SUMMARY:

Experienced, enthusiastic and motivated Security Engineer Information Technology Professional, seeking a position that will utilize excellent skills and a passion for challenging work. Desires an organization where loyalty, hard work, and persistence are recognized and valued.

EXPERTISE IN:

• Security Specialist
• PKI
• Project management

PROFESSIONAL EXPERIENCE:

Confidential

PKI Analyst

Responsibilities:

• Manage encryption keys throughout their lifecycle, covering key requests, generation, distribution, usage,
• Approve issuance of certificates to network NPEs Revocations and renewals.
• Create and renew objects in LDAP
• Supports revocation and suspension of certificates on Unclassified and Classified networks
• Attend working groups and forums on PKI policy, procedures, and technologies
• Issues and renew device certificates. Adds, modifies and deletes directory entries in LDAP
• Performs third party key recovery.
• Encrypt and digitally sign data across the network
• Facilitate the processing of requests for DoD and National Security Systems (NSS) PKI certificates for supported components by serving as the Registration Authority (RA) and Local Registration Authority (LRA

Confidential

PKI/Configuration Project Manager

Responsibilities:

• Wrote, Review and Maintain IA documentation to include; System Security Plan (SSP), CP, CPS, Contingency Plans, System Categorization Form (SCF), E - Authentication Risk Assessment Tool and Privacy Impact Assessment
• Updated and maintained Configuration Management Plans that address CR (Change Request) processing, changed testing and other items called for by the POA&Ms (Plan of Action and Milestones)
• Tracked and submitted items called for in the IA quarterly memo to include, Re-categorization, Annual Security Control Test, Annual Security Control Test
• Perform technical implementation tasks, such as customer configuration updates.

Confidential

Security Consultant

Responsibilities:

• Maintain network structures, operating system capabilities and application architecture requirements
• Write, edit and maintain PKI Documents to include, CP, CPS, HSM, SSP and other Security documents .
• Knowledge of cryptography concepts, PKI, SSL, Host Security Modules (HSM), Smart cards, Symmetric, Asymmetric (Public/Private-PKI)
• Lead working groups and forums on PKI policy, procedures, and technologies- Advanced analytical skills for review, modification, and creation of complex policy documents or related manuals- Analysis, selection, and implementation of Public Key encryption technologies and products.
• Review team documentation for clarity and technical accuracy; maintain relations with other service and subordinate commands- Perform as a ‘thought leader’ on advanced PKI methods and technologies
• Encrypt and digitally sign data across the network

Confidential

PKI Information Technology Security Specialist

Responsibilities:

• Executed security controls to prevent hackers from infiltrating company information or jeopardizing ecommerce programs. Enforces security policies by administering and monitoring security profiles, reviews security violation reports and investigates possible security exceptions, updated, maintains and documents security controls.
• Administered security policies to control access to systems for ARMY CIO/G-6. Knowledge of AR 25-2. Used applicable encryption methods. Maintains security systems for routers and switches.
• Researched attempted efforts to compromise security protocols. Educates IT and the business about security policies and consults on a variety of issues regarding user built/managed systems.
• Represented the security needs of the company by providing expertise and assistance in all IT projects with regard to security issues.
• Worked closely with DOD PKI PMO (Program Management Office), DMDC (Department of Defense Computer System) and other agencies and services to identify and resolve NIPRnet PKI, NSS Token, TMS and ILS issues. Manage PKI NSS Token program.
• Authored Army policies, correspondence, guidelines, standard operating procedures and documentation related to DOD PKI, smartcard issues, and other emerging identity management enabling technologies and devices.
• Knowledge of DoD/NSS PKI Certificate Lifecycle Management, understand NIST and, Knowledge of Smartcard Technologies (ISO 7816, ISO 14443), understanding of DoD/NSS PKI Technologies

Confidential

Circuit Management Project Manager

Responsibilities:

• Analyzed the end to end circuit life cycle utilizing existing data, Isolated, evaluated, defined, and managed customer and stakeholder
• Issued resolutions and communication across project execution teams in order to deliver projects on-time, on-budget, and settled vendors disputes.
• Supported the program lifecycle of projects (customer interaction, technical delivery, status reporting, and analytical solutions), involved in client interaction included daily contact across multiple teams and personnel including executive management, supporting the Program Manager
• Identified critical issues with ease and ensured issues were identified, tracked and reported and resolved in a timely manner,
• Provided Direct Support to Agencies Stakeholders and maintained documentation.
• Managed TSRs, TSOs and Status of Acquisition Messages (SAMs) from DISA.
• Retained the information accordance to DISA regulations and distributing to the appropriate organizations as necessary
• . Provided the agency verification and confirmation of circuit delivery to allow issuing of the IER’s (In Effect Report) to DISA indicating any circuit/leased-line acquisition has been completed.

