Gerald Smith

Summary

San Antonio, TX

acfs72@r.postjobfree.com - 210-***-****

With over 27 years of experience in years of experience in the information systems and technology industries

with a focus in systems engineering, network integration design, and C4I engineering with experience working

for NATO, Headquarters, United States European Command (HQ EUCOM) and Special Operations Command

(SOCOM). I have led major enterprise-grade solution activities and complex capture and technical concepts

for the Department of the Army and Air Force and successfully won contract opportunities as a business

developer and a solutions architect. As a virtualization and security solutions engineer, I have designed,

executed and managed information technology solutions for HQ USEUCOM, Department of the Air Force

Computer Emergency Response Team (AFCERT) under the 67th Cyber Warfare Wing, 24th Air Force

Cyber Command, Lackland Air Force base, and the Air Force Intelligence, Surveillance and Reconnaissance

(ISR) Agency, and other federal state, and local agencies. I have also provided senior technical leadership

and consulting to business units and projects including technical business strategy execution, technology

investigation and developing client business relationships. I have guided the technology vision for creating

business solutions, security and technical direction for enterprise and virtualized infrastructures; I am well

versed in all computer IT security polices, procedures and standards including certification, accreditation,

vulnerability assessments, penetration testing and approval processes in accordance with the Department

of Defense (DOD) Information Assurance Regulations, FISMA Compliance, DIACAP, Command Cyber

Readiness Inspection (CCRI) guidance, NIST and the Defense Information Systems Agency (DISA) Security

Technical Implementation Guides (STIG) and standards.

WORK EXPERIENCE

Independent Consultant

Air Force Federal Business Development - San Antonio, TX - January 2014 to August 2014

Provided technical and business development to support the federal growth of a small business. I proposed

budgets for programs, proposed purchases and upgrades recommendations of technologies; I advised

technical and corporate office staff members, and presided over IT-related projects. I designed concepts

supporting the implementation and delivery of virtualization solutions, infrastructure security and ERP system

migrations for customers of the small business organization. I additionally developed the technical solutions

for a local government agency to implement a virtualized disaster recovery solution. Additionally I negotiated

sales agreements, fostered partnerships, created proposals, non-disclosure agreements, teaming agreement

processing, capture management, vendor and project management for new business and potential clients of

the small business organization to include solutions for Air Force and Army contract opportunities. I provided

marketing and business development leadership and participated in activities to expand new business base. I

led the execution of the proposed federal business development plans and developed technical and business

approaches for opportunities with agreements between partner companies and vendors.

Air Force Cyber Solutions Engineer/Business Developer

CSC - San Antonio, TX - February 2010 to January 2014

As the Air Force Missile Defense Group Business Developer Executive and Cyber Security Solutions

Virtualization Architect, I was responsible for the day-to-day activities developing new business and solutions

for 24th Air Force Cyber and Intelligence Command, and the Air Force Surveillance and Reconnaissance (ISR)

accounts. I controlled the execution of the proposed business development plans. I developed technical and

business approaches for opportunities and established teaming agreements between partner companies and

vendors. I was also responsible for providing marketing and business development leadership to expand new

business bases in Air Force Cyber and ISR.

• As Cyber Security Solutions Virtualization Architect, I tracked future opportunities within the business unit's

market segment, capitalizing on market opportunities and minimize effect of competitive activity. I identify

potential clients, develop client oriented marketing strategies and, create client oriented service offerings.

I identify contract vehicles and/or approaches that can be used by clients to obtain services offered. I

capture business requirements on how the system should work over time and lead the analysis, design,

and implementation planning of the solution from pre-sale through delivery. I establish preliminary project

development schedules and generate conceptual/logical and virtual architectures, system documentation,

testing analyses, test plans, and risk assessments. I developed solutions for various Air Force customers and

bid opportunities including:

• Combat Information Transportation System (CITS) Contract for the Air Force Computer Emergency

Response Team (AFCERT) (Task Order 32, 8104 and 42 ($70M+, 5 years), a cyber-security network defense

intrusion detection and prevention weapons and analytics system securing all Air Force networks. As the

technical advisor and principal engineer, I managed over 170 vendor consultants and employees to provide

insight and technical solutions to the overall architecture and contract acquisition strategy; engineered the

cyber-security maintenance and analytical network defense weapons system protecting all eighteen Air Force

gateways that provides the boundary security defense for their unclassified network enterprises and feeds the

analytical platform for analyst to use which supports the Network Defense mission of the Air Force

