KEY STRENGTHS

Program Management

Project Management

Communications, including C-level

Cloud and Network Cybersecurity

Team Leadership

Process Improvements

Global Business Initiatives

Vendor Management

Proposals

Budgets

Resource Allocation

Client Support

White Papers & Publications

Clearance: Current DoD TS; Certifications: PMP, CISSP, CAP, ITIL;

Education: MS in Computer Technology; BS in Systems Automation; Master’s Certificate in Applied Project Management

Summary of Experience

Program/project management for government and business in diverse environments – cybersecurity, cloud computing, virtual and local data centers. Specific knowledge areas include:

Program/Project Management: budget control, program and projects plans, resource allocation, personnel management, and communications;

Expertise in Cloud, IT, and IT security; cyber security implementation and integration in data centers and Cloud, Enterprise Architecture - DODAF and FEAF:

Cloud computing: procurement, architecture, security, and engineering;

Migration from Data Center to cloud environments; Transformation of Systems Applications and Processing (SAP);

Cybersecurity. Compliance with FISMA: NIST—FEDRAMP, RMF;

Expert in NIST and DoDI 8510.02- RMF, FedRAMP, Continuous Diagnostic and Monitoring (CDM) and Government Cybersecurity Architecture (.govCAR);

Working knowledge of standards and guidelines applicable to security practices including ISO, ISO 20000 and 27000-series, IT Security/PCI DSS and security posture, HIPPA, SOX and PII and others;

Documentation, Proposals and White Papers, Industry Forums.

COGENT SOLUTIONS Inc. (ISO 9001:2000, ISO 27001) 6/2014 – currently

Director: Security, Cloud Services, Program Management, Solution Architecture

- As Director, Program, and Project Manager supports the following major programs/projects on behalf of Cogent Solution Inc.: Army/Pentagon; DHS; DoD, JSP Web Center of Excellence (WCoE), IBM Maximo/Tririga Modernization; Cloud Migration (VMware Cloud Foundation, AWS, AZURE, GSA), related Systems Applications and Products (SAP), and Cybersecurity efforts.

- Supports Solution Architecture efforts for all Cogent’s proposals, supports awarded programs, program controls and reporting, budgets, resource allocation, Service Level Agreements (SLA).

At the corporate level, leads the company ISO 9001/27001 and ISO 20000 certifications process, development of proposals, white papers and participates in industry forums.

Command and Control Security Agency (CCSA), Pentagon Support

VMware Cloud Foundation (VCF) deployment.

As a PM on-site, manages all technical personnel (direct and indirect -18), develops and updates program/project plans, including Work Breakdown Structures (WBS), and provides overall deliverables: weekly and monthly activity/status reports, VCF Cybersecurity, Build Guide documentation, Standard Operating Procedures (SOPs) with Specification and Description Language Diagrams (SDLs). Managing Azure process along with Agile-Scrum-Sprint team development methodology with various agile processes such as defining milestones, product backlog item grooming, sprint planning, Sprint retrospective, release candidate and documentation of lessons learned.

LEIDOS CORPORATION /Cogent Solutions Inc.

As part of the Leidos Project Cloud Resource Allocation effort, interviewed and managed numerous cloud specialists including Sr. Cloud Engineer, Support Cloud Engineer, and Cybersecurity Specialist that build the core cloud technical group

Wrote deliverables submitted to the government:

Government Cloud Business Process Reengineering. The document describes in significant details the process of reengineering required for migration of the UCSA application services to AWS Cloud Mil 0.2, including the process, its advantages/disadvantages, specific tasks, and allocation of resources with Basis of Estimate (BOE). It includes Fishbone Diagram describing the migration tasks at the high level, and detail WBS.

Government Cloud Environment Service Design Plan. This document identifies the four stages of migration: Preproduction, Production, Authorization, and Operation.

Led the migration process in Preproduction, Production and Authorization stages, including:

Deployment of EC2s in the VPCs using the AWS CloudFormation and automation scripts

FedRAMP-based cybersecurity

Review of the DISA Purchasing Orders for the AWS Cloud Mil 0.2 elements

Worked to support migration to the cloud using DevOps and DevSecOps, in the areas of static and dynamic testing.

