| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Upper Marlboro, Maryland Street Address PHONE NUMBER AVAILABLEEMAIL AVAILABLE https://LINKEDIN LINK AVAILABLE SUMMARYA highly accomplished and results-focused CYBERSECURITY EXECUTIVE well versed in the NIST Cybersecurity Framework and ISO PHONE NUMBER AVAILABLE with multifaceted experience in program management, network design, cloud security, disaster recovery, contingency planning, compliance, and strategic planning. Proven aptitude for risk management, security controls, and business continuity planning. Demonstrated success in leading organizations from concept to stage through life cycles of change, enhancing staff capacity, and preparing action plans to resolve system and network concerns. Leverages exemplary leadership, technical, and communication skills to provide sustainable solutions that increase bottom-line revenue and maximize a companys security. EXPERIENCEAXIS MANAGEMENT GROUP Washington, D.C.Senior Program Manager/Consultant 2020-2023 United States Department of Treasury, Bureau of Engraving and Printing, Office of Critical Infrastructure and IT Security (OCIITS) Performed program management activities supporting contract execution and provided technical and administrative management of assigned projects. Developed technical project plans, reports, and administrative reporting. Shaped customer programs' vision, strategy, and tactical plans. Cultivated excellent relationships with customers at Chief Information Security Officer (CISO) level. Built strong, motivated, and ambitious teams to support customers. Developed and refined technical capabilities in alignment with customer. Assisted customers with identifying, defining, and implementing cybersecurity strategies, policies and tactics, techniques, and procedures. Performed program management activities supporting contract execution. Oversaw assigned projects and project personnel. Created and delivered project status reports in accordance with contract requirements. Developed and maintained project management plan, communications plan, quality plan, and overall project schedule. Participated in monthly program reviews with customer personnel. Conducted customer satisfaction surveys. Participated in customer governance forums. Supported planning and implementation of customer governance forums, including coordination, meeting, and logistics support. Developed, implemented, and maintained RMF Communication and Knowledge Management strategy that included information dissemination processes, standards, and mechanisms. Maintained inventory of customer furnished equipment. Rendered concise reports, summaries, training materials, and formal presentations. Analyzed problems and identified solutions to mitigate risk to project, customer, and customer systems. Created, revised, and maintained cybersecurity policies, processes, procedures, guidance, and templates. Developed, reviewed, and assessed Security Assessment and Authorization (A&A) security documentation. Created, maintained, and closed Plan of Actions and Milestones (POA&Ms). Conducted Security Control Assessments (SCAs) in accordance with NIST guidelines. Translated vulnerability scan results into findings aligned to NIST security controls. Researched, published, and maintained continuous monitoring metrics and data relevant to customer cybersecurity risk posture and RMF implementation. Performed continuous monitoring, ongoing security assessments, and authorizations. Worked with Security Operations Center (SOC) personnel to develop, publish, and maintain system security status and risk information. EMAGINE IT Alexandria, VirginiaSenior Program Manager 2017-2020 United States Patent and Trademark Office, Office of Chief Information Officer, Security Authorizations Branch Performed program management activities supporting contract execution and provided technical and administrative management of assigned projects. Developed technical project plans, reports, and administrative reporting. Reviewed future project requirements and developed strategies for future work. Conducted planning and provided recommendations to client on task workload. Attended customer meetings and served as primary project manager. Coordinated development of deliverables and products and ensured quality assurance of project deliverables. Participated in monthly program reviews with customer personnel. Conducted customer satisfaction surveys. Shaped customer programs' vision, strategy, and tactical plans. Cultivated excellent relationships with customers at Chief Information Security Officer (CISO) level. Built strong, motivated, and ambitious teams to support customers. Developed and refined technical capabilities in alignment with customer. Assisted customers with identifying, defining, and implementing cybersecurity strategies, policies and tactics, techniques, and procedures. Oversaw assigned projects and project personnel. Created and delivered project status reports in accordance with contract requirements. Developed and maintained project management plan, communications plan, quality plan, and overall project schedule. Maintained inventory of customer furnished equipment. Rendered concise reports, summaries, training materials, and formal presentations. Analyzed problems and identified solutions to mitigate risk to project, customer, and customer systems. Created, revised, and maintained cybersecurity policies, processes, procedures, guidance, and templates. Developed, reviewed, and assessed Security Assessment and Authorization (A&A) security