Jeffrey Higgs

Email: abp1m4@r.postjobfree.com

Address: *** ***** ***** ****

City: Shenandoah

State: VA

Zip: 22849

Country: USA

Phone: 540-***-****

Skill Level: Experienced

Salary Range: $80,000

Primary Skills/Experience:

See Resume

Educational Background:

See Resume

Job History / Details:

JEFFREY L. HIGGS

499 River Hills Road, Shenandoah, VA 22849

540-***-**** home; 540-***-**** cell

No relocation assistance required

Security Clearances:

Current: BI 12/2006 (update in progress)

Previous: TS/SCI, SBPR (12/14/2006), Full Scope Polygraph (~12/2005), DoC\USPTO Public Trust

Work Summary:

Proficient cyber security professional with 25+ years of experience in managing multiple Operating Systems (Windows, Unix), Information Security / Personally Identifiable Information (PII) / Security Auditing (Computer and Physical). Recent employment includes in-depth ISSO and Security Management supporting a Dept. of Commerce (DoC) / US Patent Trade Office (USPTO) project. Responsibilities focus on system readiness, risk identification and analysis, responding to Security Alerts, Security Notices, and Security incidents, as well as conducting incident investigations and other research in addition to Client and Staff Mentoring.

Professional Experience:

Senior Security Officer (ISSO) - Serco-NA. Harrisonburg, VA. 11/08 aaa 08/12

aa Lead responsible to ensure the information system at Harrisonburg facility maintained FISMA compliance, including hands-on NIST SP 800-37 Rev1, NIST 800-53 Rev3 and 800-53A Rev1 activities.

aa Identify and develop information and system assurance solutions to support initial / continuing Certification and Accreditation (C&A) for a variety of devices and OS environments.

aa Responsibilities include authoring the System Security Plan, Configuration Management Plan, Continuity Plan and Emergency Action Plan, and provide support to financial related plans and processes as required by government policy on a large government project located in the Shenandoah Valley.

aa Heavy Client interaction and support relating to program security standards, readiness, consultation and compliance for multiple implementation efforts.

aa Ensured proper categorization of Information and System. Once established, depending on customeraaas requirements, pulled necessary Assessments and audited information (review of data, interview of personnel, demonstration) in accordance with NIST 800-53.

aa Provided written reviews of findings of Audit, noting areas of improvement needed and opening POA&Ms, and producing detailed Security Assessment Reports.

aa Responsible for creating and tracking incident reports via the Altiris Helpdesk system. Also used Altiris to pull both standard and special reports used during yearly Audits.

aa Periodically tested plan elements (such Quarterly System Access List, Quarterly Petty Cash Audit, and Biannual Alarm testing amongst others) as to ensure compliance, and analyze non-conformances for corrective action.

aa Ensured clear Separation of Duties existed between IT Manager and ISSO both administratively but also as it related to privileges within the network architecture. Neither individual held aaAall of the keysaa or privileges to the system.

aa Started work to determine impact of existing NIST SP800-53 with new guidance provided by Committee on National Security Systems Instruction (CNSSI) No. 1253.

aa Mentoring Client and Program Personnel in aspects relating to InfoSec and ISS.

Principle Engineer Information Assurance (ISSO) - General Dynamics, Fairfax, VA 04/03 aaa 11/08

aa Owned all aspects of Information Security, including verification and risk assessments, and lifecycle C&A development and related support / documentation for multiple OS environments.

aa Conduct thorough document classification reviews for deliverables and other Client documentation.

aa Direct audit team member for eight programs, and mentored 3 other ISSOs managing four programs

aa Monitoring of programs involved such items as review of System Security Plan, Configuration Management Plan, Boundary Document (was it up to date), Patch Mgmt process, Security Awareness Program and other similar items called out in either DCID 6/3, ICD 503 or NIST 800-53 (53A), as well as 800-37 categorization and compliance.

aa Reviewed Security Logs, Visitor Logs, Maintenance Logs, Access Logs and similar logs

aa Reviewed existing System Security Plan, performed Risk Analysis against program and established if the system is a Low, Medium or High Risk for multiple OS (Windows and Unix).

aa Once Risk was determined, took predetermined 1/3 of controls and created Security Requirement Traceability Matrix (SRTM) with Assessment Steps which contained measureable evaluations (guidance provided from SP800-53A). Evidence obtained was by Interview, Examine or Test.

aa Positive and aaEAreas of Improvementaaa were noted based upon SRTM Findings. Areas of Improvement were presented with the request for measureable and meaningful POA&Ms from the area under review.

aa Reviewed Vulnerability Scans so as to ensure that appropriate scans were performed on appropriate devices, and to ensure that only those devices within the Boundary Document.

