SUMMARY:

• Creation of Confidential Risk Management Handbook (RMH) in accordance with the Risk Management Framework (RMF) NIST - 800-37 that compiles Confidential standards, requirements, directives, practices, and procedures for protecting Confidential information and information systems.
• Security Lead for the FireEye HX pilot program, allowing Confidential in a saving cost of purchasing over 5000 FireEye HX agents/licenses deploying into the Perspecta environment.
• Automated a SSC baseline configuration for 35 platforms with over 5000 devices to include infrastructure, servers and security devices ensuring hosting services met the security controls of the Confidential STIGS supported in the VDC.
• Development and implementation of Dynamic Network Enterprises’ Information Security Program.
• Implementation of network security and infrastructure design for Confidential Disaster Recovery Site (MDRS) located at SSC SPAWAR, Pensacola, Fl. MDRS.
• Deployment of Symantec’s Raptor firewall to replace the Gauntlet firewall throughout Confidential unclassified/classified network.
• Engineered the deployment of the Timestep/Alcatel Virtual Private Network (VPN) security devices to secure data traversing Confidential Global frame-relay network.
• Engineered the upgrade of all Cisco routers and switches to meet Y2K standards throughout Confidential enterprise unclassified and classified networks.
• Technical refresh of replacing end-of-life Cisco WAN routers throughout Confidential frame-relay network.

TECHNICAL KNOWLEDGE:

Tenable Security Center, FireEye HX, SPLUNK, AWS, DHS Continuous Diagnostics and Monitoring (CDM), Confidential Vulnerability Scanner, McAfee and Norton Antivirus, Citrix, Microsoft SharePoint, Google Apps, Confidential STIGS, Cisco routers and switches, Firewall, HPE Web Inspect, HIDS/IDS, SIEM, Microsoft Office Suite (2007, 2010, 2013), Cisco WebEx, Skype, Information Security,, JPAS, Big Fix, FireEye HX, NIST 800 - 53, NIST 800-37, FIPS 199, STIG Viewer, Confidential

SKILLS:

Core Competencies: A wide range of security skills and privacy services that comprise an advanced knowledge of Internet Protocol network architectures. His additional significant experience includes network design and implementation of Classified and Unclassified networks, Confidential Security scanning tools and reporting, Virtual Private Networks (VPNs), Network Security; network monitoring; troubleshooting; training development; Incidence Response and customer Service Center supervision. Technical expertise in the information technology, telecommunications and cybersecurity professions. He has demonstrated a strong working knowledge of Tenable Security Center and Confidential Scanner. Mr. Diaz is IAT Level III, IAM Level II, IA SEA II, and CSSP Analyst, Infrastructure Support, Incident Responder, and Auditor, in accordance with DoD 8570.

EXPERIENCE:

Senior, Information Systems Security Officer

Confidential

Responsibilities:

• Developed the Security Configuration Checklists ( Confidential ) for Confidential senior management to identify the desired state of security configuration settings for 35 platforms with over 5000 assets to include servers, infrastructure and security devices. Complied standards outlined in the Defense Information Systems Agency ( Confidential ) Security Technical Information Guides (STIGs).
• Ensured compliance with the Federal Information Security Management Act of 2002 ( Confidential ), including guidance from the Confidential (NIST800-53) and the compliance with the Confidential Acceptable Risk Safeguards (ARS) Controls (CM-2 Baseline Configuration & CM-6 Configuration Settings).
• Addition duties included Subject Matter Expert in resolving Tenable Security Center and Confidential scanner issues. Corporate auditor to conduct internal CMMI and ISSO audits.
• Lead project integration activities to include project plan development, execution, and integration of IT change control procedures into projects.
• Coordinated and scheduled meetings with leadership to discuss, define and document requirements to re-engineer a solution for compliance reporting.

Chief Information Security Officer (CISO)

Confidential, Stafford, VA

Responsibilities:

• Led project integration activities to include project plan development, execution, and integration of IT change control procedures into projects.
• Developed project budgets and established a complete project portfolio for each effort: scope, schedule, change control plans, management plans, across all project knowledge and practice areas. Oversaw the physical and technical aspects of information security for the organization.
• Established policies, procedures and processes for maintaining the network security posture of Confidential ’s IT infrastructure in accordance with Confidential and Federal Information Security Management Act ( Confidential ).
• Developed a security vulnerability process to safeguard the core intellectual and electronic assets of the organization.
• Governed network security devices and conduct scans utilizing Confidential Security Center to discover network-base and local vulnerabilities, perform configuration and compliance auditing, and detect malware and botnet activities.
• Directed a security-training program in accordance with DoD IA workforce requirements.

Team Lead

Confidential, Washington, DC

Responsibilities:

• Provided implementation expertise to the Military Sealift Command Program Manager office regarding the development of Confidential COOP program throughout Confidential enterprise network.
• He developed Mission Continuity Plans (MCPs) so employees were able to perform their missions(s) during a contingency or disaster event.
• He worked with senior management in developing processes for business impact analysis, continuity planning and IT contingency.
• He reviewed risk mitigation strategies, electronic spillage processing, Confidential HQ Standard Operating Procedure (SOP) drafting, Architecture Control Board (ACB) document review for operational changes and impact.
• His team consistently received positive feedback for their performance, both internally at HQ and externally from other Confidential and emergency organizations on the Washington Confidential Yard.

Sr. IA Network Engineer

Confidential

Responsibilities:

• Responsible for the design, configuration, staging and deployment of the Confidential B3COI equipment.
• The B3COI project transitioned Confidential from Confidential NIPRNet and commercial supported WAN services to a redundant transport network via the NMCI network.
• This will include NIPRNet, CLIN32 and WAN connectivity for major Confidential support sites. Managed the Confidential -Frame Relay VPN network, Confidential - IA perimeter devices and complied with DOD, DON, and Certification and Assurance (C&A) requirements for both Confidential Classified and Unclassified networks. He was responsible for the design, configuration, deployment, and maintenance of Confidential IA support equipment.
• He also supported the Confidential Certification and Accreditation Team with Confidential Security checklist compliance of configured devices and remediates Retina vulnerability findings for compliance. He completed the Plan of Action & Milestones (POAM) documentation for un-resolved vulnerability findings.
• He manages a team responsible for the Confidential Wide Area Network (WAN) and Confidential - IA perimeter devices.
• He insures compliance with DOD, DON and Certification and Assurance (C&A) requirements for both Confidential Classified and Unclassified networks.
• He maintains assigned assets in the DOD Vulnerability Management System (VMS), and is knowledgeable of the NIKSUN (NetVCR/NetDetector) Network forensic products.
• He attended meetings, developed engineering plans, responded to trouble calls, and directed restoration efforts.