PERATON-PERSPECTA / Cogent Solutions

DHS CISA NCPS Program; includes:

Enterprise Architecture projects including the assessment of cybersecurity architecture (using cybersecurity - EA mapping techniques, such as IDEF0)

Worked as a Sr. Project Manager in managing DevSecOps project processes. It includes daily activities related to scheduling and real-time utilization of resources. Worked with the engineering team to strategize, consult, and prototype based on best practices and solutions for applications utilizing CI/CD and cloud solutions.

Cloud Services Architecture in the government space for the IaaS, PaaS, SaaS models; Cybersecurity Architecture and service delivery documentation

AWS-based cloud migration for the DHS application systems (e.g., E1E, TAXII), Security Audits and ATOs.

Organized and leads weekly Cybersecurity Architecture Working Group (CAWG) that develops recommendations for migration to and operation of the DHS NCPS application systems in a cloud environment. From a cybersecurity perspective, these recommendations are consistent with the concepts of CDM and .govCAR.

DISA JSP Web Center of Excellence (WCoE)

Rapid Web Deployment. Program Manager and Architect for the JSP WCoE.

On this assignment, managed budgets, personnel (core team and subcontractors: 35 people), program/project plans and overall deliverables, including WCoE Cloud Security Architecture documentation, cost/benefit analysis, and service delivery budgets for IaaS and PaaS models. Specific tasks include:

Development of mission-related system and security architecture.

Deployment of the WCoE servers’ instances in the AWS cloud, including firewalls, virtual private cloud (VPC) and secure access to the proxies, applications clusters and databases in the cloud

Security Engineering and Integration, deployment of built-in security mechanisms imbedded in EC2 configurations, ELB scaling, EC2 replication and operation in multiple availability zones

The cybersecurity (Information Assurance) process under RMF and FedRAMP, including adherence to FISMA requirements, Authorization to Operate (ATO) and continuous monitoring for the CoE’s Washington Headquarters System (WHS)

AWS-DoD mandatory SOC operations including incident detection, response and reporting

Implementation of Computer Network Defense Services (CNDS) in the cloud

ITIL and CMMI change and configuration management.

DISA / PENTAGON.

Program Manager, IT Architect Responsible for the following:

IBM Maximo and Tririga Modernization Program at Federal Facilities Division (FFD), Pentagon. Developed program and project plans, provided scheduled reports, and recommendations. Managed a team of multi-companies’ specialists

Developed and delivered an agile full lifecycle work environment, that included full Development and Operation, and Security and Operation (DEVSECOPS) capabilities with a continuous modernization of the environment.

Technical aspects included assessment of the Enterprise Architecture (DODAF), development effort and on-site analysis of currently deployed software suits, network configuration and topology, security settings and operations.

From 8/2007 to 6/2014 worked for : MLS, INC.; VMD, INC.; Trusted Integration, INC.; Intelligent Decisions, INC.

Summary of activities:

Assistance with the GSA Cloud First Services (Schedule 70; Email as a Service (EaaS))

Migration of NG Financial systems to the Microsoft Government SaaS Cloud. At the time, Microsoft Azure was in the process of obtaining a FedRAMP Provisional Authorization (PA) for this Community Cloud

Support to OCIO: security policies and procedures documentation, oversight of the Information assurance (IA) process under NIST RMF/FedRAMP, as well as FISMA Reports through the DHS Cyberscope Portal and support of external FISCAM and FISMA/FISCAM audit

Program and Project Management: account management (quarterly EVM reports, budget reports), Project Plans, staff mentoring (assignments, training for mandatory certifications and supervision)

Implementation of the world-wide patent search system using the Amazon IaaS Cloud

Development of security business and strategic plans

Oversight of mandatory security training

Transition to Continuous Security Monitoring as recommended by NIST SP 800-37 Rev.1 - RMF, with incremental Security Controls’ selections and annual security assessments

SOC/incident reporting operations

Extensive Security documentation for Information Assurance and FISMA reporting using automated tools such as CSAM, TAF, and RSA Archer

Information assurance activities related to security risk assessment within a Homeland Security cyber security program: mitigation of security risks and development/ updates of security documentation and related configuration and change processes

Development and Engineering of the OMB mandated Trusted Internet Connection (TIC), a secure Internet Portal, and IT consolidation at the DOJ Justice Management Division (JMD) and department-wide. The government-wide TIC programs were mandated to yield operations efficiency and enhance security of the Internet access. JMD was one of the first Government agencies to implement full scale TIC and Data Center Consolidation Department–wide. Currently, the TIC progress must be reported as a security feature in the annual FISMA reports