aa Provide primary interface between more than 70 contractors and the government Client in all matters as they relate to compliance and Security relating to the NISPOM, appropriate DCID, and HIPAA.

aa Develop solutions to address requirements change(s) and nonconformance for information assurance and information system security activities.

aa Provide Security training and continuous mentoring to ensure Emergency Preparedness, accountability and response, and personnel-related Security matters are operating to plan.

aa Assisted customer in understanding their needs in establishing Contingency Plans, understanding critical systems, backup facilities,

aa Responsible for In-briefing and Out-processing of all personnel as well as provide Security Compartment Briefing on behalf of the customer.

aa As part of the Senior Management Staff, responsibilities surged to support critical and time sensitive, mission critical assignments, including those specific to system readiness and transition.

aa Conduct periodic audits relating to proper time charging and accounting.

Technical Support Engineer - SAIC, Vienna, VA 09/02 aaa 04/03

aa Serve as an integral component of a technical team supporting LAN / Server development, implementation, and maintenance for a Government customer utilizing a customized Optical Character Reader (OCR) system.

aa Mentoring staff and heavy Client interaction and service provided on a regular basis to ensure risk identification and mitigation, system readiness and continuity of network operations for multiple OS (Windows, Unix).

aa Responsible for identifying system requirements / enhancements for the next generation of OCR software, recommending assurance solutions, and the installation of new HW / SW components

aa Maintain the on-site OCR software repository, ensuring effective security measures and configuration.

aa Ensuring that SSP, Configuration Management Plan, Boundary doc, authorized SW list and the like were Audit Ready.

aa Reviewed Contingency Plan and ability of neighboring dept to assist in the event the plan had to be exercised.

Business Continuity/Emergency Management Consultant (SME) - SAIC, Arlington, VA 02/02 - 09/02

aa Operate as a critical member of a technical team on the implementation of the Emergency Management Program for the CDC in Atlanta, GA.

aa Led team in the development of the overall training program and mentored program staff to ensure a robust knowledge base is achieved and maintained.

aa Define systems requirements to ensured implementation, applying best practices to refine response processes and procedures and to proactively mitigate risk to ensure system readiness.

aa Support restructuring of the CDC enterprise-wide Emergency Response and Accountability process for all locations, and provide recommendations relating to continuous improvement.

aa Prepare detailed presentations, and support education, exercises and evaluations of CDC personnel.

aa Ensure compliance to HIPAA, OSHA, NFPA, NiOSH, JACHO, ANSI and other similar codes.

Programmer aaa SAIC, New Carrollton, MD 09/01 - 02/02

aa Support installation of SDI (Secure Dial-In) products

aa In the role of QA Manager for SDI, actively provide Tier 3 Help Desk support for multiple OS.

aa Responsibilities include debugging communications issues and provide on-call after hours support.

aa Provide risk mitigation strategies to address identified vulnerabilities in developed SW.

aa Ensured that all SW and HW lists were Audit ready. Ensured that System Security Plan was always up to date. Followed established patch management plan set down by the customer.

aa Provide training and mentoring for new members of the Help Desk to ensure continuing C&A.

Technology Specialist - Southern Financial Bank, Warrenton, VA 04/00 - 02/01

aa Conduct thorough risk assessments, and test solutions of multiple operating systems to ensure completeness of developed solution.

aa Perform LAN maintenance, including assessing, modifying, and adding additional LANs to communicate with the external customer base.

aa Led efforts to tailor systems and computer repair / upgrades for Clients and emerging technologies

aa Interface with nineteen branch offices and managers to ensure continuous operations of computers and financial applications, as well as interfacing with 3rd party telecommunication providers.

aa Manage contractors' work relating to upgrades and enhancements to telecommunication and computer systems, and ensured budget compliance.

aa Mentor Client personnel to use updated network technologies.

Computer Software Engineer - Lord & Company, Inc., Manassas, VA 11/99 - 04/00

aa Upgrades to Accounting LAN Servers, HUB, and workstations to address Y2K issues on multiple OS.

aa Led company technical requirements and perform risk analysis and ensure complete installation and configuration of an Administrative LAN.

aa Develop hardware and software solutions for internal employees and external customers, and provided a technical interface for Lord & Company, external customers, and contractors relating to hardware and software issues.

