SPECIAL QUALIFICATIONS:

Twenty eight years of IT Development, Programming and Analyst experience with a TS/SCI Top Secret Sensitive Compartmented Information clearance with CI polygraph. Expertise includes System Security Services, Information Assurance, Business Continuity, Disaster Recovery, Continuity of Operations, Business Impact Analysis, Risk Management, Program Management, SAS, COBOL / JCL, Cold Fusion, Java programming and Enterprise System Architecture. HARDWARE: IBM MVS z/OS, MVS OS/390 Mainframe, Cray T3E-1200E Super Computer, IBM RS /6000 SP with 48 processors, IBM G6 CMOS Enterprise Server and the Compaq Alpha processor running True64 UNIX.

SOFTWARE: Windows OS, Elixir Page Miner, Transformation Suite, Scout , Lotus Notes, Heat, Word Perfect, Microsoft Office Access, Excel, Front Page, Outlook, NetMeeting, PowerPoint, Project, Visio, Visual Studio, Word, MS Project. Netcool Omnibus, Augur, LDRPS, BIA Pro, VERITAS NetBackup, Mercury TestDirector, CARA, PVCS Tracker, DMS, Hummingbird, Metrica, Titan, PGT/NCT, DOS, Visual C , Java applets servlets J2EE J2SE , Cold Fusion, HTML, Actuate, Fox Pro, Slick Edit and the Internet. , Solaris UNIX, Oracle, Webspher, IBM MVS/ESA, VSE/ESA, VM Mainframe, JCL, COBOL/COBOLII, DB2, IMS, IDMS, ADABAS, VSAM, CICS, Tandem, Assembler, Basic, Easytrieve, Natural, Clist, Rexx, FCB, FDL, DJDE, XPAF, SAS, SPUFI, SQL, SyncSort FDR/ABR Fast Dump Restore , FATS/FATAR, Abend-Aid, Script, File-aid, CA-Librarian, Omegamon, CA-7, NEWD, Rumba, TSO, CA-Roscoe, ISPF Interactive System Productivity Facility , SDSF, IOF Interactive Output Facility ,TMS Tape Management System , JES2, HSM, SMS, VPS VTAM , RACF, ACF2, eTrust CA-Top-Secret for z/OS, ACF/SSP,DISA FSO Gold Disk, Retina, Nessus, Foundstone, HP Network Automation NA , NATURAL Security, CA-Auditor, CA-1, Control D, PREDICT, PSF Print Services Facility ,

SPECIFIC WORK / TASK EXPERIENCE:

Confidential

Senior Security Engineer

Assigned to support the Information Assurance, IA and Security Engineering, SE teams in support of the US Government's Terrorist screening and intelligence service.

Confidential

Information Technology Security Officer

Assigned to update the Litigation Support System LSS System Security Plan SSP from NIST 800 53 Rev 3 to the new Fed RAMP 800 53 Rev 4. Reviewed and updated SolarWinds to create a more accurate monitoring and notification system and audit repository.

Confidential

Security Expert

Assigned to support the DoD Defense Commissary Agency DeCA Commissary Advanced Resale Transaction System.

Confidential

Information Systems Security Officer

Assigned to support the updating of the Electronic Fraud Detection System EFDS in support of the Criminal Investigation CI , Examination and Submissions Processing

Confidential

Cyber Security Architect

Assigned to interpret and develop the security requirements related to FISMA, HIPAA and Fed RAMP regulations for the Predictive Modeling project in support of the National Fraud Prevention Program NFPP , then provide security architecture, policy and design guidance for business systems and networks

Confidential

Information Systems Security Officer

In support of the Procurement Office of the Internal Revenue Service IRS , Department of Treasury for the Security Compliance Enhancement Project SCE .

Confidential

SAS Engineer

Assigned to develop and analyze SAS programs in support of the Combatant Command, the JIEDDO Counter IED Operations / Intelligence Integration Center COIC . The project harnessed, massed and fuses information, analysis, technology, interagency collaboration and training support to enable more precise attacks to defeat networks which employ IED's. We provide analytical support and enemy network information to other US Government Organizations and Coalition partners for universal access to information and insight to predict, preempt and defeat asymmetric threats.

Responsibilities:

Analyzing data provided by coalition forces and develop a programming solution to satisfy any Request for Service RFS for the military.

