Summary:

• Extensive experience in the IT industry, encompassing all lifecycle phases of Information Security, Systems and Applications Development, Change Control and Change Management, Disaster Recovery Planning, internal systems security and regulatory compliance remediation and risk mitigation, implementation of Best Practices and Industry Standards.
• Developed security briefs for management's attention of those items in reports, memoranda, and correspondence, which require immediate or special action, and make available background materials of pertinent information to aid in making prompt decisions.
• Skilled in applying analytical and evaluative techniques to the identification, consideration and resolution of issues or problems of a procedural or factual nature.Confident in oral and written communications with the ability to plan and coordinate workloads and set priorities.
• A team builder with extensive experience and success to lead, train, and mentor junior or mid-level teammates, and clearly articulate and enforce rationale for decisions from management as well as critical technical information.
• Responsible for ensuring security compliance of persons involved in security violations, providing investigation into those violations, documenting, and enforcing regulatory requirements.
• Reviewed compliance assessment efforts by developing, implementing and operating an IA Control Validation/Compliance program.
• Knowledge of Microsoft Suite and database management systems in tracking and controlling management processes.
• Recommended DOD/DLA PKI enablement strategies and architecture, and identify risk and problems to the DLA PKI PMO, providing risk assessments and solutions.
• Arranged both internal and external meetings and conferences with agency officials, officials of other Federal and State agencies, foreign governments, and private organizations and groups both nationally and internationally.
• Reviewed risk analyses to ensure they are completed to determine cost-effective and essential safeguards.
• Capable of performing literature and file searches in order to provide management with information in response to congressional inquiries, briefings packages, correspondence and retrieve data for program related assignments. In addition, compose literature and information into usable summaries for discussions.

Experiences:

Confidential

Systems Analyst

Responsibilities:

• Responsible for supporting the Information Technology Security Department for the Department of Confidential Department, ensuring that security requirements for the assigned one or more major applications or general support systems are in compliance with the Federal Information System Management Act FISMA , developing Systems Security Plans, Continuity of Operations Plans, Incident Response Plans, Security Assessments documents, and writing a Security Test and Evaluation Plans, Contingency Plans, STIG employment, IAVAs, and Retina Scanning.
• Ensured Certification and Accreditation of assigned information systems are completed in accordance with the NIST and FISMA requirements.
• Ensured that protective measures for physical security threats such as deadbolt locks on doors, placement of electrical wiring, etc., are in place.
• Maintained inventory of hardware and software within program/development offices or field site.
• Wrote and Coordinated the Development of a IT Contingency and Testing Plan.
• Developed and assisted with preparation of security plans for sensitive systems and enterprise network topologies.
• Administered security awareness and related information assurance training programs, and distributing security awareness information to all user, and communities as appropriate.
• Reported IT security incidents including computer viruses in accordance with established scanning procedures.
• Extensive experience in using Microsoft Office Suite i.e., Word, Excel, PowerPoint, Project, Visio and MAC suite .

Confidential

Assistant Information Assurance Systems Security Officer ISSO

Responsibilities:

• Responsible for supporting the Information Technology Security Department for the Department of Homeland Defense DHS , FEMA Department, ensuring that security requirements for the assigned one or more major applications or general support systems are in compliance with the Federal Information System Management Act FISMA , developing Systems Security Plans, Continuity of Operations Plans, Incident Response Plans, Security Assessments documents, and writing a Security Test and Evaluation Plans from the beginning to the end.
• Certification and Accreditation of assigned computer systems are completed in accordance with the published procedures.
• Ensured that protective measures for physical security threats such as deadbolt locks on doors, placement of electrical wiring, etc., are in place.
• Ensured compliance with all legal requirements concerning the use of commercial proprietary software, e.g., respecting copyrights and obtaining site licenses.
• Maintained inventory of hardware and software within program/development offices or field site.
• Coordinated and Assisted in the Development of a Contingency and Testing Plan.
• Reviewed risk analyses to ensure they are completed to determine cost-effective and essential safeguards.
• Developed and assisted with preparation of security plans for sensitive systems and enterprise network topologies.
• Administered security awareness and related training programs, and distributing security awareness information to all user communities as appropriate.
• Reported IT security incidents including computer viruses in accordance with established procedures.
• Communicated security incidents not involving IT resources to the appropriate security office.
• Provided input/assistance to appropriate IT security personnel for preparation of reports to higher authority concerning sensitive and/or national security information systems.
• Extensive experience in using Microsoft Office Suite i.e., Word, Excel, PowerPoint, Project .