Senior Associate Computer Systems Analyst aaa Lockheed Martin, Manassas, VA 02/87 - 11/99

aa Develop and administer annual budgets relating to hardware and software systems.

aa Hands-on management related department employees and contractors.

aa Analyze and solve internal / external customer needs to determine equipment and software requirements using automated systems spanning Windows and Unix Networks.

aa Evaluate potential risks involving developed customized solutions for customer and user requirements, and assess commercial HW to meet system requirements.

aa Proposed sound techniques applicable to new programs and utilities, with consideration to such factors as personnel, time, and hardware.

aa Assist Environmental, Safety and Chemical Engineering to ensure site chemical processes conformed to Federal, State, Local, and Corporate requirements via SACS.

aa Develop custom reports for submission to Federal, State, Local, and Corporate agencies and assisted Facilities Engineering to ensure Federal and State OSHA Regulations, BOCA, and other regulations were met using SACS.

aa Facilitate migration of the 4381-mainframe database to a PC-based solution.

aa Develop a LAN for site Alarm System for key customers (i.e., Security, Emergency Response, management, etc.). I performed training as needed for new and/or current personnel.

aa Supported the installation and integration of Meteorology Tower for site.

Sr. Emergency Response Specialist - IBM, Manassas, VA 01/83 aaa 03/87:

aa Participated in the planning, training, and formation of Fire / HAZMAT Team.

aa Contributed significantly in Developing SOPs, Equipment Specifications, Roles / responsibilities.

aa Formed an onsite Fire Brigade.

aa I was the departments Training Coordination.

aa Worked with City / County / State officials to ensure that appropriate codes were enforced for our facility.

aa Ensured that all local Fire, Rescue and Law Enforcement officials were kept aware of changes in our facilities lay out and hazards.

Quality Control Specialist - IBM, Manassas, VA. 02/81 aaa 01/83

aa I was responsible for sampling and testing silicon wafers and computer modules produced.

aa Test results were then produced and returned to the Production Line and management identifying areas that had failed.

Computer Proficiency:

Operating Systems: Windows NT 4.0, Windows 2000, Windows XP, Windows 7

Hardware: PCs, 4381 Mainframes

Software: TeamPlay, Lotus Notes, ArcServe, Deltek, MS Office 2000, MS Excel, MS Access, MS Project, MVS/ESA, TSO, ISPF, SMPE, SNA, non-SNA, PL/1, Pascal, C, C++, FORTRAN, JCL, REXX, Assemble, VB, SQL, Sybase, Crystal Reports, DOS, TCP/IP, Token Rings, SDI.

Standards: NIST/FISMA/FedRAMP Series, FIPS, DIACAP, DCID 6/3, HIPAA, PII, PPI, ICD-503, ANSI

Education:

Columbia Southern University, Orange Beach, AL / Fire Science 4.0 GPA (AAS Graduation 12/2012)

VPI & SU - Blacksburg, VA, (19790 aaa 1980) aaa Computer Science

Client Support:

Provide support to NRO, CIA, CDC, IRS, NGA and DoC/USPTO

Honors / Activities:

aa 'Act of Heroism Award' awarded by the Manassas City Council in April 1994

aa 'Life Saving Award' awarded by the Prince William Chamber of Commerce in June 1994

aa Numerous awards from Greater Manassas Volunteer Rescue Squad for leadership and participation in Squad events/committees

aa Trot SAR, 9/10 - present

aa Stonewall Jackson Volunteer Fire and Rescue, 04/00 aaa 6/2008

aa Elkton Volunteer Fire Company, 1/07 - present

aa Virginia Association of Volunteer Rescue Squads, 06/84 - present

aa Greater Manassas Volunteer Rescue Squad, 06/84 - 06/99 (Life Member)

aa NOVA 10 - Regional Disaster Task Force, 6/97 - 4/00

aa Manassas Volunteer Fire Company, 07/79 - 06/84

Other Activities:

Candidate is a certified Fire Service Instructor, teaching and mentoring students on such topics as Fire Fighter I & II, Driver / Pump Operator, Aerial Operator and Incident Command. Candidate is a 1st Aid, CPR, AED Instructor and was certified as an EMT-CT. During his time as an EMT-CT (Medic), Jeff served as the principle Medic assigned to the SWAT Team. He also worked with Prince William Hospital Emergency Room as an Emergency Technician and coordinated with the ER during Disaster Drills/Events.

Currently, Candidate is also the current Assist Commander of Trot SAR, a Mounted Search and Rescue team that provide support to local Rescue efforts from Southern PA down to Roanoke / Richmond and from Eastern WV to the Eastern Shore, assisting where needed with record keeping, training and budget compliance.

