Summary:

Experienced in performing continuous Security Posture Assessment's SPA , Information Governance IG and Risk Management through both manual and automated processes. Performing Risk Assessment's to yield actionable Risk Handlingprojects.Identifying productivity and functionality issues hindering the optimal and cost-effective operation of a broad range of technologies including security applications and their implementation of, then designing solutions, and leading theimplementation to improve overall efficiency while aligning business requirements with security designed solutions that do not hinder business productivity.Seven years experience managingtechnical teams.Providing leadership, decomposing business programs and business initiatives into an actionable set of project activities, to include business process modeling, simulation, validating the business premise, providing clear direction on the projects execution and assuring a high return on investment.

Microsoft Certifications:

• Microsoft Certified Systems Administrator: Security MCSA:Security
• Microsoft Certified Systems Engineer: Security MCSE:Security
• Microsoft Certified IT Professional MCITP
• Microsoft Certified Technology Specialist MCTS
• MCITP: Enterprise Administrator MCITP:EA
• MCITP: System Administrator MCITP:SA
• MCITP: Enterprise Messaging Administrator 2010 MCITP:EMA
• MCTS: Windows Server 2008 Active Directory: Configuration
• MCTS: Windows Server 2008 Applications Infrastructure: Configuration
• MCTS: Windows Server 2008 Network Infrastructure: Configuration
• MCTS: Microsoft Exchange Server 2010, Configuring
• VirtualizationCertifications:
• VTSP 5.5VMware Technical Solutions Professional
• Linux Certifications:
• CompTIALinux
• Junior Level Linux Professional LPIC-1
• Novell Certifications:
• Novell Certified Linux Administrator CLA
• Novell Data Center Technical Specialist

NetworkCertifications:

• CompTIANetwork

Career Key Point's

• International Organization for Standardization ISO 27002 formerly ISO 17799
• Internal Revenue Service Publication 1075 IRS 2075
• Sarbanes Oxley Act SOX
• National Institute of Standards and Technology NIST Special Publications SP 800 Series
• Federal Information Processing Standard FIPS 200
• United States Government Configuration Baseline USGCB
• Federal Desktop Core Configuration FDCC
• Centers For Medicare Medicaid Services CMS Information Security IS Acceptable Risk Safeguards ARS / Minimum Security Requirements CMSR
• Security Technical Implementation Guides STIGs
• Performed continuous Security Posture Assessment SPA , Information Governance IG and Risk Management through both manual and automated processes utilizing multiple Vulnerability Management and Configuration Compliance tools then performed Risk Assessment's of finding's to escalate Risk Handling recommendations, and created as needed Plan of Action and Milestone 's POA M to ensure compliance of the Business Model for Information Security BMIS , Information Security Best Practices, and Information Security Laws Regulations:
• Payment Card Industry Data Security Standard PCI DSS
• Federal Information Security Management Act FISMA

• Provided leadership, decomposing business programs and business initiatives into an actionable set of project activities, to include business process modeling, simulation, validating the business premise, providing clear direction on the projects execution and assuring a high return on investment.
• Developed detailed work plans and rules of engagement schedules, resource plans for recurring penetration tests.
• In charge of talent search, hiring, and terminations of Security personnel, as well as conducting regular performance evaluations, counseling, and promotions.
• Penetration testing of LAN and DMZ Internet-facing systems, application, web application, social engineering, architectural review, physical security, and wireless security assessments to identify control weaknesses and effectiveness of existing controls, and recommend remediation actions.
• Performed full-lifecycle i.e., Concept to Deployment Information Assurance IA security analyses to ensure the logical and systematic conversion of customer or product requirements into secure systems solutions that acknowledge technical constraints.

• Lead Server Attached Storage administrator, and Lead Server administrator for all Unclassified Classified Servers.
• Performed continuous Security Assessments and presented vulnerabilities identified to the Communications Commander.
• Trained Contractors and Airmen on how to administrate, maintain, troubleshoot, and repairComputers/Servers and DAS/SAN systems on both Unclassified Classified Networks.
• Provided on-going status reports/briefings to the base and communications Commanders, and oversaw investigations into any problematic activity.