• Oracle Sun Ray Thin Client Enterprise Solution ($2.8M Project). I designed and implemented the VMware

Infrastructure Enterprise environment reducing the overall server footprint of the 33rd Network Warfare

Squadron (NWS) unclassified enterprise from 52 physical servers to a minimal allocation of 9 saving the

customer over a million dollars in maintenance and technical refresh cost for the next 5 to 7 years. This

implementation also reduced the overall space requirements of systems for each analyst supporting the

33rd NWS enterprise. Additionally, I reduced the overall energy and HVAC cost by replacing a 70-watt

full-sized computer system with a 4-watt thin-client solution. This virtualization implementation reduced the

administration cost by centralizing the management of systems, increasing response times to end-users, and

with no moving parts in the thin-client solution, reduced the maintenance cost for fixed disk replacement

Sr. Systems Engineer Principal & Virtualization Architect

CSC - San Antonio, TX - August 2008 to February 2010

I led a diverse team of over 40 Configuration Managers, Information Assurance Managers, Information

Assurance Officers, Network, Windows, and UNIX engineers, accountable for all aspects of customer support

including multi-platform, multi-software technical support, problem identification and resolution

• Responsible for the design, development, implementation, virtualization, information assurance, systems

security, configuration management, and network solutions

• Provided planning, analysis, and development of systems and solutions and developed validation schemas

and performed testing, designed solutions, implementations, integrations and maintenance procedures for

Windows and Solaris systems, and various SAN storage systems

• Resolved connectivity problems and software issues with computer environments, systems, subsystems, and

components. Monitors, investigates, and resolves system operation issues in accordance with government

policies and procedures

• Documented and communicated resolution recommendations to management and implemented solution

upon approval. Analyzed potential system investments and prepared supporting documentation for providing

recommendation to customers

• Mitigated risk based results of vulnerability assessment combined with standardized vendor base lines and

best practices then evaluated current and future performance, stability, systems management and life cycle

issues

• Conducted penetration and DISA Security Technical Implementation Guide testing of all operating systems

and specialized appliance platforms to ensure configurations for all enclave assets are compliant with

government regulations, then follows DIACAP certification and accreditation processes for connection

approval to government controlled networks

Senior Information Assurance Engineer

CSC - Stuttgart, AR - September 2002 to August 2008

Performed Integration and topology design, and maintenance of topology networks for all HQ USEUCOM

unclassified and classified networks. Utilized various GOTS and COTS software, hardware to monitor and

protect the assigned systems and networks. Additional responsibilities included development, design and

management of the Enterasys Dragon Net Defense System and the Enterasys Dragon Intrusion Detection

System (IDS) for all networks (including geographically separate units), maintenance and updates for all

infrastructure devices (all firewall, router policies and configurations, design and management of the Web

Content Filters) throughout the enterprise enclaves (HQ USEUCOM and SHAPE Belgium)

• Conducted vulnerability assessment testing on various GOTS and COTS software packages, workstation

and server builds; analyzed security controls following the DIACAP process for certification and accreditation;

provided technical recommendation to the government Information Assurance Manager for Interim Approval

to Operate or Approval to Operate prior to any hardware or software application installation on government

controlled networks

• Conducted penetration and Defense Information Systems Agency (DISA) Security Technical Implementation

Guide testing of all Windows, Linux, Unix and specialized appliance platforms such as: routers, switches

and firewalls, to ensure configurations for all workstations, servers and appliances are compliant with DOD,

DISA, AF, NSA, NIST and other regulations prior to being recommend for connection to government controlled

networks

C4I Systems Engineer/Operations Manager

CSC - Stuttgart, AR - September 2000 to September 2002

Responsible for vulnerability assessment testing on various GOTS and COTS software packages, client-server

builds; analyzed security controls ensuring the DIACAP process for certification and accreditation were being

followed

• Directed activities of multiple employees operating across a variety of shifts and geographies for support

operations and responsible for all aspects of operations service delivery to include customer satisfaction,

personnel management and facilities management

• Managed a diverse team of over forty operations professionals, technicians, engineers and educators

accountable for all aspects of customer service including multi-platform, multi-software package technical

support, problem identification and resolution. Specifically the following areas: Technical Support Center

that provides all helpdesk and desktop support services; Very Important Persons (VIP) Support section

that provides support to critical and VIP customers; Desktop Engineering section that builds and distributes

