controls, physical and environmental controls, personally identifiable information PII , privacy impact assessment PIA , contingency plan and exercise, disaster recovery plan, continuity of operations COOP , incident response plan, security testing and evaluation ST E , plan of action and milestones POA M management, security assessment report SAR , certification and accreditation C A , awareness and training, independent verification and validation IV V , gap analysis, risk based decision RBD , and continuous monitoring. Conducted IT risk assessment, IT vulnerability and threat analysis, waiver management, IT configuration management, and business impact assessment BIA . Counseled system owners, designated security officers, and contingency coordinatorson security governance, intrusion detection and prevention, e-authentication, secure communication, encryption, digital signatures, patch management, vulnerability scanning, incident reporting, IT forensic, chain-of-custody, and media sanitization. Implemented FISMA, FISCAM, OMB, SOX, GLBA and other regulatory compliance FIPS standards, NIST-SP-800 guidelines, and industry best practices. Developed and validated service level agreements, memorandums of understanding, standard operating procedures SOP , and interconnection security agreements ISA . Analyzed concept of operations, security architectural design, and requirement traceability matrix, Assured separation of duty, least privilege, hardening, and defense-in-depth. Contributed to the architectural working group, change control board CCB , integrated project team IPT , and building secure IT systems.

Confidential

Position:Chief InformationSecurity Officer FISMA Compliance, C A, Risk Management

Responsibilities:Established strategic vision andbusiness planningon information technology IT , information assurance IA , cybersecurity, privacy, and IT risk management. Implemented FISMA, FISCAM, and other regulatory security compliance. Served as the subject matter expert SME .Developed policy, procedures, and guidelines. Conducted independent verification and validation, gap analysis, ST E, and certification accreditation C A of FLETC Federal Law Enforcement Training Center information systems. Developed contingency plan, disaster recovery plan, and continuity of operation plan. Conducted drills/exercise. Developed business.

Confidential

Position:Subject Matter Expert Information Assurance, FISMA Compliance, C A, IV V

Responsibilities: Served as a subject matter expert SME in cyber security and data privacy at OPM and USDA implemented FISMA, FISCAM, OMB, FIPS, NIST-SP-800, other regulatory compliance, security mandates, standards, and guidelines developed security policy, procedures, system security plan SSP , contingency plan, and disaster recovery plan conducted CP excises monitored security control, access control, personally identifiable information PII conducted privacy impact assessment, IV V, gap analysis, risk assessment, change management, business impact analysis, ST E testing, POA M management, and certification accreditation C A of Learning Management Systems LMS . Monitored awareness andbeginner/refresher training.

Confidential

Position: Principal Analyst IA and Privacy regulatory compliance, risk management, IV V

Responsibilities: Worked for the Department of Interior DOI ,distributed tasks and ensured quality of deliverables from subcontractors, kept security documents updated, performed risk assessment and gap analysis of governments systems,managed plan of action and milestones POA M , coordinated role-based training,developed contingency plan, incident response plan, and C A guidelines. Contributed in FISMA, SOX, and HIPAA compliance security plan, risk management, security control matrix, business development, security architecture, and privacy.

Confidential

Position:ISProject Manager C A for NIH andMarylandState Voting IV V for USDA

Responsibilities:Implemented FISMA, FISCAM, OMB, and other information security IS regulatory compliances conducted risk assessment, independent verification and validation IV V , and gap analysisof 200 systems of United States Department of Agriculture USDA - evaluated system security plan SSP , security self-assessment, incident response plan, security testing and evaluation ST E results, plan of action and milestones POA M , trusted facility manual TFM , IT security features user guide SFUG , contingency plan CP , systems control compliance matrix, and privacy impact assessment. Conducted an IV V and gap analysis on the risk assessment documents of the State of Maryland Voting Systems. Conducted C A of a NIH system. Evaluated and validated SSP, ST E, action plans, and other C Adeliverables to NIH.

