Manager Management
Resume:
Dan Sehnal
** ***** **** **** – White Stone, VA *2578; Phone: 571-***-****
(Active Top Secret Clearance)
CISSP, Sec+, PMP, RMP, MCT, MCTS, MCP, ITIL, MCNPS, MCITP
Overview
Core Qualifications
20+ years of in-depth knowledge and experience in software development and systems engineering and integration. Hands-on experience with full Systems Development Life Cycle (SDLC) development, and project and risk management across a broad variety of vertical domains. Led teams in information/cyber, infrastructure, system integration, and the reengineering of legacy systems in secure environments. Combines governance and risk / project management principles with enterprise architecture and security experience to optimize alignment of IT systems with business processes and regulatory requirements.
Senior Project Manager expertise, matrix managing multiple projects with both small (<10) and large teams (11-100+):
Provide leadership and management of staff and contractors
Information Assurance, Resiliency and Cyber Certified
Successfully implemented agile development processes
Developed and executed Government approved security policies, plans, and procedures; handled IS security incidents; developed plans for and implemented COOP/DR, and performed pre-certification preparation of IS and networks.
Lead business improvement processes / full acquisition life cycle management through the use of integrated Governance:
oPortfolio Management and prioritization
oProject Management Regimes including EVM
oBudget Development / Definition
oIT Life Cycle Development
oEnterprise Architecture (EA)
oStrategic and Tactical Planning
Design, build and deliver large, secure, virtualized, web-enabled IT projects
Relevant / Certified experience in:
oTechnical Risk Management
oSecurity – Information Assurance
oAsset and Configuration Management
oChange and Release Management
oBusiness Intelligence and Information Management
Provides strategic thinking supporting management planning, decision-making and improve organizational operation.
Emergency Software Triage expertise, successfully leading teams of software developers and system engineers to overturn a Termination for Cause finding.
Familiar with Department of State culture
Managed Web Development Projects & Drupal Transition
Comprehensive Agile Software Development
Certified Project Management
oPMI (PMP)
oMicrosoft (MCITP)
oPMI-WDC Certified
oCSME (ITIL)
Certified Cyber Security
oCISSP
oSec+
Certified Risk Manager
Certified Microsoft Trainer
Certified MCITP and 12 Other Microsoft Certs
Planning and Governance
Enterprise Architecture (EA)
IT Life Cycle Development
Working Familiarity with: ISO 27002, FISMA, A-123, FARs, FMFIA, GAO, FEDRAMP, FAM, CMMI, 8570, FIPS 199 & 200, NIST SP 800-30 & 50 Series, NISPOM, WOSAP, Critical Security Controls for Effective Cyber Defense, and the Fed IT Security Assessment Framework
Professional Experience
Telesis, Engagement Manager, Telesis, 8300 Greensboro Dr., McLean, VA Oct, 2017 – Present
Develop strategies for modernizing client’s security (SOC) and network (NOC) environments, including the development and socialization of an Enterprise Cyber Security Framework . The framework included producing a CIO-based Cyber Security Charter, aligning it with the CIO IT Strategic Goals and Objectives, and defining roles, responsibilities and signoff authorizations. Develop an integrated Risk Management Framework, FISMA and ITIL Service Delivery plan for ATO’s and incidence response. Provide a strategy to design a Security Operations Center (SOC) within the context of the existing client environment. Using an Agile approach, provide standard project management and reporting artifacts, tool recommendations, manage staff and budget, and present findings / strategies to clients. Received Letter of Commendation - December, 2017.
Caelum Research, Corp. Consultant, Business Development and Program Manager June, 2017 – Sept, 2017
Short-term appointment to provide proposal writing expertise on GSA's Integrated Award Environment (IAE) for the SAM.gov initiative (one of the largest multi-vendor, stakeholder projects in the Federal Sector) with the goal to improve operations, development, delivery, and security support across the following processes:
Program / Product Assurance and Release Planning: Utilize the Segmented Architecture Framework (SAFe) Release Planning, improve Agile Release Train (ART) performance and define the role / responsibilities of the Release Train Engineer (RTE). Integrated JIRA/Confluence strategy.