Confidential

Information System Security Manager ISSM

Responsible for the Security management of the Automated Threat Prioritization ATP project for the Department of Immigration and Customs ICE Enforcement. The ATP project defined the threat prioritization of subjects of Immigration Alien Queries IAQ based on current and prior criminal charges, projected release dates, and criminality relative to federal and state criminal codes and Secure Communities-defined threat levels. Full operational capability will prioritize subjects based on current arrest, criminal history, and projected release date.

Responsibilities:

• Analyzed and participated in the Security Planning for the ATP project.
• Updates the Data Security Plan with each new point release and any mitigating risks associated with new programming or system compliance issues.
• Enters new risks as POA M items and reviews current items for possible resolution
• Coordinated Security checks and maintained regulation compliance to grant DHS Entry on Duty clearance EOD for all On Boarding personnel processing.
• Updated all Data Security Privacy DS P documentation to remain compliant with IBM and DHS security requirements that included
• Access control lists
• DS P Activities tracking
• Risk Management Log
• Separation of Duties matrix SOD
• Conducted workplace inspections, Asset Tracking, Security Awareness training for team members of the ATP Program and maintained proof of compliance for Internal DS P audits.
• Monitors the projects monthly labor utilization for authenticity.

Confidential

Data Center Manager

Served as the Data Center Manager, managing a team of technical professionals across multiple technology disciplines. Overseeing an Enterprise/Multi Site Data Center in a classified TS/SCI Department of Defense SCIF Environment.

Responsibilities:

• Responsible for the design, implementation and support of the Enterprise Corporate Data Center IT Infrastructure
• Monitored datacenter HVAC and cooling CRACS, chilled water, etc. , UPS and electrical, fire suppression, cable plants, etc. to directly collaborate and act as a bridge with facilities management and engineers.
• Responsible for all cable plant, rack management, and environmental management in the data center in support of LAN, WAN, VPN, firewall, servers Windows, Exchange, and Active Directory , SAN and Enterprise monitoring.
• Ensure that Data Center staff follows processes and procedures as appropriate.
• Managed in the design and development of the Disaster Recovery Plan DRP and Continuity of Operations Plan COOP to keep in compliance with IBM ITCS104 Information Technology Security Standards.
• Supports the Technical Vulnerability scanning using Nessus

Confidential

Information System Security Officer ISSO

Member of the FBI'S Security Division, Information Assurance Section IAS . Taking direction from governing policy directives, including Executive Orders, Presidential Directives, Public Law, Director of National Intelligence DNI Directives, the Department of Justice DOJ orders, the Director of Central Intelligence DCI Directives, Office of Management and Budget OMB Circulars, National Institute of Standards and Technology NIST publications, and the FBI Information Technology IT Life Cycle Management LCM . Following policy that require Federal agencies and organizations to protect National Security Information NSI including Counterintelligence, Counterterrorism, Criminal Investigative Information and the systems processing that information.

Responsibilities:

• Assessed security risk exposure through analysis of implemented security monitoring tools CA Auditor, CA Top Secret, Foundstone, Syslogs. etc. .
• Supports the Certification and Accreditation C A effort before the Authority to Operate ATO expires.
• Assists the test team for Risk Assessment to create a Risk Management Matrix RMM table.
• Ensure all individuals with access to classified or sensitive information e.g. For Official Use Only FOUO , Sensitive but Unclassified SBU , Law Enforcement Sensitive LES or FBI ISs that process classified or sensitive information have the proper security clearance, formal accesses, need-to-know, and yearly training.
• Requests and inspects Privacy Threshold Assessment PTA and Privacy Impact Analysis PIA for each application for completeness and accuracy.
• Ensured the Confidentiality, Integrity and Availability of information processed by FBI ISs.
• Responsible for the information assurance oversight of how all FBI-owned, operated and sponsored systems meet established security and regulatory requirements.
• Maintains a repository for all system C A documentation IS security program action requests System Security Plans SSP and associated records system certification documentation accreditation documentation IS modifications and approvals to keep these documents current and accessible to authorized individuals.
• Coordinates with IAS/Policy on the implementation and maintenance of appropriate set of FBI-wide IA policies and procedures, and guidance for securing FBI's ISs.
• Access changes to the system, its environment, and operational needs that my affect its Tier decision and accreditation status.
• Maintains the System Security Plan SSP , updates the plan as necessary and ensures a yearly review.
• Implement and enforce security policies through all phases of an IS's lifecycle.
• Ensure that all POA M actions are completed and tested including verification by third party test team, when applicable.
• Ensure that systems are operated, maintained, and disposed of in accordance with internal security policies and practices outlined in the approved accreditation package.
• Ensure approved procedures are in place for clearing, purging, declassifying and releasing system memory, media, and output for the Enterprise Servers, AMA, IMA, BPMS, Blacknet and Rational systems.
• Coordinate IS security inspections, tests, and reviews with the Security Control Assessor.
• During the O M phase, ensure that IS security risk assessments are periodically performed and that appropriate security measures are met in order to maintain compliance with Tier requirements.
• In accordance with FBI security policy, develop security incident response procedures and report incident findings and security violations to the ESOC.
• Ensure proper protection and corrective measures have been taken when an incident or vulnerability has been discovered within a system.
• Help develop, test and review the IT Contingency Plan and the Disaster Recovery procedures every 6 months.
• Conducted system assessments in accordance with NIST SP 800-53 Security Control List, which includes physical security controls, and user interviews for auditing purposes from PricewaterhouseCooper.
• Conduct automated and manual vulnerability testing on major applications and network infrastructures.
• Coordinated, reviewed and approved the development and implementation of new software patches or procedures for software, hardware, and firmware on a system.
• Evaluate threats and vulnerabilities of each IS to ascertain if additional safeguards need to be implemented.
• Formally notify the ISSM when changes occur that may impact accreditation.
• Disseminate, control and manage requirements for user identifications and passwords for assigned systems and provides authorized list s to appropriate system administrators for implementation.
• Establish audit trails and ensure their continuous monitoring and review, and make them available, when required, to the ISSM.
• Retains audit logs in accordance with DOJ, DNI and/or FBI policy.
• Ensure awareness and precautionary measures are exercised to prevent introduction and/or proliferation of malicious code.
• Using HP Network Automation NA to track and regulate Configuration Management CM for software changes across routers, switches, firewalls and load balancers.

Confidential

Information Assurance Officer

Acting as the liaison to government and military officials on emerging Information Assurance IA issues for the F-35 Lightning II Joint Strike Fighter JSF Program. IA team manages the Automated Information Systems associated with the Top Secret and Special Access Programs SAP for the JSF Program.

Responsibilities:

• Analysis of Security Technical Implementation Guide STIG requirements for hardware and software compliance
• Utilized DISA FSO Gold Disk and Retina to assist in securing systems and applications in accordance with the guidance found in the DISA Security Technical Implementation Guides, SRR, checklists and applicable Center for Internet Security CIS benchmarks.
• Maintain System Security Plans SSP and the DIACAP Scorecard as changes to the system occur and policies are updated
• Support use of DoD JAFAN 6/3 and DIACAP processes for certification and accreditation of systems.
• Provided Information Security Certification and Accreditation Support for project applications, systems and networks.
• Utilize and complete DoD 8500-2IA Control Checklist MAC 1, 2 and 3 developed by Defense Information Systems Agency DISA for C A purposes.
• Qualify security based on National Institute of Standards and Technology NIST Special Publication SP 800 26, SP 800 30 and NIST 800-55.
• Provided IA related training to the government and military staff
• Inspect Continuity of Operations Plan COOP and Disaster Recovery DR .
• Inspect System Security Plans SSP , System Security Authorization Agreement SSAA and Security Operating Procedures SOP for compliance, preparation and yearly maintenance reviews.
• Create detailed assessment reports which include detailed system overviews, risk analysis calculations and findings matrix.
• Translated technical security issues into business risk/impact analysis for reports to senior leadership.

Confidential

Sr. Systems Engineer

• The position required the analysis of both hardware and software to establish a comprehensive Disaster Recovery DR . Program and Continuity of Operations Plan COOP . Primary responsibility was the planning, developing and implementing of the DR and COOP procedures for GEICO's IT infrastructure and the implementation of the Living Disaster Recovery Planning System LDRPS .
• Responsibilities:
• Developing Disaster Recovery DR Plans for all applications in the IT infrastructure.
• Define IT DR responsibilities and coordinate development of the overall IT DR strategy
• Establish DR policies and procedures and create methods to govern adherence
• Create new application Information Assurance policies and review/update existing documentation
• Develop standard IT DR processes and research new IT DR testing methodologies
• Ensure that all critical systems and applications have fully documented recovery processes
• Coordinate Table Top reviews to validate recoverability for all Priority One applications
• Create Disaster Recovery awareness programs and coordinate off-site exercises
• Reviewed contract information with IBM for complete hardware and Operating System OS support during an actual Disaster or for DR exercises.
• Performed gap analysis to determine where disaster recovery improvements are needed
• Subject Matter Expert SME for the software Living Disaster Recovery Planning System LDRPS that centralized the IA, BIA, BC and DR documentation for all of Geico's hardware and software.