documentation. Candidate's Name , Page 2 Created, maintained, and closed Plan of Actions and Milestones (POA&Ms). Conducted Security Control Assessments (SCAs) in accordance with NIST guidelines. Translated vulnerability scan results into findings aligned to NIST security controls. Researched, published, and maintained continuous monitoring metrics and data relevant to customer cybersecurity risk posture and RMF implementation. Performed continuous monitoring, ongoing security assessments, and authorizations. Worked with Security Operations Center (SOC) personnel to develop, publish, and maintain system security status and risk information. INTEPROS FEDERAL Washington, D.C.Program Manager 2016-2017 Department of Education, Office of Chief Information Officer, Information Assurance Services (DOED-OCIO-IAS) Shaped customer programs' vision, strategy, and tactical plans. Cultivated excellent relationships with customers at Chief Information Security Officer (CISO) level. Built strong, motivated, and ambitious teams to support customers. Developed and refined technical capabilities in alignment with customer. Assisted customers with identifying, defining, and implementing cybersecurity strategies, policies and tactics, techniques, and procedures. Performed program management activities supporting contract execution. Oversaw assigned projects and project personnel. Created and delivered project status reports in accordance with contract requirements. Developed and maintained project management plan, communications plan, quality plan, and overall project schedule. Participated in monthly program reviews with customer personnel. Conducted customer satisfaction surveys. Maintained inventory of customer furnished equipment. Rendered concise reports, summaries, training materials, and formal presentations. Participated in customer governance forums. Supported planning and implementation of customer governance forums, including coordination, meeting, and logistics support. Analyzed problems and identified solutions to mitigate risk to project, customer, and customer systems. Developed, implemented, and maintained RMF Communication and Knowledge Management strategy that included information dissemination processes, standards, and mechanisms. Created, revised, and maintained cybersecurity policies, processes, procedures, guidance, and templates. Developed, reviewed, and assessed Security Assessment and Authorization (A&A) security documentation. Created, maintained, and closed Plan of Actions and Milestones (POA&Ms). Conducted Security Control Assessments (SCAs) in accordance with NIST guidelines. Translated vulnerability scan results into findings aligned to NIST security controls. Researched, published, and maintained continuous monitoring metrics and data relevant to customer cybersecurity risk posture and RMF implementation. Performed continuous monitoring, ongoing security assessments, and authorizations. Worked with Security Operations Center (SOC) personnel to develop, publish, and maintain system security status and risk information. INTEPROS FEDERAL Washington, D.C.Senior Enterprise Architect 2016-2017 Department of Energy, National Nuclear Security Agency Office of Chief Information Officer (DOE-NNSA-OCIO) Recommended and participated in activities related to design, development, and maintenance of Enterprise Architecture (EA). Managed, used, and maintained IT/technology architecture models. Researched overall ICT solutions on market for particular technical requirements and business needs and implemented strategy for development of IT/technology architecture work. Conducted and/or actively participated in meetings related to designated projects, both locally and internationally, with clients and/or partners. Advised and recommended enterprise architecture strategies, processes, and methodologies. Recommended and participated in analysis, evaluation, and development of enterprise long-term strategic and operating plans to ensure consistency of EA objectives with enterprises long-term business objectives. Shared best practices and lessons learned and updated technical system architecture requirements based on changing technologies and knowledge related to recent, current, and upcoming vendor products and solutions. Participated in and managed all architecture working groups for development and maintenance of EA. Recommended and participated in development of architecture blueprints for related systems (direct IT/technology architecture activities). Collaborated with all relevant parties in order to review objectives and constraints of each solution and determine conformance with EA; recommended most suitable technical architecture and defined solution at high level. Identified and recommended areas appropriate for further study and participated in Proof of Concept projects required to thoroughly investigate architectural possibilities and strengthen arguments for adoption. Identified implementation risks and analyzed potential impact on enterprise and achievement of scheduled objectives. Recommended and participated in design and implementation of IT service standards, tools, and methodologies. Candidate's Name , Page 3VISIONQUEST SYSTEMS (VQS) Silver Springs, Maryland Senior Security Advisor (NOAA-NWS-OST) 2014-2016 National Oceanic and Atmospheric Administration, National Weather Service Office of Science and Technology Advised in all aspects of security based on NOAA-NWS-OST requirements and standards. Held responsibility for system accreditation and documentation, performing Phase I, II, and III for assigned