Security Engineer
Resume:
Resume - Leon O. Allen
June, ****
**** ********* ******, *****, ******** 20721-2465
CLEARANCES: Top Secret/SCI
Home: 301-***-**** Cell: 443-***-****
MBI
Email: ****.******@*******.***
POLY: Counter Intelligence
Leon Allen - Information Security Engineer Principle Leader
1 SUMMARY
I have a baccalaureate degree in music education from Drake University and
Honors certification from Computer Learning Center. My experience with
mainframe environments began in 1976 and includes experience in operations,
programming, and security. Mainframe security has been my primary focus
since 1983. Since 2002, my primary focus has been with mainframe system
vulnerability analysis, testing, and auditing.
2 EDUCATION
BME - Bachelor of Music Education (Drake University) 1970
Honors - Computer Operations (Computer Learning Center) 1977
3 CERTIFICATIONS
CIPP - Certified Information Privacy Professional
IAM - Infosec Assessment Methodology (NSA)
4 AWARDS
. Employee of the Quarter - Amtrak
1987
. Outstanding Achievement - Department of Transportation (CBIS)
1994
. Minority Enterprise of the Year Award from D.O.T., for work provided
1998
. Outstanding Work and Support for D.O.T. Y2K Effort
1999
5 MEMBERSHIPS
IAPP - International Association of Privacy Professionals
ISACA - Information Systems Audit and Control Association
6 OTHER TRAINING
How to Audit z/OS with USS, TCP/IP, FTP, and the Internet
2007
IT Contingency Planning Process
2006
Unix Security Administration
2006
Vulnerability Testing
2006
WebInspect
2006
Operational Controls
2006
Advanced Local Network Security
2006
AppDective
2006
Firewall Fundamentals
2006
Infosec Awareness
2004
CA-Auditor
2003
ISS Internet Scanner
2003
Hydra Expert Access Technology (HEAT)
2002
Essentials of UNIXWARE (CBT - CSC)
2000
INFOSEC Assessment Methodology (NSA)
2000
Internet Security (Strayer College)
2000
Introduction to TCI_IP and IP Addressing (CBT - CSC)
2000
PKI Analysis and Planning
2000
UNIX Editors (CBT - CSC)
2000
UNIX, OS_2 and Windows NT (CBT - CSC)
2000
UNIXWARE File Management (CBT - CSC)
2000
UNIXWARE Job Control (CBT - CSC)
2000
Control-M Scheduling
1999
Control-R Restart Facility
1999
RACF Implementation and Security (Audit Perspective)
1999
Control-M Links
1999
ETF/A
1997
MVS Open Edition Security Controls for New Features
1997
Lotus Notes
1997
Data Security Administration (DSA)
1997
MVS Security Controls
1997
Quality Assurance and System Testing
1996
ACF2, ACF2/VM, and ACF2/DB2 Administration
1996
Quality Education System (Crosby)
1992
Easel Workbench (OS2/Windows)
1991
TSO REXX Programming
1989
Structured Testing
1989
Presentation Skills
1989
Using DB2 and ISQL1
1986
DB2 and SQL/DS Overview
1986
Writing Effective Correspondence and Writing Skills Workshop
1986
QMF for DB2 and SQL/DS
1986
Communications Security
1986
International Security
1985
On-Line Security
1985
Computer Security (RACF)
1985
Database Security & Auditability
1983
COBOL I, II, and COBOL Accelerated
1983
Introduction to VSAM
1982
Structured Analysis and Structured Programming
1982
IMS/VS Data Base Programming
1982
Interactive Personnel System Design and Implementation
1981
MVS Basics
1980
Job Control Language
1980
Fundamentals of Computer Systems Analysis and Design
1980
COBOL Coding
1979
Data Center Awareness Network Management 1979
7 TECHNICAL SKILLS
Software: CA-ACF2, CA-EXAMINE, CA-TOP SECRET, RACF, IOF, SDSF, OS/JCL, IBM
UTILITIES, ETF/A, COBOL, PCPLUS, CPCS, MS/DOS, EASEL, SAS, BLACK ICE, PNMS,
WORDPERFECT, MICROSOFT WORD, HOGAN, E-SRF, CAPS, CARBON COPY PLUS, IMS,
IDMS, CICS, TSO/ISPF, POWERLINK, PCLP (IBM), MVS/ESA, OS2, OS/390, z/OS,
UTILITIES, VM, DSA, SUPERSESSION, DEFENDER, WINDOWS (95 - Vista), ROSCOE,
LOTUS NOTES, VISIO, MICROSOFT ACCESS, SAM (Security Administration
Manager), ZONELABS PRO, HEAT (Hydra Expert Assessment Technology),
APPDECTIVE, and WEBINSPECT.
