Security Manager
Resume:
DAVID O. CONCEY PMP CISSP CEH SECURITY+ NETWORK+ A+ ITILV3
**** *** **** **. ******, GA, 30519
*****.******@*****.***
Seeking a position within Information Security Management where my extensive sound federal/military IT and
multi facets of Cyber Intelligence experience can be fully utilized, exemplifying my skills sets and experience to
effective use by solidifying the organization to address its security concerns; in turn providing its stakeholders,
customers and employees a secure IT/IC environment. I believe by owning each problem as if it was my own and
working quickly with efficiency to resolve the issue; gives me the ability to go above and beyond my expected
duties, therefore achieving customer satisfaction. A unique opportunity within the DOD IT/IC infrastructure has
honed my strong problematic and decision making skills with the ability to adapt to any organizational changes.
A proponent of World Class IT Methodologies supported by a detailed knowledge of Computer network
exploitation, computer network attack, Change and Project Management, security tools; server system
administration, current technologies and ITIL best practices. Effective in defining breakthrough technology
options based on organizational standards, security policy and the strategic needs of organization. Skilled in all
aspects of the "protect, detect, respond" cyber security triad and applying the proven tenets of “defense in depth.
Customer focused with the development and implementation of enterprise security policies and in the
recommendation of security controls in light of value vs. threat vs. vulnerability vs. cost.
PROFILE
Results oriented seasoned Senior Information Security Program Leader with over 15 years of broad cyber security and
enterprise risk management experience and a proven record of success. Expert in managing cost effective, high performance,
information technology security programs that balance enterprise risk with legislative and regulatory compliance in the support
of key business objectives.
Effective communicator skilled at gaining business buy in to enterprise security initiatives. Expert at creating effective security
awareness programs, conducting risk and security control assessments for the information assets of the organization. Known
for solid time management and ability to work calmly, accurately under pressure.
Experience managing all aspects of technology to include: large data center management, software development, enterprise
architecture, information security, network operations and management.
Expert in applying cost effective risk based principles to large cyber security programs to support of key business objectives.
Intensive experience dealing with Cyberspace Operations which includes Signal Intelligence (SIGINT), or Computer Network
Exploitation (CNE), or Digital Network Intelligence (DNI) Analysis.
Comprehensive knowledge of Federal, DoD, and DoN IA/Security requirements and policies relating to communications and
computer information systems; to include but not limited to evaluation, validation, and execution of compliance with DoD 8500
IA Controls, Security Technical Implementation Guides (STIG), Computer Tasking Orders (CTO), and their references.
Extensive knowledge of Unix, Apple, Linux, Microsoft Server 2003/2008 Operating System, Microsoft Active Directory,
Microsoft Exchange 2003/2007, Microsoft System Management Server, Microsoft XP, Microsoft Vista, ESM,SCCM, VMware
and workstation imaging.
Experience using and/or detailed knowledge of ArcGIS, Military Analyst, Falcon View, APIX, CIDNE, TIGR, MOTHRA,
Multimedia Analysis Archive System (MAAS), Video Processing Capability (VPC), SOCET GXP, Advanced Intelligence
Multimedia Exploitation Suite (AIMES), Smart Track, Analyst's Notebook, Digital Video Analyzer (DVA), GeoTracker, National
Technical Means (NTM), Peregrine, Tactical Common Datalink (TCDL), RemoteView, and/or Persistent Surveillance and
Dissemination of Systems (PSDS2).
Extensive security knowledge and experience in DoD and special environments NISPOM; NISPOM supplement; JAFAN and
DCID documentation; COMSEC; DD254 and Security Classification Guides; DSS; MDA Security Compliance Reviews (SCR).
Knowledge of Network Management Systems (NMS) software, What's Up Gold (WUG), Ethernet Automated Protection
Switching (EAPS), KG 175 TACLANE, KG 75 FASTLANE.
Familiar with key data correlation tools, data mining (SBSS, Clementine, Matlab, etc) and visualization (Cold Fusion, COGNOS,
etc) all designed to support insider threat detection.
Extensive subject matter expertise in IT Services Management (ITSM) and ITIL, methods, processes, strategic technology
infrastructure planning, and developing cost effective solutions to meet customer business requirements.
