Program Manager Project Management
Resume:
John Long, MBA, MS, BS ad5pe1@r.postjobfree.com 703-***-****
Program Manager/IT/Cyber Security Subject Matter Expert (MS/MBA/BS, Certified Federal Government Department of Defense IT Program and Project Manager for Projects equal or exceeding $200 Million) Extensive NIST 800-53/FedRAMP/Privacy Experience Specific to this project: Program Management Subject Matter Expert for IT Governance, Assessment, Critical Asset Management Program Development Consultant with experienced IT Critical Asset NIST 800- 53/FedRAMP/Privacy Assessment and Management for Federal Government Projects in support Computer IT Application Software and System Development, Computer Security, Assessment, Implementation, and project strategies and Roadmap with 15+ years of Consultant and Program Management experience with excellent project management skills to support the development of an enhanced information technology critical asset implementation, operation, assessment and security protection. Examples from enterprise to NIST800-53/FedRAMP/Privacy/Cloud experience are listed in the experience section below of the resume. Certified Department of Defense Project management skills included using Microsoft Project Management Schedule, Excel, MS Word, and PowerPoint to develop and brief Project Management Schedule that identifies objectives and track results on weekly, bi-weekly, and monthly, and quarterly basis. Meetings in each project were conducted with senior managers, business centers, end users, engineers, and stake holders. Focus included objectives, schedule, cost, and technical issues with recommended meditation and schedule and milestones. Document definition of criticality for services, functions, systems, and technologies Resume Related Experience
Program Manager/Information Security Technology Subject Matter Expert (SME) for implementation, compliance, testing, assessment and reporting – over 20 years of conducting or working with Government Clients and Contractors for responsible for managing the strategic and day-to-day aspects of the program management for federal agencies information technology compliance and assessment, systems and migration to various transitions from onsite to offsite cloud technology implementation and compliance development to fielding, liaison and briefing with government agencies key staff, contractors, and stakeholders. Ensured special reports, folders and files established and maintained for customer internal and external coordination.
• Specific Federal Agencies Program Management supporting governance, policy, control and testing and assessment includes:
• Federal Government Aviation Agency – 2012 – 2021 and 2022 PMO support liaison for the business units and as liaison with other members of the Information Security managing and implementing information technology operation and FISMA NIST 800-53, Computer Security and recently FedRAMP Cloud compliant vulnerability assessment and making recommendations and briefing to senior executives supporting System Authority To Operate (ATOs) for Federal Government Aviation Agency (FAA),
• Department of Energy (DOE) Federal Government Information Technology and Powe Administration Agencies -2001-2004 for FISMA NIST 800-53 Security compliance and assessment of their IT facility and FERC compliance. Developed and provided recommendations and briefing to senior executives supporting System Authority To Operate (ATO).
• Department of Interior Information Technology for FISMA 800-53 and Water Dams SCADA Compliance 1999 -2004. Developed and provided recommendations and briefing to senior executives supporting System Authority To Operate (ATO).
• Federal Government Department of Housing and Urban Development (HUD) and Federal Housing Administration (FHA) 2004-2008 FISMA800-53 and SOX, auditing Federal Government Housing Administration (FHA) FISMA 800-53 POAM development and corrective action resolutions.
• Federal Government Department of Defense (DOD) IT/FISMA 800-53/Privacy, and Federal Government Department of Commerce (DOC) 2000-2009 FISMA. Assessment and compliance support. Certified Federal Government Defense Acquisition University and industry trained and certified Program Manager and Senior Computer Application Systems and Computer System Security Subject Matter Compliant Cyber Security and Vulnerability Assessment Expert Cloud (AWS/Azure) and Enterprise PAAS/IAAS, and SAAS for Federal Systems.
Education and Training/Certifications:
MBA Strayer University Business (MIS/Computer Security) MS Strayer University Management Information Science BA Southern University Political Science/Mathematic PMP Defense Acquisition University Program Manager Certification Computer Science Florida Institute of Technology Computer Science Graduate Studies Computer Software US Army Computer Systems Computer Application System Certified Manager Military
Army War College Leadership/Management Certification Command and General Staff College Leadership/ Management Certification Computer Science Fort Benjamin Harrison, IN Computer Programmer Certification Security Enforcement Fort Gordon GA and Fort McClellan, AL Law Enforcement Security Certification, Nuclear Assurance Kirkland AFB, NM Nuclear Assurance Security Training Certification: Computer Science Engineer, Computer System Security, Program Manager, Security Specialist, Internet Security, CISSP, Certified Business Continuity Professional, Software Testing, 3Com, Fiber Optics Tech, IT Asset Management, Technology Specialist, Program Technical Excellence Nuclear/Chemical Hazardous Response Training, Drug Investigation Training
Privacy Program Support.