Specific Assignments:

MLS Inc 3/2012-6/2014: Program Manager, Security. United State Patent Office. Manages a team of IT and security specialists providing:

Migration of the World-Wide Patent Search system to AWS and NGFMS to Microsoft cloud

Vulnerability and penetration testing with the results analysis and remediation/risk mitigation

Authorization and risk management support

VMD Inc 2/2010-3/2012: Program Manager, Security: Department of Labor, FAA. Manages a team of IT and security specialists supporting:

IT and cyber security operations of multifunctional IT master systems, Data Center SOC operations, incident reporting

Vulnerability scanning, analysis, and remediation/risk mitigation

Information Assurance

Trusted Integration Inc 2/2009-2/2010: Program Manager,

IT/Security; DHS Internal SOC and SIEM, operations and vulnerability testing.

Deployment of automated security documentation tools.

Intelligent Decisions Inc. 8/2007 – 2/2009: DOJ. Operations Manager.

Authorization support,

Data center consolidation and

Trusted Internet Connection (TIC) implementation

CACI Inc., Technology Business Group, 4/2000–8/2007

Program & Project Manager, Network, System & Security Architect, Privacy and Security Projects

At DOJ PMO, Justice Consolidated Network (JCN), held the following positions:

Program Manager/Security Architect. As PM, directly reported to a Federal PMO Director; on all contractual and project-related matters; as the architect supported all technical aspects and procurement of Justice Consolidated Network (JCN)

Direct liaison to GSA and the vendor (Sprint) on service management, SLAs, ICSAs, and MOUs

As the JCN PMO representative, worked with AT&T on decommissioning JCN prior to installation of AT&T’s MPLS-based JUTNET (LANs and WAN), creating four operations zones allowing gradual simultaneous deactivation and activation of the network services to DOJ with virtually no downtime.

Summary of the State Department, DoD and FAA project activities:

Information Assurance: FISMA reporting, Certification and Accreditation

FISCAM A-123 and FISMA audits, PCI DSS, HIPAA,

Passive and Active (penetration), Vulnerability Scans, Analysis and Remediation/Risk Mitigation (including POAM’s)

Risk management

At CACI Corporate Level:

Contributed to the proposal of an initially $9 million TriCare IA contract, that subsequently grown to over $20 million annually.

Participated in Security Assurance Services and Innovation (SASI) proposal for the Department of State Bureau of Diplomatic Security Chief Technology Officer. CACI was awarded a $29 million prime task order under the SASI task blanket purchase agreement, which has a ceiling value of $710 million

Provided EVM support for the Customs and Border Protection Security support project.

Led corporate effort in company-wide implementation of the ITIL ITSM framework security, based on the ISO 27000/ISMS Standard Series. Contributed to the presentation of CACI-style ITIL framework at the corporate website aimed at attracting prospective clients with requirements to use the ITIL methodology

Additional Information

Villanova University, Online 2004

Master Certification of Applied Project & Program Management, includes PgMP and Agile

Moscow Electronics Institute (MEI) - Masters. 6.5 years program in computer technology 1996

Moscow College of Automated Machines - Bachelors. 3.5 Years program in Industrial Automation 1990

Notable Certifications, Awards, Professional Memberships and White Papers

Project Management Professional (PMP); certification #33609; since 5/20/2006

Certified Information Systems Security Professional (CISSP); certification #87770

Certified Authorization Professional (CAP); certification #87770;

Information Technology Infrastructure Library (ITIL), certification # Sr2382383

GSA Award for Excellence in Providing Services to the Government; GSA/FTS; Certificate of Achievement;

Professional Memberships: PMI, ISC2, IEEE

White Papers:

1. Papers for corporate and clients’ internal consumption. Available in redacted form:

VMware Cloud Foundation. Concepts, Configuration, Deployment, Security, and Operation.

Cloud-related Cybersecurity.

Main Frame Modernization and Cloud Migration.

SharePoint Security Issues.

DITSCAP - DIACAP Transition.

2. Published Papers:

Security Aspects of Managing NG Financial Systems

Intelligent Networks. Evolution Status. The Telecom Review, MITRE Journal.

Asynchronous Transfer Mode (ATM) in Satellite Environment. NCA Journal.

Convergence of Internet Protocol and SS7. Issues and Solutions. VOIP over ATM. NCA Journal

Contact this candidate