PROFESSIONAL HIGHLIGHTS:
I have over ** years of experience in Information Technology with a
specific focus on information security, network and system administration.
I am proficient with cabling, designing, configuring and installing
networks, Microsoft NT servers, 2000/03, Exchange 5.5 and Exchange
2000/03/08. My knowledge base has afforded me the opportunity to provide
training in the Electronic Key Management System (EKMS) to the 3rd
Battalion, 7th Marines Crypto NCO to educate him on generating and managing
EPLRS cryptographic keys ensuring that command elements and adjacent units
have the knowledge to manage their own EPLRS network.
I also have experience in information and system security analysis,
vulnerability and patch management, technical enterprise architecture,
planning, designing and implementing systems, security controls testing,
continuous monitoring and Plan of Actions and Milestones (POA&M) remedial
actions. I am a highly-motivated individual with demonstrated knowledge in
DOD Information Assurance Certification and Accreditation Process (DIACAP)
standards and guidance and Defense Information Systems Agency (DISA)
Security Technical Implementation Guides (STIG). I have worked with the
DOJ analyzing their systems for compliance per NIST 800-53 Rev3 and FISMA
control sets.
I have supported the Army G-3/5/7 DAMO CCSA IA maintaining documentation
for 12 Information Systems for accuracy and expiration to assure a timely
renewal of C&A packages. I have supported the DOE as an Information
Security Engineer representing the CIO on Site Assistance Visits (SAV's);
as part of a team that reviews documentation, interviews personnel and
performs vulnerability assessments of DOE IT programs through out the
country. After all is analyzed a report is generated which encompasses site
details, strengths of the program, and area for improvement with
recommendations to the site and the CIO. And currently I am supporting
Corpus Christi Army Depot (CCAD) as an IT Policy Planner which requires me
to utilize appropriate project management techniques to plan, coordinate,
and implement program execution plans and other plans for Information
Technology projects, Prepares timely management data, Information
Technology resource requirements, and individual project data summaries,
Coordinates the development, preparation, and submission of data to higher
headquarters.
EDUCATION:
University of Maryland University College (60 Credits in Cyber Security),
Aug 2008 to Present
University of Texas at San Antonio, General Studies, Aug. 2000 - May 2001
Additional Training/Certification:
. USMC Training: Data Network Specialist Course, Network+, TCP/IP, enhanced
MS maintenance for Server 2003.
. DISA Training: Personal Electronic Devices/ removable Storage Media,
Personal Identifiable Information (PII) training, Phishing Awareness,
Host Based Security Systems, Information Assurance (IA) Awareness, and
Computer Network Defense Course
. Global Knowledge: Managing and Maintaining a Microsoft windows Server
2003 Environment, TCP/ IP Networking
. Ultimate Knowledge: VMware ESX 3.5
TECHNICAL SKILLS:
IT Security Working knowledge of DoD Information Assurance Certification
Policy, and Accreditation Process (DIACAP) standards and guidance, DOD
Processes and Security Technical Implementation Guides (STIG), DOE NAP
Governance 14.1-C and DOE NAP 14.2-C, NIST 800 series, and FIPS 199 and
200
Security Tools E-eye Retina, Gold Disk, McAfee, WSUS, Hercules, Information
Assurance Vulnerability Alert (IAVA) reporting system,
Electronic Key Management System (EKMS), Tenable Nessus
4.4/4.5, Core Impact 11/12, user knowledge of Foundstone ver.
7
Network and Windows NT, Microsoft Exchange 5.5/2000/2003/2008, Active
System: Directory, Network+ Training, Windows Server 2000/2003, DNS
servers, PII Training, TCP/IP Networking and VMware ESX 3.5,
Voice Over Internet Protocol (VOIP), Non-classified Internet
Protocol Router Network (NIPRNet), Secret Internet Protocol
Router Network (SIPRNet); Microsoft Internet Relay Chat
(MIRC), Remedy Management system, and SharePoint.
WORK EXPERIENCE:
Corpus Christi Army Depot
IT Policy Planner (GS -2210-11)
Nov 2012 - Oct 2013
Served as an Information Technology (IT) Specialist (Policy and Planning)
which requires analytical ability, judgment, discretion, and knowledge of
the DOIM organizational objectives, resource expenditure monitoring
processes and techniques, including the various directorates organizational
structure and inter-relationships. Performs or assists in one or more of
the functions of the Branch. Assist the Information Technology policy
manager and project manager for approved projects during the entire
lifecycle. Assist in providing back-up documentation and pertinent
information for presentation and verification purposes, Provides staff
guidance for the definition and accomplishment of assigned
programs/projects relative to the specific phases within the lifecycle.
