Project Manager Security Officer
Resume:
RESUME
Michael Gray
Washington, DC 20024
E-mail: adzlux@r.postjobfree.com
Telephone: 240-***-****
PROFESSIONAL SKILLS
Machines
IBM mainframes and AIX servers, HP, Apple, Sun and Intel platforms.
Operating Systems,
Linux, Android, Firefox, Openmoko Linux, Mobilinux, webOS, HP UX, IRIX, IBM-MVS/ESATO/JCL/ISPF/VM, and AIX.PEN/GEOS, GEOS-SC, GEOS-SE, iOS.http://en.wikipedia.org/wiki/Palm_OS
Languages
C, C++, C#, Visual Basic, Pascal, BASIC, FORTRAN, COBOL APL, SAS, SPSS, PASCAL, ASSEMBLER, Java, LISP, PROLOG.
Communications
TCP/IP, IBM SNA, IPX/SPX, DDN X.25, DSL, Frame Relay/I.122/T.606,
ISO CLNP/TP4, PPP, HDLC, LAP-B, FDDT/X3T9.5, DNSIX, ATM, and IEEE 802.X, WLAN, LDAP protocols, supporting protocols suites and standards.
Certifications
Microsoft Certified Systems Engineer, CISSP, JAVA, SAP, Oracle DBA/DBE and Cisco CCIE Certified.
Enterprise Architecture Frameworks
FEAF, TEAF, Zachman Framework, Spewak Framework
Internet
Expert in all phases of comprehensive local and enterprise network engineering.
Expert in all phases of Portal, Web and related application engineering.
CRM and ERP
SAP Expert, Siebel. Oracle, Vantive, Peoplesoft, SalesForce, Microsoft
EMPLOYMENT
Hewlett- Packard Consultant for USPS, Washington, DC.
Senior Consulting Information Systems Security Officer. 2014-Current
My duties on this project was to evaluate that the systems owners are following all applicable security policies and procedures required by their Information Assurance program. My job functions included the following duties:
To evaluate that all systems are operated, maintained, and disposed of in accordance with security policies and procedures.
To assure that the generation and maintenance of required IS security documentation including Systems Security Plans (SSP), Information Assurance Standard Operating Procedures (IA SOP), Continuous Monitoring Plans, Security Control Traceability Matrices, Risk Assessments, Plan of Action & Milestones (POA&M), equipment specifications, practices and procedures, are compliant with agency security policies.
Review if customer-required Information Assurance (IA) certifications were executed properly in-accordance to standards.
Ensure that the day-to-day security posture and continuous monitoring processes of all systems are compliant with security policies and procedures.
Review the performance and maintenance records of auditing, patching, maintenance, software/hardware changes, and scanning based on evolving threat/vulnerabilities and customer compliance requirements.
Review the testing procedures for verification of Certification & Accreditation (C&A), Authorization and Accreditation (A&A), Risk Management Framework (RMF) safeguards to meet customer requirements based upon NISPOM, NISPOM Overprint, JSIG, ICD 503, CNSSI 1253 and related NIST publications.
Review testing results to evaluate if analyses of the security posture of ISs by employing various intrusion/attack detections and monitoring tools, were properly executed.
Evaluate threats and vulnerabilities to determine the need for supplementary safeguards (e.g. architecture, firewall, data flow, network access, etc.)
Review customer-approved procedures for sanitizing and releasing system components and media.
Assess changes to an IS by performing periodic self-inspections, tests and reviews of the IS program to ensure that systems are operating as authorized/accredited and that conditions have not changed; ensure corrective actions are taken for identified findings and vulnerabilities.
Review the enforcement of configuration management (CM) policies and procedures for authorizing the use of hardware/software on an IS.
Maintain a working knowledge of IS functions, security policies, technical security safeguards, and operational security measures.
Coordinate with Facility Security Officer (FSO) and Contractor Program Security Officers (CPSO) to define, implement and maintain information security policies, strategies, and procedures.
Review that that implementation of policies and procedures for responding to security incidents, and for investigating and reporting security violations and incidents are performed.
