Security Management
Resume:
Vera B. Ransom
**** *** ******* **** ~ Fredericksburg, VA 22407
Cell Phone: 410-***-****
Email Address: **********@***.***
OBJECTIVE/GOAL:
Subject Matter Expert (SME) in Certification & Accreditation (C&A) seeking career assignment with
growth potential. Utilization of advanced education and prior tasking skills, knowledge and abilities will
be a positive contribution to an organization. Previous employment with organizations that deliver
services to the Department of Defense (DoD) to include the United States Army, the Marines, the Air
Force and other government agencies.
EDUCATION :
Certified Authority Professional (CAP) - Candidate scheduled for testing in October 2010
Bachelor of Science, Electronics Technology
Norfolk State University Norfolk, VA
SECURITY CLEARANCE:
Top Secret/SSBI Type: Department of Defense Updated on: March, 2009
TRAINING CERTIFICATES:
Certified Authority Professional (CAP)
International Information Systems Security Certification Consortium (ISC2), Falls Church, VA
Certificate in Information Systems Security Professional (CISSP)
International Standard for Information Security, Falls Church, VA
Certificate in Secret Internet Protocol Router Network ( SIPRNET)
SIPRNET Connection Approval Office, Defense Information Systems Agency (DISA),
Falls Church, VA
Certificate in Information Assurance Policy and Technology IA-301
Defense Information Systems Agency (DISA), Falls Church, VA
Certificate in DoD Information Technology Security Certification
And Accreditation Process (DITSCAP) DISA, Fall Church
Certificate in National Information Assessment Certification
And Assurance Process (NIACAP) SecureInfo Corporation, Washington, DC
Certificate in NISPOM Chapter 8 Requirements
Defense Security Service (DSS) Elkton, MD
Certificate in Security Awareness Forum For Educators (SAFE)
Defense Security Service (DSS) Elkton, MD
Certificate in NISP Network Security Basics
Defense Security Service (DSS) Elkton, MD
Vera B. Ransom
Page ? of ?
Certificate in Operational Information System Security
Defense Information Systems Agency (DISA) Falls Church, VA
EMPLOYMENT:
Sep. 2009 - STG, Incorporated
Sep 2010 United States Army (NETCOM)
Position Title: Certified Authority Representative (CAR)
Dec. 2007 - General Dynamics – Signal Solution
Sep 2009 United States Army (NETCOM)
Position Title: Certified Authority Representative (CAR)
Oct 2006 - Knowledge Consultant Group, Reston, VA
Nov 2007 Counterintelligence Field Activity (CIFA)
Position Title: Information Assurance Officer (IAO)
Jan 2002- Houston Associates, Inc., Arlington, VA
Oct 2006 Defense Information Systems Agency (DISA)
Position Title: Certification/Accreditation Analyst
Mar 1995- Advanced Systems Development, Inc. Arlington, VA
Oct 2001 Department of Defense @ Pentagon
Position Title: Network Security Administrator
Oct 1986 - KOH Systems, Incorporated, Rockville, MD
Mar 1995 Department of Energy
Position Title: Network Security Administrator
EXPERIENCE:
~Subject Matter Expert (SME) CERTIFIFED AUTHORITY REPRESENTATIVE (CAR) ~
As an Subject Matter Expert (SME) Certified Authority Representative (CAR )for the United
States Army, my most important responsibility consist of assisting the Army Certified Authority (CA)
with recommendation decisions for the United State Army, and other agencies within the Department of
Defense (DoD). My main objectives consist of reviewing the Certification and Accreditation (C&A)
documentation, that I received daily from the U S. Army and other branches within the military. Upon
my completion of reviewing the C&A documentation, a recommendation is provided to the Army CA for
approval prior to connection on the Army network, the Defense Information System Network (DISN)
SIPRNet and other DoD installations. My other daily (CAR) responsibilities are listed below:
● Assigned and performed Team Leadership responsibilities to the C&A Security Team
● Perform (CAR) Certification and Accreditation responsibilities supporting the US Army
Network Enterprise Technology Command/9th Signal Army Command (NETCOM)
Vera B. Ransom
Page ? of ?
● SME in reviewing daily, C&A analysis in preparation of DIACAP Implementation Plans
(DIP); System Identification Plan (SIP); Network Topology Diagram; Plan of Actions & Milestones
(POA*M) and the DIACAP Scorecards for appropriate testing.