Active Top Security Clearance of TS/SCI (DCID 1/14 Eligible) DIA/DHS/NGA SCI CLEARED.
PROFESSIONAL EXPERIENCE
US DEPARTMENT OF THE TREASURY
INTERNAL REVENUE SERVICE
SUPERVISORY IT SPECIALIST IR 2210 04/GS 14 OCT 2012 PRESENT
As Chief IT Enterprise Tools Ownership (ETO), directs, manages a federal workforce of 20 at the GS 13/GS 14
levels, comprised of four business units Tivoli Environment, Altiris Deployment, Control M EM, and End to End
(E2E);responsible for ensuring that the organization's strategic plan, mission, vision and values are communicated and
integrated into the team's strategies, goals, objectives, and work. Employs contemporary, proven, project management
techniques. Provides senior technical product and infrastructure support for enterprise utilities, tools, and their
standardization in production environments including the modernized enterprise systems management environment.
Evaluates project schedules and developer resource allocations to ensure successful development of approved
software applications. Tracks, analyzes and coordinates multiple, complex applications development projects using
principles and guidelines of the Project Management Institute (PMI) and Capability Maturity Model® Integration (CMMI)
methodologies. Facilitates cross functional and cross team planning sessions to ensure integration of critical path
development activities.
Programmatic Leadership and Oversight: Directs agency driven World Class IT initiative by serving
o
as the subject matter expert to support the integration of the Release and Deployment Management
Process with other enterprise ITIL based processes (e.g., Change Management and Configuration
Management).
Leads and manages complex computer engineering projects or programs that may have ill defined
o
requirements, ambiguity, parallel tasks, multiple dependencies, high risks, and multiple interfaces;
provide technical oversight and initiate, plan, implement, and coordinate activities throughout the life of
the project.
Develops, executes, and communicates a spend plan and assess variances from cost and schedule
o
baseline; reallocate resources in response to change, considering impact to project cost, schedule, and
quality of deliverables.
Strategy & Planning: Manages complex Cross Functional Transformations involving ITIL Processes,
o
ITSM and Enterprise Service Automation & Service Assurance Tools Implementations across various
production environments.
Participates as a member of the senior management team in governance processes of the
o
ECMS/ERTB organization’s security and risk management strategies. Develops and communicates
security strategies and plans to executive team, staff, partners, customers, and stakeholders.
Leads strategic security planning to achieve business goals by prioritizing defense initiatives and
o
coordinating the evaluation, deployment, and management of current and future security technologies.
Monitors the broad scope of Tivoli Environment, Altiris Deployment, Control M EM, and End to
o
End (E2E) security technical activities and tracks progress in meeting goals and objectives, resolving
technically complex management and operational issues directly with other senior level managers
throughout Infrastructure Services Division.
Evaluates complex programmatic problems, applies Business Process Improvement techniques to
o
evaluate and improve business processes and procedures to enhance effectiveness, efficiency, and
productivity of managed business units. Ensures that a disciplined, repeatable systems, and project
management approach is used to assess, prioritize, and carry out assigned duties and responsibilities
including process improvements and reengineering efforts.
Guides and directs systems security analysis, vulnerability management and assessments, risk
o
assessments, security surveys, independent certification testing, security test and evaluation, and
verifies the accuracy and completeness of the reports associated with each of those activities.
Tools utilized: IT Service Management Tools like HP Service Manager/ BSM, HP Asset
Manager, BMC Control M/Enterprise Manager, HP Service Manager, HP Asset Manager.
Strategic Human Resources (HR) Guidance: Ensures the provision of outstanding HR guidance,
o
training and development guidance, and professional support to targeted staff, technical leads and
employees. Provides technical expertise, leadership in developing and implementing targeted human
capital programs. Identifies developmental training needs of employees and arrange for needed
development and training.
Oversees and leads project implementation and quality assurance by effectively monitoring cost,
o
schedule, and performance; assess variances from the plan and take necessary corrective actions,
conducts project performance reviews and control gates, gather important information and make
decisions about required next steps, and develop and maintain appropriate project documentation.
Leads technical discussions for complex projects and communicate with customers, information
o
technology (IT) service providers, and technical components to fully understand problems.
