Objective

To work within a reputable organization that specializes in the network and information security arena, and provides opportunity for technological growth and advancement.

WORK SUMMARY

Gained numerous technological and managerial experiences through the course of over 15 years in the information technology field. Technological exposures range from system and network administration, LAN implementation, desktop and server security configuration SOF Community experience, application security review, and internal and external infrastructure risk mitigation. Managerial experiences include supervision of LAN implementation team, head of software and tool enhancement request team, training and mentoring new hires, and performing employee reviews.

PROFESSIONAL EXPERIENCE

BlueDevil C4ISR Theater Information System Security Manager

DCHIP/TCOP Field Service Engineer

Confidential

• As the theater ISSM lead for two full exploitation cells, aircraft/Air Field and supporting facilities was responsible for all aspects of security from physical to systems.
• Managed five networks at both locations as well as ATO's and accreditation packages.
• Was responsible for management of the CM process, change control, patching, updating and staying current with all IAVA and IAVB's as well as staying current with multi-vendor software solutions both COTS and custom in house solutions.
• Managed entire COMSEC solutions across all five networks as the CRO and physically managed all Keying material and communication likes for the program. Hardware consisting of KG-175D's, KG-175A's and KG245's. Pulled and managed all weekly, monthly and yearly key as well as spares for 24/7 coverage.
• Converted the program from a temporary R D operational demonstration to a full fixed facility SCIF with the changeover form CENTCOM to AFCENT.
• Installed and maintained a centralized logging system for all five networks creating a central repository for all system logs as well as network logs for ease of review and alerting.
• Responsible for all security related user and administrator training and management of all violations and incidents that occur on all networks.
• Administered Red Hat and Windows infrastructure on VMWare platform for three programs to include trouble shooting, fixing, rebuilds, patching and updating. Systems resided on multiple Military and government networks around the world.
• Provided 24/7/365 onsite support in Afghanistan at several locations scattered across the country.
• Provided 24/7 support for CJSOTF-A, US Special Forces for DCHIP/TCOP throughout Afghanistan for CI and HUMINT reporting. Worked directly with 3rd and 7th Group. Worked with the theater CICA and TIFCICA for information decimation throughout CJSOTF-A and into all applicable entities.
• Personally manages all systems, UNIX, WINDOWS, ORACLE, JBOSS and VMWare systems to ensure timely reporting throughout theater in a mission essential and mission critical life or death reporting system.

Confidential

Lead and Information Assurance Security Office

• As Theater Lead, was responsible for three task orders and all deliverables to the customer CECOM SEC for DCGS-A.
• In this capacity, was also responsible for creating and submitting DIACAP packages as well as 25-200's for the Program of Record DCGS-A and all twenty or so subsystems.
• As IASO was responsible for configuration and management of all the systems baselines to include all changes to the baseline for function, vendor patches open source updates and tracking of all system configuration changes from all sources.
• CM consisted of approximately 25 of daily responsibilities as dot releases were monthly and all releases, patches and baseline changes needed to be tested and approved as part of the CM process for all 24 and counting systems and subsystems that fall under the large DCGS-A program of record. All configuration changes were tracked in a database and reports were generated on a weekly basis for the management team and the customer and tracked by myself daily for all three networks.
• As the IASO responsibilities also include responding to security incidents, managing all system security posture and continuous monitoring with VNC, RDP, Big Brother, Retina, Remedy and hand testing of system settings on both Windows and UNIX systems.
• Tracking and resolving issues utilizing Remedy help desk and ticketing system. Opening cases for tracking and closing tickets when issues are resolved. This also includes using Remedy for tracking vendor issues, updates and patches created to resolve issues and fixing customer requests. Remedy usage was also utilized for tracking issues that patches were created for and issues caused by making changes to source code. This also included additional cost concerns and keeping fixes and costs for such fixes within the operating budget for each project.
• In the capacity of IASO also work closely with the local Certifying Authority, the Theater DAA, J6 IASO, CENTCOM and J6 IA teams to ensure that packages are processed for IATO and ATO's, follow ups on security issues such as data spillages, local and remote security violations and traveling all over Theater to manage incidents onsite where they occurred.
• Systems responsible for are on SIPR, CENTRIX and JWICS as well as cross domain/network solutions for ACE BLK II for all of Afghanistan
• Additional responsibilities include daily, weekly, bi weekly and monthly reporting to the customer and back to the states on daily happenings, events and progress on all current roll outs, upgrades and current system status. This includes all packages that are in progress and managing all the systems accreditations as well as status on all 47 employees.

