Security Information Technology
Resume:
IT C/A PROFESSIONAL/ INFORMATION TECHNOLOGY SECURITY SPECIALIST
Robert A. Buell
Kimberly, Alabama 35091
205-***-**** (home)
205-***-**** (cell)
**********@*********.***
Date: September 30, 2010
Retired: 3/2004 to Present
Involved in volunteer work:
Remodeling Women's Shelter
Conducting Audits for various Church Organizations
IT Consulting
Working with Christian Youth Camps
Professional Experience: Robert A. Buell
United States Federal Government
Department of Veterans Affairs
Certification and Accreditation Division
Office of Cyber Security
Washington, DC 20422
IT C&A Professional/Information Technology Security Specialist
(GS-2210-13) (7/1990 to 2/2004)
Supervisor: Mr. Frank Marino 304-***-****
Responsible for Department of Veterans Affairs Certification and
Accreditation (C&A) efforts for IT systems throughout the United States.
This included writing Statement of Work for contractor support for C&A.
Reviewed and made recommendations for NIST Publication 800-37, VA Directive
and Handbook 6214, and analysis of training material for national C&A
distribution and presentation. Familiar with ISO 27001 and other NIST
Publications relevant to C&A. Reviewed C&A packages for Interim Authority
to Operate (IATO) and provided oversight to contractors and facility
Echelon I and II ISOs conducting C&A. Attended 80 hours of DoD Information
Technology Security Certification & Accreditation Process (DITSCAP)
Workshop, conducted for United States Federal Government IT professionals
by SecureInfo Corporation, San Antonio, Texas.
As Senior Auditor/Lead Inspector, provided guidance and training to staff
of the Review and Inspection Division (RID) on the proper procedures for
conducting inspections of Hospital Information Technology Systems including
network technologies, e.g., TCP/IP, FTP (File Transfer Protocol), routers,
and data base management systems. Auditing all sensitive systems, and
identifying security features of VISTA, UNIX, NT (Win 2000), firewalls,
encryption standards, Internet/Intranet, VPN, and other client-
server/operating systems to ensure the integrity, availability,
confidentiality and accountability of data/information.
Working member of the following workgroups - Security Health Care
Certification and Accreditation, Software Development Requirements and
Standards for IT C&A, HIPAA, and Architectural Planning. It was imperative
that we worked together as a team to solve problems and use our analytical
skills extensively to come up with viable solutions in a timely manner.
Adjunct officer to the Director of Health Information Security Services,
Veterans Affairs Central Office, Washington, DC. Directly responsible for
the development, implementation and administration of Veterans health
Administration's National Information Systems Security Program to comply
with the Computer Security Act of 1987, the Privacy Act of 1974, OMB A-130,
NIST Publications (Including 800-37), GAO, JCAHO, IG, and other federal,
state and local regulations. Ensured the integrity, confidentiality,
availability, and accountability of all IT systems, their data/information
relating to Veterans and staff of approximately 172 VA Medical Centers, 600
Outpatient clinics and 200 field IT/Network offices.
As the Senior Auditor and Investigator of the audit and investigation team
I was responsible for administering the national Automated Information
Systems security program. This included on-site IT system security audits,
investigation of computer security incidents and recommending program
emphasis and national goals. I used computer assisted audit techniques,
analysis and analytical software (Snort), system utilities in conducting
system security audits and in-depth computer security investigations
throughout the United States. Computer investigations allowed me to use
several different utility forensic analysis tools, e.g., GetSwap (to
retrieve transient data found in computer "swap" or "page" files), NTFS
GetSlack (retrieve data found in the "slack space of many files and deleted
files"), DiskSearch (ntfs_ds) (convenient way to search large amounts of
data), L0phtcrack (identify/crack passwords), and other system utilities
from NT Resource Kit. I worked closely with Regional Counsel, FBI,
Inspector General, and Attorney General's Office in many cases.
Coordinated and developed national IT security policies and procedures
regarding sensitive data and sensitive computer systems. Identified
security features of VISTA, NT (WIN 2000), UNIX, fire walls, encryption
standards (Public Key Infrastructure), Internet/Intranet, Unix, VPN,
TCP/IP, FTP and other client-server/operating systems to ensure the
integrity, availability, confidentiality and accountability of
data/information.
As a member of management, consulted with Directors, IT Managers, and staff
in planning implementing, establishing and monitoring the IT Security
program to support system security plans, risk analysis, contingency
planning, and IT Certification and Accreditation requirements.
Gained extensive knowledge of software applications and operating systems
through continuous system audits during the past 17 years.
Attended many conferences and workshops to stay abreast of the latest
technology in IT enterprises to ensure the most robust and new approaches
were used within the U.S. Department of Veterans Affairs in delivering IT
security services in a secure and safe environment.
Supervised a staff of twenty IT professionals and indirectly supervised
over two hundred Information Security Officers.
National Institutes of Health
Bethesda, Maryland 20852
Chief Crime Prevention/Crime Prevention Specialist (GS-301-12) (9/1987
to 7/1990)
Conducted departmental audits/surveys, wrote detailed reports and presented
findings with recommendations to correct deficiencies to National Institute
Directors.
Responsible for ensuring full compliance with the Computer Security Act of
1987, Privacy Act, OMB Regulations 130, 127,and123, JCAHO, GAO, and IG.
Maintained liaison with other federal agencies in order to carry out duties
and responsibilities. Coordinated with the FBI and Secret Service in
providing security to the President of the United States upon visits to the
National Institutes of Health.
City of Panama City
Police Department
Panama City, Florida
July 1965 - July 1972
Sergeant of Patrol
and
Hillsborough County Sheriff's Office
Tampa, Florida 1972 - 1974
Deputy Sheriff Patrol and Investigations
Supervisory officer for patrol and criminal investigations. Conducted
criminal investigations and presented cases and trial testimony in
cooperation with local, state and federal law enforcement agencies.
Completed required Law Enforcement Training as required by FDLE (Florida
Department of Law Enforcement) at Gulf Coast Community College, Panama
City, Florida.
Education and Professional Training: Robert A. Buell
B.S., Criminal Justice, Pacific Western University
Criminal Justice, Florida State University
A.A., General Education, Gulf Coast Community College
A.S., Law Enforcement, Gulf Coast Community College
Crime Prevention Theory and Practice, University of Louisville
High School, Walnut Township High, Millersport, Ohio
Data Security Training
DoD DITSCAP (Certification and Accreditation)
CISSP Boot Camp
SANS Security Essentials
Windows 2000 Server Security Administration
Administrative Investigative Course
VA- Web-based Information Security
Microsoft 922 Supporting MS Win NT 4.0 - Core Technologies
Microsoft 803 Administering Win NT 4.0
Information Systems Auditing Techniques
Advanced Project Officer Certification - Department of Health and Human
Services
Attended Executrain & Computer Horizon Institute (1990 - 2004): completed a
total of sixty-six computer based courses in Auditing, PCs, Operating
Systems, NT, UNIX, Novell, Database Management, Microsoft Access,
Networking Programming, Word Processing, Project Management, System
Management, LAN/WAN Networks, Windows Suite, Internet and IT Certification
and Accreditation..
I certify that the information I have provided on this resume is true and
correct to the best of my knowledge and belief.
Robert A. Buell September 30, 2010
Top Secret Clearance (inactive)
Contact this candidate