US AIRFORCE RESERVES
USPACOM INTELLIGENCE DIRECTORATE (J2)
ALL SOURCE INTELLIGENCE ANALYST INTELLIGENCE (POL/MIL) APR 2012 PRESENT
Serves as a Political/military all source strategic intelligence analyst in the South Asia Division (India Branch) at
the United States Pacific Command Joint Intelligence Operations Center, Pearl Harbor, Hawaii.
Primarily responsible for researching, developing, presenting and publishing All Source products at the
o
tactical and operational level related to insurgent IED cell activities, and threats to local/regional stability
as part of an overall analytical team.
Develops counterintelligence initiatives, including insider threats and cyber threats, to effectively protect
o
national security and the operational mission of DIA. Identifies information gaps and prepares collection
requirements to meet current and anticipated intelligence needs.
DEPARTMENT OF HOMELAND SECURITY (HEADQUARTERS)
ARLINGTON, VA
IT GOVERNANCE / CYBER SECURITY TEST MANAGER / CONTRACTING OFFICER'S MAR 2011 – OCT 2012
TECHNICAL REPRESENTATIVE (COTR)
As the DHS NPPD OCIO Manager of IT Governance, was responsible for directing, developing, implementing and
integrating agency wide investigative change management practices with a defense in depth strategy to ensure
protection of the DHS IT UNCLASS/CLASSIFIED environments; managed a robust ITIL/CMMI set of tools and
techniques to refine, control the enterprise wide change, approval and implementation phases for maximizing benefit
and minimizing impact on workers and processes. Reported to the executive Director of Information Technology with a
dotted line to the Department of Homeland Security CIO. Led the design and implementation of IT governance
policies, procedures and standards. As the Chair of the Engineer Review Board, participated in change control efforts
for the DHS Infrastructure team by setting standards and best practices that defined and maintain appropriate SLAs for
the group. Collated team was responsible for evaluating cyber security products, deciding go forward products,
implementing these products, then properly turning them over to the Cyber Security Operations team.
IT Governance Leadership: Provided leadership and management for the Service Operations group.
o
Fulfill customer requests, resolve service failures, fix problems, and carry out routine operational tasks.
Chaired the National Protection and Programs Directorate Enterprise Review (NPPD ERB) change
advisory boards to ensure all changes applied within the managed information technology infrastructure
are properly approved, tested, documented, and validated.
Managed and led a team of cyber security test experts responsible testing and assessing the
o
effectiveness of application, system, or network security controls; validate risk and vulnerability
management programs; and demonstrate the risk associated with unaddressed vulnerabilities.
Addressed means to reduce exploitable software weaknesses and improve capabilities that routinely
o
develop, acquire, and deploy resilient software products. Enhanced development and acquisition
processes to address software security needs. Transition software assurance processes and practices
into standards, and maturity models
Team Management: Directed organizational change management strategy and created change
o
management roadmap; formulate change management plans, including allocation of resources,
determination of risks, and identification of deadlines and deliverables with a goal of successful
implementation of tasks which are completed on time while maintaining flexibility that is required to deal
with changing conditions.
o Managed phases of the Incident Handling Life Cycle to ensure resolution of cyber incidents
within the command.
Responsible for interfacing daily with high end IT staff and will be responsible for reconfiguring (full life
o
cycle process) current Tivoli IDM platform; overseeing the planning, installation, component
configuration, application configuration, problem determination, and customization of the IBM Tivoli
Endpoint Manager VS.2 solution.
Maintained overall responsibility for system availability, capacity planning, system performance,
o
installation, and configuration of software and hardware for Tivoli Monitoring; responsible for planning the
implementation of new technologies and technology upgrades and consulting with application support
groups relative to Tivoli End Point (TEM) output.
Managed IT engineering services such as MS Exchange support; MS SharePoint support; Blackberry
o
Enterprise support; Good for Enterprise support; Microsoft .Net support; MS SQL Server support; Oracle
RDBMS support; Oracle Java support; DHS XaaS support; and support for the deployment of new or
upgraded platform technologies into TSA's IT production environment.
Supervised IT project managers responsible for the delivery of highly complex IT projects involving
o
Systems Engineering Lifecycle (SELC) technical support for TSA mission critical IT services. Overseeing
the work of senior level technical staff of other TSA and DHS organizations and contractors to ensure
project completion.
