Bryan D. Evans

256-***-****

ac2y6o@r.postjobfree.com

Information Assurance Analyst/ IAO/ IA Manager

Skilled IT professional with a 12-year track record of innovation and success

Highly skilled Information Assurance professional with outstanding knowledge and experience with U.S. Army and operations including Joint Task environments. Possess expert level knowledge of policies and procedures on DoD network environments, industry/security standards, and DoD Cyber Security initiatives. Shown great capabilities to show instant impact and to manage specialized subject matter experts in planning and execution of the defense-in-depth security engineering process and developments. Excellent communication skills, able to work well with and manage highly technical Systems and Network Engineers to relate the technical knowledge to non-technical upper management, in a respectful and professional manor. IAT Level III, Active Secret Clearance.

Core Competencies:

•Incident Handling and Response

•Active Directory Management

•QTIP, Retina, SCCM, SCOM, SMS, STIG

•Well Versed in Army & Joint Task Policy

•Certification and Accreditation (C&A)

•Firewall, HBSS, Blue Coat, Hot Pan

•DIACAP/IACORA AR 25-2, DCID 6-3

•Management of IA/NA/SA/Help desk

•Threat Analysis and POAM

•Physical Security and Risk Assessment

Professional Experience

SMS Systems Made Simple

C&A/A&A Senior Information Assurance Analyst March2014 - Current

Create, monitor, and track all Assessment and Authorization (previously Certification and Accreditation process) documentation for various Veterans Affairs (VA) applications, cloud environments and General Support Systems (GSS).

Develop, maintain, and evaluate all System Security Plans, Risk Assessments, Continuity of Operation Plans, system Configuration Plans, Disaster Recovery, and Business Impact Assessments in accordance to the National Institute of Standards and Technology (NIST) Security Publications.

Conduct Assessments in accordance with NIST, FIPS standards and agency guidelines to ensure all phases of the Assessment and Authorization (A&A) process is completed with accuracy in accordance to VA policy, and Federal Govt. Guidelines (CIS Benchmark, USGCB Settings, NIST, FIPS, E-Government Act of 2002 Title III information security, FISMA, FedRAMP).

Applying Risk Management best practice to properly secure systems using VA policy based on the NIST 800-30, 800-39 and 800-37.

Prepare Certification Analysis and Reports and provide certification recommendations to the client throughout the Risk Management Framework process.

Use the FISMA guidance to conduct POA&Ms (Plans of Action and Milestone) to document, and track risks in accordance to NIST guidelines and VA's policy.

ITT EXELIS (Kandahar, Salerno, Mazarin-Sharif, and Kabul, Afghanistan)

Senior Information Assurance Analyst Mar2011 – Dec 2013

Responsible for providing key government personnel with policy coordinating and interpretation support, general information security support and assisting with the development and implementation of a defensive security program that protects information systems and documents.

Responsible for ensuring and documenting that all systems are regularly scanned, audited and re-mediated in accordance with applicable DOD policy and procedures and that incidents are documented and accounted for as necessary through leadership.

Developed and updated security plans, risk assessments, incident response, configuration management, checklists, and security agreements. Managed and maintained audit and compliancy, monitoring and self-assessment testing. Helped and worked with internal and external audits.

Maintain a database to track trends, unauthorized activities and common practice procedures and remedies to be followed by subordinate unites in correcting deficiencies identified during information assurance vulnerability compliance visits.

Employ network scanning tools such as REM/Retina, SCCM/SCOM/SMS, WSUS etc, to detect and re-mediate system and network vulnerabilities and deficiencies, as part of a proactive network security policy.

Provided daily and weekly status on findings, recommendations and provide follow-on written technical analysis and reports.

Anti-virus and HBSS monitoring and reporting, to include review of logs, open tickets, recommended process for remediation.

IAVA and All Audit monitoring and reporting, to include review of logs, open tickets, recommended process for remediation.

SAIC\ Space and Missile Defense Command (Redstone Arsenal Huntsville, Al)

IT Specialist III, Jan 2010 – Feb 2011

Provide Technical and Systems Administration Support for the U.S. Army Space Missile Defense Command CIO/G6 Office/ CIMS Contract; military, civilian and contracted employees.

Assigned various tasks from troubleshooting network TCP IP issues with: scanners, printers, computer/desktops, thin clients. Prepare and set laptops up and educate users on VPN prior to travel so that systems will be readily available for customers while off-site.

