Information Security
Resume:
SHASHI DABIR abyp69@r.postjobfree.com, twitter shashidabir
http://www.linkedin.com/in/dabirs, Blog dabirs.wordpress.com
Goal: Information Assurance Manager, Critical Infrastructure Information
Assurance Officer, Deputy CISO
A Telecommunications Graduate, EC-Council Chief Information Security
Officer (C CISO), Sec+ and Federal IT Security Professional-Auditor (FITSP-
A) Certified, a Cyber Security and Information Systems Information Analysis
Center (CSIAC) SME experienced in Critical Infrastructure Protection,
Information Technology, Energy, Computer, Communications, Security
Authorization, Certification and Accreditation, Information Assurance,
Operating System, Network Forensics, Enterprise Resource Planning, Network
Applications, Database Security, Technical/Proposal Writing, Request for
Information and several of the Information Assurance related fields:
Defense-in-Depth, Evaluation of Firewalls, Audit, Intrusion Detection
Systems, Identity Access & Management tools, Insider Threat tools,
Computer, Network Forensics, Design and Security Analysis, Security
Readiness Reviews, Security Test and Evaluation of SOA, Web Services and N-
Tier Architectures in accordance with DIACAP/US Army guidelines for the
Department of Defense and NIST Regulations for Federal agencies. A
generalist who can understand complex systems with an in-depth knowledge
of a broad range of convergent areas of Telecom and Computer Networking,
IATF, DODAF, JTA models, concepts of Common Criteria, NIAP, physical,
computer, application, communication, personnel, administrative,
information, and information systems security disciplines, able to evaluate
technical proposals concerning security auditing, intrusion detection,
etc., and able to lead evaluation of security control arrangement teams.
Able to analyze and evaluate a multitude of systems to meet specific
Security Authorization/Certification & Accreditation requirements, analyze
customer requirements and advise on potential solutions, exercise judgment
within loosely defined parameters in a dynamic workplace environment. Able
to write publication-quality deliverables (documents, proposals,
presentations, and statements of work). Able to complete above tasks
independently and the ability to research & learn new technologies
independently. Keeps current with emerging security technologies,
communicate with the ability to wear many hats, with engineers responsible
for the technical elements involved in designing, developing, and operating
advanced information security systems, adapt quickly to challenges in a
complex computer environment and exhibits skills. Strive to be comfortable
with ambiguity, maintain credibility, raise difficult issues, flexible and
resilient, curious and creative and willing to work more than traditional
work week hours to meet deadlines. Assist in developing white papers and
coach/mentor customers on projects. Worked independently at customer sites,
or as part of a team as required. Sought by management and staff at Forbes,
Fortune, Big 4 companies for advice and direction on information assurance,
security, client-server internetworking, messaging, in a complex Local Area
and Wide Area Networking environment and an emerging Subject Matter Expert
on Information Assurance and Telecommunication Security. Able to provide
subject matter expertise support for client information assurance (IA)
needs, including system security engineering requirements analysis, system
development, integration, test and evaluation (T&E). Developed System
Security and IA documentation, including IA strategies, System Security
Plans (SSP), Security Authorization/ Certification and Accreditation (C&A)
packages, Test plans, and Test reports. Able to research and track all
higher-echelon guidance and mandates defined in DoD/DISA/Army Intelligence
policies and documentation. Able to assist with developing secure systems
that meet performance and accreditation requirements and work in a
proactive collaborative environment and willing to work with people who go
the extra mile to get things done with services rendered in highly charged
political and schedule driven environments. Able to work in a frequently
changing and unstructured environment and ambiguity. Able to respond
quickly and easily to change, considers new approaches and comfortable with
unpredictable problems. Self-starter with the ability to run audit or
consulting projects independently using subject matter expertise with
minimal guidance. Able to identify areas of risk, opportunities and
improvement.
LGS/Bell Labs/Booz Allen Hamilton - Herndon Va- Information Assurance
Manager Jan 2013 - Till Date
Composite Information Assurance (IA) Office (CIAO) Program Management
Support at the Agency
. Support the preparation and review of Information Assurance Policy,
Agency Directive and Instructions, and Program Plans.