Enterprise / Data Architecture and User Interface (UI) and User Experience (UX): Develop / refine proposed security aspects of the Enterprise Data Architecture including the Enterprise Architecture and Integration Management (EIAM) Plan; augment the architectural lifecycle (baseline, transition, and target architectures); and propose / update the Common and Consolidated UI and UX using a SAFe approach.
Technical Governance and Requirements: Develop governance strategy that addressed: Meeting Business needs and that they were mapped to the CIO’s IT Strategic Plan; conformance to an enterprise end-to-end Framework; enabling a holistic approach that was made transparent by a Roadmap; and separating Governance from Management – providing balance between Performance and Compliance per Cobit 5 guidelines.
GCC Technologies, LLC, Program Manager, Office of Global Initiatives (OGI) October, 2015 – March 2017
Program Manager for the Financial Student Aid, U.S. Department of Education, Digital Delivery and Applications Services Modernization Program (including all components of the Federal Student Aid (FAFSA) program). This acquisition management effort entailed a full spectrum of program management services across the entire acquisition lifecycle process for IT systems including Governance activities, developing the business case, scope, visioning documents, OMB Exhibit 300, requirements and security definition, acquisition planning, solicitation development, source selection criteria, conducting vendor interviews, generating Analysis of Alternatives, making technological and innovative recommendations, coordinating with FSA stakeholders, reviewing and monitoring work of vendors, analyzing and mitigating risks, monitoring and measuring performance, validating and verifying deliverables, and developing contract close out activities.
Designed, programmed and successfully implemented an internal GCC Enterprise Program Management Office (ePMO) information resource management system, providing executive dashboards with drill down capabilities across all projects.
Researched and authored the approach to satisfy OMB’s requirements for an Analysis of Alternatives to include Cloud First Initiatives
Director, Solutions Integration, Prime Source Technologies, 1625 K Street, N.W., Washington DC; 2013-2015
Manager and Lead Technologist, supervising teams of software developers and engineers, in developing secure, integrated solutions across various domains. Direct responsibility for software design, development, and implementation of IT solutions from operational requirements. Spearheaded and had hands-on responsibility to implement the virtualized, web-enabled, war room-like Department of State (DoS) Nuclear Risk Reduction Center (NRRC) Modernization program. The modernization program was designated as one of President Obama’s Top 10 IT projects – the Strategic Arms Reduction (START), and later, the Cyber Security Treaty with Russia. The NRRC Modernization project emphasized resiliency and software assurance. Successfully deployed the system to O&M with Secretary of State, Hillary Clinton, presiding over the televised Ribbon Cutting Ceremony. Received a commendation by NRRC management for work performed.
Worked with clients to ensure that systems met business needs and were compliant with relevant NIST, DHS, and other Government security policies and standards. Skilled at analyzing complex systems and identifying solution spaces. Provided clients with recommendations on security, how to improve operations and how to best integrate complex requirements into a coherent, unified solution space. Approved and implemented large-scale software engineering projects incorporating infrastructure, software, and hardware, and communications, including encryption equipment. Performed research and analytical modeling. Reviewed and approved test criteria and procedures for security controls. Actively interfaced with clients to ensure that expectations were met and product(s) were delivered on-time and within costs. Led information system security practice producing threat and risk assessments; developing and maintaining security and contingency plans; evaluating sensitivity of the systems, risks, and mitigation strategies; conducting assessments of system safeguards; creating metrics and performance measurement methodologies to benchmark effectiveness of security policies. Designed and developed remote COOP/BCDR capabilities for classified systems.
Information Assurance Experience:
Responsible to establish and conduct system audits. Managed incident response situations in both development and production environments. Reviewed and modified existing policies and proposed new strategic, tactical and operational policies. Had overall responsibility to protect client’s IT assets across endpoints, servers, databases, and networks. Specific experience in the full range of security engineering includes:
Security Controls – Planned, conceptualized and implemented methodologies and techniques to create an enterprise-wide integrated security architecture to protect the assets in multi-level security environments. Instituted role-based group policies to enforce domain level system security. Managed controls assessments (NIST 800-53a) and stakeholder interviews, and technical testing of the required security controls.