systems and assisting in POAM understanding and mitigation strategies. Reviewed security requirements and subsequently reviewed systems to verify design and implementation in compliance with established standards. Evaluated and recommended strategy for continuous monitoring for assigned systems. Reviewed SSPs and all other system security documentation, including Configuration Management (CM), Contingency Plan(CP), Continuity of Operations (COOP), Disaster Recovery Plan (DRP), and Incident Response Plan (IRP). Ensured compliance with annual Federal Information Security Management Act (FISMA) deliverables and reporting. Reviewed and monitored security designs in hardware, software, data, and procedures. Scanned all assigned systems with Tenable Nessus on monthly basis. Assisted in conversion of systems to ingest into DHS CDM plan. Updated CSAM with all system documentation and information. Created and/or drafted POAMs to track updates to milestones through remediation. VISIONQUEST SYSTEMS (VQS) Washington, D.C.Senior Security Advisor, Health and Human Services (OCIO/Office of Information Security) 2014 Advised in all aspects of security based on HHS requirements and standards. Held responsibility for system accreditation and documentation, performing Phase I, II, and III for assigned systems and assisting in POAM understanding and mitigation strategies. Reviewed security requirements and subsequently reviewed systems to verify design and implementation in compliance with established standards. Ensured compliance with annual Federal Information Security Management Act (FISMA) deliverables and reporting. Updated CSAM with all system documentation and information. Reviewed SSPs and all other system security documentation, including Configuration Management (CM), Contingency Plan(CP), Continuity of Operations (COOP), Disaster Recovery Plan (DR), and Incident Response Plan (IRP). Created and/or drafted POAMs to track updates to milestones through remediation. Reviewed and recommended strategy for continuous monitoring for assigned systems. Ensured compliance with annual Health Insurance Portability and Accountability Act (HIPAA) deliverables and reporting. Reviewed and monitored security designs in hardware, software, data, and procedures. VISIONQUEST SYSTEMS (VQS) Washington, D.C.Senior Security Advisor, Library of Congress (OSI/ITS) 2012-2014 Served as security advisor for Office of Strategic Initiatives/Internet Technology Services (OSI/ITS) and service units within to advise in all aspects of security based on LC requirements and standards. Held responsibility for system accreditation and documentation; system entry; creation, review, and maintenance in Trusted Agent FISMA (TAF); and Tenable Security Center (Nessus) administration and refinement. Developed, reviewed, and streamlined current LC processes. Assisted with security network architectural designs. Performed Phase I, II, and III for assigned systems. Served in ISSO role for several systems. Assisted in POAM understanding and mitigation strategies. ADDITIONAL EXPERIENCEAPEX SYSTEMS, INC., Arlington, Virginia, ITIP Project Manager, 2011-2012. Executed complete upgrade from top to bottom, refresh of entire TSA storage infrastructure with objective of making infrastructure more effective, more efficient, and more economical. Coordinated full migration of SAN storage systems in effort to bring under control and management of TSA at DC2. Identified and developed process to modernize TSA storage infrastructure, resulting in reduced operating costs, increased responsiveness and flexibility, and reduced dependencies on managed service provider. Upgraded and migrated SAN storage systems. Optimized, alerted, and reported high-level requirements to customer as requested, weekly, monthly, and annually. APEX SYSTEMS, INC., Arlington, Virginia, Enterprise Architect, 2011. Utilized MS Visio to diagram "AS IS" and "TO BE" architectures while referencing Segment Architecture (FEAF) to capture comprehensive array of AS-IS artifacts. Developed lists of significant architectural artifacts. Understood and improved Enterprise Architecture Maturity Model Framework (EAMMF) core element scores and enhancement of TSA EA Maturity model. Identified and assessed TSAs candidate segment architecture to report status on quarterly basis. Coordinated with engineers to gather configuration information for validation of AS-IS architecture diagram for TSA. Identified security risks, threats, and vulnerabilities of networks, systems, and applications for new and existing technology initiatives. Candidate's Name , Page 4ENDEAVOR SYSTEMS, INC., Washington, D.C., Senior FISMA Auditor, 2011. Supported analysis and review of information security programs and systems to ensure compliance to federal and agency policies. Reviewed artifacts, processes, and documentation and interview personnel within CSOSA/PSA to ensure that risk management program had been established and was consistent with FISMA requirements, OMB policy, and applicable NIST guidelines. Conducted briefings on findings, potential findings, and recommendations for improving IT security posture of CSOSA/PSA systems, processes, and documentation. Updated CSAM with all system documentation and information. Created and/or drafted POAMs to track updates to milestones through remediation. ENDEAVOR SYSTEMS, INC., Washington, D.C., Team Lead/Senior Security Engineer, 2010-2011. Supported analysis and review of information security programs and systems to ensure compliance with federal and agency policies. Provided Federal