Security Control: Ensured the following Change management activities were executed; planning and
o
controlling, change and release scheduling, communications, decision making and change authorization,
ensuring remediation plans are in place, measurement and control, management reporting assessing
change impact, continual process improvement.
Planned and coordinated processes for in depth vulnerability analysis and suggest tools/techniques that
o
may be used to exploit identified vulnerabilities through a combination of manual and automated
processes.
Ensured the proper analysis and validation of test results, documented risks, recommended remediation
o
options, and track outstanding remediation efforts to resolution.
Developed and monitored standard operating procedures and team documentation, as required. Manage
o
daily operational tasks provide task coordination / prioritization, and assign resources. Assist in daily
operations to include intrusion detection, incident response, unauthorized device monitoring, web
application scanning / assessments, and auditing support.
NIST SP 800 53, F NIST SPS WITHIN A SECURITY PROGRAM, INCLUDING 800 30, 800 37, 800 53A, AND
800 18 INTEGRATION
VULNERABILITY MANAGEMENT EXPERIENCE – MCAFEE NITRO SECURITY, TENABLE SECURITY CENTER, MCAFEE
EPO, FIREEYE (DIRECT NSF VULNERABILITY MANAGEMENT SUITE EXPERIENCE A PLUS)
BMC PROACTIVENET PERFORMANCE MANAGEMENT (BPPM) (ARCSIGHT, NETFORENSICS, E SECURITY, ETC
USAF MCGUIRE AFB
NEW JERSEY AIR GUARD 204 INTELLIGENCE SQUADRON
TH
OPERATIONS ALL SOURCE PRODUCTION INTELLIGENCE ANALYST NOV 2008 – APR 2012
As Operational All Source Production Intelligence Analyst, supported all aspects of Air Force (AMC) operations
by collating, analyzing, evaluating and disseminating intelligence information. Produced all source intelligence,
situation estimates, order of battle studies and other intelligence reports and studies. Advised commanders on force
protection and intelligence information for US and allied forces. Compiled, segregated, evaluated, researched,
interpreted, analyzed, and disseminated intelligence information.
.
Provided intelligence Country Risk Assessments (CRAs) and estimates at the tactical, operational and
o
strategic levels, supporting AMC A2: Production for USCENTCOM, USPACOM, USEUCOM,
USNORTHCOM and USSOUTHCOM flight operations.
USAF 305 APS, MCGUIRE AFB, NJ
CHIEF COMPUTER NETWORK OPERATIONS (CNO)/ CISO 40HRS NOV 2008 – JUL 2010
Served as Chief of Computer Network Operations Branch, was responsible for developing and implementing
measures/controls to deny unauthorized persons information derived from telecommunications and ensuring the
authenticity of such telecommunications including: crypto security, transmission security, emission security, traffic flow
security and physical security of COM SEC material. Maintained continuous surveillance over the operations, to
include resources, networks and associated assets; upon identification of a network disruption, assesses the extent
and operational impact of the disruption and initiates service restoration actions. Responsible for auditing existing
systems, while directing the administration of security policies, activities, and standards.
Organizational Leadership: Leadership of strategic and tactical decisions surrounding virtualization,
o
storage, backups, wireless, telecommunications, infrastructure, business continuity and other technical
systems as needed. Planned and managed financial and human resources for IT operations while
ensuring the development of high quality technology solutions for the business. These solutions must be
developed at the best possible cost and be aligned with customer and business needs while establishing
relationships with vendors, customers, employees and key internal and external stakeholders. Organized
sectional teams around continuous delivery principles to increase organizational throughput as well as
automate processes to deliver predictable services consistently.
Operations and Maintenance: Managed the communication computer security (COMPUSEC)
o
program, Air Force Electronic Key Management System (AFEKMS), Emission Security, and Information
Assurance Awareness Programs.
Managed the regular event analysis searching for and extracting information, and incident response from
o
the suite of security tools and system security features (HBSS, IDS, Insider Threat, Anti Virus, Firewall,
System security logs and events, etc.
Filtered information collected from a variety of computer network defense resources (including, but not
o
limited to, intrusion detection system alerts, firewall and network traffic logs, and host system logs) to
identify, analyze, and report events that occur or might occur within their environment.