Identifies command responsibilities related to project identification and
implementation. Develops and coordinates documentation which encompasses a
project definition, which usually results in an impact or interface with
other Government operation systems or facilities. Reviews proposed IT
development to ensure that the requirement is consistent with other
Government plans, programs, and projects. Develops and coordinates the
timely submission of planning and reporting documentation required for
various projects and programs, including project proposals, cost estimates,
advanced acquisition planning, long range plans, life cycle replacement,
etc. Validates and presents schedules and plans required for internal
management purposes or by higher authority. Utilizes appropriate project
management techniques to plan, coordinate, and implement program execution
plans and other plans for Information Technology projects, Prepares timely
management data, Information Technology resource requirements, and
individual project data summaries, Coordinates the development,
preparation, and submission of data to higher headquarters.
Navy Army Community Credit Union
Server Administration
Aug 2012- Oct
2012
In support of Navy Army Community Credit Union (NACCU), I was responsible
for providing daily maintenance of Citrix servers, Exchange Servers, and
Tier 2 trouble calls for over 200 NACCU employees. 90% of the machines
supported were thin clients powered by embedded Window 7 OS and running
published applications through Citrix.
Federated IT
Information Security Engineer
Aug 2011 - Apr 2012
In support of the DOE NNSA CIO, I was part of a Site Assistance Visit (SAV)
team responsible for traveling to all of the National Nuclear Security
Administration (NNSA) sites to review processes, documentation and IT
systems and verify the are in accordance with NIST 800-53 rev3 and NIST 800-
115. My role on the team focused on reviewing Configuration, Change,
Vulnerability, and Patch Management programs, in conjunction with
vulnerability scans on the network using Nessus and web application
analysis using Core Impact. My review process consisted of documentation
review and staff interviews to assess the knowledge, understanding and
implementation of the documentation. Upon completion of the trip a report
was generated consisting of an analysis of the program and scan results
pointing out the strengths and area for improvement, as we are not an audit
team our goal is to aide the site in improving their program so they are
better equipped to handle threats.
Kforce
Information Assurance Security Officer
May 2011- Aug 2011
IASO in support of the Army G-3/5/7 DAMO CCSA IA located in the Pentagon,
in charge of 12 Information Systems(IS). Enforcing the IS security guidance
policies as provided by AR 25-2, enforcing system access, operation,
maintenance, and disposition requirements, reporting security violations
and incidents to the servicing RCERT in accordance with Section VIII,
Incident and Intrusion Reporting, ensuring any system changes resulting
from updating or patching are reported to the IAM/IASO. Review C&A
packages, TSP's, ATO's, CON's and TIGS memos for accuracy and expirations
in order to assure renewals are completed in a timely manner.
Mindpoint Group, LLC
Functional Analyst II
Feb 2011- Apr
2011
In support of the DOJ ITSS ISA project, consisting of the analysis of DOJ
systems for compliance to NIST 800-53 Rev3 and FISMA control sets. I
assisted with compiling the Security Assessment Report that detailed
security control assessment information from automated scans and manual
assessments. Supported security assessment interviews of Information
System Security Officers and System Owners to determine security control
compliance in place or planned. I drafted Plan of Actions and Milestones
(POA&M) to document weaknesses as a result of the ISA control set.
Military Work Experience: U.S. Marine Corps (USMC): December 2003 to
February 2011
Small Computer Systems Specialist
Aug 2010 - Feb 2011
In support of the U.S. Marine Corps (USMC) Headquarters (HQBN S-6) of
Arlington VA, I provided personal helpdesk support for 150+ users
troubleshooting office and desktop issues, assisting in the provisional
mapping of office connection for all users. I served as the liaison for
users to system administrators and trains co-workers on process improvement
and efficiency providing support services outside of their Military
Occupational Specialty (MOS).
Information Assurance Technician Oct 2009 - Aug 2010
I provided information security oversight for HQMC Administration and
Resource (AR) Information Technology (IT) Center, Information Security
Management Branch (ARI) and subordinate commands responsibilities included
coordinating security measures analysis, periodic testing, verification,
accreditation and review of Information System (IS) installations at
appropriate classification levels. The duties included analyzing E-eye
Retina scans of the entire network to check for vulnerabilities and
identify the affected systems and peripheral devices. I categorized
identified vulnerabilities and documented his recommendations for required
remedial actions. I addressed vulnerabilities by performing security patch
management using WSUS for Microsoft patches, Hercules for all others, and
for non-software related items, I addressed those on a case by case basis.
