Manager Security
Resume:
Brandon, SD *****
https://www.linkedin.com/in/glnels
******@*****.***
GARY NELSON
IT Manager - Security Operations
Has over 10 years of progressive information system security experience which includes leading complex programs in the areas of information technology, computer security, software development, computer operations, lifecycle systems engineering and integration.
SKILLS & ABILITIES
Responsible for ensuring the appropriate operational security posture of the information system is maintained. The role of the Security Manager is the principal advisor on all matters (technical and otherwise) involving the security of the system. Maintained detailed knowledge and expertise that is required to manage the security aspects of the information system and, is responsible for the day-to-day security operations of the system. This responsibility includes, but is not limited to, physical security; personnel security; incident handling; and security training and awareness. Responsible for developing and updating the system security plan, risk management plan, and contingency plan as well as managing and controlling changes to the system and assessing the security impact of those changes.
EXPERIENCE
CNA SURETY, SIOUX FALLS, SD 2013 -2016
Responsible for the specifications and documentation of all aspects of the system build to include but not limited to the number of systems built, number of CPU cores needed, memory size, disk, database, Java Virtual Machine (JVM) features. Writes Requests for Service (RFS), approves the corresponding Statement of Work (SOW), coordinates and schedules complex system builds with the approved Managed Service Providers (MSP). Maintain working relationships with all the functional areas both inside and outside of the CNA IT organization. A typical project budget that is managed is valued between $500,000 - $3,000,000 dollars. Responsible for the evaluation of the MSP work, approving labor hour and expenses. Generates risk and issue reports, provides metrics in terms of quantity of systems built, quality and performance to the Project Manager. In addition to the IT facet of the job he is also responsible for working with the business to coordinate systems testing, installation, training and support.
USGS EROS DATA CENTER, SIOUX FALLS, SD 1979 -2013
EROS is a government facility. There were nine different positions with five different contractors during this time.
SGT INC. - PRINCIPAL SYSTEMS ENGINEER 2011-2013
Works with a technical team to define, integrate, and manage several large, complex systems for the Land Processes Distributed Active Archive Center (LP DAAC). Conduct systems engineering activities as defined in the Systems Engineering Management Plans (SEMP) including preparing systems operations concepts, developing and implementing system requirements, defining and documenting system interface definitions, conducting architecture and trade study analysis, and developing system test plans contributes to systems engineering life cycle activities which include definition of operational concepts and requirements, definition of system interfaces, decomposition of requirements into high level design and detailed design.
Participates in System Development Life Cycle milestone reviews, managing technical team tasks and system release schedules, integration activities, acting as the system release manager for all releases, coordinating activities with the configuration management, software, system support, and operations staff. Submits, analyzes, and manages configuration change requests in accordance with established configuration management processes, ensure proper process is followed and documentation is properly maintained, coordinate technical activities with other applicable personnel internal and external to the project, and lead system anomaly investigations and troubleshooting activities affecting the LP DAAC systems.
SGT INC. - IT SECURITY MANAGER 2008–2011
Responsible for ensuring the appropriate operational security posture of the information system is maintained. In the role of ISSO, serves as the principal advisor on all matters (technical and otherwise) involving the security of the system. Has the detailed knowledge and expertise that is required to manage the security aspects of the information system and, is responsible for the day-to-day security operations of the system. This responsibility includes, but is not limited to, physical security; personnel security; incident handling; and security training and awareness. Developed the data center’s system security policy and monitors compliance with that policy. Responsible for developing and updating the system security plan, risk management plan, and contingency plan as well as managing and controlling changes to the system and assessing the security impact of those changes.
SAIC - SECURITY MANAGER 2002–2008
Set policy and write doctrine regarding computer security and security practices following Department of Interior, US Geological Survey, and National Institute of Standards and Technology (NIST) policy, standards and guidelines for the three largest projects at EROS.
Plan, organize, and control security of existing computer systems, set minimum operation requirements.