Windows client software via SMS; Hardware section responsible for all maintenance and property

accountability actions for HQ USEUCOM, SHAPE, Pentagon, Washington D.C. and Kelly Barracks; SHAPE,

Mons, Belgium Support section responsible for Combatant Commander support located in Belgium; Kelly

Technical Support section responsible for all support operations at Kelley Barracks; Special Operations

Europe (SOCEUR) Support section responsible for all end users in support of SOCEUR; C4I Training section

responsible for all end user training programs; Audio, Visual and Collaborative sections responsible for all VTC

and DCTS collaborative support

C4I Systems Engineer/Branch Manager/Team Chief

CSC - Stuttgart, AR - October 1997 to September 2000

Managed the day-to-day operations of the C4I Help Desk, Desktop Support Section, and the Very Important

Person (VIP) Section within the End-User Support Branch, C4I Training Section, C2 UNIX Administration,

Audio/Visual Systems Section and the Information Assurance Branch

• Ensured administrators, technicians and analyst are trained to configure, test and implement solutions

for deployable and stationary systems supporting exercises and real-time contingency operations; followed

all site-approved configuration and accreditation processes, DISA information assurance guidelines,

configuration management, engineering guidelines, corporate and government policies and procedures

• The USEUCOM network systems employ Microsoft Windows client and server operating systems, and

Solaris UNIX. I managed the implementation and configuration solutions of all client workstations and laptops

within the USEUCOM area of responsibility. I analyzed, corrected, tested and implemented solutions to

problems identified by users, operators, analyst, specialist, and technicians. Additionally I directly supervised

all personnel assigned to the sections ensuring they received proper training to maintain the highest level of

support possible to the customer

EDUCATION

General Refresher

University of Maryland

2005

B.S. Equivalent (German - Non-Accredited) in Information Systems Management (IFSM)

Hochschule für Technik, Fachhochschule Stuttgart - Stuttgart

2004

General Studies in Information Technology

University of Kentucky (UK), Lexington Community College - Lexington, KY

1990

SKILLS

•Enterprise architectures •Virtualization solution development & Implementation •VMware vSphere v3.x-v5.x,

vCloud Networking and Security (vCNS), VMware NSX •SQL Server •PowerShell •McAfee ePO, Infrastructure

security development and design •Cisco PIX, ASAs, Switches and Routers •Wireless Infrastructures

•Symantec Firewalls •FortiGate Firewalls •Enterasys Intrusion Detection Systems •Sun Storage, SunRay

Thin Clients •Brocade Fiber Switches •Windows Server 2012 R2 (standalone, cluster and enterprise

environments) •Windows XP/7/8.1 •RedHat Linux •Remedy Ticketing System •Software Development Life

Cycle (SDLC) and System Development Life Cycle •Veritas Backup •Project & Capture Management

•Information Assurance •Help Desk Management •Vulnerability Assessments & Mitigation •FISMA Compliance

•VMware implementations •Make/buy recommendations •Proposal Management •Systems Certification and

Accreditation •Penetration Testing •Firewall and Router hardening •Security Best Practices (Public and Private

Sector) •Web Application Security products such as: Nessus, WireShark, WebInspect, Grabber, Zero Day

Scan, eEye Retina, Weblogic, WebApp360, Splunk (Enterprise Level), Samurai plus others to include the

installation, configuration and maintaining of Apache/Tomcat and IIS web hosting environments, experience

with Zabbix web monitoring tool, SourceFire and SNORT

LINKS

http://www.linkedin.com/in/deroldman/

ADDITIONAL INFORMATION

CERTIFICATIONS AND TRAINING

• IAT Level II - CompTIA Security + credential

• Microsoft Certified Systems Engineer (MCSE) credential, 1999 (Expired)

• Cisco Firewall Specialist (CCSP) (Expired)

• Certified Ethical Hacker (CEH) course

• VMware Certified Professional (VCP) course

• Fortinet Multi-Threat Security Systems Engineer I and II credentials

• IT Service Management Foundation (ITIL) credential

• Project Management Professional Course, CSC

• ISC2 Certified Systems Security Professional Course and credential (Expired)

• Enterasys Security Systems Engineer credential

• STI Knowledge Center, Certified Help Desk Manager (CHDM) and Certified Help Desk Professional (CHDP)

credentials

• Department Of Defense Vulnerability Assessment, intrusion and detection credential DISA CISSP Training

Seminar, DISA, Security II credential, DISA UNIX Security Level II credential, and the DISA Security Readiness

Review and Vulnerability Management System credentials

Contact this candidate