Security Management

Jane E. Stinson, CISSP Secret Clearance

*** ****** ******, **** *********, FL 32920 727-***-**** abpsvh@r.postjobfree.com

Professional Profile

Dedicated, hardworking Information Security professional with hands-on experience in system analysis, annual in-house auditing, continuous monitoring, configuration management, reports, documentation, business management, and development, coupled with creative, out of the box problem resolution and leadership skills. Highly capable to communicate with and understand the needs of technical and non-technical personnel.

Professional Accomplishments

BAE Systems/DoD/Air Force Contractor October 2010 – Present

Information Assurance EngineerDevelop and manage all aspects on the Information Assurance Certification and Accreditation Process (DIACAP) for the Eastern Range and Western Range Communication Systems for the Department of Defense and the Air Force, based out of Patrick AFB, FL and Vandenberg AFB, CAWrite DIACAP packages, conduct risk analyses, evaluate system component scans, cost analysis, and formalize mitigation recommendations to the Air Force Designated Approving Authority (DAA) representatives and various other Air Force representativesWork with various departments to create authoritative inventory management, system architectural diagrams, and develop processes to support the overall process flow between departmentsManage, coordinate, and accompany several teams of individuals conducting physical security audits in international locations including Ascension Island and AntiguaIA Team Lead: Responsible for mentoring nine (9) IA engineers and manage the workflow of 17 people IA Lead to correct IA deficiencies as approved and directed by the government, provide technical expertise to ensure changes to existing and new IT systems adhered to DoD and AF requirements as well as other Federal regulations

ASRC Aerospace/NASA Contractor August 2007 – October 2010

IT Security AdministratorSupport NASA in managing the IT security posture for 14 of NASA’s Engineering Labs, consisting of 250 servers, workstations, and laptops, in accordance with the Federal Information Security Management Act of 2002 (FISMA), Federal Information Processing Standards (FIPS) 199, National Institute of Standards and Technology (NIST), Best Practices, and Office of Management and Budget (OMB) Federal requirementsCategorized systems, wrote system security plans, and submitted Certification and Accreditation (C&A) packages to NASA senior management as well as performed annual risk and security assessments that also included conducting in-house auditsSecurity Engineer: responsible for identifying vulnerabilities, determining the risk mitigation procedures, and making recommendations to senior management on how to implement solutions that resulted in the overall risk being substantially reducedProvided technical expertise to the Office of IT Security in the areas of Kennedy Space Center (KSC) IT Baseline and Enterprise Architecture efforts including the development and deployment of tools, utilities, and automated processes

Visium Resources/SGS/NASA Contractor November 2006 – August 2007

IT Security System AnalystAs a security management member of the C&A Team, was responsible for the C&A of Joint Base Operations and Support Contract (JBOSC) NASA Support Systems at Kennedy Space Center and also at the Cape Canaveral Air Force StationKey responsibilities included assessing and auditing NASA and NASA contractor security postures on technical, operational, and management controls in accordance with the methodology described in NIST SP 800-53 Responsible author for the JBOSC Client Workstation System Security Package and System Development Life Cycle (SDLC) documents used throughout NASA Assessed and documented risks on JBOSC systems using the methodology described in NIST SP 800-26 (which has since been superseded by FIPS 200 and NIST SP 800-53)

City of St Petersburg September 2005 – October 2006

ICS Security AnalystEvaluated, analyzed, and documented the City’s infrastructure and developed checklist to benchmark its security posture in accordance with NIST and ISO/IEC 17799:2000(E)Knowledgeable on all aspects of Information Assurance and Federal Agency Security Practices including developing a process for centralized monitoring of City log filesUpdated the City's Security Awareness Employee Handbook to reflect current attack trends and to promote employee awareness that was distributed to all city employees Installed and conducted basic configuration and wiring on Cisco Private Internet eXchange (PIX), Cisco routers, and wireless access points

DBSystems August 2004 – January 2005

Technician Ensured that access to teacher and student workstations were secured by installing antivirus software for the entire Pinellas County Florida School SystemSet up user accounts (identification and authentication), controlled security group policies, and tested and implemented application patches and updates to all IT systems

Jane’s Creations, Inc. January 1998 – December 2000

Owner/PresidentCreated, developed, manufactured, marketed, and sold a new greeting card line, packaging, and displays to Eckerd Corporation, Walmart, K-Mart, and small retail stores Planned, staffed, managed, and directed day-to-day company operations, including vendors' negotiations, contractor suppliers, and employees to include payroll and benefits Created the processes for US Customs procedures for import/export, international and domestic shipping, and international banking transactions with the Taiwan manufacturer

Professional Skills

System Analysis / Audit Systems engineering IA processes

Configuration Management Federal IT governance

Write and edit System Security Plans Vulnerability scanning

NIST and DIACAP accreditation Interpreting and generating network architecture diagrams

Certifications, Education, Professional Affiliations

CEH

Certified Ethical Hacker

(International Council of E-Commerce Consultants)

2011

CPT

Certified Penetration Tester

(GIAC)

2010

CISSP

Certified Information Systems Security Professional

(ISC )

2009

Master of Science, Information Technology

Barry University

2008

Security+

CompTIA

2005

International Greeting Card Association

Greeting Card of the Year Runner Up

2000

Contact this candidate