Post Job Free
Sign in

Security System

Location:
Glen Burnie, MD
Posted:
October 18, 2012

Contact this candidate

Resume:

Bernard Koester

Email: *********@********.***

Address: **** ***** *****

City: Glen Burnie

State: MD

Zip: 21060

Country: USA

Phone: 443-***-****

Skill Level: Management

Salary Range: 100

Primary Skills/Experience:

See Resume

Educational Background:

See Resume

Job History / Details:

Bernard H. Koester

Skill Summary: * Service Certifying Authority for DoDIIS Site Based Accreditations IAW DCID 6/3

* Security Certification and Accreditation Test Director/Team Member (DITSCAP)

* Division/Workload Management

* UNIX and PC Security Testing and Evaluation

* Network Security Testing and Evaluation

* Computer Forensics (Media Analysis)

* Computer Counterintelligence(CI)/Counterespionage(CE) Investigations

* Computer Emergency Response Team Member (DISA/ASSIST)

* Assumed the technical lead (UNIX) for the security test and evaluation of several dissimilar client-server systems located within the Defense MegaCenters and other DoD and NATO systems.

* Wrote UNIX shell programs to automate and enhance the security assessments of various UNIX platforms.

* Conducted research and evaluation of information security products, for use in conducting security tests and evaluations.

* Personally developed the remote testing and software support of the Security Profile Inspector (SPI/UNIX)

* Researched and identified alternative sources for accomplishing computer security methods and procedures (i.e. password cracking methods, remote testing) significantly reducing TDY costs

Clearance: TS/SCI - SI/TK

Full Scope Polygraph 2010

CI Polygraph 2007

Education: Anne Arundel Community College

January 1973 to June 1973

9 semester credits

Catonsville Community College

September 1973 to June 1978

12 semester credits

Marywood College

November 1979 to June 1983

51 semester credits

Professional:

* Peripheral Equipment Operators Course

* Medium Scale Computer Operators Course

* Large Scale Computer Operators Course

* Computer Programmer's Course

* Job Control Language (JCL) Course

* Four-Phase Programming Course

* Structured Analysis and System Specification Course

* IBM Time Sharing Option (TSO) Course - Basic

* Compile, Link and Go Course

* TSO with PANVALET Course

* Structured Quality Assessment Course

* COBOL Programming with CAPEX Optimizer III Course

* CAPEX Optimizer III Course

* PANVALET Course

* IBM Utilities Course

* MVS Concepts Course

* MVS Dump Reading Course

* Linkage-Editor Course

* IBM Time Sharing Option (TSO) Course - Advanced

* IBM Assembler Language Coding (ALC) Course

* Principles of Telecommunications

* C-3 Microcomputers - Operations

* C-3 Microcomputers - Applications Development Software

* Supervisory Development Course (41-B)

* Management for Supervisors

* Coaching and Counseling

* Trusted Computer System Evaluation Criteria Course

* Defense Intelligence Agency Seminars

* Computer Equipment System Security Officer Course

* Security in Automated Systems Course

* International Operational Data Security Workshop

* Industrial Security Basic Course

* Basic & Advanced UNIX Courses

* Advanced UNIX System Administration Course

* System Security in a UNIX Environment Course

* Computer Forensics Course

* DOS Seizure Course

* Abbreviated 97B Special Agents Training Course

Certifications: FITSP-M - February 2011

Security+ - December 2008

ITIL V3 - January 2009

Awards, Commendations and Other Distinctions

* Special Act or Service Award: 1983, 1994, 1995, 1996, 1997, 1998

* Letter of Appreciation: 1984,1985,1986,1988

* Sustained Superior Performance: 1990,1991,1992,1993,1999 - 2005

* Superior Civilian Performance Award with Medal: 2007

* Quality Step Increase: 1990

* Army Achievement Medal: 1989

* DIR/NSA Team Excellence Award: 1999 (Solar Sunrise)

* Certificate of Retirement: 2007

Experience Detail:

The KEYW Corporation June 2011 - Feb 2012

Cyber Systems Security Engineer

* I provide continuous monitoring for each system and its associated System Security Plan (SSP) that specifies the highest level and most restrictive category of data that can be processed on the system.

* As the ISSO, I am responsible for the continuous monitoring of the security requirements for the system.

* I maintain a System Security Plan (SSP) that accurately reflects the security protection measures for each classified information system for which I am responsible.

* I work closely with the Designated Accreditation Official (DAO), Information System Security Manager (ISSM), System Administrator (SA) and project personnel to maintain the system's security and accreditation status.

* As part of my Continuous Monitoring duties, I ensure implementation of these security measures by conducting security reviews, monitoring IAVA compliance and perform system vulnerability scans.

* I ensure that the procedures for marking, handling, controling, removing, transporting, sanitizing, reusing, and destroying media/equipment containing classified information are up to date.

* I am responsible for monitoring changes to the classified system components, environment, and location, including temporary relocation to another classified area.

* I serve as a resource to users for all questions concerning classified systems.

