Security Management
Resume:
Sidney thompson
***** *********** **. *** #***, Gaithersburg, MD 20879 240-***-**** acodqx@r.postjobfree.com /
acodqx@r.postjobfree.com
Summary
I am a well-seasoned IT corporate executive, with a proven track record of innovative out-
of-the-box strategies for getting mission critical objectives accomplished ahead of schedule
and within budget. I have significant experience, from the IT Management, Business
Systems/Re-Engineering, Senior Systems Management & Security Management arenas. I
am a true self starter, having successfully started my own company, and guiding its growth
over 10 years to 300 employees serving 5000+ clients, prior to selling it in 2008. I am well
versed in agile methodologies, Business Centric IT strategies, and risk adverse stewardship.
Experienced in providing guidance and mentorship to my reports, while leading by example.
I am an expert at formulating a strategic enterprise approach, while simultaneously
directing alignment of IT security policy and governance strategies. I am an expert at
complementing and enhancing the enterprises’ business processes and strategies by
leveraging current technology to support, sustain and improve the desired corporate
strategy. I give direction to Business Process initiatives, aligning IT Enterprise Management
initiatives to securely and efficiently sustain them. Always aware of IT Security Compliance
requirements. Policies such as ITSM, FISMA 27001, NIST 800-X family of standards. PCI DSS,
OWASP and ISC2 top 10, regulatory compliance, H IPAA, FERPA, SOX, and GLBA compliance,
are among my specialties. I have successfully directed major enterprise-wide SaaS, PaaS,
AWS cloud strategic initiatives for the Banking, Mortgaging, Health Insurance and IT
Security industries; resulting in higher throughput, improved enterprise wide security, at
significant cost savings to the enterprise.
Experience
D ovel Technologies, Rockville, MD 2013 –
P resent
I T Systems Security I ntegration Engineer
Responsible for ensuring projects move from development in a standardized, secure
manner to Integration, Stage, and Production.
Responsible for developing documentation and standardized policies of on-boarding and
off-boarding employees, Deployment procedures, Orbeon, J BOSS, Workflow, Data
Collection and Dashboards.
Monitoring and addressing environment issues via zabbix monitoring, J ira, SVN and
J manage tools.
Patching, and re-imaging AWS servers in an EC2 environment.
Updating Deployment Plans, using wiki, Creation of Security SDLC policies and standards
Keeping abreast of latest vulnerabilities and strategies to address them, e.g. poodle, sql
injection, etc.
H WP L LC, Gaithersburg, MD 2008 – 2013
I T Manager
Managed the Development, Testing and integration SIEM procedures and policies and
review McAfee Vector Trends.
Supervised the performance of security Gap Analysis, White Box Pen Testing, Security
Forensics Post Mortem Evaluations.
Relentless leadership in the Improvement, strategic business process alignment and
Implementation of Security Policy Governance compliance, ensuring auditing success,
strict regulatory compliance direction, while ensuring excellent ROI on enterprise IT
investments, and strict adherence to CAI security initiatives.
Provide technical leadership to maximize efficient use of IT Infrastructure leveraging the
use of open source tools, cost effective processing mechanisms including virtual
clustering, and BI analytics.
Oversee all aspects of Marketing both brick and mortar and internet based, while
ensuring PCI DSS compliance.
I make use of my former systems engineering background, and Linux security
experience, to ensure junior staff is well trained and equipped to make maximum use of
I T tools, IT Security tools & technologies, and network security initiatives including IPsec,
SSL, and VPN.
Directed, reviewed, and ensured the Configuration of systems for NIST 800.53, 30, 37
family and F ISMA 27001, ensuring smooth auditing without sacrificing the tenets of
Confidentiality, data integrity, and process availability.
Columbia, MD
B BN Technologies,
2005-2008
Lead Systems Engineer Support Agent Tier 2 and Tier 3 Escalations / IT Director
Directed contract to provide Help Desk technical support to AOL, Bellsouth Internet DSL
customers, while assuming responsibility for entire IT infrastructure security in
accordance with NIST, OWASP Best Practices and compliance standards.
Mid to large size enterprise specialist, assigned clients of 290 up to 3000 nodes.
Managed a staff of 33 reports, and an annual budget in excess of 27M.
Excellent communication, organizational, and time management skills, along with a keen
sense of project prioritization and business management skills.
Required a clear understanding of TCP/IP, bonding, VLAN Tagging, IP and Port redirection,
among myriad other technologies and management systems.
Served as SME to clients and C-level management.
