Security Project Manager
Resume:
Reuben L. Lawson
Potosi Mo. 63664
Tel: Home: 573-***-****
email: *********@*******.***
OBJECTIVE: Seeking a position in Information Technology.
SUMMARY OF QUALIFICATIONS
Thirty-eight years experience in the technical, operational, maintenance and security aspects of Enterprise Network Computer Systems in the military and government communication environment.
Currently, unemployed. Formerly employed by ManTech International Inc., as a Information Systems Security Officer (ISSO)/Information Assurance Officer (IAO) for the National Geospatial Intelligence Agency (NGA), in Arnold, Mo. Work with Project/Program Managers, System Administrators to get system certification, approval and accreditation with DAA, in accordance with Director of Central Intelligence Directive (DCID) 6/3. Responsible for the certification and accreditation of 88, individual Security Packages, for NGA. Working through the process, . Audit IPT Lead for NGA. Track weekly auditing for NGA systems worldwide, 750 total systems. View daily audit logs for three NGA Enterprise Networks. Wrote, the Auditing Standard Operating Procedures and the Auditing work instructions for NGA Audit IPT.
Responsibilities cover all facets of Automated Information Systems (AIS), directing, coordinating, and implementing projects and technical actions related to Information Systems Security.
Experienced, in risk assessment, mitigation, and the development of information assurance metrics, (in working the Security Packages through the Accreditation/Certification process).
* As an IAO/ISSO work through the Assessments and Authorization processes, including documentation, test processes, milestones, coordination, and "authorities" requirements (OATT, ATP, ATC, ATO).
* Collaborated with internal and multi-agency CS/IA working groups and individuals.
* Work with NGA, IC, DoD, and Federal IA and CS policy.
* Experienced with documentation between agencies including Interagency Service Agreements and Memoranda of Understanding. (to include Co-location agreements)
* Experienced in collaboration with internal and multi-agency CS/IA working groups and individuals.
* Performed system threat identification and mitigation, including recommendations.
* Experienced with FISMA inspection requirements.
* Experienced in the usage of the XACTA (Telos Corp) IA tool suite.
* Experienced with legacy C&A processes (DITSCAP, DIACAP, and DCID 6/3) and with the emerging ICD 503-driven standardized processes.
* Experienced designing and implementing complex A&A processes for large system-of-system enterprises.
* Experienced with risk assessment and mitigation
* Experienced with the development of information assurance metrics.
* Experienced with the NGA Information System Security Program.
* Experienced with IA topics (e.g. Entrance on Duty (EOD) and the Security Awareness programs).
* Experienced, with audit reviews of NGA IT resources including communications circuits, networking equipment, servers, and workstations.
* Experienced, with declassification tools and techniques for systems, media, and output.
* Experienced with usage of and training in the operations of cross-domain transfer processes and testing of the cross-domain process.
* Experienced with NGA Site Security Plans and the XACTA (Telos Corp) IA tool suite. Currently handle 88 Security Plans (SPID) and go through all the processes in XACTA.
* Experienced updating and maintaining computer based training courses.
* Familiar with FISMA requirements (Inspection Trips).
* Conducted the Assessments and Authorization processes for NGA Security plans for over 6 years.
* Experienced with the DoD and IC vulnerability management programs.
* Experienced with operational threat and vulnerability analysis, including A&A scanning, penetration testing, Red Team/Blue Team "live fire" exercises, documentation, reporting and analysis requirements. Ability to identify, track, and recommend remediations to threats and vulnerabilities.
* Experienced in the current DISA Security Technical Implementation Guides (STIGs) (Help write the first Unix Stig for DISA). GOLD disks will/is being replaced by Retina
* Experience in collaboration with internal and multi-agency CS/IA working groups and individuals.
Primary duties are implementation of policies, procedures, and methods for protecting NGA Enterprise Computing systems and networks. Review audits, security incidents, threat assessments and recommend measures for the protection of classified and unclassified sensitive information.
Experience with ISS Real Secure & Intrusion Detection, Intrusion Detection Systems and Network Intrusion Detection Systems. Worked with, Vulnerability Assessment Team (VAT). Extensive work with DISA Field Security Office, in writing the first DISA Security Technical Implementations Guide (Security Readiness Review).
Have extensive knowledge in security assessment and accreditation requirements through DITSCAP, and NIACAP, guidelines and standards. DISA Field Security Office (FSO), Security Technical Implementation Guides, DISAI 630-230-19. DoD Instruction 5200.40, "DoD Information Technology Security Certification and Accreditation Process (DITSCAP), December 30, 1997. System Security Plan (SSP), detailed in NIST Special Publication 800-18, "Guide for Developing Security Plans for Information Technology Systems.", Department Of Defense (DOD). DoD 5200.28-STD, Trusted Computer System Evaluation Criteria, DoD Directive 5200.28, Security Requirements for Automated Systems, Central Intelligence Directive 6/3 (DCID), DoDD 8500.1 and DoDI 8500.2.. DNI authorized ICD 503 is replacing the above documents across DOD components.