8 PROFESSIONAL EXPERIENCE
September 2010 to April 2011 Senior
Mainframe Security Tester
BAE
. Keep abreast of new vulnerabilities to assess their impact to FBI
mainframe systems.
. Conduct post test analysis, develop test plans and results documents, as
well as participate in the FBI risk assessment process.
. Act as a member of the certification team providing requisite technical
expertise as required.
. Provide technical support to the FBI Information Technology Security Unit
and the Information Assurance Section Senior Engineer as required.
. Responsible for establishing FBI mainframe application security testing
plans, as well as testing mainframe applications' security functionality,
as part of the C&A process.
. Conduct all mainframe and mainframe application testing using FISMA
criteria.
. FISMA compliance verified manually.
October 2009 to September 2010
Senior Associate Advisory 4
KPMG
. Provided mainframe security auditing for GMAC, FDIC, and the Department
of Treasury.
May 2009 to June 2009 Information Security
Engineer Principle Leader
CSC
. Assesses security infrastructure, network and systems design to evaluate
and ensure system/network security (IRS).
. Provides technical support and oversight in the design, implementation,
integration, configuration and testing of complex computer and network
security solutions (IRS).
February 2009 to May 2009 Senior Mainframe Security Tester (SME)
CSC
. Keep abreast of new vulnerabilities to assess their impact to FBI
mainframe systems.
. Conduct post test analysis, develop test plans and results documents, as
well as participate in the FBI risk assessment process.
. Act as a member of the certification team providing requisite technical
expertise as required.
. Provide technical support to the FBI Information Technology Security Unit
and the Information Assurance Section Senior Engineer as required.
. Responsible for establishing FBI mainframe application security testing
plans, as well as testing mainframe applications' security functionality,
as part of the C&A process.
. Conduct all mainframe and mainframe application testing using FISMA
criteria. FISMA compliance verified manually.
December 2007 to February 2009 Information Security Engineer
Principle Leader
CSC
. Keep abreast of new vulnerabilities to assess their impact to FBI
mainframe systems.
. Conduct post test analysis, develop test plans and results document, as
well as participate in the risk assessment process (FBI).
. Act as a member of the certification team providing requisite technical
expertise as required.
. Provide technical support to the Information Technology Security Unit and
the Information Assurance Section Senior Engineer as required.
. Assesses security infrastructure, network and systems design to evaluate
and ensure system/network security (IRS).
. Provides technical support and oversight in the design, implementation,
integration, configuration and testing of complex computer and network
security solutions (IRS).
. Conduct FBI mainframe and mainframe application testing using FISMA
criteria.
. FISMA compliance verified manually.
October 2002 to November 2007 Information Security Engineer (SME)
Vigilant Services Corporation
. Keep abreast of new vulnerabilities to assess their impact to FBI
mainframe systems.
. Conduct post test analysis, develop test plans and results document, as
well as participate in the risk assessment process (FBI and Bureau of
Engraving and Printing).
. Act as a member of the certification team providing requisite technical
expertise as required.