Ensure the development, documentation, and presentation of classified IS security education, awareness, and training activities.
Support Chief Security Officer (CSO) in company-wide initiatives.
IES, Alexandria, VA.
Senior Systems Engineering Program Manager, Principal Enterprise and Solution Architect, Principal Compliance and Security Consultant, and Subject Matter IT Expert supporting Federal Government OCIO initiatives. 2004-2014
My tenure with IES provided numerous diverse and challenging experiential engagements systems engineering program management responsibilities required expertise included integrating user, business and technology track recommendations into a coherent vision which addresses immediate client needs, situational constraints, and potential for ongoing work. Since 2004 I have supported Ginnie Mae and HUD with the development and implementation of many enterprise Business Process Improvement (BPI) projects. My responsibilities were focused on the following objectives:
●Develop a Detailed Technical Architecture that realizes the BPI’s vision into technical specifications.
●Perform an As-Is and To-Be analysis of Ginnie Mae’s enterprise applications and infrastructure.
●Develop a simpler, consolidated technical infrastructure that will make access to the hosted systems and the management of these systems more efficient and effective than is experienced for the legacy counterparts.
The DTA recommended the consolidation of 30+ legacy applications to 7 optimized systems. Additionally, these legacy applications resided on obsolete platforms and I was responsible for the design and implementation of the technical infrastructure to support the following Ginnie Mae enterprise applications:
●IPMS (Integrated Pool Management System)
●Ginnie Mae Portal
●GinnieNet
●Enterprise Wide Operational Data Store (EWODS)
●Reporting and Feedback System (RFS)
●Risk Management System (RMS)
●Integrated Document Management System (IDMS)
I was tasked to engineer the technical infrastructure that could support the development of each application throughout the SDLC and implementation. This was accomplished by extracting data from functional requirements, concept of operations, and solution architecture documentation to develop a viable technical design. I developed designs for two datacenters; production and disaster recovery. The systems and infrastructure necessary to support the life cycle requirements of the applications are as follows:
A three tiered design was employed for the systems in each datacenter. This design is explained as follows:
A.Tier 1. Cisco 7208 routers, Nokia IP260 Checkpoint firewalls, and Cisco 6509 switches. This tier housed DMZ portal, proxy, sFTP, access control, and security servers (SUN 490s).
B.Tier 2. Nokia IP260 Checkpoint firewall, Oracle Application, SMTP, zone 2 Weblogic portal, BEA .Net Accelerator, zone 2 sFTP ( HPDL380), zone 2 Business Objects, Oracle Middleware, and zone 2 Informatica clustered servers.
C.Tier 3. Nokia IP260 Checkpoint firewall, Oracle database servers (SUN 890’s) and EMC DMX 4 storage area network.
Development, Testing (SI & UA), Training and, Production instances of each system environment were designed to run concurrently in both datacenters.
Additionally, the functional requirements mandated that the new enterprise infrastructure must interface with the legacy environment during the development and testing phases of the SDLC. The legacy environment contained numerous databases such as DB2, VSAM, ADABASE, Sybase, Ingress, and Informix Microsoft SQL Server on platforms like VAX, Unisys, IBM 3090;ES 9000; Risc 6000. I developed interface designs, cross communications protocols and ETL methodologies to address this interoperability requirement.
Developed HUD specified documentation such as Concept of Operations, Technical Requirements, Risk Management Plan, Quality Assurance Plan, Communications Management Plans, Solution Architecture Document, Technical Design Document, IV&V Plans, Test Plan/Test Reports and Security Assessment & Authorization to Operate (ATO) Request.
Managed the migration of Office and Exchange from 2010 and Lotus Notes and Domino 8.1 to Office and Exchange 365 for 3000+ seats.
Managed the migration of Oracle E-business Suite to Oracle Applications SaaS CX, ERP, EMP Cloud for 3000+ users.
Managed the implementation of MS Project Enterprise and SharePoint Online for 1200+ users.
Managed the implementation of Business Objects and Informatica for 500+ users.