. Aid in building agendas, minutes, and action items list that are
developed as a part of the IA Working Group, and the development of
maintenance of the Agency Continuous Monitoring Strategy and
Implementation Plan.
. Lead efforts to gather Enterprise IA Program data and evidence to
support the Quarterly IA Program Status Review. Brief relevant CIO and
Agency governance structures on the status of IA projects, positions,
and research. Aid in developing IA Policies using accepted and adopted
best practices
. Demonstrate relevant domain knowledge of ICD 503 and the Risk
Management Framework
NIST Special Publication 800-53, 800-37, 800-137\DoD and Agency
Information Security Processes, Agency Information Assurance Standards
Document
. Brief IA topics to panels and forums articulating viewpoints in a
manner consistent with the level receiving the brief.
Alutiiq LLC Arlington Va - DSCA Cyber Desk Officer/Cyber CIP Analyst
NGB/Mission Assurance Branch Nov 2012 - Dec 2012
. Member of the National Guard Bureau/Mission Assurance Branch Cyber CIP
Team supporting Federal and State authorities in support of NGB Cyber
Critical Infrastructure Protection (CIP)
. Assist NGB's Cyber Risk and Resilience of Assessments of Critical
Infrastructure and Key Resources (CI/KR) and Cyber Threat
Assessments/Analysis/Incident Response Planning and Training
TASC Inc Chantilly Va - System Security Analyst - September 2008 - October
2012
US Army (Mission Engg /Cyber Engineering Warfighter Support) - Falls Church
Va
. Drafted Application for Certificate of Networthiness(CoN)
. Drafted Plan of Action and Milestones (POAM) for Application/Operating
System/Database findings
. Conducted Visual Basic/.Net/MS SQL 2005 Security Readiness Reviews in
accordance with DISA Security Technical Implementation Guidelines and
mitigate vulnerabilities
. Installed/Configured/Conducted Vulnerability Assessment/Penetration
Tests using HP WebInspect/IBM Rational AppScan of Visual Studio/.Net
Application
. Prepared/Coordinate w/US Army G-2/Pentagon/IA/ITA personnel to achieve
IATT/ATO Accreditation decisions/package, draft Incident
Response/Contingency/COOP plans, CONOPS and conduct DIACAP validation
procedures for Contract Linguist Enterprise Application/Database
Security Controls in accordance with DIACAP and US Army Regulation AR
25-2
. Drafted Privacy Impact Assessment(PIA)/Privacy Act System of Records
Notice (SORN) Form 2930 and PII Breach Response Notification Policy
and Plan and Incident Response Plan for the database
. Drafted Memorandums of Agreement/Understanding and User Security
Manuals/Standard Operating Procedures, Security Classification Guides
. Entered DIACAP validation procedures documents into US Army
Certification and Accreditation Database
. Developed DIACAP Project Plan and Work Breakdown Structures using MS
Project
. Updated Army Portfolio Management System/Primavera Prosight with
application data
. Security Test and Evaluate Army Gold Master (AGM) Configuration -
Win2K03/08 Server/IIS 6.0/7.0, MS Sql Server 2K05/08, .Net Framework,
with MS Gold Disk and DISA Database Security Readiness Review Scripts
. Information Assurance Network Manager(IANM)/Web Server Administrator
(IIS7) IAT -1
DISA/NCES Support - Falls Church Va- Tester
. Supported NCES in Quick Look Results reporting of JEDS LoadRunner
unit, performance, load and availability tests and integration,
development and operational test analysis of SOAP-web based services
and web applications. Analyze service error rates, round-trip response
time, server-side CPU utilization for service performance.
. Researched software systems, developed detailed understanding, and
design test processes and procedures to examine for proper operation.
. Facilitated scheduling, organizing, and planning test execution,
provide significant input for Risk Assessment and Contingency
Planning.
. Participated in Requirements development and clarification, test
methodology development, validation, test execution, and reporting.
. Supported NCES and Joint Enterprise Directory Service (JEDS) using HP
LoadRunner, SOAPtest, SOA-Ping and JMeter with functional, unit,
performance, load testing, developed test cases for Enterprise File
Delivery and Enterprise Service Management.