Telecommunications and Network Security – The NRRC accesses and transmits multi-level secure information to over 100 foreign national countries. The Modernization and reengineering project involved developing and integrating security measures into high / low network structures.
Information Security Governance and Risk Management – Experience conducting risk assessments using NIST 800-30. Managed the identification of organizational assets and the development, documentation and implementation of policies, standards, procedures and guidelines. Developed and analyzed plans, policies and procedures for the security of desktop systems to ensure they meet regulatory requirements. Recommended modifications to established policies where reengineering afforded optimizations.
Software Development and Software Security – Developed and implemented an interoperable solution spaces and was responsible to ensure that security was designed into systems from the very beginning. Designed processes to anticipate, assess, and minimize system vulnerabilities. As a Risk Manager, developed risk mitigation strategies as required. Prepped systems for C&A.
Infrastructure and Security Architecture and Design – Designed and developed enterprise architectures that met the needs of business requirements. Ensured that security concepts, principles, and standards were properly engineered to enforce various levels of confidentiality, integrity and availability. Designed systems around virtualized platforms that provided high data availability (HA), redundancy, Fault-tolerance and Continuity of Operations (COOP) / Business Continuity and Disaster Recovery (BCDR) frameworks.
Software Development and Operations – Implemented a four-tier development environment including code development, continuous testing, staging and production. Developed policies for each tier including hand-off strategies between development teams and production management for all deployments. Developed strategy to introduce technology refreshments, software consolidation, software inventory control, and upgrade strategies and procedures. Successfully used strictly-adhered-to Agile methodology (Agilo). Automatic code testing, and customer involved deployment strategies. Oversaw the smooth transition from the development and reengineering cycles to the Operations and Maintenance (O&M) production phase. This included resource protection, development of custom incident / issue response, logs and tracking systems.
Business Continuity and Disaster Recovery Planning – Developed full-blown COOP / BCDR) systems with secure communications and secure, full fail-over and fail-back capabilities. This included developing policies and procedures, and contingency plans. Conducted live tests for verification and validation (V&V) of disaster recovery at the Continuity of Operations site and failback to central operations.
Notable Accomplishments:
Leadership / Technical Excellence: Successfully developed an integrated, Top Secret, system to the NRRC on-time, in budget and under resource constraints. Success was attributed to project management leadership, meticulous Customer Needs Assessments, stakeholder coordination and attention to detail.
Audits: Participated in, directed, and reviewed audits, including design and development, security, documentation, and project and risk management, of all aspects of the NRRC Modernization Program in preparation for a review (2014) by DoS OIG Inspectors. Zero (0) negative defects found in SDLC and Security processes. Received Federal Letter of Commendation.
Complexity and Security: Effectively integrated several disparate legacy systems with two, newly identified major Government initiatives in a 24x7x365 private cloud. Designed and implemented new enterprise and new information architectures dictated by security and performance driven business constraints.
Director of Software Development – WINS/ManTech), Seabrook, MD, Oct. 2009 - Dec. 2013
Managed 13 major concurrent projects. Successfully implemented a total system development life cycle (SDLC) / ERP solutions in an Agile environment.
Maintained and re-engineered 10 public-facing websites for the DoS Education and Cultural Affairs (ECA) Bureau. Utilizing OWASP, researched website critical security risks and eliminated a multitude of pre-existing cyber vulnerabilities. Designed, priced and provisioned for the Drupal transition of the 10 websites to the IBM Cloud (SoftLayer). Provided detail cost guidance to Government Task Manager for the Internal Review Board (IRB).