D I G ICON Corp, Bethesda, MD
2003-2005
Senior I T Lead UN IX Systems FAA & N I H Contractor
• I Worked as a contractor setting up, Troubleshooting, repairing and installing
systems for FAA and N I H.
• UN IX and Windows Systems Administrator.
• Assisted in installing software and applying patch upgrades for campus computers,
N I H Systems and Network Analyst and Consultant (DIGICON Corp.)
D I G ICON Corp, Bethesda, MD
1995-2002
UN IX Specialist I V
• Obtained information to diagnose system problems or networking bottlenecks or
points of degradation and resolve them.
• Documented client accounts in computer system with scheduling information and
collection activity according to company policy.
• Reviewed systems to determine security requirements and potential loop holes, I
designed appropriate methods for system resolution.
• Analyzed network activity to determine t rends for denial of system services, and I
took the init iative to wri te pro-active system tools to perform automatic
administrator alerts.
Education
Washington, DC
Georgetown University,
2015
Master of Science Degree I nformation Systems & Cyber Security Management
GPA 4.00
Chantilly, VA
ITT Technical I nstitute,
2014
Bachelor of Science Degree I nformation Systems & Cyber Security (with Honors)
GPA 3.98
Chantilly, VA
ITT Technical I nstitute,
2011
Associates of Applied Science, Computer Networking Systems (with Honors)
GPA 3.97
Recipient of the Highest Honors Award
Skills, interests and other information
President of OWASP, Georgetown University Chapter . (Open Web Application Security Project).
Cur rently registered and completing CCNA & C ISSP certification programs
Native speaker of E nglish and Spanish, with a strong interest in learning M andarin.
T rans-disciplinary: l i teracy in and ability to understand concepts across multiple disciplines.
Vi rtual collaboration: ability to work productively, drive engagement, and demonstrate presence as a
member of a vir tual teams.
Sense-making: ability to determine the deeper meaning or significance of what is being expressed.
Social intelligence: ability to connect to others in a deep and direct way, to sense and stimulate reaction
and desired interactions.
Cross-cultural competency: ability to operate in different cultural settings. I am also f luently bi-lingua
Cognitive load management: ability to ingest and fil ter information for importance, and to understand
how to maximize cognitive functioning using a variety of tools and techniques.
Novel and adaptive thinking: p roficiency at thinking and coming up with solutions and responses
beyond that which is rote or rule-based.
Computational thinking: ability to t ranslate vast amounts of data into abstract concepts and to
u nderstand data-based reasoning.
New media literacy: ability to critically assess and develop content that uses new media forms, and to
leverage these media for persuasive communication.
Design mindset : ability to represent and develop tasks and work processes for desired outcome.
Excellent Communication Skills: ability to communicate effectively, even the most esoteric and highly
technical details, in a manner easily understood by all audiences, both highly technical and non-technical
MS in I nformation Systems Security with a concentration in Business I T Management, and
H ealth Systems Security
Management.
Strong f luency with large enterprise networks, ITSM, UN IX and Linux systems, including Red Hat,
Centos, HP-UX, Solaris
AIX, Cloud Technology, VPN, SSL, CRM, UTM, UC, IT I L, DR, BCP, BIA, IDS IPS, DDoS, CISCO,
J uniper, SCRUM, SaaS, Document M anagement Systems, Collaboration and Communications
Technologies, M2M, Cybersecurity, Compliance, and Business Continuity, Defense in Depth, SSO, Two
Factor Authentication, Business Structured Analytic Techniques.
Growing companies often face a critical hurdle: how to scale operations to keep pace with expansion. This
typically leads to upgrading or adopting new systems to handle increased operational workload. When
t ransitioning to a new platform, integration is critical. Implementing new systems can result in data
f ragmentation, with t ransactional and customer information making i ts way into multiple locations, often
in pieces. This can have a major impact not just on customer service, but also on your ability to stay
compliant in all areas of your business. My background in IT, Business Management, IT Security, IT
Policy and Governance, coupled with my unique leadership skills is perfectly suited to not just correct suc
situations, but avoid them to begin with.
Other companies and organizations I have worked for in the past include:
American Society of Civil Engineers (ASCE), NY. NY. Chemical Bank, NY. NY. CAC, MD., Prudential
Home Mortgage, MD., United Health, MD.
Some limited experience utilizing Splunk 1, Hadoop 1, Puppet 1
*1* - I have used these tools in school, and will give special consideration to organizations using or
considering any of them, included among them are: (Splunk, Hadoop, Puppet and other Business Intelligence
tools and workflow management strategies).
Contact this candidate