Confidential

Position: Information Security Analyst C A, Policy and Procedures, and FISMA Compliance

Responsibilities:Conducted security control testing and risk assessmentat Mint. Analyzed PII documents updated privacy impact assessment, configuration management plan, security categorization document, system security plan, and contingency plan CP and conducted CP drills. Recommended role based training RBT . Drafted Standard Operating Procedures SOP .

Confidential

Position: Project Manager Business Software Development, Integration, and Implementation

Responsibilities:Managed development of large scale financial system tools coordinated with business managers assessed risks implemented GLBA SOX regulations analyzed, designed, coded, quality/user acceptance tested, integrated, implemented, and maintained was responsible for budget, industry best practices, staff recruiting, training, awareness, change and configuration management, contingency planning, security, management reporting, and customer satisfaction.

Confidential

Responsibilities: Performed risk analysis initiated, analyzed, designed, programmed, QA tested, validated, integrated, deployed, managed, and maintained twelve database application systems in the Environmental Health and Occupational Safety division analyzed, designed, developed, and deployeda Students Enrolment, Placement, and Training System for School of School of Social Work designed and developed a Vaccination Monitoring System for Maryland State Police was responsible for training, data privacy, database engineering, information assurance, configuration and change management served as database administrator, Netware/NT Network Administrator.

Confidential

Position: Database Developer, Vaccine Testing Unit of the Department of International Health

Responsibilities:Developed3 interactive database application systems for vaccine trial, vaccine testing, and health care projects of Johns Hopkins Hospital, Johns Hopkins Travelers Clinic, and Navajo Vaccine Trial Projects performed users' requirements analysis, system design, coding, acceptance testing, integration, deployment, users' training, and maintenance developed user's guide, IT contingency plan managed vaccine trial databases, and generated management reports.

Confidential

Position: Archive Manager, Senior Data Management Officer, Project Manager

Responsibilities: Designed,developed SDLC , deployed, and managed 7 database applications for hospitals, diagnostic/research laboratories, and vaccine trial programs archived hospital and laboratory data and live specimen was responsible for strategic planning, business development, budget, interdepartmental liaison, business process reengineering, contingency planning, incident handling, emergency preparedness, disaster recovery, COOP, documentation, and reporting and managed cost recovery, data collection, validation, privacy, integrity, processing, and helpdesk.

Confidential

Position:Data Processing Officer IT Head , Procurement/Supply Officer, FSO Fac. Sec Off.

Responsibilities: Directed IT programs lead procurement and supply teams was responsible for corporate vision, strategic planning, policy, standard, guideline, process, audit,liaison, budget, recruiting, training, team building, regulatory affairs, management reporting, communications. Analyzed, designed, developed, and implemented applications on aviation governance, air traffic management, aircraft inspection, passenger movement, toll collection, HR/payroll management, accounts and assets management, stock control, procurement, supply management, regulatory compliance served as the counterpart to ICAO expert and in National Air Transport Committee.

Confidential

Position: Adjunct Faculty, MIS Department

Responsibilities: Designed curriculum, selected text books, developed teaching and examination materials taught classes on systems analysis, programming, networking infrastructure, database design, and information technology management and evaluated skills for undergraduate degree.

Responsibilities: Designed, developed, and coordinated certification curriculum in information systems networking supervised and taught MCSE Microsoft Certified System Engineering classes at multiple centers conducted examinations and issued course completion certificates.

Position: Professor of Biological Science Honorary Service

Responsibilities: Designed and developed course curriculum on Botany and Zoology. Delivered classroom lectures. Guided students' hands-on laboratory exercises. Conducted semester-ending tests and annual examinations. Evaluated and graded students' performance for class promotions.

Position: Head of the Biology Department, Director of Sports, and Superintendent of Dormitory

Responsibilities: Served as the Chair of the Department of Biology. Designed and developed course curriculum on Botany and Zoology. Scheduled class, delivered classroom lectures, and guided students' hands-on laboratory exercises. Supervised/conducted semester-ending tests and annual examinations. Evaluated and graded students' performance. Managed indoor and outdoor sports. Supervised student dormitories. Served in the Board of Directors and lead drives for fund.