Additionally, I ensured that system users were provided annual information
assurance awareness training, and provided system administrators,
management, and network security personnel with the appropriate systems
security training for their duties. I ensured compliance monitoring, by
reviewing such monitoring and reporting and significant Information
Assurance findings through remediation, transfer responsibilities, and
mitigation violations. I ensured that users and system support personnel
had the required security clearances, authorization, and need-to-know
required and also indoctrinated users to command security practices before
granting access to information systems.
Platoon Sergeant Mar 2009 - Sept 2009
I maintained accountability of 35 Marines at the HQMC ARI and provided
monthly performance reviews to help continue their professional growth. I
verified and maintained all training requirements for job specific skill
sets and leadership designed for personal growth. I helped plan and
coordinate events in an effort to maintain morale within the platoon.
Asset Manager Oct 2008 - Oct 2009
I inventoried and entered in assets to the HQMC ARI accountability database
with make and model, warranty type and expiration dates. I conducted life
cycle management activities to ensure that all equipment was in warranty
and that assets were assessed for continuing service under extended service
agreements. I also ensured that all equipment at or near service limits do
not exceed 25% refresh threshold per year. I provided reports on major end
items tracked via life cycle management providing recommendations on
equipment refresh and Defense Reutilization and Marketing Office (DRMO) any
outdated or non-functional equipment.
Help Desk and Watch Non-Commissioned Officer in Charge (NCOIC) Jul
2008 - Oct 2008
I provided supervision and oversight for the ARI IT I Help Desk with
regards to maintaining standard operating procedures (SOPs), customer
service, training, and execution of duties. I ensured trouble tickets are
properly entered into the Remedy Management system as well as verification
and oversight of trouble tickets for quality of service, completion of
documentation, and execution in a timely manner.
Server Room NCOIC Jan 2008 - Jul 2008
I maintained inventoried, general maintenance and cleanliness of the ARI IT
Center server room, verifying all cables were organized and marked to show
where each end was connected within the server room. I also verified that
all servers and switches had redundant power and removed all non-production
servers. I created rack diagrams to correspond with server room maps and
the ARI database which possessed all equipments information to include:
location, network, classification, make and model, warranty type and
expiration, IP, VLAN, serial number, and point of contact for each
equipment piece based on its services area.
Tactical Data Systems / Networking Specialist Jul 2005 - Dec 2007
Supporting the 2nd Battalion 5th Marines H&S Communications Platoon, Camp
Pendleton, CA, I served as the Navy and Marine Corps Internet (NMCI)
transition non-commissioned officer. I taught the 31st Marine Expedition
Unit (MEU) command element, Marine Service Support Group (MSSG) 31, and
Battery K, 3rd Battalion, 12th Marines, the Enhanced Position Location and
Reporting System (EPLRS) course, providing the basis for all units in the
31st MEU to pass electronic information in a timely and efficient manner.
Taught Marines from 3d Battalion, 7th Marines and soldiers from Task Force
1-7-7 and 3-69, US Army on the operation and maintenance of the EPLRS
radio, and personally instructed the Electronic Key Management System
(EKMS) Chief aboard Camp Ramadi and 3d Battalion, 7th Marines Crypto NCO on
how to generate EPLRS cryptographic keys ensuring that command elements and
adjacent units had the knowledge to management skills to maintain their own
EPLRS network. I also helped to install switch closet in the battalion
combat operations center that provided Secret Internet Protocol Router
Network (SIPRNet), Non-classified Internet Protocol Router Network
(NIPRNet), Microsoft Internet Relay Chat (MIRC) and Voice Over Internet
Protocol (VOIP) connectivity, allowing for electronic information to be
passed to higher, adjacent, and subordinate units.
Tactical Data Systems / Networking Specialist Dec 2003 to Jul 2005
In support of the 11th Marines Regimental Communications Platoon, Camp
Pendleton, CA, I served as a network specialist using the Enhanced
Positioning Location Radio Systems (EPLRS) to design and manage EPLRS
networks to be able to provide intranet connection through these point to
point radios. I used multiplex devices that combine digital, analog and
audio transmission through one source and send out via satellite or point
to point antennas, in addition to how to handle, manage, generate and
dispose of cryptographic keys.