. Provide technical support to the Information Technology Security Unit and
the Information Assurance Section Senior Engineer as required.
. Responsible for establishing mainframe application security testing
plans, as well as testing mainframe applications' security functionality,
as part of the C&A process (FBI and Bureau of Engraving and Printing).
. Conduct Bureau of Engraving and FBI mainframe and mainframe application
testing using FISMA criteria.
. FISMA compliance verified manually.
March 2001 to October 2002 Principal Computer Security Engineer
Computer Sciences Corp
. Audited Computer Sciences Corporation mid-sized mainframe environment in
Connecticut.
. Responsible for creating certification and accreditation reports for
Internal Revenue's LANs, WANs, Mainframes, Firewalls, Systems, and
Applications.
. Responsible for creating certification and accreditation reports for the
General Services Administration's LANs, WANs, Firewalls, and Systems.
. Provided expertise related to mainframe security solutions.
. Responsible for creating certification and accreditation reports for the
National Oceanic and Atmospheric Administration's LANs, WANs, Firewalls,
and Systems.
. Responsible for creating certification and accreditation reports for the
Department of Immigration's Visa/Waiver application.
September 2000 to April 2001 CA-ACF2 Consultant
Princeton Information, Ltd., The Vanguard Group
. Audited CA-ACF2 Logonid, Rules, and Infostorage databases and produced
reports identifying associated vulnerabilities.
. Responsible for providing assistance integrating the Security
Administration Manager (SAM) with CA-ACF2 and Microsoft Access.
. Identified modifications required to CA-ACF2 databases, to provide a more
efficient and secure environment.
. Responsible for modifying SAM and CA-ACF2 databases as required.
. Responsible for troubleshooting and correcting access irregularities
related to the integration of SAM and CA-ACF2.
August 1999 to September 2000 Principal Computer Security Engineer
Computer Sciences Corp.
. Responsible for creating certification and accreditation reports for
Internal Revenue LANs, WANs, Mainframes, Firewalls, Systems, and
Applications.
February 1996 to August 1999 Senior Data Security Specialist
Troy Systems & Adsytech Inc., Department of Transportation
. Audited and performed maintenance on CA-ACF2 security databases using
EKC's ETF/A software.
. Provided computer security services for over 6,000 users utilizing CA-
ACF2 mainframe security software.
. Worked on projects to rewrite rule databases utilizing a new UID string,
cleanup the logonid database, remove non-cancel from Started Task IDs, and
purge inactive logonids and obsolete dataset and resource rule entries.
. Controlled accesses to IOF commands.
. Responsible for activating Alias' for TSO and Signon Clists.
. Monitored security reports on a regular basis.
. Responsible for debugging versions 1.3 and 1.4 of ETF/A security support
software.
. Provided assistance to outside contractors on security related projects.
. Provided training for new security analysts and scoped security officers.
. Modified Policy and Procedures documents as required.
. Executed disaster recovery procedures off-site.
. Provided security expertise to assist in securing new applications.
. Provided RACF security administration support for Y2K testing.
November 1995 to February 1996 Senior Data Security Specialist/Project
Manager
ALPHATECH Corp., Department of State
. Audited CA-ACF2 databases for inefficient security control statements.
. Monitored security reports on a regular basis.
. Provided training for scoped security officers.
. Established system-wide standards as required.
. Provided computer security services for seven domestic and three foreign
computer systems.
. Researched, analyzed, and documented known or suspected security
exposures.
. Established and documented change management procedures for ACF2
modifications.
. Created documentation outlining appropriate CA-ACF2 maintenance
procedures.
February 1993 to November 1995 Senior Data Security Specialist
ADSYSTECH Inc., CBIS Corp., & UNISYS Corp., Department of Transportation
. Audited "Systems" and "Started Task" access rules to ensure that they
provided adequate "need to know" access controls.
. Provided computer security services for 7,000 users. This included all
dataset and resource rule writing and testing, as well as GSO entry
modifications where required.
