| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Broad Run, Street Address VAEMAIL AVAILABLE / PHONE NUMBER AVAILABLEOBJECTIVEExperienced Cyber Security and Risk Analyst with a robust background spanning 12 years of military service and 22 years in IT contracting. Proficient in applying advanced computer and network security concepts to analyze, design, and assess risks within data networks. Adept at designing, optimizing, and securing network topologies and site configurations to ensure robust protection and efficiency. Demonstrated ability to lead and mentor less experienced security engineers while managing comprehensive IT infrastructure projects. Seeking to leverage extensive technical and managerial expertise to enhance operations and security in a dynamic IT environment.SKILL SUMMARYNIST 800-53 CompliancePCI DSS StandardsXacta IA ManagerAWS Cloud ServicesNetwork Security AdministrationTeamworkLeadershipCommunication SkillsInterpersonal SkillsTechnical AptitudeWORK EXPERIENCECyber Security and Risk Analyst / Oath/Verizon Media/Yahoo Inc - Reston, Virginia 06/2018 - 04/2024Conducted comprehensive cybersecurity assessments of on-premise enterprise infrastructure and AWS Cloud Instances, identifying vulnerabilities and implementing advanced mitigation strategies to enhance overall security posture.Performed detailed risk analysis and threat modeling to evaluate potential security risks and impact on client systems, providing actionable recommendations to improve resilience and compliance with industry standards and best practices.Delegated Authorizing Official Representative/Information Security Analyst / Quantech Services - Chantilly, Virginia 03/2016 - 01/2018Facilitated communication between system and data owners, system certifiers, and the Cyber Security Office, providing critical insights and recommendations for IT system accreditation in compliance with ICD 503 and RMF guidelines.Evaluated and reviewed IT system security documentation and assessments, delivering final accreditation recommendations to ensure alignment with NRO's cybersecurity standards and regulatory requirements.Delegated Authorizing Official Representative/Information Security Analyst / The KEYW Corporation - Chantilly, Virginia 12/2009 - 03/2016Collaborated with system and data owners and system certifiers to gather and assess security documentation, delivering final IT system accreditation recommendations to the NRO's Cyber Security Office and Risk Management Group to ensure compliance with security standards and policies.Reviewed and synthesized risk assessments and security evaluations, providing authoritative accreditation recommendations to the NRO's Cyber Security Office, facilitating informed decision-making and ensuring robust risk management practices across IT systems.System Risk Assessment/Information Assurance Analyst / General Dynamics - Chantilly, Virginia 09/2002 - 12/2009Executed nationwide vulnerability assessments to identify and analyze security weaknesses across various systems, assessing exploitability and providing actionable recommendations for countermeasures in line with the Intelligence Community's Risk Management Methodology and DCID 6/3 guidelines.Developed and delivered comprehensive risk assessment reports that highlighted critical areas of concern and proposed effective mitigation strategies, ensuring adherence to DCID 6/3 standards and enhancing overall system security and resilience.Information Assurance Engineer / Veridian - Oakton, Virginia 01/2001 - 09/2002Performed detailed vulnerability assessments on the National Geospatial Architecture's TLOS (Thin Line Operating System) Demo LAN, identifying security gaps and weaknesses to ensure system readiness and compliance for accreditation.Developed and implemented security controls and mitigation strategies based on the findings from vulnerability assessments, enhancing the security posture of the TLOS Demo LAN and facilitating a smooth accreditation process.Information Security Engineer / Veritect/Veridian - Reston, Virginia 01/2000 - 01/2001Implemented and configured perimeter security solutions to meet customer requirements, including firewalls, intrusion detection systems, and VPNs, ensuring robust protection against external threats and unauthorized access.Provided ongoing support and maintenance for perimeter security infrastructure, conducting regular updates and monitoring to address emerging threats and maintain alignment with the customer's security policies and standards.Network-System Administrator/Customer Support/Team Lead/Facilitator / TRIDENT DATA SYSTEMS - Oakton, Virginia 01/1995 - 01/2000Maintained the operational readiness of three major networksControlled all aspects of the network from installation and maintenance of user accounts to insuring the integrity/protection of the equipment itselfSystems Administrator / Senior Field Technician / UNITED STATES AIR FORCE - Aerospace Corp. El Segundo, CA 01/1984 - 01/1995Administered mailserver systems for government contractor sites across the San Diego and Los Angeles Metropolitan areas, ensuring reliable email services and efficient network access for over 200 users.Managed and maintained Wide Area Network (WAN) access for multiple government contractor sites, troubleshooting and resolving connectivity issues to support seamless communication and operational continuity for a diverse customer base.Project Clerk / Security / HUGHES AIRCRAFT CORP. - Radar Bldg. R50, Culver City 01/1992 - 01/1994Administered SCIF (Sensitive Compartmented Information Facility) security protocols to safeguard controlled facilities, ensuring compliance with security regulations and maintaining the integrity of sensitive information.Oversaw and maintained accountability for sensitive materials, implementing tracking and reporting procedures to ensure proper handling, storage, and access in accordance with security standards and protocols.EDUCATIONB.S. in Information Technology: Concentration in Enterprise SecurityStrayer UniversityStatus: Pending - 12 remaining classesCERTIFICATIONS AND TRAININGCISSP - Certified Information System Security Professional, 08/2024Comptia Security+, 07/2027SANS SEC504 - Hacker Tools, Techniques, and Incident Handling, 09/2020SANS SEC542 - Network Penetration and Ethical Hacking, 07/2021SANS SEC560 - Enterprise Penetration Testing, 04/2022SecurityCenter Training through BITS SystemsXacta Certification and Accreditation Tool IA Manager (Training and pilot program participate)ICD 503 and the RMF (Risk Managed Framework) ProcessAttended 5-day training course on Xacta 5.1 at Telos HQ in Ashburn, 2016Completed Security + Certification Training at Learning Tree in Reston, VA, 04/11/2011Intense Training Boot Camp (CISSP), 2005Information System Security Workshop, NRO, 2006Certifying and Accrediting NRO Information Systems, 2007CCSA & CCSE (Check Point Firewall) Management CourseCCSI (Check Point Systems Instructor), Veridian, 2002PC Configuration and Troubleshooting, Learning Tree International, 2003Cisco Router Configuration and ManagementSKILLSUMMARYNRO [National Reconnaissance Office] Information Assurance Risk Managed FrameworkIntelligence Community Directive 503Committee on National Security Systems 1253 (CNSSI 1253)National Institute of Standards and Technology 800-53 (NIST 800-53)PCI DSS [Payment Card Industry Data Security Standard]Xacta IA Manager - NROExtensive experience in IT Certification and Accreditation of classified and unclassified systemsStrong team player with proven leadership skills and the demonstrative ability to work with administrative and technical support teamsExcellent leadership and other military training and skills from 12 years serving in the United States Air ForceExcellent communicative and interpersonal skills, both written and verbalExtensive background in both system and network security administrationProven record of obtaining technically challenging roles and showing the aptitude to see them throughProficient understanding of IP and network infrastructuresDelegated Authorizing Official Representative (DAO-Rep)Enterprise Cloud ComputingAWS Cloud ServicesREFERENCESReferences to be rendered upon request |