Maintain existing suite of security documents by documenting system architectural, risk changes and test plan results.
Produce yearly risk assessment on project assets; this involves an internal controls review based on NIST Special Publication (SP)800-53.
Plan and oversee yearly contingency plan testing; confirm and report results to senior management.
Provide yearly incident response training and exercise; validate results, update documentation.
Set up required security procedures and documentation for new major computer systems.
Coordinate security efforts with Information System (IS) departments, program system administrators, and users.
Plan and budget for yearly security enhancements.
Ensure projects timelines and budgets are met.
RAYTHEON ITSS - SECURITY MANAGER 2001–2002
Set up policy and write doctrine regarding computer security and security policies for the EDC LP DAAC.
Plan, organize, and control security of existing computer systems, set minimum operation requirements.
Set up required security procedures and documentation for new major computer systems.
Coordinate efforts with Information System (IS) departments, program system administrators and users. Ensure projects timelines and budgets are met.
RAYTHEON ITSS - SECTION MANAGER, TECHNICAL SERVICES & NETWORK SYSTEMS 1999–2001
Supervised 9 staff members for the Network Systems group
Supervised 30 staff members for the Technical Service group.
Delegated work to Satellite and Computer Hardware Engineers, Database Administrators, Novell/NT Systems Administrators, Network Engineers, Unix System Administrators, and System Engineers.
Maintained 1.6 million dollar budget for the Information Technology Services (ITS) program while monitoring staff labor expenses, training, and travel; and the computer annual maintenance contracts, spares,, and supplies.
Planned and maintained budget for system enhancements, hardware system replacements, and software upgrades for the ITS program.
Facilitated and projected system and software upgrades and outages
HUGHES STX CORP. - SENIOR NETWORK SYSTEMS ENGINEER 1997–1999
Responsible for engineering networking solutions for programmatic customers
Co-project leader for the Year 2000 project at EROS Data Center, responsible for the compliance of all hardware, software, and embedded chip technology.
HUGHES STX CORPORATION - SENIOR SYSTEMS ENGINEER 1996-1997
Responsible for the system design and maintenance of UNIX based computers systems, Primarily Sun Microsystems
Specified computer hardware requirement based on customer needs and help specify application software.
HUGHES STX CORPORATION - SENIOR ENGINEER 1992–1996
Oversaw system maintenance of Sun Microsystems computers and the Personal Computers.
Installed engineering changes and integrated new equipment into the system. Also responsible for the training of new engineers and system technicians.
Made changes to operating system software and hardware as required, improving system maintenance and performance.
TGS TECHNOLOGY INC. - SENIOR ELECTRONIC FIELD ENGINEER 1979-1992
Responsible for the hardware system maintenance of the EROS Digital Image Processing System (EDIPS).
Installed engineering changes and integrated new equipment into the system; improved system maintenance and diagnostic procedures; and trained new engineers and system technician. Performed the duties of Supervisor, Electronic Engineering Section, during the supervisor’s absence.
TOP SKILLS
Project Management, metrics, budget, documentation, systems engineering, field engineering, security management, Microsoft Office Suite, Primavera, Team Track
OTHER COR COMPETENCIES
UNIX administration, Microsoft administration, system testing, risk analysis, fundamental understanding of database, java virtual machine
EDUCATION
DAKOTA STATE UNIVERSITY, MADISON, SD 1990-1991
Studied Bachelor of Science in Computer Information Systems
AIR FORCE COMMUNITY COLLEGE, KEESLER AFB, BILOXI MS 1976-1978
United States Air Force, Electronic Computer Systems, Computer System Repair
LEADERSHIP
Faithful Navigator of the Bishop Dudley Knights of Columbus Assembly 3043
REFERENCES
SARAH MALCHOW
IT Project Management Director
CNA Surety, Sioux Falls, SD 57103
*****.*******@***.***
MARY PIERSON
System/Software Engineer Director
CNA Surety, Sioux Falls, SD 57103
****.*******@***.***
Contact this candidate