● Expert knowledge of the following Policy and Procedures in accordance with DoD:
Department of Defense (D0D) 8510.01 Information Assurance Certification and Accreditation Process
(DIACAP); the Army Regualtions 25.2 and 25.1; the DoD Directives 85001 and 85002; DoD
Directives 5000.1 and 5000.2; the Networthiness Certification Program (CON), the Army Best
Business Practices (BBPs) and various other documentation pertaining to Information Assurance,
Security, and (C&A).
●.Review daily Certification and Accreditation (C&A) documentation, prior the approval
of the Army CA and the Designator Approval Authority (DAA) signatures.
Conduct risk analysis, while working with the IAPM, IAM, and ISO to ensure DIACAP
●
compliances are met, while meeting accreditation deadlines.
● Assist the IAPM, IAM, IAO with completing the POA&M, along with DISA STIGS, Patches and
various of other compliance issues.
● Upon completion of reviewing all supporting artifacts, prepare daily the recommendation letter
to be reviewed, approved and signed by the Army CA.
● Interact
daily with Senior Level Management and the Authority Certified Agent (ACAs) on
(C&A) decisions within the US Army and other DoD Agencies.
● Attend weekly CAR meeting with the government Senior Level Management; as well as other
government personnel on the VTCs and telephone conferences as required.
● Coordinate and monitor the process of Networks and Systems reaccreditation based on
expirations and updates/changes prior to ATO/IATO accreditation expiration.
● Review Configuration Management documentation as part of the accreditation and Lifecycle
Management.
● Developed security policies, procedures and standards based on current Federal and Department
of Defense (DoD) regulations including System Security Plan (SOP)
~ Subject Matter Expert (SME) ~INFORMATION ASSURANCE OFFICER (IAO ) ~
As an Information Assurance Officer (ISO) for Counterintelligence Field Activity (CIFA), my
daily responsibilities consist of successfully providing 100% Certification and Accreditation for the
(CIFA) Unclassified and Classified networks. The most important daily tasking, consist of reviewing the
Systems Security Authorization Agreement (SSAA) packages I received from the customers. I provided
(C&A) services in accordance with Defense Information Systems Agency (DISA), the Department of
Defense (DoD) Information Technology Security Certification and Accreditation (DITSCAP) and (DoD)
Vera B. Ransom
Page ? of ?
Information Assurance Certification and Accreditation Process (DIACAP), Department of Central
Intelligence Directives (DCID 6/3) and National Industrial Security Program Operational Manual
(NISPOM) Chapter 8 requirements . My other daily (C&A) responsibilities are listed below:
● Perform(ISSO) Certification and Accreditation responsibilities supporting CIFA
networks in conjunction with the Information Assurance Manager (ISSM).
● Excellentworking knowledge of (DoD) Directives: 5200.1, 5200.2, 5200.40, 8500.1,
8500.2 and 8520.1
● Attended weekly Systems Lifecycle meetings within CIFA.
● Became the Lead (C&A) personnel on all Systems Applications connecting to the CIFA
networks.
● Reviewed Port Open Request (POR) and Configuration Management Changes (CMC)
on the CIFA networks.
● Implemented and maintained various information Security processes and procedures.
● Worked with the (ISSM) and other (ISSO) members and the (ISSO) Team Lead as
necessary.
● Workeddaily on the (C&A) impact assessments, Security Test & Evaluation, NISPOM
Chapter 8, DISA Checklists and Vulnerability Management Systems(VMS).
~CERTIFICATION AND ACCREDITATION~
As an Certification and Accreditation Analyst for HAI / A Raytheon Company, I have
successfully completed many tasks and assignments for the Defense Information Systems Agency
(DISA), and the Multinational Information Sharing (MNIS)-Joint Program Office (JPO). The most
important daily tasking, consist of reviewing the Security Accreditation packages, I received from
Government and Contractor facilities, prior to authorization connection on the DISA networks listed
below:
Defense Information System Network-Leading Edge Services (DISN-LES),
●
Combined Federal Battle Laboratory (CFBL)
●
Coalition Wide Area Network (CWAN) GRIFFIN)
●
My daily Network Security tasking consist of assisting the Corporate Facility Security Officer
(FSO), Information Assurance Manager (IAM), Information Assurance Officer (IAO) and the Project
Managers with day-to-day network security executions at Houston Associates, Inc.(HAI) / A Raytheon
Company.
Vera B. Ransom
Page ? of ?