• Hiring, supervising, and directedall IT Staff.
• IT status reports presented on a daily basisto both the Joint Improvised Explosive Device Defeat Organization JIEDDO / Joint Center Of Excellence JCOE Director GS15 , and the Contracting company CEO to ensure all expectations are being metor exceeded.
• Trained IT personnel in all AV equipment, encryption devises, OS administration, army policies utilized by Joint Center Of Excellence JCOE Army Center Of Excellence ACOE .
• Data Recovery of deleted files, Formatted Re-imaged drives, and dead HDD's on both Unclassified Classified systems.

• Primary advisor to the Director of Communications for all of Iraq's Military IT networks.
• Maintained intercommunication of 1000 Nodes within the Iraqi Defense Network spanning across 26 military bases in Iraq, and 1400 Nodes within Ministry of Defense.
• Management of Tier 3 IT Support Management for IDN MNSTCI network and for the Iraq Ministry of Defense network.
• Management of ticket tracking, escalation and work delegation of 25 IT Support technicians for the Iraqi Defense Network, and of 7 IT Support technicians 2 Instructors for the Ministry of Defense Network.
• Provided technical and tactical advice to command and staff concerning all aspects of information processing systems operations, maintenance, and logistical support.
• Reviewed violations of security procedures and counseledoffenders on security procedures to ensure violations are not repeated.
• Wrote and carried out classroom-based training for IT Support personnel, DGoC and M6 Iraqi Officer's Civilians for future network turnover.

• Single handedly completed the special project of repairingand bringing live a 20,000/ft Multi-Million dollar audio-visual system for a new Command Center in Camp HM Smith, Marine Forces Pacific. In recognition for the massive accomplishment I was awarded the Navy Achievement Medal .
• Provided in-depth tactical data network support to include, but not limited to, installing, configuring, and maintaining systems software, hardware, advanced LAN configuration, advanced communication planning, utilizing various tactical communication devices.

