Skills:

• Operating System/Applications/Tools: Windows, Linux/Unix, Oracle 11g, XACTA, CSAM, Retina, Nessus, BackTrack 5, Jack the Ripper, L0phtcrack, NetWitness, Net Investigator, FoundationLock, Stealth Watch, VMware, Apache Tomcat, Java, JBoss, Cisco IOS, Zenoss, iOS/Android/OS Hardening STIGS , MS SharePoint, Ozone Widget Framework OWF , MS Project, MS Office.
• Information Assurance: NIST SP 800 Series, CNSSI, FIPS, FISMA, ICD 503, 500-27, DISA Security Technical Implementation Guides STIG NSA SNAC Compliance and Implementation, HIPAA, ISO7000.

Work History:

Confidential

Senior Security Engineer

• Confidential is supporting a Confidential government customer as a member of a Confidential. Conducting security assessments, risk analyses, vulnerability scanning, and risk mitigation testing in support of the twenty-four seven Confidential operations.
• Confidential is supporting a Confidential government customer as a member of a Confidential. Conducting acceptance testing of ICD503, 500-27, and NIST 800-53 standards for government's implementation and adherence.

Confidential

Senior Authentication and Authorization Engineer

• Confidential supported a twenty-four by seven days a week security operations center Confidential for a Raytheon customer on site. Tasks include monitoring, researching, and investigating network abnormalities. Daily and weekly reports of security network activities. Utilizing the following tools: Net Witness, Net Investigator, VMware, Apple, Linux, Windows 7, Cisco, Apache Tomcat, JBoss and Java scripting.

Confidential

Senior Information Assurance Officer

• Confidential guided the Confidential Acquisitions branch thru the C A process of deployable systems in Confidential. Responsible for achieving and maintain authority to operate Confidential as well as verify the successful closure of all plan of action and milestones Confidential. Also attended meeting with senior leadership representing the Office of the Chief Information Officer OCIO and providing guidance on how to proceed with the deployment of a fully accredited system.
• Confidential achieved the first Confidential Wireless authority to operate Confidential history. Confidential also achieved an Confidential in record time at Confidential by receiving a three year Confidential in just two weeks and thus guiding a path for agile accreditation.

Confidential

IA Principal

• Confidential guided the Print industry and the U.S. Census Bureau thru all of the government guidance e.g. FIPS-2, NIST SP 800 Series, FISMA, etc. to successful completion. This included the C and A packages for the Decennial Census 2010 Print contract, Quality Information for Successful Printing II, and Advanced Letter and Reminder Postcard contract. He also assisted the Bureau with compliancy and successful Certification and Accreditation packages for the American Community Survey division. Obtained the authority to operate ATO for our customers. As well as advised on architectural system designs, implementations, and daily system administration. Provided continuous monitoring services as well as maintained their accreditation status and planned the successful decommission of all IT systems.

