GILBERT A. OXENDINE

*** ******** ******* ****, *** #13306

Odenton, MD 21113

410-***-****

E-mail: abmdyl@r.postjobfree.com

Served in the United States Air Force for 24 years in a number of duties,

excelled in a high OPS tempo paced environment and its technology

disciplines. Experienced in various disciplines working within the

Information Assurance Arena dealing with Policies and Procedures within the

DoD arena., also part of numerous teams that were responsible for the

Certification and Accreditation (C&A) process that covered the entire life-

cycle of information systems getting approved and being connected to DoD

Networks, covering information up to the SCI level.

Security Clearance: Top Secret W/Lifestyle Polygraph / (SCI)(Sep 2005)

PCI LLC, Annapolis Junction, Annapolis Junction, MD

March 2010 - Present: Information System Security Officer (ISSO):

The ISSO is responsible for maintaining system security. The ISSO role can

be assigned to any person who has been delegated security officer

functions. The role can be used to decide what groups or roles users are

assigned to - this limits users to accessing only the subset of system

functions needed to perform their specific task. The role is also

responsible for periodic review of the system logs and audits to detect any

system abnormalities that may be security-related. The ISSO trusted role

includes responsibility for:

. Ensuring systems are operated, maintained, tracked and disposed of in

accordance with internal security policies and practices outlined in

the security plan.

. Ensuring that all users have the requisite security clearances,

authorizations, and need-to-know, and area aware of their security

responsibilities before granting access to the AIS

. Reporting all security related incidents to the ISSM

. Initiating with the approval of the ISSM, protective or corrective

measures when a security incident or vulnerability is discovered.

. Developing and maintaining the SSP

. Conducting periodic reviews to ensure compliance with the SSP

. Ensuring configuration management (CM) for security relevant IS

software, hardware, and firmware is maintained and documented.

. Ensuring that system recovery processes are monitored to ensure that

security features and procedures are properly restored.

. Ensuring all IS security-related documentation is current and

accessible to properly authorized individuals

. Formally notifying the ISSM and the DAA when changes occur that might

affect accreditation

. Ensuring that system security requirement are addressed during all

phases of the system lifecycle

. Following procedures developed by the ISSM, authorizing software,

hardware, and firmware for use before implementation on the system

. Checking the discretionary access control permissions assigned to

system resources at regular intervals.

MicroSys LLC, Inc., Manassas, VA

September 2008 - February 2010: Information System Security Manager (ISSM)

and Officer (ISSO):

. Developing and maintaining the SSP

. Ensuring systems are operated, maintained, tracked and disposed of in

accordance with security policies and practices outlined in the

security plan.

. Ensuring that all users have the required security clearances,

authorizations, and need-to-know, and aware of their security

responsibilities before granting access to the AIS

. Reporting all security related incidents to the DAA Rep

. Initiating the approval protective or corrective measures when a

security incident or vulnerability is discovered.

. Conducting periodic reviews to ensure compliance with the SSP

. Ensuring configuration management (CM) for security relevant IS

software, hardware, and firmware is maintained and documented.

. Ensuring that system recovery processes are monitored to ensure that

security features

and procedures are properly restored.

. Ensuring all IS security-related documentation is current and

accessible to properly authorized individuals

. Formally notifying the DAA Rep when changes occur that might affect

security posture of the system that affects the accreditation

. Ensuring that system security requirement are addressed during all

phases of the systems lifecycle

. Following procedures developed by the DAA, authorizing software,

hardware, and firmware for use before implementation on the system

checking the discretionary access control permissions assigned to

system resources at regular intervals.

Eagle Alliance, Annapolis Junction, Annapolis Junction, MD

March 2006 - Present: Network Analyst:

. Analyze and interpret technical data via Intrusion Detection System

Tools

. Analyzes raw data

. Documents and determines classification security requirements

. Team-member that identifies Cyber-Terrorism

. Identifies Hacker Attacks

. Identifies Information Warfare

. Identifies Virus Outbreaks on 4 Networks

. Monitors Networks via CISCO tools

. Monitors Firewalls via HP Open-View

. Provides a single point of focus for viruses and alerts within

organization 24x7

. Maintains accurate real-time status of technical and security health

of information systems

Annapolis Junction, Annapolis Junction, MD

February 2006 - February 2008: Security Help Desk

. Part of a First Response 24x7 for client

. Monitors Firewalls, Intrusion Detection System Tools (IDS)