PROFESSIONAL EXPERIENCE
August 2005 – Present National Geospatial Intelligence Agency
Arnold, Mo.
Employed at ManTech International Inc., working as a Information System
Security Officer at the National Geospatial Intelligence Agency (NGA), in Arnold, Mo.
Work with Project/program Managers, System Administrators to get system
certification, approval and accreditation with DAA, in accordance with Director
of Central Intelligence Directive (DCID) 6/3, requirements.
Aug-1995 to Aug-2005 Defense Intelligence System Agency
St. Louis, Mo.
Retired from, DISA (Defense Intelligence System Agency), Defense Enterprise Computing Center, St. Louis, Aug 31, 2005, as a GS-2210-12, Chief Security Division. Held position of Information System Security Officer and Information System Security Manager. All total 26 years of service.
Responsible in directing, coordinating, and implementing projects and technical actions related to Information Systems Security. Primary duties were implementation of policies, procedures, and methods for protecting Defense Enterprise Computing Center systems and networks.
1993 – 1995 Computer Data Systems, Inc.
Contracted to Defense Mega Center-St. Louis to provide technical guidance and assistance as a Security Analyst. Did analysis of ADP and functional security in coordination with system modifications/changes. Conducted on-going micro monitoring of all system output on the network.
1990 –1993 Sterling Software IMD
Maintained Central Site support for the Modular Architectural Exchange Intelligence system. Wrote the Workstation Support Segment, Trusted Facility Management Training Material book, currently used for training on-site administrators and system managers.
1986 – 1990 1118TH Signal Bn.
Communication System Test Activity, Sacramento, CA.
Noncommissioned Officer In Charge and Project Manager in the Test Acceptance and Evaluation of systems for fixed and tactical communications in the military. Supervised 27 personnel. Military Liaison to several government contractors, administering tests and evaluation of systems for the Military. System Security Officer supervising the security, installation, and maintenance of communications for three companies.
1982 – 1986 578th Signal Company
Patch Barracks Stuttgart, Germany
Noncommissioned Officer In Charge of the Special Security Office (SSO)
Communications Center, supporting 21 flag officers. Battalion Configuration
Manager, providing technical administrative support in the Installation and
Accreditation of the first Communications Support Processor (CSP) introduced
in to the Army community.
Top Secret SCI Clearance Dated: 28 Dec 2010
Granting Agency: DIA
8570 Certification: Security +
Date and Place of Birth: 12/19/1950 Ironton, Mo.
Last four SSN: 1250
Compensation Requirement: negotiable
. Civilian Education
Security + COMPTIA 14 Jun 12
ISS Internet and Database Scanner Course DISA FSO 10 Oct 02
ISS Realsecure (v6.6) & Intru Detect Data Anal Conus Rcert 20 May 02
ISS Real Secure & Intrusion Detection DISA FSO 25 Jun 01
ACF2 Security For Unix System Ser. Eberhard Klemens Co 21 May 01
System Admin Networking & Security SANS 2000 21 Mar 00
RSX-11M Operator completed 1988
RSX-11M/M-PLUS Utilities & Commands completed 1988
RSX-11M/PLUS System Management completed 1988
Potosi R3 Senior High Diploma 1969
Military Education
1PD Advanced Noncommissioned Officer crspd completed 1987
7th Army COMSEC Custodian SIG34 2wks completed 1986
7th Sig Bde. PLDC 4wks completed 1983
VHFS Noncommissioned Officer Development 2wks completed 1982
OJT Military Police . 12wks completed 1974
USATC FT Dix-NJ SLPP 3wks completed 1973
USATC FT Dix-NJ Communications Center, Sp 10wks completed 1973
FT Gordon GA Tel Comm. Op. 13wks completed 1973
Completed 474 credit hours in Signal Communications correspondence courses..
(Tactical & Fixed Station)
Military Awards
Army Meritorious Service Medal 05 Sep 1990
Army Achievement Medal 04 Feb 1987
Army Achievement Medal 23 Jan 1987
Army Achievement Medal 08 Jul 1986
Certificate 0f Achievement 04 Dec 1987
Certificate Of Achievement 23 Jan 1986
Good Conduct Medal (4th award) 20 Apr 1985
Civilian Awards
Performance Aug, 2008
Performance Nov, 2007
Special Act/Service Nov, 2000
Special Act/Service Oct, 2000
Special Act/Service Jan, 2000
Achievement Jun, 1999
Achievement July 1998
Performance Oct, 1997
Performance Aug, 1996
Additional References may be supplied upon request.
Contact this candidate