Confidential

Senior Security Engineer

• Project Manger for the Joint Biological Standoff Detection System effort in support of the Joint Program Executive Office for Chemical and Biological Defense JPEO-CBD and the Joint Project Manager - Nuclear Biological Chemical Contamination Avoidance Confidential . Responsible for the communication between the Confidential sensor Miltop and the Overwatch software via Confidential encrypted wireless private network., Program Manger for the Joint Biological Standoff Detection System effort in support of the Joint Program Executive Office for Chemical and Biological Defense Confidential and the Joint Project Manager - Nuclear Biological Chemical Contamination Avoidance Confidential. Responsible for the communication between the Confidential Fluorescence Portable Digital LIDAR FPDL sensor Miltop and the Overwatch software via Confidential encrypted wireless private network.
• Project Manger for all Vulnerability Assessments, Certification and Accreditation, and System Test and Evaluation in the Intelligence and Security Operations Directorate.
• Senior Security Engineer responsible for vulnerability assessments and subsequent remediation, design, implementation of intrusion detection systems and firewalls, and technical information regarding security including assessing/ensuring compliance with published standards. Toolkit included LC5, StealthWatch, Zenoss, Snort, Nessus, nmap, Enterprise Security Manager, and a host of lesser-known tools.
• Project Manger for the explore Confidential campaign responsible for setting up supporting the campaign headquarters as well as remote sights in several key states. To include voice over IP phones and faxes, the purchasing of computers, handheld devices, and existing devices on a secure smartcard enabled network. While supporting blogs, e-mail, streaming media, and high end internet use and still maintain a high level of support and security. Senior Network Engineer to Senator John McCain's 2008 Presidential Exploratory Committee Confidential. Duties included the Design, Implementation, and securing all IT related task for the Headquarters HQ and remote sites for the impending campaign. Designs included an enterprise Voice over Internet Protocol VOIP telephone solution, usage of intranet, internet usage Blogs, Streaming Media, and large uploads/downloads , multiple remote sites and multiple remote end users. Coordinated with vendors for proper bandwidth implementation at the HQ and regional offices. Ensured that design and implementation included proper system and network security standards. Performed security scans of network using Confidential to ensure network integrity., Project Manger for the explore Confidential campaign responsible for setting up supporting the campaign headquarters as well as remote sights in several key states. To include voice over ip phones and faxes, the purchasing of computers, handheld devices, and existing devices on a secure smartcard enabled network. While supporting blogs, e-mail, streaming media, and high end internet use and still maintain a high level of support and security. Project Manger/ Implementation Engineer for the design, implementation, and certification of the Sea Bee Operational Portal. This was conducted for the Naval Facilities Expeditionary Logistics Center in Confidential. Duties included the physical setup and configuration of the Linux server cluster with load balancers as well at the Net App Storage Area Network SAN and Oracle 11g database and then providing Information Assurance Engineering and Certification Accreditation C A support to a Web Based Portal. Documentation support was based on Department of Defense Information Technology Security Certification and Accreditation Process DITSCAP DoD Instruction 5200.40. Developed the System Security Authorization Agreement SSAA , for a Phase II system. Conducted Security Test and Evaluation ST E using common Security tools NESSUS, NMAP, eEye Retina and Confidential . Further, conducted Risk Assessment's of the system to provide feedback for the engineers. Provided After Action Reports and Plan of Actions and Milestones POA M to continually keep project on time and up to date. Project Manger for the design, implementation, and certification of the Sea Bee Operational Portal. This was conducted for the Naval Facilities Expeditionary Logistics Center in Port Hueneme, California. Duties included providing Information Assurance Engineering and Certification Accreditation C A support to a Web Based Portal. Documentation support was based on Department of Defense Information Technology Security Certification and Accreditation Process DITSCAP DoD Instruction 5200.40. Developed the System Security Authorization Agreement SSAA , for a Phase II system. Conducted Security Test and Evaluation Confidential using common Security tools NESSUS, NMAP, eEye Retina and Defense Information Systems Agency's DISA Gold Disk . Further, conducted Risk Assessment's of the system to provide feedback for the engineers. Provided After Action Reports and Plan of Actions and Milestones POA M to continually keep project on time and up to date.
• Preformed Physical and Cyber vulnerability assessment, penetration testing of client's networks, Health Insurance Portability and Accountability Act HIPAA assessments, Certification and Accreditation, Security Consulting and assessment solutions that enhance the security posture of client systems and information assets. These assessments are run internally and externally using Confidential methodology that incorporates environmental analysis, network device assessment, exploit research and use of both commercial tools and manual scripts in order to identify vulnerabilities that can be corrected before unwanted parties detrimentally exploit them.

Confidential

Senior Security Engineer

• Confidential serves as a senior security engineer within the Confidential Vulnerability Assessment and Penetration Group. This group provides security consulting and assessment solutions that enhance the security of client systems and information assets. The group's primarily responsible for vulnerability assessments and penetration testing of client's networks. These assessments are run internally and externally using a methodology that incorporates environmental analysis, network device assessment, exploit research and use of both commercial tools and manual scripts in order to identify vulnerabilities that can be corrected before unwanted parties detrimentally exploit them. Perform vulnerability assessments and penetration tests on client networks utilizing an internal methodology and 'Rules of Engagement' approach Utilize COTS and freeware utilities to scan targeted resources for vulnerabilities and to then to engage the target by using exploit code derived from the hacker underground, Confidential serves as a senior security engineer within the Confidential Vulnerability Assessment and Penetration Group. This group provides security consulting and assessment solutions that enhance the security of client systems and information assets. The group's primarily responsible for vulnerability assessments and penetration testing of client's networks. These assessments are run internally and externally using a methodology that incorporates environmental analysis, network device assessment, exploit research and use of both commercial tools and manual scripts in order to identify vulnerabilities that can be corrected before unwanted parties detrimentally exploit them. Perform vulnerability assessments and penetration tests on client networks utilizing an internal methodology and 'Rules of Engagement' approach Utilize COTS and freeware utilities to scan targeted resources for vulnerabilities and to then to engage the target by using exploit code derived from the hacker underground.