In conjunction with the client Privacy and Security Officer, and Senior Managers, Users and stakeholders was responsible for assessing and validating compliance with cyber security, privacy, and information technology best practices for and compliance with all applicable statutory, regulatory, and policy requirements by performing continuous review and risk assessments.:
Specific Experience Summary
January 2021- Present – JAVIS Company, Program Manager and Technical Compliance Subject Matter Expertise. June-Sep 2023, Independent Security Consultant for Cisco Meraki Critical Assets NIST Security Risk and privacy assessment. Performed Risk Assessment supporting qualitative and quantitative analysis using NIST 800-53-Revison5 cyber security controls. Role: Corporate Lead for supporting Compliance NIST/FISMA 800-53/FedRAMP/Privacy Senior Program Manager/Subject Matter Expert and Information System/Cyber Security Specialist. Serve as corporate lead and management for Information Technology and Security Requirements. During this period provided advice on Systems Disaster Recovery to Bill Johnson Jr. CIPM, CISA, CISSP, MBA, Disaster Recovery Manager, Minnesota, United States. FAA Support- FY 2013 – January 2021- Compliance -NIST/FISMA 800-53 /FedRAMP NIST 800-53/Privacy Senior Program Manager/Subject Matter Expert and Information System/Cyber Security Specialist -Federal Aviation Administration. In conjunction with the client Privacy and Security Officer, and Senior Managers, Users and stakeholders was responsible for assessing and validating compliance with cyber security, privacy, and information technology best practices for and compliance with all applicable statutory, regulatory, and policy requirements by performing continuous review and risk assessments.:
● Provided managing technical support for diverse and multiple projects Information Technology Cyber Security FISMA NIST 800-53/FedRAMP and Inspector General Compliance and that included Agency Major and supporting Financial Systems (10+ Systems), Information Technology of On Premise Lotus Notes Systems Transition to Cloud (MS 365/ Cloud and Azure System) implementation and evolution, and integration of Cyber Security 300+ application integration to a multi-level security single sign own Security Solution, Information Technology Solution for 24x7 Call and Incident Response System, and Assessment and Review of AWS and Azure Cyber Security NIST 800-53 and FedRAMP NIST 800-53 Compliance for Agency boundary and network security solutions located in ten (10) regions throughout the US with 24 hour response support. Implemented strategy to have personnel assigned to support and respond to incidents in each region 24x7.
● In this role planned and tracked work for multiple teams and reported status / progress to management on a weekly and monthly basis.
● Developed and updated input to sprint ROAD MAP and schedule mapping to quarterly/annual goals.
● Developed and defined Information technology and cyber security assessment metrics to measure performance indicators including value, efficiency, and effectiveness.
● Developed and presented program status / metrics to senior management on weekly and monthly and as needed basis.
● Identified roadblocks and issues and proposed effective solutions and recommendations.
● Transition projects/services into on-going operational modes.
● Made recommendations on best practices, staffing and quality improvement initiatives.
● Engage leadership to understand their needs, goals, and issues.
● Prepare justifications and business cases for recommendations on cybersecurity and privacy initiatives.
● Managed and consolidated updates to internal collaboration sites and documents.
● Briefed engineers, managers, and stakeholders on weekly basis. Federal Aviation Agency Detail Specifics included working in conjunction with the client Privacy and Security Officer, and Senior Managers, Users and stakeholders was responsible for assessing and validating compliance with cyber security, privacy, and information technology best practices for and compliance with all applicable statutory, regulatory, and policy requirements by performing continuous review and risk assessments.:
● FAA-2018- January 2021: Program Manager, SME, and Cyber Security Specialist FAA independent Cyber Security NIST/FedRAMP NIST 800-53 and Privacy Cloud Compliant Assessment for AWS and Azure IAAS, PAAS, SAAS, and major application such as CDM implementation of FICAM consistent with Requirements. Provide Program Management, SME and independent Review and Compliant assessments of agency (FAA) system environments, Infrastructure as a Service (IaaS), Software as a Service (SaaS), and Platform as a Service (PaaS) producing Security Assessment Plan (SAP), Security Assessment Report (SAR), Plan of Action and Milestone (POAM), Security Categorization Document
(SCD), Security Posture Assessment, Risk Assessment, and Executive Summary). In conjunction with the client Privacy and Security Officer, and Senior Managers, Users and stakeholders was responsible for assessing and validating compliance with cyber security, privacy, and information technology best practices for and compliance with all applicable statutory, regulatory, and policy requirements by performing continuous review and risk assessments.:
● FAA-2013 – January 2021: Program Manager, Cloud Evolution: Information System Security Program Manager for Federal Aviation Financial systems. Responsible for LOTUS Application engineering support and migration to the cloud environment EMS 365, mandated by the federal government. Engineering Staffing support included supervising sixteen personnel located nationwide (VA, UT, IL, NJ, GA, etc.). Focus initially, FISMA NIST 800-53 Security continuous monitoring and maintenance support for the FAA financial systems (12) with an emphasis on the Major financial system. Objective is to ensure FAA System Readiness ensures successful completion of annual Systems audit. Methodology includes updating and providing continuous monitoring - *support ensuring security documentation, vulnerability and ISCP testing, scans are performed to ensure financial system readiness for their review. Our Team also serves as the financial manager liaison during the audit addressing any security auditable concerns. In conjunction with the client Privacy and Security Officer, and Senior Managers, Users and stakeholders was responsible for assessing and validating compliance with cyber security, privacy, and information technology best practices for and compliance with all applicable statutory, regulatory, and policy requirements by performing continuous review and risk assessments.:
● FAA-2015- 2018: Program Manager, Cloud Evolution ICAM Assessment: Program Manager and Subject Matter Expert supporting Dev/Ops SDLC Cyber Security Single Sign-On CA-Commercial Solution, system engineering, maintenance, and applications (300+) integration in an Enterprise and Cloud Environment. Engineering Implementation and Maintenance Single Sign-On Security solution using multiple factors (password, email, PIV, One Time Password (OTP). Web Application Development and Testing support. Program support included supervising sixteen personnel engineering staff to include technical writers for continuous documentation upgrades of new releases. In conjunction with the client Privacy and Security Officer, and Senior Managers, Users and stakeholders was responsible for assessing and validating compliance with cyber security, privacy, and information technology best practices for and compliance with all applicable statutory, regulatory, and policy requirements by performing continuous review and risk assessments.:
● FAA-2014 – 2016: Program Manager Message Operation System – Lotus Notes Operation and migration to cloud environment (EM-365). Supported Engineering Staff successful transition and migration to the cloud mandatory environment. Provided weekly and monthly senior management progress status updates to senior managers. LOTUS Application engineering support and migration to the cloud environment EMS 365, mandated by federal government for Cloud environment. Staffing included sixteen personnel. In conjunction with the client Privacy and Security Officer, and Senior Managers, Users and stakeholders was responsible for assessing and validating compliance with cyber security, privacy, and information technology best practices for and compliance with all applicable statutory, regulatory, and policy requirements by performing continuous review and risk assessments.: Information Technology Program Management and Technical Support for the Department of Energy.
● 2012 April - August) - Short project: Department of Energy (DOE) South Eastern Power Administration (SEPA) (SCADA) FY 2012 NIST 800-53 and NERC, Senior Program Manager/Subject Matter Expert and Information System/Cyber Security Specialist, IT Auditor Security Planning Support Department Energy Southeastern Power Administration Subject Matter Expert Technical Lead - Task Update security plan, establish security common security controls and review security documentation and procedures for compliance with FISMA and NIST 800-53 Revision 3 security controls. In conjunction with the client Privacy and Security Officer, and Senior Managers, Users and stakeholders was responsible for assessing and validating compliance with cyber security, privacy, and information technology best practices for and compliance with all applicable statutory, regulatory, and policy requirements by performing continuous review and risk assessments.: Information Technology Program Management and Technical Support for the District of Columbia
● Columbia Government FY 2012, IT Auditor Security Planning Support for District of Columbia Government Subject Matter Expert – Technical Lead - Assist a small business in updating security documentation and provide Plan of Action and Milestone Corrective Action remediation support that included updating security policies and plans for compliance with Internal Review Audit Notice of Finding and FISMA and NIST 800-53 Revision 3 security controls. Information Technology NIST and SOX Compliance Program Management and Technical Support for the Housing and Urban Development Organization
● HUD -FY 2005 -2011: Senior Program Manager/Subject Matter Expert and Information System/Cyber Security Specialist, IT Auditor Security Planning Support Department of Housing and Urban Development Subject Matter Expert Project Manager Technical Lead OMB A-123 and OMB A-130- provided assessment in review of business processes and systems and SAS 70 reports for compliance with FISMA and Financial Internal Control compliance. Supported included developing policies and procedures to resolve assessment gap findings and providing risk mitigation support for over 1100 Plan of Action and Milestones Findings and serving liaison to coordinate Inspector General Notification Finding Report tracking and corrections. In conjunction with the client Privacy and Security Officer, and Senior Managers, Users and stakeholders was responsible for assessing and validating compliance with cyber security, privacy, and information technology best practices for and compliance with all applicable statutory, regulatory, and policy requirements by performing continuous review and risk assessments.:
Department of Energy (DOE)-FY 2004 – 2005-DOE(SCADA) NIST 800-53 and NERC Compliance Assessment:
● Senior Program Manager/Subject Matter Expert and Information System/Cyber Security Specialist, IT Auditor Security Planning Support Department of Energy CSO and supporting Regional Sites
(Denver, Phoenix, Billing, North and South Dakota) Subject Matter Expert Project Manager Technical Lead OMB A-130- provided assessment in review of business processes and information technology systems for compliance with FISMA NIST Standards as well as integration of FISMA standards with FERC to support Power Grid security Assessments. Support included developing policies and procedures, security plans, contingency and disaster recovery plans, incident response plans, rules of behavior, test reports, and corrective action plans. In conjunction with the client Privacy and Security Officer, and Senior Managers, Users and stakeholders was responsible for assessing and validating compliance with cyber security, privacy, and information technology best practices for and compliance with all applicable statutory, regulatory, and policy requirements by performing continuous review and risk assessments.:
Department of Energy (DOE) -FY 2002 – 2004 Information Technology and NIST 800-53/FERC Computer Security Assessment (SCADA):
● FISMA NIST 800-53 Senior Program Manager/Subject Matter Expert and Information System/Cyber Security Specialist, IT Auditor Security Planning Support Department of Energy Western Area Power Administration (Folsom, CA). Subject Matter Expert Project Manager - OMB A-130- provided assessment in review of business processes and information technology systems for compliance with FISMA NIST 800-53 Standards. Supported included developing policies and procedures, security plans, contingency and disaster recovery plans, incident response plans, rules of behavior, test reports, and corrective action plans. In conjunction with the client Privacy and Security Officer, and Senior Managers, Users and stakeholders was responsible for assessing and validating compliance with cyber security, privacy, and information technology best practices for and compliance with all applicable statutory, regulatory, and policy requirements by performing continuous review and risk assessments.: 2000 – 2004 Department of Interior (FISMA NIST 800-53 Information Technology and SCADA)
● Senior Program Manager/Subject Matter Expert and Information System/Cyber Security Specialist, IT Auditor Security Planning Support Department of Interior Bureau of Reclamation Regional Sites Western and Northwestern Region (California, Utah, Washington, Oregon, Idaho) Subject Matter Expert Project Manager Technical Lead OMB A-130- provided assessment in review of business processes and information technology systems for compliance with FISMA NIST Standards as well as integration of FISMA standards with water Dams to support security Assessments. Support included developing policies and procedures, security plans, contingency and disaster recovery plans, incident response plans, rules of behavior, test reports, and corrective action plans. Application support included redesigning the agency financial system ensuring CMMI compliance. 1994- 2004 - Department of Defense (DOD)-FY 1994 – 2004: Senior Program Manager/Subject Matter Expert, IT Security Planning Support Department of Defense Information Systems Agency Subject Matter Expert program management documentation review and assessment for compliance with DOD standards. Provided review of migrating and government systems program documentation for accuracy and compliance with DOD standards. Supported worldwide systems transitions and implementation. 1981-1992- US Army, Certified Program Manager and Security Specialist, and Contingency Officer Various Locations– US European Command, planning, assessing, coordinating, developing, testing, and updating COOP plans and establishing an alternate international site for US and NATO personnel and critical assets in Europe and Belgium – US Army Pentagon - – planning, coordinating, developing, testing, and updating COOP plans in continental US to support US Crisis and contingencies, establish and test COOP requirements for alternate site. US Army Missile Command – planning, coordinating, developing, testing, and updating COOP plans in continental US to protect chemical weapons. US Army Computer Systems Command Computer Security Subject Matter Expert supporting management reviews, audit, and testing – worldwide computer sites.
Computer Information Technology Awards and Achievements
● FOSE 100 Award Re-engineering computer software and system design to support computer in maintenance of Aircrafts, Missiles, and Tanks saving Government over $200 Million dollars/
● Hammer Award from Vice President of U S for Software Engineering Redesign Support
● Letters of Commendation for Expediting Software Solution/ Led Organization to receive Small Business of the year Award in 2001 from DOI and SEI II Certification. Military Related Program Management and Information Technology Support:
● Legion of Merit – Army Program Management Services U.S. Army Communication and Electronic Command Redesign of Software to support paperless environment.
● Legion of Merit – Redesign and re-engineering of Pentagon Army Computer System and Facility
● Department of Defense Meritorious Service Medal – Redesign of U.S. European Command And Control Computer Systems, U. S. Supreme Allied Commander Europe and NATO Secure Communication and Contingency Planning.
● Department of Army Meritorious Service Medals – (4)1- Instructor Military Law Enforcement and Security/2- US Army Missile Command for sustaining the Army. Personal Reference Points of Contact
Deborah Robinson, Corporate Executive QA Manager, ad5pe1@r.postjobfree.com 301-***-**** Anderson Wilkerson, Corp orate CISSP SME, ad5pe1@r.postjobfree.com, 703-***-****
Contact this candidate