Office of the Secretary of Defense/Chief Information Officer (OSD/CIO)
Governance and Information Assurance - Crystal City Va Senior C&A Analyst
. Facilitated accreditation of OSD/CIO networks and applications,
provided Enterprise Mission Assurance Support Service (eMASS) and
DIACAP documentation support connected to the Pentagon's unclassified
networks.
. Reviewed and analyzed SSAA/SSP to determine if documents meet proper
formatting requirement and to determine if the technical descriptions
are constant throughout the document.
. Devised management plan to administer fixes to identified problems of
C&A document development.
. Represented OSD CIO IA Security Management at Customer Technical
Meetings.
. Provided customer interface for security evaluation and analysis of
proposed Network and applications.
. Monitored and updated tracking chart for system C&A.
. Briefed system certification status during IAB meetings.
. Provided and conducted gap analysis of C&A SOP.
Northrop Grumman Information Systems (A Forbes 50 Company) McLean Va
Information Assurance Analyst - Nov 2003 - September 2008
Army Knowledge Online/Defense Knowledge Online (AKO/DKO) Support-Ft Belvoir
Va-
. Evaluated Oracle, CA, Novel, SUN, IBM Identity and Access Management,
Content Security, Insider Threat Solutions for AKO/DKO.
. Edited, reviewed and updated System Administration Security Manager's
guides.
. Reviewed DIACAP Mitigation Strategy Reports to support Re-
Accreditation Effort.
Automatic Biometric Identification System (ABIS) Support-Fairmont Wv
. Assisted developers to improve the security posture of
Oracle/BPEL/Service Oriented Architecture/Enterprise Service Bus
Environment.
. Prepared system security, security test and evaluation plans, standard
operating procedures, privacy impact assessment, and identified
Information Assurance staffing for the project.
Federal Aviation Administration CSIRC Support -NGIT-Civil Agencies Group-
Leesburg Va
. Re-certified Federal Aviation Administration's Cyber Security Incident
Response Center in accordance with NIACAP/NIST/FAA guidelines.
. Conducted physical and network security test and evaluation processes
. Analyzed and provided guidance regarding Linux and Windows operating
systems security
. Provided various documents and reports to the Government, and
. Documented security architecture, analyzed vulnerability scan results
and identified high-risk vulnerabilities by researching remedial
actions for vulnerabilities.
. Evaluated Active Directory Services/DNS, Win2K, 2K03, XP, MySQL,MSSQL,
Oracle, ESM,Arcsight,Apache,Tomcat, CISCO routers, switches, IDSM
Blades,ISS Proventia, Site Protector, Snort, KVM, Storage Area
Networks, and Multifunction Devices, Printers.
DISA-CIO On-Site support-Falls Church Va
. Supported Defense Information Systems Agency (DISA) Chief Information
Officer (CIO) Information Assurance Branch (IAB) located on-site with
Government counterparts.
. Assisted task leader in maintaining C&A status for over 650 DISA
information systems. Actions included reviewing System Security
Authorization Agreements (SSAAs), certifier's recommendation, risks
for non-mitigated vulnerabilities.
. Gathered data from DoD databases include SIPRNet, NIPRNet, Cross
Domain Solution, and Vulnerability Management System. Analyze
Certification and Accreditation Automation Tools to migrate DISA
networks from DITSCAP to DIACAP.
DISA-CIO Action Officer - Falls Church Va
. Synthesized information and made recommendation to Designated
Approving Authority, General Officer and/or General Officer
equivalent.
. Prepared Accreditation Package and Transmittal Letters for C&A
packages. Developed Plan of Action and Milestones (POA&M).
. Represented customer at government meetings.
. Answered any IA-related field from DISA personnel worldwide.
. Prepared IA related briefings, reports, and studies, to include
drafting briefings to the DISA Corporate Board and the DISA Operations
IA Update meeting.
. Reviewed federal and DOD IA policy for implementation within DISA.
. Participated in Federal Information Assurance Management Act (FISMA)
data gathering for DISA compliance.
. Worked as an Action officer and wrote letters per government style
guides, self-starter, worked with limited direction, at customer
sites, with daily contact with the customer.