Confidential also architected, setup and managed both the Surface Transportation Information Sharing and Analysis Center Confidential and the Water Information Sharing and Analysis Center H2O-ISAC .

Confidential

Senior Information Assurance Consultant

• Provide Senior IA support to commercial and government clients in a variety of fashions. This includes systems migrations, performing non-intrusive vulnerability assessments and security posture analysis to clients in accordance with the Healthcare Insurance Portability and Accountability Act HIPAA . I am also engaged in conducting non-intrusive vulnerability and threat identification assessments on a tier II government agency that is seeking compliance of Presidential Decision Directive 63 PDD-63 by implementing a Critical Infrastructure Assurance Office CIAO approved methodology. Some of my past tasking has included serving as the team leader in the installation and troubleshooting of video teleconferencing classrooms and conference rooms for the US Army National Guard Bureau. Those specific responsibilities included: Setup of multimedia and video networking products that includes switches, multipoint conferencing units, adapters and video storage servers. Utilizing FVC Multimedia Operating Software MOS on IP, ATM, ISDN and Ethernet networks. Configuring LAN/WAN telecommunications, voice, video and data equipment. Evaluating vendor's performance to ensure conformance to standards, as well as interact with customers on a daily basis. Provide Senior IA support to commercial and government clients in a variety of fashions. This includes systems migrations, performing non-intrusive vulnerability assessments and security posture analysis to clients in accordance with the Healthcare Insurance Portability and Accountability Act HIPAA . I am also engaged in conducting non-intrusive vulnerability and threat identification assessments on a tier II government agency that is seeking compliance of Presidential Decision Directive 63 PDD-63 by implementing a Critical Infrastructure Assurance Office CIAO approved methodology. Some of my past tasking has included serving as the team leader in the installation and troubleshooting of video teleconferencing classrooms and conference rooms for the US Army National Guard Bureau. Those specific responsibilities included: Setup of multimedia and video networking products that includes switches, multipoint conferencing units, adapters and video storage servers. Utilizing FVC Multimedia Operating Software MOS on IP, ATM, ISDN and Ethernet networks. Configuring LAN/WAN telecommunications, voice, video and data equipment. Evaluating vendor's performance to ensure conformance to standards, as well as interact with customers on a daily basis.

Confidential

Hardware Engineer

• Conducted platform development, design, and certification testing of high-end multiprocessor servers to run NT, NetWare, UNIX, and Win2000 operating systems. Other duties were as follows Testing, integrating, debugging, and troubleshooting a voluminous amount of peripherals and adapters. Use Microsoft NT expertise to configure network and enterprise servers to run value-added packages that feature Confidential, and 'out of band' devices and advanced RAID, fiber, and hybrid storage solutions. Designed test to verify Hot Swap Plug-and-Play I/O and other emerging technical advances. Intimate familiarity with Microsoft and Intel development architectures. Lead representative to coordinate with other departments involved with the certification and qualification of systems under test and development. Conducted platform development, design, and certification testing of high-end multiprocessor servers to run NT, NetWare, UNIX, and Win2000 operating systems. Other duties were as follows Testing, integrating, debugging, and troubleshooting a voluminous amount of peripherals and adapters. Use Microsoft NT expertise to configure network and enterprise servers to run value-added packages that feature Advanced Server Management CA TNG, and 'out of band' devices and advanced RAID, fiber, and hybrid storage solutions. Designed test to verify Hot Swap Plug-and-Play I/O and other emerging technical advances. Intimate familiarity with Microsoft and Intel development architectures. Lead representative to coordinate with other departments involved with the certification and qualification of systems under test and development.

Confidential

Test Technician/Engineer

• Confidential was responsible for writing testing and manufacturing procedures and instructions on the Confidential production line. He also tested, troubleshot, and preformed the final test. He was also responsible for writing testing and manufacturing procedures and instructions on the Confidential production line. Confidential also tested, troubleshot, and repaired integrated circuit boards used in the Confidential and in support systems as well.