Originally hired by WINS as an “Emergency System Triage Expert” to lead, re-engineer, and salvage a project that was years late in delivery, Millions of dollar over budget, and had never gone beyond the “Blue Screen of Death”. This project had been given a termination notice (Termination for Cause) by USAID. When initially brought onto the project, I quickly assessed the status, root causes of the problems, capabilities of the staff, development and solution architectures, software design and status, and Cloud hardware resources and configuration (PaaS). Totally revamped entire project, refocusing staff and restoring morale, employed strict adherence to configuration management, embarked upon a comprehensive testing regimen, from unit test to system integration testing and back again until all bugs were removed. Performed system stress tests and validated functionality against requirements. In 60 days, succeeded in delivering a functioning system that resulted in having the determination overturned. Created briefing papers for senior-level DoS and USAID executives on project status and results.
As Executive Manager of the WINS Gold Program, successfully met requirements to award Gold / Silver / Bronze Certifications to the Corporation. Received personal commendation from the WINS President and recognition (Gatekeeper Award) for contributions made in obtaining the ISO 9001 Certification Process
Technology Consultant - Communications and Computer Interfacing, June 1997 to Dec. 2008
Focus on software engineering and systems integration. Designed and development software/hardware interfaces for embedded software. Built GUI interfaces modeling electronic instrumentation and provided packet-based communications consulting for shipboard guidance/navigation systems, GIS applications and communications utilizing GPS and satellite using C and C++.
Chief Strategist and CEO, Advanced Paradigms, Inc.; Alexandria, VA, June 1992 - June 1997
Responsible for identifying new state-of-the-art technologies to integrate into advanced technology platforms. Created three Divisions: Software Development, Systems Engineering, and an Advanced Technical Training Center (Microsoft Certified Facility - ADTEC) directed at Programmers, Systems Engineers and Train-the-Trainer Programs. Developed a variety of Microsoft Courseware and implemented state-of-the-art, on-site and remote, training delivery systems. Had technical oversight responsibility for all corporate projects. Awarded Number 1 Outstanding Microsoft’s Solution Provider of the Year Award, Mid-Atlantic Region, 5 years in a row.
Senior Project Manager, Institute for Defense Analyses; Alexandria, VA May 15, 1986 - June 10, 1992;
Senior project manager on a number of projects with high visibility and critical importance to the Department of Defense (DOD) and NATO. Systems were implemented in secure environments (up to Top Secret). Provided in-depth analyses of major, mission critical systems and generated guidance on alternatives, consequences, security, risks and benefits. Demonstrated ability to coordinate and collaborate at high levels with national and international organizations. Managed multiple concurrent projects and staff across multiple domains (Military, business process management, research, and information architectures). Created briefing papers for senior-level DOD executives on project vision, direction, status and results. Led educational research study on the Future of War Gaming for the Supreme Allied Commander European Theatre (SACUER) to improve training experience of 4 Star Generals using current and planned technologies – presented finding to NATO Headquarters committee on Science and Technology. Evaluated Star Wars (SDI) program for integrity and sustainability, defining vulnerabilities with respect to the (CMMI) model. Developed an artificial intelligence (AI) program to search for partial word / phrase structures or intonated / ambiguous meanings to find relevant guidance / information across a very large inventory of DOD documents.
George Mason University, 1982 – 1983; Taught Computer Science and Statistics classes
Education
2 Master of Science Degrees:
oMaster of Science, Computer Science / Electrical Engineering, University of Michigan
oMaster of Science, Physics, American University, Washington, D.C.
Advanced Certification, Electrical Engineering, George Washington University, Washington, D.C.