. Worked on projects to rewrite rule databases utilizing a new UID string,
cleanup the logonid database, remove non-cancel from Started Task IDs, and
purge inactive logonids and obsolete dataset and resource rule entries.
. Controlled accesses to IOF commands.
. Responsible for activating Alias' for TSO and Signon Clists.
. Monitored security reports on a regular basis.
. Utilized ETF/A to maintain ACF2 databases.
. Responsible for debugging versions 1.3 and 1.4 of ETF/A security support
software.
. Provided assistance to outside contractors on security related projects.
. Provided training for new security analysts and scoped security officers.
. Modified Policy and Procedures documents as required.
. Executed disaster recovery procedures off-site.
. Provided security expertise to assist in securing new applications.
1991 to January 1993 Senior Data Security Specialist
KCM Computer Consulting, Mobil Oil Corporation
. Audited new and modified systems to ensure that appropriate access
controls were in place.
. Researched, analyzed, and documented known or suspected security
exposures.
. Performed tasks related to restructuring ACF2 logonids and rules
databases including rule analysis, training users in ACF2 methodologies,
and interfacing with users to produce low maintenance and secure rule
sets.
. Trained new data security analysts and provided security direction for 12
data security analysts.
. Monitored ACF2 and Mobil Oil security reports on a daily basis.
. Modified and tested dataset and resource rule requests as required.
1987 - 1991 Information Integrity Specialist
USF&G Insurance
. Audited security controls related to new and enhanced systems.
. Performed all duties related to securing corporate information resources
using CA-ACF2.
. Researched, analyzed, and documented known or suspected security
exposures.
. Developed and conducted training for other security personnel, as well as
security awareness instruction for new data processing personnel.
. Consulted with all corporate personnel in areas of expertise.
. Reviewed corporate correspondence/documentation and identified their
impact on security standards and procedure.
. Performed all security analysis and implementation tasks for the
installation of PCs and LANs in 54 branch office locations.
. Reviewed and analyzed new hardware and software for security exposures.
. Provided dial-up access control to mainframe as required.
. Provided dataset and resource rule maintenance and testing as required.
1985 - 1987 Senior Computer Security Specialist
AMTRAK
. Performed all duties related to securing Amtrak's reservations system.
. Established and maintained technical controls for the protection and
confidentiality of data resources.
. Investigated and prepared documentation related to prosecuting employees
suspected of abusing the reservations system.
. Provided RACF security backup support as required.
1985 Manager of Data Security
Maryland Casualty Insurance
. Acted as the focal point for all organizational units on matter of
overall security.
. Reviewed and evaluated data security staff, standards and guidelines.
. Monitored asset protection.
. Provided RACF backup support as required.
1983 - 1985 Computer Security Officer
RIGGS National Bank
. Performed duties related to securing corporate resources using CA-ACF2.
. Created, modified and tested ACF2 dataset and resource rules as required.
. Brought ACF2 from "QUIET" to "ABORT" mode.
. Used MSA, CPCS, CAPS, HOGAN, HENCO, and DATA LINK software to secure
other corporate resources.
1977 - 1983 Programmer Analyst/Computer Operator/Scheduler
AMTRAK
. Responsible for maintaining the MSA Payroll System, the Interpers
Personnel System, and Material Management System.
. Authored the code for Amtrak's Savings Plan application.
. Operated two IBM 370/158 mainframe computers and two CDC 3500 computers.
. Responsible for submitting/monitoring of batch jobs and report
distribution.
1976 - 1977 Computer Operator
IBMI Inc.
. Operated IBM 360/40 and related peripherals.
1975 - 1976 Salesman
Herman Atlas
. Head of firearm sales.
1974 - 1975 Musician
Oil Can Harry's
. Professional musician/singer/composer/arranger
1970 - 1974 Teacher
Woodward-Granger Schools
. Instrumental Music Teacher
Contact this candidate