Certification and Accreditation Database Server Administrator DISA CIO-
Falls Church Va
. Maintained Oracle database, which is the authoritative source for the
C&A status of DISA systems.
. Applied MS patches and IIS web server password management.
. Served as the System Administrator (SA) for the hardware that hosts
the Oracle database.
. Analyzed Certification and Accreditation Automation Tools to migrate
DISA networks from DITSCAP to DIACAP.
Lead Cross-Domain Solution Representative/DISA CIO-Falls Church Va
. Processed Cross Domain Appendixes (CDAs), supported DISA at various
security venues to include the Cross Domain Technical Advisory Board
(CDTAB), DISN Security Accreditation Working Group (DSAWG), the Cross
Domain Security Advisory Panel (CDSAP) and the community jury.
Knowledgeable of the CDS process and associated documentation.
. Interacted with security counterparts at DISA, NSA, Combatant Commands
and international partners.
. Reviewed Cross-Domain Solutions (CDS) as Cross-Domain Appendixes
(CDAs) go through the CDS approval process.
. Validated SIPRNet and NIPRNet CCSDs associated with the CDS,
coordinated with the IAM, PM, and certifier concerning content,
status, and timeline for CDSs.
. Experienced with engineering and obtaining approval for "Cross Domain
Solutions" for CDS applications using approved devices from the DoD
Security Accreditation Working Group (DSAWG) and the Cross Domain
Management Office (CDMO).
. Assisted with the creation and update of CDS records and tickets in
the DISA C&A database.
. Attended DSAWG meetings when requested by the DISA CDS POC.
. Interfaced with DISA personnel worldwide, access various DISA
databases to obtain information: SIPRNet GIAP System, DISA C&A
Database, and SNAP.
Battlefield Airborne Communications Node System Support-McLean Va
. Supported US Air Force (USAF) Global Hawk Battlefield Airborne
Communications Node (BACN) system in a Win2K/WinXP environment in
drafting Certification and Testing (CT&E) Evaluation Plan and
Procedures in accordance with DoD/USAF directives.
Mobility Inventory Control Accountability System Support-Dayton Oh
. Updated SSAA for USAF Mobility Inventory Control Accountability
(MICAS) system in a Win2K/PowerBuilder environment and conducted CT&E
Plan and Procedures in accordance with DoD/DISA guidelines/directives.
Threat Systems Management Office Support-Huntsville Al
. Authored SSAA and conducted CT&E Plan and Procedures in a Windows
2003, Internet Information Services 6.0, Windows Microsoft Database
Engine Environment, ASP.Net, SharePoint Services Data Server
environment.
Defense Integrated Military Human Resource System Support-New Orleans La
. Participated in Weekly Engineering Integrated Project Team (IPT)
meetings and reviewed systems capabilities and system security
architecture/design documentation.
. Researched analyzed VPN/MQ series issues, and documented PKI
requirements for systems/subsystems.
. Supported the Development and Test Network (DDTN) in mitigation of
vulnerabilities in accordance with DITSCAP/DIACAP.
. Wrote, edited, reviewed security policies, roles, responsibilities and
staffing of the Production and COOP environments.
DISA-Key Interface Profile Support-Falls Church Va
. Drafted DISA/NexGen project with IBM's Telelogic System Architect/
System/Operational/Technical Views of Key Interface Profiles.
Defense Logistics Agency Support-Ft Belvoir Va-IA Lead/NGIS/Accenture
. Authored System Security Plan (SSP), SSAA in a WebLogic, Netegrity,
Web Services, Business Intelligence environment in accordance with
DLA, DITSCAP
. Participated in weekly Engineering Integrated Project Team meetings
with prime developers and supported government representatives in
reviewing systems capabilities and design documentation.
. Researched defined, analyzed, validated and documented
systems/subsystems requirements.
NGITechnology/KFORCE July 2003 - Nov 2003 Member Professional Staff
Department of State Support-Rosslyn Va
. Conducted ST&E of MSSQL/Oracle Databases in accordance with
NIST/FISCAM/Department of State guidelines.
SRA International (A Fortune 100 Co), Fairfax, VA, Dec 2001-July 2003. Sr
Member, Professional Staff
Global Directory Service Support-Falls Church Va
. Authored, write, edit, review, and update SSAA to reflect the new
Information Assurance directives, conduct Security Test & Evaluation
(ST&E) in accordance with DOD Certification and Accreditation Process
(DITSCAP).