Other communication skills consist of assisting the, Defense Information Systems Agency
(DISA), Field Service Officer (FSO), Defense Security Service (DSS) and the Information Security (IS)
team with Certification/Accreditation of the Defense Information System Network-Leading Edge
Services (DISN-LES) and the Combined Federal Battle Laboratory (CFBL) networks.
Tasks and assignments that were assigned to me have been executed and/or handled with little or
no error rate and a 100% completion:
Manage projects and operations of a network security team to include the Network Security
•
Engineers, Certification/Accreditation, Information Security, COMSEC and Personnel Security.
Develop security policies, procedures, and standards based on current federal and Department of
•
Defense (DoD) regulations including facility Site Security Plan (SSP), and the System Security
Authorization Agreements (SSAA).
Develop solutions to ensure Confidentiality, Data Integrity, Non-Repudiation, and Availability, is
•
maintained daily on the following DoD networks: (DISN-LES/CFBL/GRIFFIN).
Ensure the facility is in DoD compliance in marking, handling, controlling, removing,
•
transporting, sanitizing, reusing, and destroying media and equipment containing classified
information.
Received and reviewed daily proposed Security Accreditation packages from assorted
•
Government and Contractor facilities.
Ensure all customers Security Accreditation packages are in compliance with the Defense
•
Information Systems Agency (DISA) Department of Defense Information Technology Security
Certification and Accreditation Process (DITSCAP), the Chairman of the Joint Chief of Staff
Instruction (CJSCI6211.02b), NISPOM Chapter 8 and the SIPRNET Connection Approval
Office (SCAO); Cross Domain Solution (CDS); Secret and Below Interoperability (SABI)
Process.
Responsible for the accreditation status of all the sites and initiatives approved for connection on
•
the associated networks (DISN-LES\CFBL\GRIFFIN) within DISA.
Coordinate and monitor the Security Accreditation packages of each site within the applicable
•
networks.
Coordinate and monitor the process of Network re-accreditation based on expirations, and initiate
•
receipt of updated ATO/IATO prior to expiration.
Review weekly the Security Accreditation status for all the associate networks, to brief weekly
•
the HAI, Management and Government Security Officers.
Ensures compliance of policies and procedures by employees and visitors within the controlled
•
areas are exercised and maintained daily.
Investigate and report as applicable reference security incidents and violations.
•
Vera B. Ransom
Page ? of ?
Assist the FSO regarding reporting of espionage, sabotage, or other subversive activities affecting
•
the facility, employees, or their families.
Participate in security education and briefings on an annual basis.
•
Prepare correspondence, memorandum, reports, slides and briefing materials as required in the
•
performance of security duties.
Complete additional duties as assigned.
•
Currently, the skills and abilities that I have accrued over the years have allowed me to function at
a professional level with my managers, co-workers, customers and job related counterparts. It is because
of these skills and abilities that I process the qualification for my current position. In addition, while in
this position, I have increased my skills through on-the-job training and self-teaching. Overall, those
skills and abilities include the following:
Ability to Manage and support the Security Team in all areas of security to include: Personnel,
•
Engineer, COMSEC and Physical and Information security matters.
Ability to be flexible in order to make adjustments from low to high level of activity quickly.
•
Ability to manage multiple tasks simultaneously and efficiently. This requires effective and
•
efficient prioritization and scheduling.
Ability to safeguard sensitive and proprietary information
•
Ability to write procedures, documentation and other informative correspondence.
•
Ability to effectively present information and respond to questions from groups of managers,
•
clients and other groups.
Ability to read, analyze and interpret security regulations.
•
OPERATING SYSTEMS\HARDWARE\SOFTWARE
Microsoft Windows XP and Windows VISTA
Solaris; Linux (Red Hat)
Microsoft Office 2000 - 2008
Visio
Adobe Reader
Firewall: CISCO Pix 515E
Configuration Management Tool: Tripwire
Assessment Tools: Gold Disk, Retina, and Hercules
Vera B. Ransom
Page ? of ?
Intrusion Detection System: Site Protector
Anti-Virus Software: Symantec; Norton’s; MacAfee
Monitoring Tool: HP Openview; What’s Up Gold (Simple Network Management Protocol)
Skilled In: Security Management System (SMS)
Vulnerability Management System (VMS)
Network Tracking Information System (NTIS)
IBM compatible Computers/Laptops:
Pentiums Dell Toshiba Compaq
Hewlett Packard printers and compatible:
HP Series Canon Color XEROX Phaser
REFERENCES
Submitted upon request.
Contact this candidate