Principal Security Engineer

Confidential

• Managed and deployed the InTFOT Insider Threat Focused Observation Tool throughout the DOD intelligence community. This includes preparation and submission of all certification and accreditation C A packages including, DITSCAP, DIACAP, DCID and FISMA.
• The product for this pilot/project is InnerView by Oakley Networks, a subsidiary of Raytheon. Planning, coordinating and conducting On-Site installation and configuration and customization of the tool throughout DOD.
• As the on-site Subject Matter Expert for the host intrusion prevention project, Mr. Halteman provided support to all 23 DOD pilot site locations for DISA. As the onsite McAfee SME Mr. Halteman trouble shoots, diagnoses and researches all encountered issues and provides the end customers solutions to their problems.
• Mr. Halteman also acted as the single interface to the McAfee TAM Technical Account Manager and tier three support. Once bugs are discovered they are elevated to tier three support for resolution.
• Daily responsibilities included customer support, diagnosing, troubleshooting, replicating customer issues and preparation and submission of all certification and accreditation C A packages including, DITSCAP, DIACAP, DCID and FISMA. This support was provided over the phone, email, in person onsite and replicating the customer's environment in a lab to reproduce issues.
• Tracking and resolving issues utilizing Remedy help desk and ticketing system. Opening cases for tracking and closing tickets when issues are resolved. This also includes using Remedy for tracking vendor issues, updates and patches created to resolve issues and fixing customer requests. Remedy usage was also utilized for tracking issues that patches were created for and issues caused by making changes to source code. This also included additional cost concerns and keeping fixes and costs for such fixes within the operating budget for each project.
• Additional responsibilities include tracking financial decisions, distributions/costs and managing project s budgeting for all lifecycle systems that fell under my control under DCGS-A and subsystems. This included keeping close track of expenses associated with person hour tracking and estimating long term cost management to keep the programs rolling forward while keeping associated costs down and within each projects budgets.
• Created custom IDS/IPS signatures to protect specific high value data on customer's devices and across their network environment. Custom built host firewall policies, Server firewall policies, Custom IPS policies and trained customer sites on the use and configuration of the software to include, ePO, HIPS, Anti-virus, firewall, RDS Rouge System detection, AntiSpyware, INFOCON, and the McAfee remote console.
• Assisted in the creation of the deployment image used in large scale ePO deployments across the GIG. Provided guidance in the Operating system Windows Server 2003 STIG and Gold Disk, STIG and DISA checklist for Microsoft SQL 2000 and 2005 in the development cycle to ensure functionality and security in the end product.

Project Manager/Sr. Security Engineer

Confidential

• Managed the daily operations of an Enterprise Managed Solution for approximately 3.000 end users at the Missile Defense Agency. Additional responsibilities included , DITSCAP, DIACAP, DCID and FISMA.
• business continuity planning, change management process, incident response, classified material incidents, documentation generation Policy and procedure risk management, technical vulnerability assessments, and solutions engineering.
• Managed a team of 30 security specialists in five separate functions including VAT Vulnerability assessment team, IR Incident Response, FT Forensics Team, SE Security Engineers and IDS Intrusion detection team.
• Assisted in the creation of the heterogeneous IDS solution and implemented, maintained and utilized the following tools on a daily basis, BASE Web Front end In support of Snort , Lancope's Stealth Watch Behavioral IDS, Eeye's Iris Encase Enterprise, IDABENCH, McAfee AV and RSD Rouge System Detection and ArcSight,
• Provided review and developmental assistance regarding:
• Organizational security policies
• DoD policy interpretation responsibilities, liabilities, implementation and impacts
• Engineering design proposals
• Conducted security process gap analysis to determine strengths, weaknesses, and recommend prioritized remediation options as necessary
• Established/developed Computer Incident Response Team CIRT capabilities and functioned as manager of 5-person team for MDA in the National Capitol Region
• Established processes and identified interdependencies in order to safely address computer incidents across all DoD incident categories
• Maintained awareness of emergent security threats via multiple open-source and classified websites/blogs/newsgroups
• Coordinated with NCR configuration management and operations staff to prepare/prioritize system security patches/updates before DoDCERT IAVA release, as necessary
• Acted as local interface with external agencies for computer incident investigations
• Functioned as a wireless technologies SME for MDA National Capitol Region NCR
• Provided formal documentation and presentations on security engineering issues:
• Industry best practices / Information awareness
• Emergent technologies
• Security vulnerabilities, risks, and safeguards
• Policy, guidelines, procedures, and legal agreements
• Network architecture
• Generated updated network map formats for operations departments
• Director, Planning, Consulting and Assessments

Confidential

• Managed the daily operations of a professional services group that provides support for system certification, business continuity planning, risk management, and technical vulnerability assessments for Federal Government customers. Managed a team of 20 information security specialists performing work using a variety of models, i.e., DITSCAP NIACAP NIST SP 800-37 and Director Central Intelligence Directive DCID 6/3.
• Performed 15 C A's and managed five C A projects for clients within the US Department of Defense.
• Mr. Halteman served as a member of ICS' Security Advisory Council, which brings together outside experts in the information security arena to review and develop solutions that satisfy the needs of ICS' clients.

