Security Management
Resume:
Robert Jongwe
**** *********** **., ***********, ** 22151
703-***-**** (cell)
aczmb5@r.postjobfree.com
SUMMARY
Over twenty years of Cyber Security experience including Program Management, SME, Security Architecture, managing and performing Authorization and Assessments (A&A) on cloud systems while leveraging the FedRAMP Authorization process. Experience and knowledge of cloud service models (SaaS, PaaS, and IaaS) and in implementing cloud access security broker (CASB) solutions to act as central control points to set policy, monitor behavior, and manage risk across all cloud services simultaneously. Experience in integrating Data Loss Prevention (DLP) policy between the CASB and network DLP to improve policy uniformity and consistency.
Demonstrated experience building and managing Security Operations Centers (SOC), and designing and implementing complex B2B e-commerce network security solutions for commercial companies and federal agencies. I am deeply familiar with mapping security controls NIST 800-53, rev 4, NIST SP 800-57 rev 4, SSAE-16 to IT infrastructure and organizational policy to demonstrate compliance. Possess expert understanding of Public Key Infrastructure (PKI/SSL), the Verisign, RSA and Entrust family of products, Identity management and X.500 Directory services including LDAP. Experience in performing security posture and vulnerability assessments, and penetration testing, designing, and implementing IDS/IPS based security networks. Designed and implemented enterprise-wide Level 3 assurance PKI with Root CA operating at Level 4 assurance level involving: certificate-based authentication; private and public-key encryption, Certificate Authorities (Cas). Knowledgeable in OWASP, NIST 800-53, FISMA, FIPS -199 (200) guidelines, PCI, ISO, HITRUST, Privacy Shield (US-EU Safe Harbor) and HIPPA. I have experience with audit compliance and Sarbanes-Oxley/General Computing Control requirements. Possess strong Unix/Linux Security: Knowledge of security controls monitoring, tailoring and security hardening systems including Windows and UNIX operating system (OS) and database compliance hardening guidelines including PCI, USGCB, CIS etc. benchmarks and standards. Experienced in the design, deployment and monitoring of network and host-based security tools in heterogeneous environment e.g. FireEye EX, HX, HA, HIDS, FIM. Experienced in designing, deployment and monitoring Web-application security using tools such as HP Fortify (SCA), WebInspect, Acunetics AWS, Qualys, DB Protect, and open source tools e.g. Security onion.
Over 15 years serving in Lead role (i.e., supervisory, program manager, etc.) managing tasks, schedules, resource allocation, and communication with key stakeholders.
Over 15 years IT Cyber Security Subject Matter Expertise (SME) in the fields of Incident Response, Vulnerability Scanning, Security Assessment and Authorization, Network Monitoring, Intrusion, Detection/Prevention, Security Assessment and Authorization
Over 12 years informing Risk Assessments, developing and tracking Cyber Security performance metrics, and developing Executive-level briefings
Over 12 years of experience with system/application security, risk management, information assurance, third party (service provider) management and risk remediation
5+ years of experience/understanding with FedRAMP Cloud security
Proven ability to work independently and dependently within a business/client area and foster collaboration at the enterprise level to influence the strategic and technical decisions during all phases of a project. Demonstrated leadership skills and communication skills including conducting formal presentations to key decision makers at the executive level and grasping key client issues.
EXPERIENCE
Zeneth Technology Partners 10/20012 – present
Projects
Small Business Administration: - Program Manager/Security Architect/SME 4/20015 – present
A&A (C&A): Performing RMF A&A activities including control selection, tailoring and assessments based on NISTV800-53 Rev4. Successfully managing A&A activities including cloud based systems leveraging Fed RAMP. Coordinating Contingency Plan testing and training. Successfully managing the migration of SBA from NIST 800-53 rev 3 to Rev 4. Delivering project deliverables on time and never missing a deliverable target date by completing related tasks as needed.
Duties include requesting FedRAMP packages from Cloud service providers including AWS, Sales Force, Google, Century Link. Assessing the client controls and hybrid controls, documenting assessment results in CSAM, preparing authorization packages. Using CASB evaluation framework to select cloud provider i.e. visibility, compliance, data security, and threat protection. Determining appropriate CASB technology available as a SaaS application or on-premises in a virtual or physical appliances or hybrid combination of on-premises and clued-based policy.