Information Security Management Act (FISMA) and Office of Management and Budget (OMB) subject matter (i.e., Exhibit-300s and 53s) expertise. Reviewed FAA security authorization packages to determine baseline security requirements for existing systems and prepare for compliance interviews with security personnel on site. Conducted independent, on-site system certification reviews of management, operational, and technical security controls in accordance with mandatory regulations. FRONTIER TECHNOLOGY, INC., Quantico, Virginia, Senior Information Systems Analyst, 2009-2010. Worked closely with government and federal contractors to develop acquisition strategies and all supporting documentation (BOMs, network design validation, CONOPs, etc.) for end-to-end integration efforts for IT projects (i.e., Non-Secure Internet Protocol Router, Secure Internet Protocol Router, Joint Worldwide Intelligence Communications system, Voice over Internet Protocol) and ancillary communications systems, including workstation connections, audio-visual design and integration, Local Exchange Carrier (LEC), and commercial Internet services. Ensured compliance with annual Federal Information Security Management Act (FISMA) deliverables and reporting. H2 PERFORMANCE CONSULTING INC., Washington, D.C., Senior Manager/Senior Advisor, 2009. Acted as portfolio manager and provided consulting advisory services and implementation support for developing processes and governance and utilizing industry best practices and tools for new PMO. Worked closely with Program Executive Office (PEO) senior leaders to develop statements of work, requirements documentation, and requests for proposals and define scope, acquisitions, and procurement timeframes for implementation of capabilities of PEO through strategic planning, portfolio resource management, managing multi-project environment, and developing Portfolio Management Office (PMO) organizational maturity model with applied roles and responsibilities. MPRI, INC., Alexandria, Virginia, Program Manager/Senior Software Engineer, 2008-2009. Planned, directed, and supervised execution of development, fielding, and administrative functions for web-based all-hazard decision support and incident response management system, using Oracle relational database and Geographical Information system from ESRI. Developed network platform and environment in which system operated in addition to writing protocols for network management (logical network diagrams, cabling documentation, etc.). Assisted software developers in understanding user issues and business processes and practices to promote comprehensive application for emergency operation centers and first responders. L-3 TITAN CORPORATION, Springfield, Virginia, Chief of Installation, 2005-2008. Planned, directed, and supervised execution of activities and administrative functions of new equipment training and life cycle. Replacements events to develop statements of work, requirements documentation, and Memorandums of Agreement. Acted as government oversight for Program Management Office with users and selected vendors during installation, implementation, validation, support, and execution. Negotiated teaming agreements with several government offices, including both federal and state representatives. Assisted software developers in understanding user issues and business processes and practices to promote comprehensive application. MILITARY SERVICE & SECURITY CLEARANCEU.S. ARMY, May 2006 Received Honorable Discharge Current Treasury Public TrustEDUCATIONNORTH CAROLINA AGRICULTURAL AND TECHNICAL STATE UNIVERSITY Greensboro, North Carolina B.S. Electrical EngineeringMIAMI-DADE COMMUNITY COLLEGE Miami, FloridaA.A. Electrical Engineering TechnologyCERTIFICATIONS Acquisitions and Logistics, Defense Acquisition University, Ft. Belvoir, Virginia - Continuing Education Programs for Level 2 Certification U.S. Army Equal Opportunity Leaders Course (EEO) Certified Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Information Assurance Security Officer (IASO) Certified Information Systems Auditor (CISA) Program Management Professional (PMP) Cisco Certified Network Associate (CCNA)Candidate's Name , Page 5 Information Assurance Manager (IAM) CompTIAs Security+ FISMA Auditor HIPAATECHNICAL SKILLSPortfolio/Program/Project Management, Incident Response and Management, Certifications and Accreditations (All Phases), DHS Continuous Diagnostics and Mitigation (CDM), Security Program/Policy and Guidance Development, FISMA Compliance and Reporting, Cybersecurity Risk Management Framework (CRMF), FEDRamp Cloud Security Assessments, AWS and MicroSoft Azure Well- Architected Framework Security Pillars, Business Impact Assessments, Security Requirements, Risk Assessments, Survey Development and Analysis, Training Material Development, Cybersecurity Maturity Model Certification (CMMC), NIST SP800- 53r4/FIPS/DHS4300A/DCID 6-3/9, NIST SP800-53r4/Appendix F, Library of Congress Directive 01, ServiceNow/eMASS/TAF/CSAM/RSAM, HIPAA Compliance and Reporting, Risk Assessments, HSPD-12 Personal Identity Verification, OMB Memoranda M-06-19 Privacy Management, DHS Identity/Credential/Access Management (ICAM), Vulnerability Management(Tenable Nessus/EYE Retina Scanner/HP Web Inspect), SOC2 Type2, Network/Cyber Security (ArcSight/Netwitness/FireEye), Network Design/Management (Tivoli/WebSphere), Security Test and Evaluation, Security Training and Awareness, Governance and Policy, Technical Documentation, API Security, Compliance as Code, Container Security, Experience with DevOps methodologies |
