Roy Novinger *** Sled Drive • Shermans Dale, Pennsylvania, 17090 • 717-***-****

ac5dr5@r.postjobfree.com

SENIOR SYSTEMS AND CYBER SECURITY SPECIALIST

Defense Information Assurance Certifications and Accreditation Process (DIACAP) SME • DOD Network and Computer Security SME

Seeking career expansion into exciting new areas of cybersecurity, specifically, penetration testing,

(CISSP) Certified Information Systems Security Professional

Cyber Security/Information Security & Assurance Enterprise OS Deployment (MDT/DISA SHB) Vulnerability Management Planning & Analysis DISA STIG.

Analysis & Compliance Penetration Testing & Ethical Hacking.

Desktop/Server Virtualization (Vmware ESXi)

Network Vulnerability Assessment (Nessus/ACAS).

Business Continuity & Disaster Recovery Planning

Network Security &Administration

Risk Management Framework (RMF)

NIST Cybersecurity Framework(NISF CSF)

Cyber Command Readiness Inspections (CCRI) SME

Certification and Accreditation (C&A) SME

INFOSEC (SME)

System Technical Implantation Guide’s (STIG) SME

System Test and Evaluation (ST&E) SME

Security Team Lead • Security Strategic Planner

Security Process Development / Re-engineering

Security Staff Development / Training

Diversity and Inclusion

Problem Resolution

Conflict Resolution

Performance Metrics • Continuous Improvement • International Business Experience • Problem Solving • Conflict Resolution • Trouble Shooting • Pen testing with Retina. Management Review, Application Risk Assessment, Identification of Security Risks, Training, Firewall and Router Analysis and Implementation and Coordination Meetings.

Dynamic, results-driven leader with a track record of accomplishments achieving and consistently exceeding expectations in challenging, fast-paced and exacting environments. Astute analyst, strategic thinker, and creative problem solver with superb management abilities. Articulate, persuasive and powerful presenter. Inspire trust and confidence with clients, partners, and employees. Writes with clarity, strength, and style. Motivated high-performing teams, and ensured world-class customer satisfaction.

CAREER TRACK

Shermans Dale, Pennsylvania

Senior Technology Security Analyst 02/2014 – 04/2016

Hewlett Packard

Assessment and management of information security policy, processes, and procedures for PCI compliance. Analyzed gaps in organization security posture.

Involved in Security Program Operating Manual (NISPOM), Security Plan, Risk Assessment, Security Test and Evaluation (ST&E

Extensive coursework on new and innovative security technologies and a history of proven team leadership to achieve large security project evaluations and implementations

Previous project successes involved the development, implementation and management of Intrusion Detection Services, security testing and evaluation of systems, and security solutions according to industry standards, policies and procedures.

External Penetration Testing support used to evaluate the security of the organizations systems and in support of PCI Certification requirements.

Internal Penetration Testing used to evaluate the security of company financial systems and applications

Hewlett Packard Chambersburg, Pennsylvania

Senior Technology Security Analyst 01/2003 – 02/2014

Held a Top Secret clearance with SCI, and NATO TS COSMIC ATOMAL.

Helped develop the STIGS for Windows Workstations, Windows Servers, WEB, Database, UNIX and Cross Domain Solutions.

Provided Security Test and Evaluation (ST&E) support for agency systems and applications at regional sites.

Experience with Information Security Management Act of 2002 (FISMA), and NIST guidance.

Management Review, Application Risk Assessment, Identification of Security Risks, Training, Firewall and Router Analysis and Implementation and Coordination Meetings.

Provided Incident Response and Site Security Assessment support for the national office

Completed Pen testing with Retina, technical security reviews of Windows, UNIX, Cross Domain Solutions, Databases (Oracle and SQL), Provided Process Improvements, and Provided Diagnostics to the System Administrators.

Supported DISA FSO worldwide as a Senior Technology Security Analyst reviewer.

Served as a Team Lead.

Assisted sites in achieving the Authority to Operate designation. Provided IT Support

As a team lead created and delivered In briefs and Out briefs for Senior Leaders at sites, DISA FSO and CYBERCOM.

Briefed Senior Leaders at all levels in the DOD.

Authorized to evaluate operating systems for Security Vulnerabilities in a variety of environments including Multiple Virtual Storage (MVS) and DATACOM Databases multiple Versions.

Assessed Access Control Systems and Methodology, Operations Security and Business and Business Continuity Planning and Disaster Recovery Planning, Windows NT, Windows 2000, Windows 2003, Windows 2008, Windows XP and Windows VISTA.