PKI Compliance:
Performing complex PKI enabled systems development and design work that include logic design, I/O design, firmware development, model formulation, manufacturing and development cost projections, computer architecture analysis and design, and analog or digital systems engineering.
Performing systems modeling, simulation, and analysis.
Reviewing completion and implementation of system additions and/or enhancements and making recommendations to management and/or clients.
Planning and directing upgrades of operating systems and systems enhancements.
Developing documentation on new or existing systems.
Developing and directing tests to ensure systems meet documented user requirements.
Identifying, analyzing, and resolving system problems.
Providing system/equipment/specialized training and technical guidance.
Providing insights into the advantages and challenges of self-managed/outsourced/hybrid PKI models.
Managing operations of internal Certificate authority (SBA) ensuring compliance with CP and CPS.
Providing support and administrating of off-the shelf certificate management.
Applying judgment to potential infrastructure changes based on multiple factors including risk, benefit and personnel management.
Security Operations Center (SOC)
Designing and implementing a 24x7x365 SOC capability. Establishing and operating security event and log monitoring system organized around tiered 3-shift. Providing operational oversight of service delivery and ensured deliverables are timely and of high quality. Identifying and implementing improvements to business processes, methodologies, and client communication methods. Interviewing, training, monitoring, and motivating SOC Analysts. Managing and motivating a diverse group of individuals, using strong interpersonal skills to foster a team environment. Creating and implement action plans. Ensuring all SOC shifts are properly staffed, trained, and meeting customer expectations. Interfacing with the SOC lead and CISO to manage customer relationships through resolving problems and following up on the status of projects. Escalating issues internally as needed with teams that are resolving security incidents. Ensuring that any vendor, or 3rd party, escalations are engaged to resolve customer issues promptly. Effectively training, coaching, and developing SOC team. Establishing SOPs and guidelines, to ensure that SOC is in top operational readiness and that repeatable and recordable process are followed. This includes alarm management, maintenance window coordination, ticketing and customer notifications. Establishing SIEM capability and integrating into Einstein (2,3a). environment. Coordinating vulnerability management team activities including intrusion detection and prevention, cyber-attack threat analysis, penetration testing using Kali open source tools including Burp, making remediation and mitigation recommendations, performing and supervising threat analysis activities using Fortigate, FireEye and Encase security tools. Conducting agency wide Incident Response Training and Testing. Duties included monitoring and deployment of LDAP/Kerberos based authentication in a UNIX environments, implementing and monitoring enterprise SAM SSO. Oracle and SQL Database hardening and security monitoring using DB Protect. Implementing privacy policy and compliance monitoring and enforcement DLP solutions including Microsoft DLP, using Fidelis SSL Inspector and WebSense SSL inspector.
Managing and performing as required Detection and Prevention activities:
Detection activities including:
-Log management using manual and automated means using SIEM: Elastic Search with Bro IDS
-Network security monitoring, net flow analysis using FireEye NX, HX, Fortigate IDS,
-Netflow analysis, create indicators of compromise (IOC), validate and contain endpoint threats, isolate compromised devices, match newly identified IOCs against past activity on an endpoint, create incident timeline of endpoint attack activity to improve triage efforts
-Performing penetration testing internal and via third party and reporting via Cyberscope remediation status reports and data calls,
-Managing vulnerability scanning, configuring and monitoring DLP devices including, managing threat intelligence ATP, and sharing threat information,
-Managing Incident Response: developing, deploying and updating IRP including breach preparation, conducting bi-annual tabletop training and exercises FISMA requirement, Forensic analysis using Encase host and enterprise, managing breach Communications (kill chain) to ensure 1hr CERT requirements conformance.
Prevention activities including;
-Deploying and managing monitoring of data protection DLP, encryption, PKI, TLS, firewalls, IPS, IDS, VPN, using Fidelis
-Application security: vulnerability scanning including secure code analysis using CheckMarx CSAS, HPFortify, Web application scanning using Kali, Web Inspect, Qualys,
-Database scanning using AppDetective Dbprotect, and Nessus Tenable.
_Deploying and monitoring endpoint security -antivirus/anti-malware using tools e.g. FireEye EX, Fidelis, Symantec, Counteract, Cisco ISE
Also managing application whitelisting, reviewing and approving secure configurations, scanning for patching effectiveness.