• Carried out configuration compliance and vulnerability scanning, auditing, and reporting of findings in violation of the Business Model for Information Security BMIS , Information Security Best Practices, and applicable Information Security Laws Regulations through the advanced administration of and daily use of the following enterprise security applications:
• Utilizing a multiple prong method for the most rapid identification of newly released patches to ensure the maximum amount of available time to assess, test, and deploy applicable patches.
• Processes on how to assess all released patches and determine the safety of deploying set patches, along with the business need and possible adverse impact of doing so. Followed by either deployment of the patch or properly documenting the Business, Operational, and Security impact in order to comply with federal and state regulations when not deploying a patch.
• Procedural documentation on how to test the safety of deploying patches to development and production Systems along with appropriate safeguards to minimize any possible adverse effect across all systems specifically key business systems.
• Procedural documentation on how to simultaneously test and deploy one or hundreds of unique patches across thousands of workstations and servers within the extremely limited time frames as defined by applicable Federal and State regulations.
• Architected a Patch Management framework along with developing policies and procedural documentation which allowed me to single-handedly successfully apply over half a million missing patches across 5,000 Workstations and 850 Servers. The Patch Management framework that I designed and implemented led to the clients first Centers for Medicare and Medicaid Services CMS security audit where all systems assessed had zero missing patches. Through utilization of the new patch management framework and training of new patch management personnel, the required permanent dedicated manpower for applying missing patches was able to be reduced by while still maintaining missing patches to a minimum as proven with subsequent CMS audit's resulting in zero missing patches on all systems assessed. Within the develop Patch Management framework, some of the many processes addressed were:
• Lumension Endpoint Management and Security Suite LEMSS
• Symantec Endpoint Protection Manager
• Tenable Nessus Vulnerability Scanners Standalone
• Led the initial talent search, hiring, and terminations of personnel to create Tenable Audit file checks that were missing from Tenable's published Configuration Compliance Management audit files used by both Security Center Nessus. Then to minimize the customer'soperational cost of Configuration Compliance Management through the use of Tenable's products I led the effort to create custom checks in-house to make up for the controls not assessed within the Tenable published Configuration Compliance Management audit files by training coworkers on how to create custom checks, and developed a process for the creation of custom checks in bulk to keep up with the rapidly changing requirements from Information Security Best Practices, and Information Security Laws Regulations.
• Security Configuration Compliance Management, auditing, Vulnerability scanning, risk management, and the reporting through the use of Tripwire Enterprise, Tripwire's IP360 former nCircle IP360 with both the Suite360 Intelligence Hub SIH and IP360 Vulnerability and Exposures Manager VnE , and also Tenable's Security Center and Nessus.
• Deploying patches and reporting the patch status through Lumension Endpoint Management and Security Suite LEMSS and Windows Server Update Services WSUS .
• How to create custom Information Security Best Practice, Information Security Laws Regulation Checks and Baselines Audits within Tripwire Enterprise, and also Creating custom individual and whole baseline Audit files for Tenable's Security Center and Nessus.
• Provide continuous direction and training to Security team members to ensure the successful completion of Security Operation tasks such as but not limited to:
• ZENworks 11 SP3 Control Center
• Tripwire's IP360 former nCircle IP360 with both the Suite360 Intelligence Hub SIH and IP360 Vulnerability and Exposures Manager VnE
• Tripwire Enterprise
• Tenable Security Center along with its resource pool of Nessus Vulnerability Scanners
• Architect the deployment/integration of Tenable's Security Center and 24 Nessus scanners into the corporate network to be utilized as the principal tool for all vulnerability assessments and configuration compliance management designed the network placement schema, resource allocation, client specific configuration, technical engineering, architectural guidance, and parallel implementation to ensure zero downtime of vulnerability assessments, and configuration compliance management.
• Audited and prepared deliverables of compliance status to be submitted to federal auditors assessing federal and state regulatory compliance in accordance with the Health Insurance Portability and Accountability Act of 1996 HIPAA , the Centers for Medicare and Medicaid Services CMS security requirements, Defense Information Systems Agency DISA Security Technical Implementation Guides STIGs , and standards outlined by the National Institute of Standards and Technology NIST .
• Briefed non-security personnel security vulnerability assessments/audits/reports, risk analysis, security architecture analysis and recommendations on risk handling and mitigation.
• Carried out an in-depth analysis of Tripwire Configuration Compliance policies and rule sets to identify false positives, and build custom checks and even whole policies to match newly released DISA STIGS that have not been created by Tripwire.
• Created custom SQL queries and reports to expand beyond the native reporting capabilities of crucial security systems ensuring the most accurate and complete view of the security stance of networked systems.
• Function as an Information Security Subject Matter Expert SME carrying out Risk Assessment and Risk Management of the network of identified findings, and correlate with Information Security Laws Regulations CMS, FDCC, FIPS, FISMA, HIPAA, IRS 2075, ISO, NIST, PCI, SOX, STIGs, and USGCB . Then, critically review and critique Government auditable Information Security IS documentation for the compliance of applicable Information Security Laws Regulations.
• Identified all vulnerabilities and tool limitations within Lumension's Endpoint Management and Security Suite LEMSS , then worked extensively hand in hand with the clients Operations Server/Desktop teams, and the tool vendor's Account Manage, Support, and Engineers to either resolve their tool vulnerabilities and limitations or develop processes to ensure that Noridian's Federal compliance regulations and network security posture is not adversely affected by Lumension's deficiencies.
• Identified security issues and risks, developed mitigation plans, analyzed and assessed security measures and determined their effectiveness and where improvements were needed. Participated in security compliance efforts, providing guidance and education on proper security measures within the enterprise corporate-wide networks Primary and all affiliated organizations .
• Performed Incident Handling, Business Continuity Management and Contingency Planning, and Disaster Recovery planning and prevention of all business especially key systems as security hardening, configuration compliance management, continuous security patching, and the implementation of new security controls were deployed on all systems.