. Tested and evaluated Operating Systems (Unix/Windows), Applications,
Database Management Systems (Oracle), Directory and Web (Netscape)
server and COTS for vulnerabilities.
Army National Guard Bureau Support-Alexandria Va
. Certified and Accredited National Guard Bureau GuardNet Perimeter
Firewall Project, security/vulnerability assessments; implement DMZ,
VPN in accordance with DISA guidelines.
. Wrote, edited, and reviewed system security documentation in
accordance with DOD Certification and Accreditation Process (DITSCAP).
Conducted Security Test and Evaluation per DITSCAP and DoD/Army
Regulations. Visitied and conducted physical security assessments of
NGB sites.
DSA/MCI, Fairfax, VA, May 2001-November 2001. Sr Information Assurance
Engineer/System Security Architect DISN/BMS/ATM-C
. Certify and Accredit (C&A) Defense Information Systems Network
Switched Bandwidth Manager Services (DISN) Asynchronous Transfer Mode-
Continental United States (CONUS) DS/BMS/ATM-C Network, in accordance
with the Department of Defense Information Technology Security
Certification and Accreditation Process (DITSCAP) and DISN Security
Policies.
. Responsibilities include implementation of security solutions; develop
security, architectural and plans/practices. Responsible for reviewing
and updating the SSAA for Token-based SecureID flow diagram.
Responsible for Risk Analysis and Threat Assessment of the DISN
Bandwidth Manager Services sites. Design and Evaluation of CCVT
systems for Network Operation Center.
TWM/CSC, Fairfax, VA, January 2000-April 2001. DISA Projects/Senior
Information Assurance Analyst,
DISA I-Assure
. Certify and Accredit (C&A) DISN networks including the NIPRNet and the
SIPRNet. Development of ST&E plans and procedures, security policies,
architectures and the identification of Information Assurance
requirements for information systems certification. Testing,
conducting general control security audits and ST&E of DOD facilities
(INS, DMS, DREN, JDIICS-D, and IAESO) and report findings with
recommendations to minimize the risk, Compliance Validation and
Operational Analysis Verification visits. Member of ATM-C Bandwidth
manager services security-working group (DSAWG).
. Developed checklists for physical, computer, communication, personnel,
administrative, information, and information systems security
disciplines. Surveyed, planned and implemented a Verification Work
Center/Tools lab with UNIX and NT tools, for training Security
Administrators to conduct Security Test and Evaluation. Reviewed, and
edited SSAA (System Security Authorization Agreement) for JFRG, IASE,
and GDS.
ICT/SAIC, Inc, Alexandria, VA, March 1999 to January 2000. Internal
Revenue Service/Dept of Treasury/Information Systems Specialist
TIPSS
. Responsibilities include insuring documentation, testing, impact,
research, identify, and document date specific capabilities, test
preparation, and execution, determination of Y2K compliance of COTS
shareware/Software/hardware/firmware based on SEI CMM level II.
Provide customer support, vendor feedback on Y2K compliance of COTS
products; generate adhoc reports and queries in MS Access and Excel.
. Analyze requirements, review functional specifications, summarize
entrance and exit criteria and procedures for all test levels, provide
input to a comprehensive test plan, write and review Unit Test Plans,
document executable test cases or scenarios, perform test case
inspections or reviews.
HDC, Reston, VA, August 1997 to January 1999. US Customs/Dept of Treasury
Senior LAN/WAN Administrator
. Responsibility included support and administration of 60 servers and
3500 nationwide user sites for all applications including updating,
creating MS Access databases for forms, inquiries, reports and
migration of cc: Mail messaging to NT. Team member for support and
administration of Novell 3.12, Windows NT 4.0, OS2, LAN/WAN, resolved
system problems to minimize downtime.
. Troubleshooting of Novell and NT fileservers, cc: Mail PO.
Maintenance, mailbox moves, NT routers, and cc: Mobile, gateways,
hubs, concentrators, Shiva remote access, cd-towers, print servers,
LAN standards, dial out to sites, work with local LAN administrators,
travel to sites with installation team performing upgrades.
