PAMELA A. MALIK

***** ******* ***** ~ Leesburg, Virginia 20175

H: 571-***-**** C: 703-***-**** acvu1v@r.postjobfree.com Over nine years of combined experience as a cybersecurity professional dedicated to providing exceptional leadership and management in fields of cybersecurity, education, customer service, and training. As a senior cyber security operations analyst, have solid track record of success in Incident Handling, and building/supervising highly-effective Information Security & Information Assurance programs. Oversee daily security operations ensuring that proper processes and procedures are followed by Security Operations Center (SOC) staff while providing leadership in implementing new policies, programs, tools and procedures.. Superior communicator, readily distills the most complex of materials into easily-understood, compelling presentations. Core competencies include:

Active Top Secret Clearance CISSP Certificate QA Audits

CEH Certificate Team Building/Leadership ISO 9001 Processes

Security+ Certified Sets Performance Standards Develop/Deliver Training SRA INTERNATIONAL, INC., Fairfax, Virginia 11/2008 – Present Sr. Cyber Security Ops Analyst / Team Lead-Manager, DOT/FAA Cyber Security Management Center

• Provides leadership and operational direction at the Department of Transportation (DOT)/Federal Aviation Administration (FAA) Cyber Security Management Center (CSMC)

• Supervises the Security Operations Center (SOC) Incident Response (IR) staff to include Duty Officers, Watch Officers and Incident Handlers

• Provides on-going training to the IR staff and produces weekly progress report on the IR process performance

• Collaborates with the DOT and FAA executive leadership in providing ad-hoc reports, metrics, and other critical, high-profile deliverables

• Manages the secure distribution of cyber incident reports; contributes in the creation of Information Systems Security (ISS) reports, policies and procedures; generates monthly IR metrics

• Utilizes the Joint Advanced Solutions (JAS), cyber incidents tracking system and the Remedy tracking system to coordinate with US-CERT and other governmental agencies in cross-referencing cyber incidents

• Streamlines Information Security (IS) operations and improves the overall IS posture through effective reporting, prioritization and customer communications

• Developed and integrated work process for Sensitive Personally Identifiable Information (S/PII) incidents while providing on-going training requirements

• Functioned as Detection Group Lead; managed shift scheduling for group of 12; met/maintained all contractual obligations regarding coverage

• Successfully oversaw and executed SOC Incident Response operations during the government shutdown in 2014, ensuring uninterrupted continuity of business practices

• Provide input to the annual SOC planning and budgeting to affect the SOC Business Plan Initiatives, Targets, and Milestones

Highlights of Key Qualifications

Professional Experience

PAMELA A. MALIK

Page 2.

NORTHROP GRUMMAN, McLean, Virginia 3/2008 – 11/2008 Sr. Cyber Security Engineer, DOT/FAA Cyber Security Management Center

• Ensured Information Systems availability, integrity, authentication, confidentiality and non- repudiation; implemented security measures for communication systems and network

• Assisted with the development of process documentation for the Incident Response Group to ensure standardization and quality of support by performing the following functions: o Develop Standard Operating Procedures (SOPs)

o Develop process descriptions for appropriate Capability Levels o Develop workflow diagrams of key processes in RequisitePRO o Identify work areas where repeatable processes and documentation are required o Provide recommendations on how to improve efficiency and effectiveness of operations o Task appropriate in-house subject matter experts to develop the above items and assign process owners

TEKSYSTEMS, INC., Reston, Virginia 10/2007 – 3/2008 Cyber Security Analyst, DOT/FAA Cyber Security Management Center

• Provide proactive technical and engineering support in the exploitation and/or remediation of infrastructure and computer systems

• Execute incident response functions and coordinate activities with government site personnel and offsite management, as directed

• Publish and distribute Notifications which address major information security threats, i.e. hacking, malicious activity, damaging vulnerabilities with exploits in the wild, Trojans, Worms, and Viruses

• Report information security events and incidents to appropriate internal and external agency authorities

• Produce daily, weekly, and monthly reports for Agency management and higher headquarters

• Oversee and assist, as necessary, the Duty Analysts (DAs) as they perform the Protect and Detect functions

• Conduct research pertaining to the latest viruses, worms, etc. and the latest technological advances in combating unauthorized access to information

• Write Information Papers and Technical White Papers, as required

• Conduct an end-of-shift turnover summarizing activities for each shift

• Advise the government community of best security practices, as necessary

• Update reports and notifications on CERT Information Portal

• Participate in multi-agency Continuity of Operations (COOP) Exercises

• Provide input to draft InfoSec policies

• Perform other Network Security/Information Assurance tasks, as assigned INDEPENDENT PROJECT ANALYSIS (IPA), Ashburn, Virginia 2/2002 – 7/2007 Information Security Officer

• Developed and implemented IS processes spanning 13 Departments while providing project evaluations/benchmarkings to enhance the success rates of capital systems projects

• Chosen to provide training for the IPA European Office in The Hague; traveled twice to the Netherlands to mentor European counterparts

• Generated and managed all proprietary client information, passwords and updates for 150 client accounts; ensured all documents were properly encrypted

• Produced and maintained the corporate IS Process Manual for a staff of 200+ personnel

• Developed corporate IS Work Processes; initiated the IPA Security Awareness Program across all offices; executed IS Audits to ensure compliance with overall IS policy

• Trained all staff members including Project Analysts, Product Development Group, Corporate Administration and senior staff regarding the organization’s IS processes

• Performed IS process orientation and refresher training for all personnel; consulted with analysts and clients to quickly resolve technical issues

PAMELA A. MALIK

Page 3.

• Consistently maintained a 100% success rate by ensuring no company or client information had ever been compromised

• Reviewed documentation for evaluation of capital projects ranging up to $20M CISCO SYSTEMS, Herndon, Virginia 2/1997 – 10/2001

Engineering / Quality Assurance Specialist, Network Software Services Unit (NSSU)

• Performed QA audits on documentation utilizing Cisco’s Engineering Document Control System

(EDCS) while providing overall EDCS support for Network Software Services Unit (NSSU)

• Coordinated ISO 9001 efforts for NSSU certification audit with company certification received in 12/2000

• Used the Dynamic Objects Oriented Requirements Systems (DOORS) database to create project modules and track Change Requests

• Conducted training for Senior Management, Engineers, Program Managers, Project Managers and Software Testers while aligning all company processes and templates in preparation for audit

• Used Cisco’s Distributed Defect Tracking System (DDTS) for tracking and managing problem reports and enhancement requests; generated System Problem Reports (SPRs) VILLANOVA UNIVERSITY, Villanova, Pennsylvania

Master’s Certificate, Certified Information Security Services Professional (CISSP), 2007 Other Certifications:

Security+ (CompTIA), 2014, 2011

Certified Advanced Security Practitioner (CASP) (CertFirst), 2015 Certified Ethical Hacking (CEH) (Ultimate Knowledge), March 2016) Furnished upon request.

Education & Training

References

Contact this candidate