Confidential

Technical Project Program Manager

Responsible for the management of multiple projects and teams tasked with implementing system upgrades, software enhancements, new system installations, Disaster Recovery, Information Assurance and Business Continuity Plans through the complete System or Software Development Life Cycle SDLC .

Responsibilities:

• Manages and tracks projects from initiation to successful completion of the SDLC.
• Performs business analysis and requirements development.
• Defines and manages project scope, deliverables, schedules, budgets, and task lists utilizing Microsoft Project and Visio.
• Delegates team interaction and assigns personal responsibilities and deadlines.
• Assists in resolving technical problems on UNIX System
• Negotiates with vender for hardware, software, licensing and support.
• Ensures all documentation i.e. Systems design, Business Continuity BC , Information Assurance IA and Disaster Recovery DR Plans reflect project changes.
• Schedules and chairs weekly meetings interacting with other Subject Matter Experts SME , Managers, Directors and Vice Presidents to communicate project status, resolve project issues, problems, and changes.
• Design and develop User Acceptance Testing UAT plans for Quality Assurance QA purposes.
• Assists in training users when necessary.
• Subject Matter Expert SME for the software BIA Professional from Strohl Systems.
• Conducted interviews with application SME's to complete Risk Management and Business Impact Analysis on Priority one applications

Confidential

Information Assurance Engineer

I was assigned to evaluate the U.S Environmental Protection Agency EPA National Computer Center for certification and accreditation C A purposes. Traveled to Durham North Carolina, site of the new state-of-the-art computer center and analyzed the NCC architecture for potential risk from both natural threats e.g., floods, hurricanes, tornadoes and man made threats e.g., sabotage, vandalism, terrorism . Areas of system evaluation included the Cray T3E-1200E super computer, IBM RS /6000 SP with 48 processors, IBM G6 CMOS Enterprise Server and the Compaq Alpha processor running True64 UNIX. Final analysis was designed to mitigate or control threats that can impact confidentiality, integrity or availability of the E.P.A National Computer Center.

Responsibilities:

• Qualify acceptance based on National Institute of Standards and Technology NIST Special Publication SP 800 30, SP 800 37, SP 800-18 and NIST 800-53 Security Plans.
• Evaluate Program Management PM and Life Cycle Planning by conducted interviews with the Information Systems Security Officer ISSO to assess Management and Operational Risks.
• Ensure that computing systems and networks are operated, maintained, and disposed of in accordance with internal security practices and policies.
• Inspect Intrusion Detection System IDS / Intrusion Prevention System IPS
• Perform a Technical Vulnerability Assessment TVA .
• Evaluate Assembler System software and COBOL application software as well as user access RACF .
• Inspect Continuity of Operations Plan COOP and Disaster Recovery DR .
• Ensure that all users requesting security clearance accesses or authorization to secure information are aware of their security responsibilities before granting access to protected Information Systems.
• Inspect System Security Plans SSPs and associated documents for compliance, preparation and yearly maintenance reviews.
• Followed authorization process required by the Office of Management and Budget OMB and the Federal Information Security Management Act FISMA .

Confidential

Systems Engineer

I participated as a key member to complete several large projects for the US Government. Each project required extensive analysis of requirements and design at all levels of System Architecture. Many tasks required design proposals, architecture diagrams, data element mapping, procurement cost and analysis of any significant factor that could impact the overall Enterprise Architecture.

United States Government Thrift Savings Plan TSP 401K

• Analyzed the design requirements of U. S Government's new 401k Participant Statement to create a programming solution.
• Created new 401K Statement Program utilizing COBOL, Dynamic Job Descriptor Entry DJDE and Forms Definition Language FDL .
• Analyzed and installed Elixir software i.e. PageMiner/Transformation Suite, as a suitable converter from Mainframe EBCDIC format to PDF to view and print lost statements.
• Traveled, as needed to New Orleans, site of NASA/USDA mainframe used for testing and production of the new Thrift Savings Plan 401K Statements.