• Acted as the liaison between the business unit and information technology subject matter experts presenting process and procedure gap analysis between IT capabilities vs. business objectives, both within DefensaTecnologica S.A. and external clients.
• Assessed training needs for IT security knowledge gaps through surveys, interviews with employees, focus groups, and consultation with managers, instructors, and clients.
• Defined technical and business requirements for threat vulnerability management solutions as well as business processes and policies related to controlling access to systems and applications.
• Designed the structure, and content requirement of reports on security vulnerabilities utilized for both DefensaTecnologica S.A. and external clients. Created and presented reports on security vulnerabilities to both DefensaTecnologica S.A. and external clients Managers and Director's.
• Established reports and metrics to gauge pen testing effectiveness, progress and key risk areas identified through audits.
• Implemented an Information Classification scheme including processes for annual classification and retention review.
• Led the design and execution of vulnerability assessments, penetration testing, and security audits.
• Project management for multiple simultaneous information security projects related and related objectives and programs.
• Conducted recurring network analysis of DefensaTecnologica S.A. and external client Networks to identify the existence of all vulnerabilities and presented reports of to the IT Operations Staff to remediate all vulnerabilities.
• Created work Procedures for building, hardening, and maintaining systems used for penetration testing.
• Exploited vulnerabilities to gain access, and expand access to remote systems, then documented all actions performed, vulnerabilities identified and solution or mitigation proposals for all.
• Prepared and revised IA policy and guidance documents for specific and related technologies. Provide critical written and verbal analysis of systems documentation of vulnerability and risk assessments. Perform and Review Vulnerability Assessment's, Incident Response, Configuration Compliance management CCM and collect artifacts for proof of compliance.
• Researched cutting edge security topics and new attack vectors.

• Administrated, Monitored and preformed regular maintenance of redundant array of independent disks RAID within multiple Direct-attached storage DAS and Storage Area Network SAN systems on both Unclassified Classified networks.
• Coordinated with Army Information Assurance Manager to patch and secure Air Force Servers on both Unclassified Classified networks.
• Lead Server administrator Lead Server Attached Storage administrator on Unclassified Classified networks.
• Performed continues Security Assessments and presented vulnerabilities identified to the Communications Commander.
• Provided daily reportsof network status to the Air Force Commander and Communications Commander.

• Consulted with users, management, vendors, and technicians to determine computing needs and system requirements.
• Conferred with staff, users, and management to establish requirements for new systems or modifications.
• Assigned, coordinated, and reviewed work and activities of IT Support personnel.
• Assigned or schedule tasks in order to meet work priorities and goals.
• Trained Contractors and Airmen on how administrate, maintain, troubleshoot, and repair Computers/Servers and DAS/SAN systems on both Unclassified Classified Networks.
• Reported all Unclassified Classified Server issues directly to Air Force Communications Commander.
• Provided instant response and support to mission critical Operations Air Control Tower, PAX, Whether, Air Field, ATOC .
• Corrected ITSecurityvulnerabilities reported by the Information Assurance Vulnerability Alert IAVA .
• Created work schedule for entire IT team, ensuring IT support is available 24/7 with redundancy to meet Joint Improvised Explosive Device Defeat Organization JIEDDO's worldwide schedule.
• Created, Managed and Reviewed Joint Improvised Explosive Device Defeat Organization JIEDDO , Joint Center Of Excellence JCOE and Army Center Of Excellence ACOE scripts and ensure they are being pushed to all computers.
• Developed and interpreted organizational goals, policies, and procedures.
• Evaluated project plans and proposals to assess feasibility and identify possible issues.
• Maintained network hardware and software, directed network security measures, and monitored networks to ensure availability to system users. Manage backup, security and user help systems.
• Monthly Creation of Status reports, outlining all issues, resolutions, maintenance tasks performed by the IT Team.
• Planed, coordinated, and implemented security measures for information systems to regulate access to computer data files and prevent unauthorized modification, destruction, or disclosure of.
• Provided tier 3 IT Support on DOD Unclassified Classified networks for Army Center Of Excellence ACOE the Joint Center Of Excellence JCOE .
• Encryption rekeying on every month for Secure LAN communication, and perform an Over the Air Rekeying OTAR for VTC secure communication.
• Trained users and promote security awareness to ensure system security and to improve server and network efficiency.
• Video Teleconference responsibilities included:
• Administrated upgradedExtron configured conference room with DVD input, Satellite Cable input, Multiple Computer input, VTC suite input Unclassified and Secret , and output to any of Two 100 and Four 65 LCD's.
• Connected multisite unsecure and secure VTC's via ISDN H.323.
• Ensured Gatekeeper address list on every Tandberg unit is up to date.
• Install, Configure, and manage multiple Tandberg 6000 Tandberg 1700 to ensure Unclassified and Classified VTC's are variable 24/7.