MirMitchell Inc/TRW Arlington, VA, February 1997 to June 1997. Dept of
Transportation/Telecom Specialist
. Administered NT WAN, SNA Gateways, and Remote access in a Novell/NT
LAN/WAN/Frame relay environment. Troubleshoot 3Com Allegra T1 cards
with on board CSU/DSU, provided support to telecommuting users
utilizing REACHOUT; coordinated regional Bell companies and AT&T frame
relay services, troubleshooting and administration of Novell 3.12/WIN
NT 3.51 network, HPUX servers, FTP and Telnet connections.
CRC/CSC, Crystal City, VA, March 1996 to February1997. Dept of Navy Naval
Sea Systems Command/Network Integration Specialist
. Focused on providing first-level support as a team member with
responsibilities for 40 servers and 400 users in a Novell LAN.
Troubleshoot 3.XX/4.XX Novell and LAN/cc: Mail administration, support
MS Office Suite; converted desktops to NetWare 4.1 and installed
network interface cards; troubleshoot internet access, UPS and Naval
messaging software.
INET/EDS, November 1994 to March 1996 US Dept of Justice-
INS/Hardware/Software engineer.
. Traveled to nationwide sites, conducted surveys and requirements,
configuration and installation of LAN/WAN; reviewed and analyzed
requirements prior to integration and interfacing of peripherals with
main systems and software. Installed, configured Eicon Technology
Gateways with X.25 protocols/T1, with US Sprint Services, troubleshoot
CSU/DSU, coordinated and installed Cisco routers at remote sites.
Member of the Rapid Response Team to troubleshoot defects and
malfunctions; resolved problems and was instrumental in organizing and
setting up a LAN Academy to train LAN administrators.
AY/KPC, October 1975-December 1986. Electrical Design Engineer/Asst
Executive Engineer
. Design, Test Power Transformers, Construct, Operate and Maintain Power
Generating Stations, Illumination and Power Distribution Design
Prince William County Park Authority - 2012
. Drafted/Reviewed NMAP/Nessus reports, edited/reviewed Security
Assessment Reports (SAR)
FITSI - DC Chapter - 2013
. FITSI - DC, design/testing of Joomla/MySql/Wix/Cvent web content
management
Leadership Roles
Information Assurance Manager - LGS
Lead Information Assurance/C&A Analyst - TASC
Lead Information Assurance/DLA - Northrop Grumman
. Lead Cross-Domain Representative - DISA/CIO/Northrop Grumman
. Guided/Mentored Information Assurance Engineers - TWM
. Lead High Altitude balloon project and broadband service project -
GMU
. Managed/Allocated work for fifty technicians - KPC
. Managed a team of four test technicians - AY
Skill Summary
. Information Assurance, Certification and Accreditation, Security Test
and Evaluation, Risk, Vulnerability Assessment, Penetration Testing
. Request for Information, Proposal Writing, Technical Writing,
Documentation of User/Technical Manuals
. Performance, Availability, Functionality, Developmental, Load,
Identity and Access Management, Content Security, Insider Threat
Evaluation, Testing of Bugs and Defects in Software
. Sales and Marketing of PCs/Peripherals/Office Supplies to Federal
Agencies
. Estimate, Design, Installation, Commissioning, Evaluation of
Electrical Utility Equipment - Transformers, Switchgear, Control
Panels.
Tools
. IBM Rational AppScan, ISS, Retina, Nessus, NMAP, MS Gold Disk,
SRR/STIG, STAT, Ethereal, NetCat, TCPDump, Crack/Lophtcrack,
AppDetective, SOATest, LoadRunner/WebInspect, JMeter, Center for
Internet Security, System Architect, Backtrack, Wireshark
Project Management Tools
. MS Project, Visual Sourcesafe, APMS Primavera Prosight, Team
Foundation Server
Virtualization and Cloud Technologies
. Virtual Box, VSphere, Vmware workstation, Amazon Web Services
Processes/Frameworks/Regulations/Guidance
. DIACAP/NIACAP, FISMA, DoDAF, IETF, JTA, NSA SNAC, NSTISSI-1000,
FISCAM, PCI, SOX, HIPAA. DoD M&R, DoD CIP
. DOT/FAA, DLA, NIAP, DISA/FSO, Marine Corps, Joint Staff, Army
Information Management, Assurance, VB.Net, Sharepoint, AKO/DKO.