Established the necessary capabilities for conducting penetration testing and risk assessments of
o
applications and hosting infrastructure through consistent methodology using a variety of automated and
manual tools, and producing uniform reporting standards.
Architecture of CND Tools utilized enterprise SIEM platform (e.g. Nitro/McAfee
Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk, IDA, OllyDbg
HIPS, ID/PS, Full Packet Capture, Host Based Forensics, Network Forensics, IST 800
53 Rev 4, HIPPA, SOX, and Remote Access Service.
USAF 87TH SECURITY FORCES, MCGUIRE AFB, NJ
PHYSICAL REGIONAL SECURITY OFFICER (RSO) 40 HRS JUL 2008 – NOV 2009
As Regional Security Officer (RSO), served as the authoritative source and subject matter expert on all matters
relative to multiple security disciplines, issues, guidance and assistance in the evaluation/analysis of security needs.
Adhered to security policy guidance to formulate facility, program, and personnel resource requirements for program
security. Developed a comprehensive and ongoing security awareness program; administering a multi faceted security
awareness program consisting of briefings, directives, computer based training and audiovisual presentations.
Primarily for the physical protection of sensitive or classified information, personnel, facilities, installations, or other
sensitive materials, resources, or processes against criminal, terrorist, or hostile intelligence activities.
Exercised security regulations policies for multiple security specializations within the required operating
o
areas. Established security SOPs. Planned, prepared, & presented security briefings, and conducted site
specific security briefings.
Coordinated the commands’ crime prevention and physical security awareness program to ensure
o
adequate security relating to issues such as protection of assets, alarm responses, and card use.
PINNACLE –EDS/HP BRISTOL MYERS, SKILLMAN, NJ
SENIOR INFORMATION SYSTEMS SECURITY PROFESSIONAL PROJECT MANAGER APR 2008 – OCT 2009
(ISSP) 40 HRS
As Senior Information Systems Security Professional Project Manager, directed the on going enterprise wide
security oversight, infrastructure support, guidance, and the reviewing of the Agile IT environments including;
supporting large technology integration projects ensuring appropriate technology alignment; ensuring security is
integrated as a major component when implementing new technology (e.g. mobile devices, wireless connectivity,
remote access systems); developing standards for specific devices (e.g. hard drives, flash drives); and providing the
examples of best practices to build a secure foundation leveraged by all HP Enterprise federal contracts.
Served as Information Center (IC) Action Officer, responsible for providing
o
consulting/installation/training/technical support to computer end users. For each request for technical
assistance, determined procedures required to solve problems of the affected IT infrastructure.
Evaluated, acquired, configured and used software intended to ensure that automated systems were
o
secure from unauthorized use, viral infection and other problems that would compromise sensitive
information in terms of confidentiality, integrity, and availability, or would compromise other aspects of
overall system security.
Responsible for all activities associated with providing management, program direction, and guidance to
o
ensure a highly effective Composite Adversary Team capable of conducting performance tests of
protective forces and security systems.
Assisted in the development of security controls and counter measures as well as their positioning within
o
the architecture to support the desired cyber security architecture requirement at the individual system
and at the enterprise level.
Web Services and related technologies (e.g. cloud computing, XML, XML Schema;
WS Security, XACML, SAML, WSDL; UDDI)
USN COMMANDER FLEET ACTIVITIES, JAPAN
LEAD INFORMATION SYSTEM SECURITY OFFICER (ISSO)/ NETWORK JAN 2005 – JAN 2008
INTELLIGENCE ANALYSIS 65 HRS
As Lead ISSO, provided expert technical advice and guidance to Operational Division Chiefs/ CND Planners on
significant risk management and assessment activities that were undertaken to improve cyber security in critical
infrastructures. Developed, maintained and implemented IT Security Training and Awareness Programs in
Classified/Unclassified environments. Served as the subject matter expert and technical authority of CI cyber threats,
as well as, IT forensic analysis procedures, investigations and mitigating techniques.
As ISSO was responsible for the investigation and reporting of all TSC, LS and Unit(s); including system
o
specification, configuration, maintenance, rationalization and account access control.