Confidential

Lead Security Engineer

Responsibilities:

• Designed and developed information security architectures.
• Applied enterprise-wide set of disciplines for the planning, analysis, design, and construction of Information Assurance solutions based on US Agencies requirements.
• Developed analytical and computational techniques and methodology for problem solutions.
• Performed enterprise wide strategic systems planning, business information planning, business and analysis.
• Performed process and data modeling in support of the planning and analysis efforts using both manual and automated tools.
• Applied reverse engineering and re-engineering disciplines to develop migration strategic and planning documents.
• Provided technical guidance in software engineering techniques and automated support tools.
• Performed technical planning, system integration, verification and validation, cost and risk, and supportability and effectiveness analyses for total systems including commonly found enterprise services, SOA Infrastructure services, and orchestration services.
• Implemented, tested, documented, and maintained enterprise-wide solutions to total system or subsystems using internally created and/or commercial off the Shelf (COTS) products.
• Ensured the logical and systematic conversion of customer or product requirements into total systems solutions that acknowledge technical, schedule, and cost constraints.
• Performed PKI implementation and operations support providing general technical support to PKI development, testing and on-going operations activities.
• Maintained PKI server hardware and software (lockdowns, system patches, software updates), and installed new hardware for entire system under recapture program, installed and configured all new systems, lockdown systems according to DIACAP requirements,
• Migrated new hardware/systems into current architecture, updated all security documentations.
• Managing digital certificates using Microsoft CA and RSA Keon. Wrote and Reviewed System Security Plans (SSPs) and Security Concept of Operations (SECONOPs).

Confidential

Security Engineer

Responsibilities:

• Ensured that all access controls were implemented, maintained and monitored through a security methodology that supports operation and security compliance requirements
• Assessed vendor and industry security advisories to manage the risk profile of the systems
• Continually assess the systems against potential threats and vulnerabilities
• Ensured that vulnerabilities were mitigated in a timely fashion in accordance with the applicable compliance requirements
• Provided security oversight in Change Advisory Board council
• Supported incident responses for all security-related issues
• Documented, designed, deployed and maintained security systems to protect company assets and information while being compliant with applicable federal, security standards
• Evaluated Information Security policy compliance, including internal and external audit initiatives for overall effectiveness.
• Created and certified identities (credentials) for designated users and servers
• Provided security input on PKI boards to ensure system specifications in corporate security requirements stipulated in DCID 6/3 or ICD 503teams to review security requirements and approve / modify designs as needed.

Confidential

System Administrator

Responsibilities:

• Administrated of a large-scale active-passive cluster with Microsoft SQL 2000 Enterprise Server, Microsoft Exchange 5.5/2000 Enterprise Server, Northrop Grumman IT Mailroom 2.0, DMS Outlook, Crystal Report Professional, Sybaris Antivirus Antigen, VERITAS Server Net Enterprise Backup software, Tracked and resolve non-delivery reports.
• Administrated of a large-scale active-passive cluster with Microsoft SQL 2000 Enterprise Server, Microsoft Exchange 5.5/2000 Enterprise Server, Northrop Grumman IT Mailroom 2.0
• Administrated of a large-scale active-passive cluster with Microsoft SQL 2000 Enterprise Server, Microsoft Exchange 5.5/2000 Enterprise Server, Northrop Grumman IT Mailroom 2.0,.
• Tracked and resolve non-delivery reports
• Performed message traces
• Performed Windows installation, administration and troubleshooting as well as performing preventative maintenance, monitoring and alerting setup and security hardening. Notified the ITA Confidential Help Desk of any network-related problems and maintained a master station log of activities and problems