Federal Information Technology Security Standards
. NIST 800 Series, Control Families, Special Publications(SP),
Interagency Reports (NISTIR), Federal Information Processing
Standards(FIPS), Acts of Congress, OMB Circulars, Memos,
Homeland Security Presidential Directives (HSPD)
. HSPD, Executive Orders (EO)
Languages/ Operating Systems/Database Management Systems/Directory
Services/Protocols
. SQL, XML, SAML, Visual Basic 2008/Windows(SRR/Gold Disk Evaluation),
Security Evaluation using Linux Unix(Solaris/HP) Tools, TCP/IP, RIP,
OSPF, EIGRP/BGP
. Security Evaluation of Oracle, MSSQL, MySQL, MS Access, DISA coding
standards for Java, C# Visual Basic.Net, ADS, NDS, LDAP, SOA, Web
Services/MS Office, Access, Visio, Project 2007
Policy Development
. Cyber Security Challenge Atlantic Council/SAIC 9/12 - 2013
. Destruction of Hard Drives Office of the Secretary of Defense - 2008
. Marking and Labeling of Documents DIMHRS - 2005
DoD/DISA/Contract Vehicles Support
. AICIG, JITC/NCES, DISA/CIO, I-Assure, NexGen, DLA, US Army, US
Airforce, Navy
Federal Civilian Agencies/Networks Support
. DOT/FAA, Dept of State, US Customs, DOJ/INS, Treasury Communication
Systems, USDA, OSD/CIO, DISA/CIO, HPCMP, SIPRNet, NIPRNet, DISANet,
DISN, GUARDNet, OpenNet, NAVSEA, JFRG, INS, DMS, IAESO, DISN ATM,
BWM, GDS/JEDS, DIMHRS, GFEBS, TSMO, ABIS, AKO/DKO, NCES, G-2
Security Test and Evaluation/Site Visits
. FAA/CSIRC, SPAWAR New Orleans, ARL/Aberdeen Proving Ground, Naval
Oceanographic Lab/Stennis Space Center, INS Reston, JIIDCS/Va,
NCTAMS/Norfolk/Hawaii, DECC-D Chambersburg, Army National Guard-Md,
Va, Pa, TSMO-Huntsville, BWM/ATM, ABIS/Fairmont/Wv, G-2 Pentagon.
System Test and Evaluation
. JEDS LoadRunner unit, performance, load and availability tests and
integration, development and operational test analysis of SOAP-web
based services and web applications. Analyze service error rates,
round-trip response time, and server-side CPU utilization for service
performance.
. Requirements development and clarification, test methodology
development, validation, test execution, and reporting.
. HP LoadRunner, SOAPtest, SOA-Ping and JMeter with functional, unit,
performance, load testing, develop test cases for Enterprise File
Delivery and Enterprise Service Management.
. Testing of COTS products for Y2K defects
Business Development/Proposal Support- LGS/Alcatel-Lucent/Bell Labs Co-
Herndon Va
. i2s - Match candidates skills to requirements and prep to interview
candidates suitability for positions
. VA EVS - Review documents for Security Requirements
. DHS - Continuous Diagnostics and Mitigation Dashboard Review
. DISA ESD Technical and Application Support Services IA and Security
Elements
. MCF - CM Plan Camp Arifjan (Kuwait)
. IMOD/ICANVoice Modernization Project- Ft Hood - Tx
Business Development/Proposal Support Northrop Grumman Information
Systems/TASC Va
. Army Intelligence Campaign - Intelligence Initiative (AIC-IG)
. Contract Management System (CMS) - DIA (Defense Intelligence Agency)
. Cross-Domain Solution (RFI) - DISA PEO-MA
. Joint Staff Thin Client Task Execution Plan(TEP)/DISA
. JEDS Task Execution Plan(TEP)/DISA
. GIG Network Management Architecture/DISA.
. Joint Staff Information Network (JSIN) Information
Contact this candidate