Checked Access Control Systems and Methodology, Applications and Systems Development Security and Cryptography, Databases controls, WEB architecture Telecommunications and Network Security Cross Domain Solutions, Traditional Security, Management Practices, Operations Security, Business Continuity Planning and Disaster Recovery Planning, Legal, Investigations, and Ethics reviews, Physical Security, and Applications.

Evaluated complex networks consisting of multiple hardware platform levels (Mainframe, Mid-tier & PC) operating systems. Trained customers on how to evaluate fixes before implementation to ensure integrity is maintained.

Provide training to site personnel on how to correct security deficiencies.

Ensured data collected during security reviews was loaded into the Vulnerability Management System (VMS) and validated the information.

Provided VMS training to the customer whenever required.

Performed INFOSEC checks for the Government.

Provided INFOSEC training to the customer and other reviewers.

Electronic Data Systems Chambersburg, Pennsylvania

Security Analyst 05/2002 – 01/2003

Supported the System Accreditation and Certification function within the Enclave Certification section of the Defense Information System Agency, Field Security Operations (FSO) Division.

Performed reviews and analysis of previous Security Readiness Review (SRR) results to determine the security posture of sites and their information systems or technologies.

Reviewed, made recommendations, and provided guidance to sites relative to their System Security Authorization Agreements (SSAA) as prescribed by DODI 5200.40 DITSCAP.

Prepared final Certification packages with supporting documentation for the FSO Certification Authority approval.

Electronic Data Systems Mechanicsburg, Pennsylvania

Software System Engineer 01/1997 – 05/2002

Responsible for installing software on IBM OS390 systems, in Chambersburg, Mechanicsburg, and St. Louis.

Converted 4 DATACOM regions from 8.1 to 9.0, for the ASIMS Test System.

Transmitted FIXDOCS from SSO to the Lead and ASIMS Systems.

Ran SMP/E receive and apply checks.

Served as DBA for the Navy’s DSS warehouses east of the Mississippi, which contained 12 large DATACOM/DB regions on the production system and 4 DATACOM/DB regions on the test system.

Provided upgrades to the data structure.

Rewrote DATA QUERIES for optimization.

Analyzed the system statistics to identify the Data Queries and programs that are the worst performers on the production system.

Trained the DSS customer on how to optimize Data Queries.

Provided 24-hour support.

Solutions Technologies Inc. Camp Hill, Pennsylvania

System Engineer (SPAR C2 PROJECTS) 08/1994 – 01/1997

Converted and tested the local SINR programs for Jacksonville, Norfolk, Pearl Harbor, Kings Bay and Cherry Point.

Analyzed and translated programs written in 1968 Burroughs COBOL to 1974 IBM ANSI COBOL, and CA-IDMS/DB. Transmitted FIXDOCS from SSO to the Lead and ASIMS Systems.

Performed unit and string testing of batch programs, POC for Pearl Harbor and Yokosuka, Japan sites.

Trained new System Engineers.

Audited string testing of other System Engineers.

Migrated JCL into production.

Performed CA-7 testing, including all phases of the EDS System Life Cycle methodology including design, analysis, construction, testing, and implementation.

Ensured the 100 SE's had work to do.

Ensured the sites converted on time and under budget.

Kept records of SE’s work hours and money spent on the project to include TDY costs.

Developed procedures to aid in the conversion and migration process, supporting a user base of approximately 100 SEs.

EDUCATIONAL CREDENTIALS

Computer Learning Center - 1986 Mechanicsburg, Pennsylvania

SA Level 2 UNIX, SA Level 2 Windows 2003, CISSP Boot Camp, Software Engineering Institute's Virtual Training Environment's Security +, DOD Security Specialist 2 week Class, Windows NT 4.0 Security Administration Training, Windows 2000 Security Course, Information System Service Provider, Advanced Project Management, REXX programming, CICS Concepts and Commands, CICS VSE for Operators, OS/390 Installation, CA DATACOM/DB CICS Services, CA DATACOM/DB Database Administration, CA-ADS, 06/97, SMP/E Fundamentals 01/99, SLC Definition and Analysis, 05/97, SMP/E Workshop

REFERENCES

OWEN ADAMS 717-***-**** ac5dr5@r.postjobfree.com

DEB BETTS 717-***-**** ac5dr5@r.postjobfree.com

WALT KERR 240-***-**** ac5dr5@r.postjobfree.com

WAYNE NORMAN 717-***-**** ac5dr5@r.postjobfree.com

Contact this candidate