Confidential

• Participated in the hiring and training of a large number of new employees in areas of Quality Control QC Quality Assurance QA , Information Assurance IA , TSO/ISPF, JCL, VPS, XPAF, TSS, Librarian, FCB, PDS, VSAM and GDG data sets.
• Analyzed and mapped Legacy Data Elements for the conversion of data to OmniPlus.
• Created COBOL programs that read VSAM/DB2 from OmniPlus and create the associated Reports and Notices that the TSP required.

Confidential

• Traveled to Kansas City for several weeks for meetings to analyze the needs and objectives of the customer and design a programming solution to create the desired result.
• The programming solution for the interactive website included the writing of Cold Fusion, HTML and Java programs.
• SQL was used to retrieve, create or delete table information from the Informix database on Sun servers.
• The completed system allowed government investigators to enter the desired information, either about an individual, crop or area, submit the request and create an online Actuate report of the quantitative results including
• Yield Analysts reports
• Insurance reports
• Loss reports
• Summary of Business reports

Confidential

• Provided requirements analysis and JCL/COBOL programming support for the Dynamic Component Tracking System DCOMTRAK IDMS/ISAM and Engine Component Tracking System ECOMTRAK IDMS.
• Wrote COBOL programs when required.
• Conducted full life cycle testing of all new programs.
• Provided full integration support from concept to documentation.
• Projects classified information kept in compliance with The National Industrial Security Protection Operating Manual NISPOM , developed by the Department of Defense.

Confidential

Programmer/Analyst

• Duties include writing new JCL and COBOL programs based on analyst specifications. Analyzed existing programs for system efficiency. Rewrote programs to cut CPU time, save disk space, or release tape drive allocations.
• Maintained programs that use Customer Information Control System CICS , DB2 and IMS.
• Wrote new COBOL programs as needed.
• Unit tested new programs to ensure accurate results. String tested multiple programs for System compatibility.
• Updated all documentation after program changes including System Design SD , Disaster Recovery DR , Information Assurance IA and Business Continuity BC plans.
• Provided technical and application assistance via pager to ITS personnel needing help with COBOL programming problems, system abends or solving JCL errors.

Confidential

Information Communications Technology Group

• Maintained Master Console Operations for System monitoring and batch job processing. Helpdesk assistance required analysis and problem resolution for users such as the New York Police Dept. and Booz-Allen Hamilton. Analyzed and updated Rexx and SAS programs as required by new business requests.
• Problem determination of batch-job failure, JCL errors, System abends or I/O Failures.
• Used SyncSort utility for sorting and data manipulation
• CA7 set up and submits.
• Fast Dump and Restore FDR recovery of files or servers.
• Analyzed Natural programs and maintained ADABAS databases.
• Updated SAS programs needed for report changes.
• Analyzed Rexx program problems and wrote new programs whenever required.

Confidential

Disaster Recovery Analyst

• Developed and maintained JCL Job Control Language and Clist for all production batch jobs. Created Disaster Recovery procedures for all Batch application systems and COOP procedures for Business Continuity BC and personnel operations. Supported Technical Services Development Division with application testing and implementation, problem resolution and recovery.
• Major Duties:
• Develops, maintains and documents, backup and recovery procedures for batch-application systems in NFCU's automated Systems Disaster Recovery Procedures.
• Designed and developed the Continuity of Operations Plan COOP .
• Plans and executes periodic tests of NFCU's Disaster Recovery Plan at Sungards DR Site in Pennsylvania.
• Sets up logistics, defines objectives and creates the DR test plan, Provides documentation of test results for Internal Audit after each test.
• Problem determination of batch-job failure, JCL errors, System abends or I/O Failures.
• Used FDR to restore corrupted DSN and Partitioned Data Set PDS .
• IDCAMS to restore VSAM Data Sets.

Confidential

PWB Technician

Created and assembled PWB's Printed Wire Board . A blueprint from Engineering was read to etch, drill and plate new computer boards. The boards were then assembled with the necessary integrated circuits, diodes, resisters and wires used to complete one of many different parts for such projects as Radar Drone Control Shelters. These control bunkers could control and fly unmanned F-106 Delta Dart fighters to be used for target practice by the United States Air Force. Other assembly projects included antenna for the Rockwell B-1 bomber and transponders for a variety of military aircraft.