BS, Physics, St. Johns University, Jamaica, New York
Cyber and Information Assurance Competencies
Certified Information Systems Security Professional (CISSP)
Comptia Security+
Cyber Security Awareness Cert (Current)
Insider Threat Cert (Current)
Project Management Competencies
Microsoft MCITP in Enterprise Project Management
Microsoft Certified Trainer (MCT) in Project Management
MCNPS 2.0 AOS: Advanced Project and Portfolio Management
Microsoft Office Project 2007, Managing Projects
Microsoft Certified Trainer in MS Project 2010 and Enterprise
Microsoft Certified IT Professional (MCITP): Enterprise Project Management with Office Project Server
CSME ITIL Certified
Rated Fully Qualified PM by PMI-WDC Chapter (Knowledge, Skill, Abilities/Competencies)
Special Relevant Governance Knowledge
•Authored OMB Strategic Planning Guidelines
•FEAF V2 / BPM / Graphite GTM
•GAO Enterprise Architecture Management Maturity Framework (EAMMF)
•The Common Approach to Federal EA
•Next Generation - Collaborative Planning Methodology (CPM)
•Federal Segment Architecture Methodology (FSAM) (Replaced by CPM)
•OMB 25-Point Implementation Plan
Risk Management Frameworks
PMI Risk Management Framework (Certified)
COSO – Enterprise Risk Management (ERM) Framework
Certifications
(ISC)2 CISSP – 2014 current to 8/2017
Comptia Security+ 2014
FCC International Radio Telegraphy Certification - 1997
CSME ITIL 2013
Certified Program Manager (PMP) by Project Management Institute (PMI) - 2010 current to 6/2018
Certified Risk Manager (RMP) by Project Management Institute (PMI) - 2011 current to 8/2017
Cyber Security Awareness Certificate April 2017
Insider Threat Certificate February 2017
Certified IT Professional (MCITP) – Enterprise Project Management/MS Office Project Server
Microsoft Certified Professional (MCP) Since 1994, Certification Number: D452-5348
Microsoft Certified Trainer (MCT), Since 1998; Project Management, Networks, Servers, Programming
MS Certified Technology Specialist (MCTS), Since 1997, Certification Number: D452-5345
Rated Fully Qualified PM by PMI-WDC Chapter (Knowledge, Skill, Abilities/Competencies)
MS Certified Microsoft Office Project Server 2007, Managing Projects; MCTS Cert#: D452-5348
MS Certified Project Specialist - TS: Microsoft Office Project 2007; MCTS Cert#: D452-5348; 2010
MS Certified Project 4.0 for Windows
MS Certified Professional Implementing and Supporting NT™ Server
MS Certified Professional Implementing and Supporting NT™ Server in the Enterprise
MS Certified Windows Operating Systems and Services Architecture II (70-150)
MS Certified Windows Operating Systems and Services Architecture II (70-151)
MS Certified Mail for PC Enterprise Networks
MS Certified Windows NT™ Advanced Server
MS Certified VB Application Development
MS Certified Programming with Visual Basic
MS Certified Implementing and Supporting Microsoft® Windows®95
Certified GKS/VDI Graphics Programmer, Integrated Computer Systems
US Federal Government Executive Development Seminar, Kings Point, New York
Cyber Security Awareness Certificate April 2017
Insider Threat Certificate February 2017
Awards / Honors
Certificate of Appreciation from NRRC (DoS) management for Outstanding Service in Supporting Arms Control among the over 100 participating countries
Outstanding Performance 2014-2015, Prime Source Technologies
Gatekeeper Award, ISO 9001 Certification Process, Worldwide Information Networks Systems, 2011
Board Member, Computer Engineering Technology Industrial Advisory Board, Capitol College, Laurel, MD
Executive Manager, Microsoft Gold Program, WINS
Letter of Appreciation, Microsoft, Contributions to the MSP Partner Advisory Council
Certificate of Appreciation, Microsoft Corporation
Microsoft, Mid-Atlantic Region Number 1 Solution Provider of the Year Award, 1992, 1993, 1994, 1995, 1996
Founder and Chairman, Windows Special Interest Group, Washington Capitol DC Computer Users Group
Certificate of Appreciation, Defense Technology Security Agency - Import / Export Licensing
Meritorious Cash Award, Night Vision Labs, Dept. of the Army – Development of a real-time Financial Management System
Certificate of Achievement, Night Vision Labs, Department of the Army, Authored paper on Computer Driven Laboratory Control Interface
Certificate of Achievement, Night Vision Labs, Department of the Army, Authored paper on Transforming Numerical Formats
Commendation, Defense Technology Security Agency, Hi-Trac 90 for developing initial Program Objective Memorandum (POM) and POAM
Tau Beta Pi Engineering Honor Society
Contact this candidate