Confidential

Information Security Specialists / Compliance Analyst

Responsibilities:

• Employed as an Information Assurance Security Specialist Team Lead responsible for multiple processes, and coordination and evaluation of a range of security services for the organization.
• Ensured that management, operational, technical policies and security controls for securing information systems are in place and enforced.
• This included taking the appropriate steps to implement information security regulations for information systems throughout their life cycle using DOD directives and NIST SP 800-64 life cycle management guidance.
• Responsible for ensuring security compliance of persons involved in security violations, providing investigation into those violations, documenting, and enforcing regulatory requirements.
• Assisted and participated in enforcement proceeding if necessary, and responding of potential security incidences, and documenting existing security violation trends within the Agency.
• Reviewed and analyzed assessment reports, and formulating recommended alternatives and courses of actions to pursue by regulated parties in order to satisfy agency security requirements.
• Wrote agency information assurance security operations policies.
• Reviewed and provided Information Assurance IA support services to the Deputy Chief of Staff, G-3/5/7 in accordance with the applicable DOD/OSD, OMB, Army CIO, and Army regulations.
• Proof read Certification and Accreditation C A of Information Systems IS packages in accordance with DIACAP processes, and analysis of IA regulatory requirements in accordance with NIST 800-37 Rev 1 for impact on G-3/5/7 information systems.
• Monitored and investigating system security incident violations within G-3/5/7 notifying appropriate security personnel and submitting security incident reports.
• Assisted in the development and maintenance of the G-3/5/7 Information Assurance program to address unique security training and IA architecture.
• Maintained the Information Assurance Vulnerability Message IAVM message flow process and ensuring data changes were inputted through the Asset and Vulnerability Tracking Resource A VTR Database to ensure IAVM compliance.
• Performed Certification and Accreditation C A of Information Systems IS in accordance with DODI 8510
• DIACAP processes.
• Worked closely with project manager and team members to meet Certification and Accreditation C A expiration schedules.
• Enforced DIACAP, DITSCAP and NIST IA transition.
• Researched, developed, and wrote System Security Plan SSP checklist for oversight of the Army G-6 information systems.
• Initiated Information Assurance industries best business practices, on how to establish and implement an effective information assurance security program.
• Provided Army G-3/5/7 training for information assurance awareness indoctrination of all newcomers to the organization.

Confidential

Information Assurance Analyst/ Compliance Analyst

Responsibilities:

• Worked with the Defense Logistics Agency DLA in the Information Assurance IA Headquarters J-6 . Oversight of multiple projects, and writing IA technical policy, and Certification and Accreditation process reviews, IA Controls Validation/Compliance Support, Information Systems/Integration and Engineering support, Information Assurance Policy, Public Key Infrastructure, and Project Management.
• Administered information, industrial, and operations security programs. Implemented security policy and procedures and provided operational direction for the safeguarding of classified and sensitive national security information into policy.
• Participated in continuous security analysis and evaluations for existing security procedures, recommend, and implement improvements and corrective measures. Planned, organized, facilitated, and/or participated in a myriad of Information Security Programs.
• Developed and assist with the DLA Certification Authority and Designated Approving Authority DAA , ensuring written policies were followed in accordance with: NIST SP 800 - 18, NIST SP 800 - 37, NIST SP 800 - 53A, FIPS Pub140-2, FIPS Pub 199, FIPS Pub 200.
• Reviewed compliance assessment efforts by developing, implementing and operating an IA Control Validation/Compliance program.
• Facilitated the assessment, implementation, configuration, and policy development, training and documentation of Government provided commercial-off-the shelf COTS IA controls and tools, to support DLA enterprise architecture. A representative of the Technical
• Infrastructure Architecture team for DLA.
• Provided technical support in the review, analysis, and development of IA processes, policy, doctrine, directives, regulations and implementation of instructions for the DLA enterprise.
• Created statement of work requirements for independent information system task that aligns with the project.
• Responsible for project planning and project management, including developing of work breakdown structures, schedules, resource planning, and daily status tracking with follow-up one on one meeting.
• Oversight of existing DOD PKI technical architecture, policy, procedures and documentation and make recommendations to the DLA PMO for enhancements to the DLA PKI implementation.
• Evaluate the performance, security, legal enforcement, maintenance, interoperability and compliance to PKI policy and standards.
• Recommended DOD/DLA PKI enablement strategies and architecture, and identify risk and problems to the DLA PKI PMO, providing risk assessments and solutions.
• Conduct In-Process Reviews on a quarterly basis to provide information regarding contract status, deliverables, personnel, and outline roadblocks to the Government
• Enforced Privacy Impact Assessments PIA regulations.
• Provided written Weekly Activity Reports WAR , Monthly Status Reports, Project Management Plans, and Weekly Status meetings with the Government.