Maintain Altiris Deployment Console for our tickets system and receive 100s of tickets monthly on top of other assigned projects as well as creating tickets and assigning them out.

Performed Information Assurance tasks completing stigs with Army Gold Disk/ AGM on workstations and servers. Deployed patches on workstations and servers with multiple vulnerabilities. Had Domain administrator rights to troubleshoot users profile errors, add and drop users from the domain, modify duplicate accounts, setup new users and new computers to the domain with Active Directory.

Develop and enhance systems to improve connect time and accommodate traffic volume. Provide assistance to current/potential users to minimize disruptions. Provide training so users understand system capabilities. Analyze and resolve malfunctions by adjusting configurations, realigning port allocations, recommending acquisitions and distinguishing between equipment, software and LAN installation while also utilizing Citrix Management Console and Dameware NT to remote in to users.

Install Thin Clients and Thick Clients (Citrix) for the (U.S Army Space and Missile Defense Command) for unclassified and classified networks. Prepare request for Thin Client deployment and distribute newly imaged machines to users. Implement Virus removal and security awareness training while performing information technology tests and evaluation techniques to perform life cycle functions related to design, development, and/or implementation of computer systems.

Assist users with DOD Internet sites AKO, CPOL, DCPDS, DISA, DCO. Test/ Install/ Document new procedures for installing new equipment.

TEKsystems\ Trax International (Redstone Arsenal - Huntsville, AL)

Information Assurance Analyst SEP 2009 – Jan 2010

Worked with a small team to complete a DoD DIACAP in a very short time frame. Network composed of 1000+ end users in which I had full administrative rights and privileges on Redstone Arsenal and some work included Fort Rutgers Networks as well. End result the Army’s branch was deemed adequate and passed the DIACAP inspection.

Some Tools and Servers used: Retina, Netcheck, Vmware, Track-It, Active Directory, Qtip, SCCM, VB scripting

Our Team executed HBSS server, Administered new GPOs, Patched all machines with no vulnerabilities during the Xp to Vista migration, removed all Software Vulnerabilities,

I was solely responsible for the organization of thousands of software (5500) on a DoD Matrix style Excel spreadsheets with very technical explanations broken down of each software on the network. For preparation of HBSS deployment and network cleanup.

Technical writing including AUP (Acceptable Use Policy’s) and SOP (Standard Operating Procedures) for our Test Network

CorporatioCOLSA, (Huntsville, AL)

System Administrator\ Network Administrator Aug 2005 – Sep 2009

Tier III technician\ System administrator\ Network Technician\ Help desk (many roles)

Help desk responsibilities include: Help desk calls, tickets in Track-IT, and rapid response to immediate employee needs for technical support for pc’s including software & hardware issues

Replaced all cat5e to cat6e cabling on all personal workstations.

Install troubleshoot, diagnose and repair personal workstations\servers in a Novell environment including physical replacements.

Built new computers to company specs for new employees also picking up pc’s from exiting employees and remove all existing data.

Printers’: TCP\IP configuration, setup/configurations, repair ranging from replacing toner to paper jams,, .

Support 300+ users at corporate building, ARC (separate building under same company) 200+ support and an unknown number of off site employees for various technical issues to include password resets or random technical troubleshooting.

Maintain all floors network panels to including complete inventory from panels to switch’s into a database and individual room labeling to record all ips and mac addresses and all company proprietary information (company service tags etc

Physically go to every machine in entire building for any updates, virus removals, network configurations, and/or to administer security policies.

Perform service and repair on audio/visual equipment, also to include satellite setup, communications cable wiring, and configuration.

Perform administrative tasks of the Meridian Option 11C PBX Telephone and

Call Pilot Voice Mail Systems, including account management for all employees.

Perform installation, moves and changes of all Nortel telephone lines and VTC: troubleshoot and repair voice communication problems and establish teleconferences and video teleconferences.

Education

Associates in Computer Information Systems

J.F. Drake State Technical College 2006

Certifications:

GCIH - GIAC Certified Incident Handler

BCCPP - Blue Coat Certified Proxy Professional,

CEHv7 - Certified Ethical Hacker

MCSE (2003)

CCNA - Cisco Certified Network Associate

Security+

Network+

A+

Contact this candidate