SUMMARY:

Talented, results - driven Information Security Professional with versatile, cross-platform experience in systems/network architecture and security. Experience in hardware, software, networking, and security technologies, analyzing network security deficiencies and violations, performing risk assessments, audits, vulnerability assessments, and penetration tests. Delivered solutions implementing administrative, technical and physical controls establishing security management, protection of assets, and compliance. Demonstrated organizational and interpersonal skills working across departmental boundaries while maintaining strong communications and disseminating information from technical to comprehensible language to management, peers, and users. Performed as a highly motivated, goal-oriented team player with ability to work on projects alone.

EXPERTISE AREA:

• Outstanding leadership skills, excellent communication skills
• Effectively assess technical issue and present innovative technical solutions to management
• Achieved success developing and implementing IT projects from the planning stages to execution

TECHNICAL SKILLS:

• 2003/2008/2012 Active Directory Engineer
• Security + certified
• A+ certified
• Network + certified
• MCP certified
• ITIL V3 certified
• AMAG Certified
• OCSP System Administrator
• Wireless Configuration and security, WEP, WPA2
• Veritas Backup Exe.10.0
• Implementing RAS, VPN, Norton Ghost, RIS, maintaining all Microsoft Server environments
• Tumbleweed OCSP Administrator
• Symantec Antivirus Corporate Edition
• Confidential Group Policy
• Retina/Gold Disk Scans for vulnerability /remediation strategies
• DRA 8.1, NetIQ
• LandDesk Management.
• Virtualization technologies (ESX/ESXi)
• PKI Training

PROFESSIONAL EXPERIENCE:

Confidential

PKI Enterprise Engineer

Responsibilities:

• Resolve all failures related to the PKI Certificate Authority infrastructure.
• Operate, maintain, manage, and upgrade the entire agency PKI/PIV infrastructure.
• Administer, operate, and manage the Certificate Authority environment including the management of trusted root certificate chains in the Active Directory.
• Provide all Tier Two and Tier Three hardware and software support for the PIV functionality PIV enabled multifunction printers and their associated smartcard readers.
• Provide all Tier Three remote support for the PIV functionality of the PIV enabled multifunction printers and associated smartcard readers in the agency district, regional, and field offices. Install and configure middleware software required for PIV compliancy.
• Modify PKI Group Policy Object settings and update scripts for helpdesk personnel when necessary to remediate certificate-related issues.
• Recover, download, and install escrowed certificates for all users and systems requiring access to data encrypted with previous certificates Perform all network and system non-PIV Certificate issuance tasks for Public Trust, Common Policy, and Certificate Authority issued certificates.
• Download, deploy, configure, and troubleshoot the Access Card Utility (ACU), and ActivClient software create, manage, and maintain installation guide, SOP, and CONOPS documentation.

Confidential, Quantico, VA

Engineer

Responsibilities:

• Directly support the Confidential implementation of DoD PKI with operational focus on the implementation, management and sustainment of the Marine Enterprise PKI. Work directly on the continued implementation of the DoD PKI within the Confidential, both NIPR and SIPR, to include enterprise certificate validation infrastructure, directory services and support to deployed forces. Responsible for the management of USMC PKI Infrastructure as it relates to use of DoD PKI and CAC and SIPR Token.
• Participate in the implementation and management of all SAN and VM Infrastructure associated with USMC PKI.
• Responsible for the implementation and management of all USMC hardware security modules.
• Use systems analysis techniques and procedures, including consulting with users to determine hardware, software, or system functional specifications.
• Also serve Enterprise Information Security with responsibility of helping to secure the Confidential worldwide network and enable two-factor authentication to Marine systems.
• Analyze PKI and PIV-I requirements, policies, and procedures to help define viable courses of action to integrate PIV-I smart cards into the Confidential enterprise.
• Assist with the coordination all PKI and PIV-I requirements across multiple internal and external stakeholders.
• Assist with the development and maintenance of PKI documentation, including PKI policy documents, system guides, outreach material, lessons learned fact sheets, and help desk FAQs.
• Perform Tier 3 helpdesk support for PKI-related issues. Research and maintain proficiency in PKI policy, tools, and trends.

Confidential, Arlington, VA

Information Assurance Officer

Responsibilities:

• Symmetry 2008 Administrator, system programmer, and technical expert for NCC Network Control Center and the AMAG access control system.
• Responsible for leading a multi-discipline technical team containing a mix of senior and junior engineers with electrical, software and systems engineering backgrounds specializing in the design, integration, validation and certification of DIACAP. Primary interface with Senior and Executive Leadership, reporting the status/progress on the IA/SSA Team performance.
• Guide team members on the utilization of systems and hardware design processes and provide assurance that the design activities are consistent with requirements for product safety, reliability, maintainability, performance, qualification and certification.
• Responsible for the development of artifacts required to achieve DIACAP (DoD Information Assurance Certification and Accreditation Process) Certification.
• Responsible for remediation reviewing, writing and evaluating all types of security related papers and documentation that is required for product certification.
• Ensures that system requirements are correctly implemented into the overall system architecture, and will help oversee security related testing for the system.
• Routinely update system, resolves system problems, submit service requests, perform maintenance on access control equipment, grant access to restricted areas and trains personnel on access control systems. Manage the database, grant access to database, conduct system updates, and develop format for reports as needed.
• Support access control center. Provide on-call 24/7 Maintenance Support service for the Confidential .
• Document service and installation actions by completing forms, reports, logs, and records.
• Assist with performing a variety of tests to determine whether product functions as specified; determine cause of product failure; analyze test results.
• Design, build, maintain and clean up Windows Server 2003, Active Directory environment.
• Managing and maintaining the performance of network, Servers, OS, security, network configurations, and 3rd party software.
• Provide technical support and guidance to users as needed. Design processes to improve efficiency of corporate network.

Confidential, Fairfax, VA

Enterprise System Administrator

Responsibilities:

• Retrieve Confidential regulations regarding permissions and granted user rights to certain applications and processes.
• Enabled effective configuration management from discovery of all systems connected to the network through establishing and managing the baselines across those systems, and identifying where those system drift from their expected configurations.
• Deployed and maintained PKI certificate validation using Tumbleweed Online Certificate Status Protocol (OCSP), Tumbleweed Desktop Validator and ActivClient to allow for smartcard authentication using DOD Common Access Cards (CAC) also known as Smart Cards. Managed all state and enterprise OCSP servers which includes configuring the server, install applications, set up user accounts, configure host and network interface, assign security privileges and access controls for accounts and other trusted roles, create procedures to support recovery from catastrophic system loss, perform system backups, perform software upgrades and recovery, change the host or network interface configuration, generate OCSP Responder certificates (for Root VA only), install OCSP Responder certificates and initiate ARNG OCSP Responder certificate requests.
• Facilitated effective planning, controlling, troubleshooting and reporting on Confidential Group Policy changes.
• Responsible for building, testing and delivering a standard Server for deployment across Defense Logistics Agency ‘s enterprise class network, using a Hercules distributed network architecture as part of HBSS security solution.
• Myself along with the EOSS Team directly supported the Confidential CIO/G6 in preparing for and receiving a successfully 'passed' Department of the Army Inspector General (DAIG) inspection of Information Assurance (IA) policies, practices, and procedures. (Only 7 of 52 activities have passed this DAIG to-date) .
• Took lead on IAVM and STIG(Security Technical Implementation Guidelines) compliance for System Services Enterprise servers providing POAM and Mitigation plans.
• Assisted other System Services team members with IG issues.
• Created GPOs for different server groups, and wrote numerous documents that was required for IG submission.