Certifications:

aa VDFP Fire Officer II

aa VDFP Fire Instructor II

aa CPR, AED and 1st Aid Instructor,

aa VDEMS Field Team Leader (FTL)

aa VDEMS Field Team Member (FTM)

aa VDEMS Management Team Member (MTM)

aa VDEMS Instructor

aa NIMS 100

aa NIMS 200

aa NIMS 300

aa NIMS 400

aa NIMS 700

aa NIMS 800

aa VDFP Fire Fighter I & II Train-the-Trainer

aa VDFP Fire Officer I Train-the-Trainer

aa VDFP EVOC 3 Train-the-Trainer

aa VDFP Driver / Pump Operator Train-the-Trainer

aa VDFP Aerial Operator Train-the-Trainer

aa VDFP MayDay Firefighter Down Train-the-Trainer

aa RIT Train-the-Trainer (PWC)

aa VAVRS EVOC Class 3

aa VAVRS Rescue Tech I Instructor (Basic / Light)

aa VAVRS Rescue Tech II Instructor (Vertical - Basic)

aa VAVRS Rescue Tech II Instructor Trainer (Vertical - Basic)

aa VAVRS Rescue Tech III Instructor (Advance Vertical)

aa VAVRS Vehicle Extrication

aa HTR Confined Space

aa HTR Rope Rescue I

aa HTR Rope Rescue III

aa HTR Trench I

aa HTR Building Collapse

aa HTR Vehicle Extrication

aa VDFP HAZMAT Awareness

aa VDFP HAZMAT Operations

aa PADI Rescue Diver / Black Water Rescue

aa PADI Master Diver

aa Fire Fighter I

aa Fire Fighter II

aa Pump Operator

aa Aerial Operator

aa St. Augustine Advanced HAZMAT Training School

aa Darrell Bevis Association HAZMAT Response Personnel

aa Aircraft Crash/Rescue

aa Community Emergency Response Team (CERT) Train-the-Trainer

aa Virginia Safety Association 'Working in Confined Space Seminar'

aa General Physics Corp. Fire Brigade Instruction Workshop

aa Texas A&M University Fireman's Training School Industrial Fire Protocol

aa Fire Brigade Leadership Training & Industrial Fire Fighter School

aa Fundamentals of Fire Protocol Equipment

aa J.T. Baker Chemical Safety

aa SCOTT's Air-Pak IIa Field Maintenance

aa MSA's Care & Use of MSA Model 260 SCBA,

VOLUNTEER SERVICE

aa Trot SAR (9/10 aaa present) aaa Asst Commander & Training Officer

Location: Organization based out of Crownsville, MD but I respond from home

Supervisor: Taaami Finkle, Trot SAR Commander & NASAR aaa Task Force Leader MSAR

Salary: None

Hours: Various

Duties: Provide coverage when Commander is not available. Track, advise and report on all training records for members of Trot SAR; provide mentoring for new members that need help and assistance with various aspects of their progression thru training; communicate with the various Regional Directors and determine training or resource needs that they may need and attempt to provide them; interface with the wide variety of other SAR, law enforcement and Fire/Rescue organizations before/during/after incidents so as to better prepared for the next incident.

aa Elkton Vol FC (1/07 aaa present) aaa Assoc. Member

Location: Elkton, VA

Supervisor: Jonathan Kibler, Chief

Salary: None

Hours: Various

Duties: Assist as needed at the Fire Station, Fund Raisers and other events as needed.

aa Stonewall Jackson Vol Fire & Rescue Dept (4/00 aaa 06/08) aaa Fire Capt.

Location: Manassas, VA

Supervisor: Tom Wood, Asst Chief

Salary: None

Hours: Various, but significant as I also pulled duty as Battalion Chief at least once a week.

Duties: Ensured staffing at SJVFD of Amb., Eng. and Trk. Performed training at least once a month on duty night for everyone and ensured that Rookies received the necessary training and attention on a weekly basis. Also responsible for recording and reporting the staffing hours of our Truck at the Monthly Line Officeraaas Mtg. As a Capt, it was expected that I sign up for Battalion duty. This duty rotated around about every 8 days and about every 5th weekend. The Battalion Chief is responsible to know what equipment was available in their assign area (in my case it was the West end of Prince William County aaa City, Farm land and mountains), try and get units staffed and then respond on all significant calls.

aa Greater Manassas VRS (6/84 aaa 6/99) aaa 1st Lt., Medic, Bingo Chairman & Finance Comm.

Location: Manassas, VA

Supervisors: Various

Salary: None

Hours: 24+

Duties: Beyond running Medical calls and assisting with Structure Fires, I was the Bingo Chairman and sat on the Finance Comm. As such, I dealt with on a weekly basis Bingo receipts of $6,000+ deposited to our bank each Friday night. While serving on the Finance Comm., our annual Budget was $800 to $1.1 million. This required extreme care so as not to over run our projected budget, but yet plan for the unexpected. I served on the Comm. 1/92 to 6/99. We met our budget every year except for the 1st year that I sat on the Comm.

aa Manassas Vol Fire Comp (7/79 aaa 6/89) aaa Fire Fighter

Location: Manassas, VA

Supervisors: Wade House, Chief

Salary: None

Hours: 24+

Duties: Took all classes necessary and required both by VA Dept of Fire Programs (VDFP) and by Manassas Vol Fire Comp (MVFC). This was a new area to learn about and a dream come true.

Contact this candidate