Security Management
Resume:
EDMOND P. ENGLISH
**** ****** **. **. ********, KY 40353
Home: 859-***-**** Cell: 859-***-****
**.*******@*****.***
Education: Cedarville College Cedarville,
Ohio
B.A., Computer Information Systems June
1992
Certifications: Certified NetWare 4.11 Administrator July
1998
CompTIA A+ October 1999
HDI Certified HelpDesk Support Engineer June 2000
CompTIA Network + October 2001
CompTIA i-Net+ January 2002
Certified Internet Webmaster Associate January
2002
Cisco Certified Network Associate December 2003
Cisco Certified Security Professional January
2004
ITIL Foundations 3.0 July 2007
CompTIA Security+ December 2009
Certified Information System Security Professional In
Process
Work Experience:
May 2011 - Belcan Engineering Group Lexington,
Kentucky
April 2015 Senior Computer Specialist
Administrated information assurance and compliance in a Key Contractor
Facility (KCF) including security updates, using WSUS, and anti-virus
administration, using Trend Micro. Administrated an Active Directory
Domain with over 150 users including domain controllers, DNS/DHCP servers,
group policy management, and account management. Managed implementation of
SCCM server and administrated software deployment. Researched, prepared,
and oversaw new IT project implementations. Provided top-level support for
issues escalated from support technicians. Provided desktop and
printer/plotter support as necessary. Assisted with start-up of 200 user
KCF in Windsor, CT facility. Assisted with ITIL service and incident
process implementation.
March 1997 - Special Operations Forces Support Activity (SOFSA)
Contract
April 2011 Bluegrass Station Lexington,
Kentucky
Top Secret security clearance held
July 2010 - Lockheed Martin, SOF CLSS
April 2011 Sr. Data Security Administrator
Server, Workstation, Network Infrastructure compliance
Established, enforced, and audited enterprise-wide information assurance
policies and procedures. Ensured compliance with all Department of Defense
(DoD), SOFSA, and corporate security requirements, including SOX, PII, and
HIPAA. Researched, compiled, reported, and audited compliance status and
activities as part of the USCYBERCOM Information Assurance Vulnerability
Management (IAVM) program. Compiled and reported IAVM compliance
statistics for Service Level Agreement (SLA) metrics analysis.
Administrated enterprise patch management application. Created penetration
testing program and administrated penetration testing application.
Configuration/Change Management
Researched and compiled Risk Assessment (RA) documents for new hardware and
software requirements. Performed static/dynamic code review/analysis and
compiled VA reports for internally developed applications and commercial
web applications. Reviewed, researched, and reported Common Criteria
validation compliance on all Request For Change (RFC) documents for
new/upgraded hardware and software. Reviewed, researched, and reported
certification and accreditation impact on all Change Request (CR) documents
for new/upgraded hardware and software. Reviewed, researched, and reported
Vulnerability Assessment (VA) results on all Change Request (CR) documents
for internally developed applications and commercial web applications.
Information Assurance Training
Served as Subject Matter Expert (SME) and liaison to HR Training department
for all ITS and DoD IA training requirements.
Certification and Accreditation
Conducted annual review and update of DoD Information Assurance
Certification and Accreditation Process (DIACAP) controls.
June 2002 - L-3 Communications, Integrated Systems, JOG
July 2010 Sr. Computer Systems Security Technologist I
All responsibilities listed above were also performed for L-3
Communications. The following duties were reassigned or no longer required
upon contract transition.
Server, Workstation, Network Infrastructure compliance
Created and maintained enterprise IT security policy. Performed system
scans using STAT Scanner, Defense Information Systems Agency (DISA)
Security Readiness Review tool, and eEye Retina. Audited and enforced
compliance with DISA Security Technical Implementation Guides (STIG).
Coordinated implementation of host-based intrusion prevention using McAfee
ePolicy Orchestrator. General network administration and operation, as
needed.
Configuration/Change Management
Developed IA requirements for CM process and coordinated implementation
with CM manager. Developed and implemented risk assessment policies and
procedures. Coordinated implementation of static/dynamic code
review/analysis using IBM Rational AppScan.
Information Assurance Training
Developed IA training requirements and created IA training policy.
Conducted weekly information security training for new employees.
Coordinated implementation of compliance with DoD Information Assurance
Workforce Improvement Program.
Certification and Accreditation
Researched, compiled, and presented IA and security requirements of DoD
Information Technology Security Certification and Accreditation Process
(DITSCAP) for SOFSA network conversion to .mil domain. Developed,
documented, and maintained IA and security procedures for DITSCAP
accreditation. Audited and compiled server vulnerabilities and remediation
efforts for DITSCAP accreditation. Coordinated conversion to DIACAP
accreditation requirements. Conducted annual review of all certification
and accreditation policies, procedures, and other documentation.
Classified systems management
Served as SOFSA designated Information Systems Security Officer and as L-3
Communications Information Systems Security Manager. Established policy
and enforced compliance for use of classified systems utilizing National
Industrial Security Program Operations Manual (NISPOM) Chapter 8
requirements. Created and maintained all accreditation documentation for
classified systems. Procured, configured, installed, and administrated all
server, workstation, and network infrastructure hardware and software used
on classified systems. Developed training materials for use of classified
systems and conducted new user and annual refresher training for all
authorized users. Served as IT security liaison to Defense Security
Service during annual compliance inspections, earning Superior ratings for
eight consecutive years.
Personnel management
Created IT Security/IA group from within Network Operations. Reviewed and
interviewed prospective employees. Developed staffing schedules and
assigned workload to team of 5. Conducted annual employee performance
reviews.
Contact this candidate