Prepared and delivered integrated budgets, schedules, and development plans for the entire (cross-track) development effort; responsible for definition, articulation, and coordination of all cross-track deliverables.
I was accountable for all the interdependent elements of the multi-disciplinary engagement, for meeting contractual milestones and client expectations, and for producing high quality results on time and within budget.
Solicited input from Technical Leads and client contacts defining project procedures and metrics: status reporting procedures; change control procedures; issue escalation procedures; risk management plan and project success criteria; additionally acted as the principal security auditor, security certification & accreditation consulting engineer and program manager on numerous engagements supporting Ginnie Mae, Department of Transportation, NIH, VA, Federal Maritime Commission, HUD/FHA, Fortune 500 clients such as JP Morgan Chase, Ernst & Young, Deloitte & Touche and the Bank of New York Mellon; supported CIOs and, CISOs and associated departmental offices with FISMA, GAO and legislative compliance directives in the federal government sector.
Howard University, Washington, DC
Professor, Senior Research Scientist, Project Manager and Director of ComSERC, 1982-2004
Developed and implemented University wide security architecture. Developed detailed security policies and procedures. I was responsible for designing and implementing intrusion detection, firewalls, honey pots, hidden subnets, DMZ’s, identity management, threat management, trust management, and vulnerability management systems. I analyzed the University infrastructure consisting of approximately fifteen-thousand workstations and servers, nine-hundred network switches, routers, wireless access points and the telecommunications plant for security weak points and developed robust risk mitigation solutions. Consulted on the implementation of Banner 5 which is an integrated web based accounting, HR, and student information system using Oracle 9i application server and database. I was also was the technical lead in developing, implementing and testing business continuity plans for the University’s enterprise infrastructure.
Simulation and Modeling Project Manager
Directed the simulation and modeling group in the Tactical / Strategic Interpretability tasks to design and build an object based platform for modeling the heterogeneous networks for the Army Research Laboratory. Designed and built a hierarchical distributed simulation environment that benefited from the computing resources, expertise, and reusable object based models developed at numerous networked research sites. These addressed additional requirements imposed by tactical or strategic networks that include wireless, terrestrial and satellite networks. I modeled networks with these three key components that required very large simulation execution times. This effort required a level of abstraction in the model through which an entire network segment was moved from one location and deployed at another. This also required special routing capabilities, service capability and scalability and dynamic reconfiguration management features that were modeled as an integral part of the network. The tools and platforms employed in work included OPNET, BONES, Matlab, HP based packet, cell and frame generators, HP Openview, Nortel and Fore ATM switching devices and Motorola packet radio transceivers. All custom code was developed in C++ using Rational tools.
Global Command and Control Center Project Manager
I provided technical support for the development and implementation for the DII Control Center Global Implementation. Installed, integrated, and demonstrated a jointly identified DISA Global Control Center (GCC) suite of hardware and software. The jointly identified GCC suite of hardware and software was developed to have the capability to identify and alert system users if an unauthorized user attempts to enter the system through an intelligent intrusion detection system. I designed comprehensive encryption and security strategies for the DISN global network. Developed and implemented and enhanced Kerberos network authentication methodologies with secure gateways. Designed biometric security systems interfaces for management nodes and secure servers. I performed an on-site baseline analysis of the network security and systems management capabilities at DII Regional Control Centers. Engineered a fully operable Intelligent Network Management System (INMS) monitor and reporting capability in concert with the deployment of INMS into selected DISA Regional Control Centers. Analyzed Net Expert INMS protocols, architecture, and data structures to determine alarm correlation and MAP/view coordination. Recommend interfaces from MAXM platform to INMS platform to achieve Interoperability between OCC and RCCS. Ensured recommended solution complies with TAFIM standards. Documented findings to determine criticality, priority, and MAP/view position. I developed a fielding plan to implement recommended solution including hardware and software description and costs, for both COTS and newly developed programs. Stress tested system software and repaired deficiencies. Custom software was developed in C++ using the Sun and IBM toolsets. Identified areas of software vulnerability such as (e.g. operator error, buffer overruns, security) that cause abnormal program termination, erroneous results, data integrity exposures, performance degradation, and other undesirable system conditions. Developed software and procedural methods to prevent and/or reduce the probability of such occurrences. I also managed the technical support efforts for the development and implementation for the DII Control Center Global Implementation. Installed, integrated, and demonstrated a jointly identified (Government and the contractor) DISA Global Control Center (GCC) suite of hardware (Sun/Solaris and (RISC 6000 S-70/AIX) and software. The jointly identified GCC suite of hardware and software has the capability to identify and alert system users if an unauthorized user attempts to enter the system. This capability, known as "hacker prevention" or "firewalls" was developed to be compliant with the National Security Agency (NSA) Multilevel Information System Security Initiative program, performed an on-site baseline analysis of the network and systems management capabilities at the following DII Regional Control Centers: DII Regional Control Center-Europe, Vaihingen, Germany and DII Regional Control Center-Pacific, Wheeler Army Airfield, Hawaii, DII Regional Control Center, CONUS-West.