Confidential

Systems Analyst

Responsibilities:

• Worked with the Army Information Assurance IA Division, writing policy in several areas: Confidential for Federal Employees and Contractors, Best Business Practices for Signing and Encryption of Email, White Papers, Information, and Point papers.
• Participated in agency activities to identify security threats and violations that need to be incorporated into policy.
• Wrote, plan and directed the development of security criteria and guidelines for user of IT systems.
• Analyze federal statutory requirements against company directives to assess the degree of change necessary to comply with new requirements, while keeping abreast of changing and emerging security technology i.e., forensic and cryptology changes .
• Through knowledge of Federal, Department of Defense DOD , and Army Regulations incorporating useful guidance when creating Army Information Assurance policies.
• A team task leader. Developing briefings, and weekly activity reports for the IA task division meetings.
• Provided consultation skills related to developing processes to solve information assurance issues. i.e., DEERS, RAPIDS software releases, configuration management, policies with 508 compliance and security
• Assigned as the spokes-person in representing the Army in the following working groups, Strategy and Guidance, Program and Evaluation Management, Homeland Security Presidential Directive 12, Tactical PKI Token Policy, and Identity Policy Management Working Groups.
• Lead design and documentation with various matrixes, and cross-functional team members.
• Generated security control implementation statements for System Security Plans per NIST SP 800-18.
• Assigned to comprehend abstract requirements and DOD's methodology on future Information Assurance Policies, and Cross Domain Solutions.

Confidential

Project Lead

Responsibilities:

• A Team Lead at the Department of Defense Confidential Initiative for the Chief Information Officer CIO , providing information resource management, research and analysis, compliance oversight for Confidential.
• Supported E-Gov tasks department-wide with quarterly reporting to the Office of Budget and Management OMB .
• Collected and evaluated data for 18 Presidential Management Initiatives, and 9 Lines of Business, tracking quarterly deliverables and milestones for executive level appointees, assisted preparing MS PowerPoint briefings to Senior DOD leaders, while maintaining VTC communications among E-Gov counterparts and DOD components arranging and scheduling lines of agreement and support for budget requirements.
• Thorough knowledge of management controls helped ensure timely and accurate reporting of Evidence of Completion Milestones and Implementation Plan submissions to OMB.
• Assisted the department in reaching its Proud to be Goals, and improving its rating in the President's Management Agenda PMA Scorecard.
• An E-Gov liaison Lead for the DOD IT Portfolio Management team. Ensured information system reporting.
• Developed a Web-based workspace for the E-Gov Community of Practice website enhancing efficiency and effectiveness for the department, providing timely and trusted sharing of information in accordance with DOD's net-centric vision.

Confidential

Systems Analyst Intern

Responsibilities:

• A Consultant on personnel workflow processes, IT acquisition governance and the use of project management tools for the Defense Business Systems Transformation Agency BTA .
• An Advisor on organizational processes and technical solutions, providing ideas for improvement, recommending methods of eliminating outdated legacy systems, and helping to develop future IT methodologies.
• Supported the administrative office by creating briefs, making travel arrangements, and writing and scheduling of agendas.
• Aligned employee performance plans and defined goals, providing measurable standards for success.
• Drove change management processes and change control methodologies across the BTA.
• Project Analyst, Confidential
• A Subject Matter Expert in business processes and military personnel data requirements for Under Secretary of Defense for Personnel and Readiness OUSD P R , Joint Requirements and Integration Office JR IO , Arlington, VA. Determined data requirements for building
• DOD's Integrated Human Resource System DIMHRS . Evaluated and assessed requirements for pay entitlements, personnel management training, and medical patient tracking. Ensured requirements were standardized by design and functionality.
• A Marine Corps representative for data requirements and traceability, monitoring data input/output and program documentation for DOD Components. Ensuring DOD procedures met or exceeded the program requirements.

Confidential

Systems Analyst

Responsibilities:

• Implemented crisis management reporting and daily briefing to communicate daily security posture of hurricanes and natural disasters.
• Created a lead collaborative culture that encourages engagement and networking on all security issues that affect the Marine Corps.
• Implemented and measure performance of screening standards and security programs for the Plans Policy and Operation Agency.
• Classified Systems Manager of Marine Corps Global Command and Control Systems GCCS monitored the movement of ships and personnel through situational reporting SITREPS documenting and map plotting daily for senior management.
• Monitored Network communications for the Marine Corps Intranet/Extranet protecting passwords, access controls, clearance requirements, and documenting security violations.
• Lead and coordinated team meetings, and Stakeholders communication efforts
• Solicited and develop project requirements, business processes and project impact statements.
• Experience with developing and writing Continuity of Operations, Emergency Evacuation Planning, and Operations.
• Public Key infrastructure and certificate management for the Local Registration Authority.
• Convergence of physical and logical access control credentials based on FIPS 201, and HSPD-12 requirements.
• Multi-factor credential issuance and management systems, including PKI. 509 Certificate, Registration, and integrated card management systems.