Professional Experience

Dates: 6/2010 - Present Employer: Booz Allen Hamilton

Position: Sr. IA Engineer

Brief Description:

2/2011- Present

Sr. IA Engineer

- Firewall Configuration

- Anti-virus Signatures

- IAVA Management

- Event log analysis

- Perform threat, vulnerability, and risk assessments

- Manage/perform security audits

- Develop security awareness instructional material

- Coordinates the handling and resolution of incidents of security breach

6/2010-1/2011

Certification & Accreditation Practitioner

Perform the day to day operations, management and administration to protect the

confidentiality, integrity, and availability of information assets and technology

infrastructures of the organization.

Perform:

- System and Network security audits

- Security Evaluations of Computer Operating Systems Software

- Security Evaluations of Access Control Software

- Security Evaluations of Applications Software

- Security Evaluations of Network Operating Systems Software

- Provide Technical Advice on Network Security

- Provide Advice and Assistance for Virus Detection and Post-Infection

Activities

- Provide Network Security Analysis

- Provide System Configuration Analysis

- Assure C&A Documentation (SSPs) are current and accurate

Dates: 1/2007 -6/2010 Employer: General Dynamics

Position: Information Assurance (IA) Area Lead, 902D Military Intelligence Group, S6

Brief Description:

I perform the following duties:

- review the site`s operational system (OS) and its computing environment to ensure the continued compliance with the security requirements, current threat assessment, and concept of operations as stated and agreed upon in the System Security Plan (SSP) or System Security Authorization Agreement (SSAA).

- ongoing maintenance of the SSP documentation, system operations, change

management, and compliance validation.

- Analysis and review to validate and verify the secure operation of the system and the

associated computing environment.

- Enforce the IS security guidance policies

- Enforce system access, operation, maintenance, and disposition requirements.

- Ensure that personnel meet required security investigation, clearance, authorization,

mission requirement, and supervisory approval before granting access to the IS.

- Report security violations and incidents to the servicing RCERT

- Conduct required IAVM scanning and vulnerability assessments

- Ensure CM includes all pertinent patches and fixes

- Maintain current anti-virus (AV) engines and definitions on all ISs.

- Review and verify currency of user accounts, accesses, and logins.

- Review IS and network audit logs and log files, and report anomalous or suspicious

information in accordance with Incident and Intrusion Reporting procedures.

- Ensure CM for security-relevant IS software (including IS warning banners) and

hardware is maintained and documented.

* Implement and test IS and data backup procedures for integrity.

Dates: 3/2000 - 1/2007 Employer: HQDA, Office of the Deputy Chief of Staff/Intelligence

Position: Service Certifying Authority

Brief Description:

- Perform certification testing of Department of Defense Intelligence Information Systems

(DoDIIS) sites and systems.

- Participates in comprehensive certification testing of newly developed or newly revised

DoDIIS in laboratory and BETA site facilities.

- Perform independent analysis of operating System software (Unix variants, Windows

NT and successors) and application system software using a variety of fact finding

techniques and automated tools (SPI, COPS, CRACK, TIGER, CYBERCOP, Harris

STAT, Eeye Retina and UNIX SCRIPTS) to discover vulnerabilities.

- Coordinates with PMO, contractors and other agencies concerning scheduling and

security issues. Provides security advice and assistance to PMO and contractors by

reviewing new and revised IS documentation.

- Prepares and delivers briefings concerning the DoDIIS program and/or certification

activities.

- Prepares clear and concise reports substantiating findings and provides

recommendations to resolve or mitigate the effect on IS security.

- Knowledge of the Department of Defense Intelligence Information System (DoDIIS)

Information Security (INFOSEC) Program.

- Knowledge of security policies, procedures, regulations, and manuals concerning IS

processing SCI that are under the purview of the DIA. To include EO, DCID, DoDD,

DIAM, NIST, NSA/CSS 130-1and AR.

- Conducts instruction to Information Assurance Managers (IAMs) on the procedures for

performing the IAM INFOSEC duties as they relate to the Site Based Accreditation

process for Certification and Accreditation of Department of Defense Intelligence

Information Systems (DODIIS) world-wide.

- Conducts instruction to Information System Security Managers (ISSMs) on how-to

implement a Security Policy into a Networked Environment.

Dates: 12/1998 - 3/2000 Employer: NSA

Position: Information Systems Security Manager (G Group)

Brief Description:

- Prepares, maintains, and implements a System Security Plan (SSP) that accurately

Reflects the security protection measures for each classified information system

- Works closely with the System Administrator to maintain the system's security and

accreditation status.

- Conducts security reviews and system tests.

- Implements site procedures for marking, handling, controlling, removing, transporting,

sanitizing, reusing, and destroying media/equipment containing classified information.

- Responsible for changes to the classified system components, environment, and

location, including temporary relocation to another classified area.

- Serves as a resource to users for all questions concerning IA of classified systems.

Dates: 6/1997 - 12/1998 Employer: NSA, Systems Network and Attack Center, Network Attack Techniques Branch

Position: Computer Systems Manager

Brief Description: I must get permission to discuss this assignment.



Contact this candidate