• AdministratedServers on the Iraqi Defense Network, and the Ministry of Defense Active Directory, Exchange, DNS, DHCP, Shares .
• Assigned, coordinated, and reviewed work and activities of IT Support personnel.
• Conducted recurring network connectivity and resource availability analysis to detect issues and resolve before user detection and wrote procedures for installation, use, and troubleshooting of communications hardware and software.
• Ensured File Share structure, accessibility, and the overall network communication and availability within the Iraqi Defense and the Ministry of Defense networks.
• Evaluated the organization's technology use and needs and recommended improvements, such as hardware and software upgrades.
• Hiring and Firing, performance evaluation, and counseling of IT support staff
• Identified system performance degradation and provided guidance on required actions to improve or correct performance, relative to the goals of the system.
• Involved in strategic planning, resource allocation, human resources modeling, leadership, production methods, and coordination of people and resources of multiple projects.
• Maintained network hardware and software inventory lists, direct network security measures, and monitor networks to ensure availability to system users.
• Administrated, Monitoredand preformed regular maintenance of redundant array of independent disks RAID within multiple Direct-attached storage DAS and Storage Area Network SAN systems.
• On-Call 24/7 support for Minister Of Defense and the Multi-National Security Transition Command.
• Planned coordinated and directed the deployment, operation, management, and network level maintenance of multi-functional/multi-user information processing systems in mobile and fixed facilities.
• Planned and executed the integration of multiple information systems in a networked environment, evaluated and resolved customer information system problems, and carried out required hardware upgrades and repair to maintain mission capability.
• Responsible for the installation, configuration, and management of information systems in both a stand-alone and client-server environment.
• Installed, configured, and maintained network services and resources, both hardware and software
• Level 2 3 IT Support for three separate networks.
• LAN Hardware and software issues troubleshoot and repair.
• Single handedly repaired and re-configured a 5M audio-visual system for a new Command Center in Camp HM Smith, Marine Forces Pacific.
• Connected, Aligned and configured video wall consisting of Twenty Seven 40 LCD's
• Installed, tested, and configured within the Audio/Video ULTRAMAX controller 4 Side 60 Plasmas connected to video wall system to offer an alternative video output, 18 independent Audio/Video inputs located throughout the command center to project a laptops audio/video onto the video wall, multiple touch screen user interfaces to control Video Wall audio/video inputs and outputs.
• Installed, tested, and configured multiple touch-screen interfaces to manage all audio/video inputs and outputs.
• Managed and maintained all of the Marine Forces Pacific command center audio/video functionality.
• For all the accomplishments in rebuilding the new Marine Forces Pacific command center, I was awarded the Navy Achievement Medal .