Intelligent Network Management System Project Manager
Developed distributed intelligent interface agents (DIIA). These agents were designed to reside in a distributed network environment. Network agents intercommunicate within the network with various intelligent management agents in a domain of elements or objects. A central distributed intelligent interface agent resides at the manager station to integrate all the distributed intelligent interface agents deployed in the management agents distributed network. These agents are deployed within the environment that exists with other management tools or protocols. The tasks for these intelligent agents are to provide real-time system security and hacker countermeasures. Existing management tools with their intelligent agents were designed to initiate all tasks explicitly such as alarm correlation, planning, events monitoring and reporting. In this context we deployed these agents and determined that they are not necessarily an interface between users) and the computer.
ATIRP
Multimedia Compression Schemes for Point-to-point Multipoint Applications Project Manager
The objective of this research is to apply innovative multimedia compression technology to VA and Army systems and develop high-resolution, low-complexity, low-delay and robust compression schemes suitable for operation over heterogeneous networks. I developed intelligent, content sensitive, hybrid compression algorithms. I also constructed multimedia compression algorithms for speech, image and video compression. The speech compression algorithms specifically addressed voice compression with a goal of low bit rate transmission and good speech quality in the presence, of channel noise. I investigated the use of wavelets in video and image, compression. Additional objectives were to develop robust intake and video compression techniques suitable for medical image transmission over low bandwidth facilities. Adaptive compression matching wavelet transform waveforms were designed and supporting methodologies developed to support region of interest segmentation, matching pursuit and superior wavelet based image compression. Precise studies were made to select best of breed conventional techniques for medical image compression. Suitable edge detection algorithms for medical images researched and integrated that allowed blob coloring based segmentation algorithm using conventional edge detection preprocessing. This stochastic blob coloring (SBC) algorithm integration provided edge detection for specific medical imaging modalities (MRI). Integration of the SBC filter as preprocessor to adaptive compression engine was achieved. Various wavelets and various wavelet filter orders to implement the image transform were coded in computer programs that are machine independent to conform to industry standards and can be run from standard software systems. This was achieved through the use of entropy-constrained scalar and vector quantifiers for coding the wavelet transform information. A Blob-Coloring segmentation application using "C" code for simple geometric regions following Sot-ell edge detection allowed superior identification of top performing edge detection algorithms for baseline comparison.
Tactical/Strategic Network Modeling and Simulation of Heterogeneous Networks Project Manager
Principal investigator on an Army Research Lab sponsored project that uses simulation and modeling to evaluate the Combat Net Radio (CNR) data-link protocol. This protocol, MIL-STD-188-220, is a half-duplex multi-access protocol that was recently made the standard for battlefield communications. The model was built using Optimized Network Engineering Tool (OPNET). Using OPNET it was possible to simulate large communications networks with detail protocol modeling for performance analysis. I developed OPNET models of ATM gateways (Backbone-to-cellular and terrestrial-to-satellite). The gateway connects the ATM-backbone switch to the satellite. At the physical level, the gateway has a fiber interface to the switch and a dish interface to the satellite. The gateway buffers incoming ATM cells, packs them with associated FEC code into SDH Frames, and sends the SDH frames on channel. It may implement a scheduling discipline (e.g. interleaving) receives incoming SDH frames, does error correction, unpacks ATM cells, and sends them on fiber to switch. The satellite channel is characterized by bursty losses, an effective bandwidth, and delay.