Conducted cyber risk, malware/vulnerability, cyber related infrastructure inter dependency analysis and
o
the reporting of foreign computer exploitation capabilities directed against the United States.
Provided oversight and served as an expert consultant regarding COMSEC, COMPUSEC, Systems
o
Certification and Accreditation along with emerging technology related to IA. Provided management
oversight of the Information Assurance Vulnerability Management Program (IAVM).
Conducted intelligence analysis relative to the cyber fields of information processing, data
o
communications, network intrusion, and indications/warning to computer networks; streamlining cyber
analytical support for counterintelligence investigations, and operations.
Managed the network physical security systems; SIPRNet Security, Protected Distribution System (PDS)
o
and IP enabled Anti terrorism/Force protection (AT/FP) network devices. Coordinated IA technicians,
systems administrators in monitoring the network for vulnerabilities and compromises. Conducted
security audits and inspections and provides audit/inspection results to the CAR for compliance
reporting.
USN USS VINCENNES CG 49, JAPAN
INFORMATION SYSTEMS SECURITY MANAGER/COMPUTER NETWORK DEFENSE (IA/CND) JAN 2002 – JAN 2005
MANAGER 60 HRS
As Information Systems Security Manager provided technical knowledge and project management skills for
complex information technologies. Orchestrated enterprise level responses to IT security incidents ensuring
coordination with operational users, incident response teams, network security personnel. Provided technical support,
analysis, and recommendations in areas of: Surveillance and Reconnaissance; Perimeter Defense; Malicious Code
Analysis; attack vector analysis; Computer Network Defense (CND) Incident Handling; Vulnerability
Management/Reporting; and Risk Analysis and Readiness.
Assigned as Terminal Area Security Officer (TASO) responsible for the information security support to all
o
IT Division TASOs onboard USN naval vessels. Recommended corrective actions to the Designated
Accreditation Authority (DAA) as necessary.
Managed daily unclassified and classified network operations to include network management, control,
o
security and administration within Network Management (NM), Help Desk (HD), Information Protection
Operations (IPO), and Network Administration (NA) work centers. Administered and maintained
database.
Led team members and administrative support personnel, and for providing guidance and advice;
o
integrating team efforts to assure systematic, thorough, and professional performance of inspections,
assessments and special reviews.
Prepared and reviewed documentation to include System Security Plans (SSPs), Risk Assessment
o
Reports, Certification and Accreditation (C&A) packages, etc.
Core utilization, configuration, and implementation of industry capabilities to include:
Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Security Event
and Incident Manager (SEIM), advanced log analysis, network monitoring, packet
capture analysis, and UNIX command line.
Expert utilization of the following tools: Cadence, Surrey, Traffic Thief, CNE Portal and
X Key score.
USN USS VINCENNES CG 49, JAPAN
GLOBAL NETWORK EXPLOITATION AND VULNERABILITY ANALYST 60HRS NOV 2000 – JAN 2002
Continued
Continued
Continu
As Network Exploitation and Vulnerability Analyst, was the subject matter expert (SME) responsible for Non
Secure Internet Protocol Router Network (NIPRNET) and Secret Internet Protocol Router Network (SIPRNET) Change
Management. Implemented, maintained, and analyzed procedures and security connection requirements in order to
evaluate overall technical features and security protection required for systems and networks processing all sensitivity
levels of information.
Performed a full range of first level supervisory responsibilities including assigning work to subordinates
o
based on priorities, selective consideration of the difficulty and requirements of assignments, and the
capabilities of junior sailors.
Monitored and evaluated ONE NET, IT 21 and legacy network systems compliance with IT security
o
requirements. Led 3 teams in monitoring, reviewing and analyzing Intrusion Detection System (IDS) logs
and reporting/taking action when anomalies exist. Conducted CI related computer inquiries and
investigations.
Performed forensic analysis, evaluated malware code, fuzzing techniques, identified techniques used by
o
attackers to exploit and gain access, and performed reverse engineering to determine actual root causes
of incidents.
GFI Event Log Manager, Splunk, or equivalent log management software knowledge
Secure Technical Implementation Guides (STIGs), Information Assurance Vulnerability
Alert (IAVA), DCID 6/3, Federal Information Security
Contact this candidate