. Update Organizations Systems with latest definition files from McAfee,

Trend and IAVA applications

Eagle Alliance, Annapolis Junction, Annapolis Junction, MD

March 2005 - March 2006: Information System Security Officer (ISSO):

. Provided security-engineering support for Certification and

Accreditation process

. Oversees the C&A process for entire life-cycle of information systems

getting approved and being connected to DoD Networks

. Worked with NITSCAP, DITSCAP, DCID 6/3 and DoD 5200 1R while analyzing

client needs through the Pre-Phase, Design, Development and

Engineering, test and Evaluation

. Gathering evidence on systems for analysis and evaluation of threats

and vulnerabilities

. Provide functional support for vulnerabilities and systems threats

. Guidance to Client for operational needs

. Developed and maintained System Security Plans (SSPs)

. Implemented security measures for operational systems

US Air Force, Patrick AFB, FL

December 1996 - July 2004: NCOIC, Freedom of Information Act (FOIA) &

Privacy Act (PA) / Training Manager / Help Desk Manager:

. Managed a12-manned team supporting a unit in excess of 1800 Personnel

. Call Center supported unit on a daily basis for installs and

maintaining information systems

. Managed and supported the VTC worldwide for 4 different Networks

. Maintained and assisted in building Organizations Web-Sites (Front-

Page and Dream Weaver)

. Performed Quality Assurance to ensure information was not released

inadvertly into Public Domain

. Units first line of defense for Virus Outbreak and Computer Security

. Trained unit personnel on Information Assurance Policy and Guidance

. Receiving and Passing clearances world-wide for unit personnel

. Daily maintenance of Classified material behind lock and storage

. Ensure Government compliance IAW FISMA Regulations

. Trained unit personnel on OPSEC issues

. COMSEC Custodian

US Air Force:

1995-1996: Izmir Air Station, Izmir Turkey - NATO Operations NCO

. Non-Commissioned Officer in charge of a NATO Operations unit that

assisted in maintaining security with a key US ally within the Middle-

East region

US Air Force:

1991-1995: Ft. George G. Meade, Maryland - Defense Courier Representative

. Part of a team entrusted with and escorted some of the Nations most

vital classified documents, COMSEC equipment and material worldwide on

a moments notice.

US Air Force:

1987-1991: Stuttgart-Vaihingen, Germany - NCOIC, Classified Document

Control Section

. Managed a SCIF that included all documentation and ensuring compliance

at all times in accordance with Air Force and DoD security

regulations.

US Air Force:

1985-1987: Charleston AFB, South Carolina - Document Control Specialist

. Worked within a SCIF that included all documentation, security

policies & procedures were in compliance at all times in accordance

with Air Force and DoD security regulations.

US Air Force:

1981-1985: Ellsworth AFB, South Dakota - Document Control Specialist

. Worked within a SCIF that included all documentation, security

policies & procedures were in compliance at all times in accordance

with Air Force and DoD security regulations.

EDUCATION:

Formal:

. M.A., Computer Resources and Information Management,

Webster University, St. Louis, Missouri (2003)

. B.A., Business (Organizational) Management

Warner Southern College, Lake Wales, Florida (2000)

Professional:

. Information Assurance: Information Systems Administration

. Information Assurance: Information Systems User

. Information Assurance: INFOCON

. Information System Awareness Course

. Information Assurance System Administration (Level II)

. Introduction to Operational Information Assurance

. Basic DoD Computer Forensics

. Operational Information Assurance (Part 1)

. Operational Information Systems Security

. Department of Energy (DOE) OPSEC Manager Certificate

. OPSEC Fundamentals Course

. Web Page Development -- Windows -- HTML

. Project Management

. Introduction to Computer Search and Seizure

. Systems Approach to Vulnerabilities

. Systems Approach to Threat Analysis

. System Security Course

. Industrial Security -- Physical Security -- Operational Security

. Personnel Security -- Computer Security

. Air Force Information Management Applications: DMS End Users Web End-

User Publisher: HTML Document Windows - Service and Support: Managing

Disks Windows - Service and Support: Internetworking Windows -

Service and Support: Installation and Deployment

. Microsoft Window NT 4.0 Server and Workstation: Monitoring & Auditing

Resources

. Microsoft Window NT 4.0 Server and Workstation: Sharing and Securing

Network Resources

Contact this candidate