Telemedicine Project Manager
I directed a team of senior computer scientists and engineers in a comprehensive Telemedicine research and development project for the Veterans Administration. The objectives of this program were to determine Telemedicine data requirements and priority; develop process and outcome performance based metrics determine effectiveness of display combinations of Telemedicine data; evaluate results of studies of Telemedicine data, performance and to display the research results in a test bed environment. Robust 3-level database architectures, high performance updates schemes, and high performance middleware platforms were developed to all support program objectives. Additional Research was also performed to identify how commercial wireless Systems can support Telemedicine. These tasks included evaluations of wireless technology, development of wireless technology insertion program, and integration/interface of pcs with mse and development prototype network management/control. Various LPI/LPD multiple access protocols were developed and deployed with integrated PSM and geolocation data, innovative compression algorithms and robust error control schemes to allow fast, efficient and accurate communication. Quality requirements for high-resolution images/video were modeled to develop traffic and ATM models that simulate strategic network communications.
Porting Parallel Maple over PVM on ATM Project Manager
Developed special interface source code that linked Parallel Maple and PVM-ATM. I explored Maple to determine the best strategies for distributing the symbolic computations over the heterogeneous environments. I also determined Maple's specific mathematical focus areas that will be ported to PVM-ATM. Developed a design for a prototype of a parallel Maple-PVM-ATM application. Designed Touting Styles, system configuration, message packing, packing style, base node fault tolerance, and network MTU sizes necessary to ensure the application's parallel functions. Developed the prototype and tested and evaluated its performance. Developed a full application based on prototype evaluation
DARPA Project Manager
The objectives of this project consists of developing an automated Web based DARPA HBCU Net Central Office at Howard University. The office provides program management; liaison with DARPA program manager and principal investigators; Web server; applications development help desk and an interface to HBCU Net. A state-of-the-art Proposal Resource Database with online access was developed to fulfill distributed needs. The database contains some DARPA holdings that include the following: DARPA Technology Publications; DARPA proposal templates; Successful proposal examples; and Current DARPA Broad Agency Announcements (BAAS) cross-referenced by HBCU/N41 Specialty. In addition, the database contains HBCU/Ml Subject Matter Experts Directory and recent HBCU/Ml Publications and Technical Reports. A high performance Internet accessible Web Server is used to support online collaborative HBCU/Ml proposal development. The web server holds the proposal resource database, on-line collaborative proposal development tools, online training tools and, a direct interface to HBCU Net facilities. On-line training tools provide necessary user instruction for successful DARPA proposal submission.
AERIS Project Manager
Designed the applications necessary to provide USAEC an Automated Environmental Records Information System (AERIS). The AERIS design included the functional requirements developed during the concept development phase, user interviews, user feedback sessions and the prototype applications that were conducted. AERIS applications includes document preparation & shipping, document receipt and inventory; user interfaces; document preparation for scanning; scanning; quality assurance; indexing; storage management; queries; on-line references; locationally related information (i.e., CAS or GIS); workflow management; document management; document distribution (SGML, EDI and Media); and systems administration directives.
HBCU Net Project Manager
Design engineer and project manager for HBCU Net, a computing backbone with nine Cray supercomputers distributed across the nation supported by a high speed network, is an educational, research and development wide area network designed to transmit voice, video, and data among Historically Black Colleges and Universities and Minority Institutions (HBCUs/Ml).