Senior Information Security Engineer

Confidential

• Worked in the CSIRC at the FAA, assisted in the development of a multi vendor IDS architecture including Net Ranger, Snort and E-Trust into a single real-time database for correlation and monitoring by a 24/7 staff.
• Provided on site architecture evaluation, documentation review and vulnerability assessments in conjunction with Microsoft's assessment methodology
• Performed onsite evaluations Zero gap Methodology to include architecture, policy compliance and a technology review of current systems for State and local governments through out the US
• As the Unisys SME for Wireless 802.X for TSA and DHS, assisted in the implementation of secure hand held devices as well as full assessments of wireless solutions and networks. Provided full encryption review and compliance for alignment with government requirements
• Provided 24/7-onsite-security response in wartime to TSA/DHS in order to counter any attempt to compromise their network to include counter hacking techniques, remote administration, NIDS and HIDS monitoring for anomalies and reacting in a live real time environment.
• As a senior engineer/team lead, performed numerous in-house onsite and remote penetration tests on DoD connected networks in order to ensure compliance with Orange Book/C-2 criteria and the DITSCAP certification and accreditation process. Completed all associated documentation required for , DITSCAP, DIACAP, DCID and FISMA to include the SSAA, SDD, SFUG and all appendices
• Designed a three domain virtual Internet from the ground up to be used in a lab environment for the purpose of testing different vendor provided hardware/software implementations for security review
• Performed security reviews on many different vendor products hardware and software including Firewalls, IDS, access control, PKI, Smart cards, Satellite connectivity, IPSEC, remote access systems, hand-held device PDA connectivity and wireless 802.11x
• Performed complete system reviews for undocumented systems and environments to include the workflow, and interconnectivity of all systems
• Review, design and implement policies, procedures and guidelines as well as information security handling documentation for clients
• As the security work order manager, was responsible for responding to and assisting with mitigating vulnerabilities discovered in weekly scans on both the TSA and DHS internal networks

Security Analyst II

Confidential

• Perform numerous vulnerability tests against heterogeneous environments, DMZ architectures, gateway filtering devices, intrusion detection systems and internal infrastructures, using several commercial and proprietary tools
• Assist TruSecure customers in mitigating internal and external risk and vulnerability
• Provide a variety of configuration, implementation and vendor specific security recommendations
• Review, design and deploy policies and procedures, as well as information security handling documentation
• Generate and tailor both executive-level and technical-level reports designed to mitigate vulnerability and risk
• Develop Incident Response and Incident Escalation handling processes

Network Security Administration

Confidential

• Performed network-based penetration testing against all systems within the network to ensure each system is configured securely
• Mitigated any risks associated with penetration testing findings to reduce vulnerability within the network
• Administration of Lotus Notes Email and creation and maintenance of Lotus Notes Databases for approximately 500 users
• Support and management of desktops, laptops, printers and plotters for both local and remote users
• Managed user account security, access restrictions, creation and deletion, as well as administration of local and global NT groups in a high security environment
• Protected all proprietary and confidential corporate information from being retrieved from end of life systems
• Monitored network operations, performed network-wide backups and handled scheduling of offsite backup tape rotation

Application Security Engineer III

Confidential

• Performed network-based penetration testing against all systems within the network to ensure each system is configured securely
• Mitigated any risks associated with penetration testing findings to reduce vulnerability within the network
• Designed, developed and implemented customized, proprietary messaging LANs both domestically and internationally
• Trained and mentored nearly 1000 end-users on product functionality, as well as data backup and recovery procedures
• Provided 24x7x365 telephone and next-day onsite support and administration of high volume messaging systems, including hardware and software, in a frame relay environment
• Created custom scripts on demand to ensure product proficiency and reliability

Remote Access and Network Engineer

Confidential

• Configured and maintained PBX accounts, and provided support to remote users with dial in access
• Performed desktop and network printer support for end users
• Performed, tested and restored network backups
• Created global and local NT groups, user accounts and assigned user access rights

Network Administrator

Confidential

• International Monetary Fund/International Finance Commission/World Bank
• Assisted in internal infrastructure equipment upgrades for 11,000 users
• Designed rollout image, working with Dell to have image installed on all newly delivered systems
• Ensured all new systems were secured through installation of current security patches and hotfixes
• Administered network connectivity, hardware and software issues, and performed full backups for entire infrastructure

Network Administrator

Confidential

• Custom built PC's to fit a wide variety of uses and environments
• Installed, repaired, cabled and relocated computer systems for end users
• Added workstations to existing network architecture, upgraded software, installed additional peripherals
• Negotiated, ordered and purchased all equipment from vendors

Network Installation Engineer

Confidential

• Relocated and installed desktop PCs
• Configured and upgraded desktop PC s to ensure they were hardened with respect to security