Engineering Research
I designed intelligent software for robotic systems that provided machine vision, automated research environment. Designed network server applications to support store and forward bulk data file transfer, transaction routing and retrieval, and a preliminary NBS application level message, transfer protocol. Developed policy statements for computer hardware/software purchases, design system and control procedures, develop training programs. I performed a LAN analysis, proposal, purchase, and installation functions. The network contained over 3000 nodes on twisted pair Ethernet with a FDDI backbone while providing the connectivity to IBM, DEC and HP mainframes from PCs and dumb terminals. Written real and protected mode VAPs (Value Added processes) using "C" servers and bridges that synchronized time on a multi-server internetwork. Using DEC PCSA services I developed an MS DOS applications in TURBO C that uploaded and downloaded ORACLE database information on a VAX 8550. Developed peer-to-peer NETBIOS service request modules for NOVELL and DECENT based networks. Developed an MS-DOS applications in Microsoft C for the automatic controls of a wire bond test machine across an IEEE 488 bus. Using the IBM @API interface and Turbo C, he developed a PC application that ran JCL batch jobs through a Novell or DCA 3270 connection to TSO. Written an account request program in "C" that ran on a VAX ULTRIX machine, Supervised and assisted in the software development of a PC based network for the distribution of manufacturing assembly instructions. Analyzed, purchased, and installed multiple Thin Ethernet networks that comprised 200 nodes. These networks utilized Novel network operating systems and bridge software ranging from versions' 2.0 to 2.15 rev c. Conducted benchmark testing of Novell, OS/2, Banyan, and PC LAN network operating systems, then published the results.
Design Engineering
Involved with the design and development of military and commercial computer systems, bit-slice, based processors, and interface modules.
Consulting
Proxicom Inc., Reston, VA. Consulting Principal Solutions Architect, Diversified Technologies, 2000 to 2001
I was responsible for conceptualizing, designing and overall technical direction and development of E-commerce application development and implementation. These applications employed three tiered client server technologies using Java web based front end, Weblogic middleware and Oracle database on the backend. Duties included management of multiple software development, quality assurance and testing teams; development and analysis of system functional requirements and designing architecture that supported the total system life cycle. I also managed the implementation PeopleSoft HR application and various modules. Developed detailed project plans that encompassed every phase of system development, budget, resource allocation, task assignment and performance and all critical and noncritical scheduling activities. These applications were implemented on clustered IBM S-80’s running AIX supporting the Oracle8i backend databases, Sun servers running the middleware and Windows 2000 based PC’s on the front end. Fortune 500 clients consisted of General Motors and Merrill Lynch. Provided hands-on support in developing all systems management, security, communications and maintenance procedures and methodologies using COTS (Tivoli, HP Openview, Net Expert, Net Cool) and platform/OS (Solaris, AIX, Windows) specific tools. Supervised and mentored staff to assure optimum performance completing assigned tasks.
Urban Technologies Inc., Washington, D.C. Consulting Director of Engineering, 1998 to 2000
I directed all hardware and software engineering consulting activities that included database design, wide and local area network engineering, modeling and simulation, Internet security and numerous systems engineering tasks. I was responsible for modeling and simulation analyses of GOES, IUE, EOS, Mars Explorer and numerous other spacecraft for NASA. I designed scientific instruments for deployment on the International Space Station. Developed program metrics and simulation design for various DOD communications and tactical systems. Performed orbital mechanical analyses for IRIDIUM Inc. Managed the development of secure three-tier client server web-based medical informatics applications for Veterans Administration and the Canadian National Healthcare System. Managed the implementation secure medical web-based medical information management systems at numerous sites throughout the U.S. To accomplish the NASA tasks custom (SatSim, ComMod, and OrbPlot) as well as COTS simulation and tools were deployed on Sun/Solaris and SGI/Irix platforms. All software development tasks were developed using the Rational and Oracle toolsets on Solaris and Windows platforms.
Instruction
I instructed undergraduate courses in structured programming, data structures, algorithms design, digital logic, computer design, computer architecture, microprocessors, assembly languages, computer networks, network security, software engineering, electric circuit analysis, semiconductor theory & devices, integrated circuits fabrication, methods, VLSI design, silicon device fabrication, and solid state devices. Instructed graduate courses in advanced telecommunications t h a t covered a review of probability, random variables, random processes, and queuing theory with applications to
Contact this candidate