_Preparing and managing risk assessments to ensure compliance including input into security awareness training, preparing and presenting security posture reports including DAT files, Cyberscope, remediation analysis,
Department of Labor (DOL)- Zeneth 10/2012 – 3/2015
Project Manager/Security Architect
Duties included: Assessments and Authorizations under 800-53 Rev 3. Scheduling and conducting assessments and preparing authorization packages using CSAM as the documentation tool. Assessing all systems on schedule and ensured that all systems were operating with valid ATOs. Implementing continuous monitoring by conducting monthly vulnerability assessments to replace the quarterly scanning which was in place before. Conducting vulnerability assessments and remediation management using automated tools. Preparing and managing POA&Ms. Conducting Incident Response Training and Testing. Participating in DOL DHS CDM tool deployment workgroups
General Dynamics Information Technology 08/2008 – 12/2012
Senior Security Manager/Security Architect
Projects
Department of Homeland Security (USCIS)
Part of a security vulnerability management team. Responsible for network security assessments and analysis of vulnerability scans from all network devices, to ensure compliance with DHS guidelines. Duties include: Configure user security profiles to comply with requirements for approvals and separation of duties restrictions. Process configuration management requests to promote programs from the development and test environments into the production environment, perform quality assurance audits, and follow-up with the completion of post implementation verification approvals. Coordinate the testing of applications with responsible managers, and report performance results.
Lockheed Martin 08/2006 -07/2008
Senior Functional Analyst
Projects
Department of Homeland Security (ICE)
Duties include participating in the certification and accreditation (C&A) process;
preparing risk assessment reports; developing system security plans and risk mitigation plans;
supporting security tests and evaluations (ST&Es); creating Plans of Action and Milestones (POA&Ms); conducting FISMA self-assessments; conducting system security assessments;
conducting system security planning; developing security policies and procedures; and providing security documentation support based on NIST SP-800-53 and DHS 4300 guidelines. Work with Privacy Information and Personally Identifiable Information (PII) data.
PKI deployment: Duties included monitoring and deployment of LDAP/Kerberos based authentication in heterogeneous environments, to implement federated authentication methods such as SAML, strong or multi-factor-SSO authentication technologies in the DHS environment.
Management Systems Designers, Inc. 04/2004-07/2006
Senior Security Engineer/Security Architect
Projects
Department of Homeland Security (DHS)
Creating Certification and accreditation process, preparing risk assessment reports, developing system security plans, supporting security tests and evaluations (ST&Es). Duties include ensuring PKI security compliance with the DHS PKI CP and CPS. Researching and digital certificate based Identity management solutions for authentication and physical security access. Updated the PKI SDLC Functional Requirements document, the PKI CONOPS and the DHS PKI Interface Specification documents. Responsible for procuring the DHS document Management system for secure archiving of registration material. Performed a PKI ROI analysis for presentation to DHS executives. Preparing the DHS PKI Disaster Recovery Plan.
Blueprint Technologies, Inc. 06/2002 – 03/2004
Security Architect
Projects
National Cancer Institute (NIH-NCI)
Responsible for analyzing the NCI network infrastructure and offering recommendations on improving network performance, security and reliability. Performing network mapping using automated discovery tools, analyzing wireless network and switch security for the NCI environment. Performed network and security posture assessments, risk analysis, ROI analysis and security reviews. Communicated findings and recommendations to IT management staff to ensure timely identification and remediation of vulnerabilities.
Identify and manage information security risks to achieve business objectives and ensure compliance with ISO 17799 risk management framework using NIST 800-30 or other applicable risk management methodology. Perform risk assessments of policies, procedures, Business Continuity Planning, operational, physical, access control, asset classification, and compliance. Identify risks to data with security architecture review and risk analysis processes, and develop remediation plans to mitigate the risks. Assist in security awareness training program. Work with relevant personnel to evaluate new security technologies
Food and Drug Administration (FDA)
Responsible for analyzing security requirements and designing the security architecture for the Electronic Submissions Gateway (E-Submissions) utilizing digital signatures, certificate enrollment, revocation, and time stamping technologies. Designed e-gateway application security testing guidelines. . Set up and performed NIST-based Certification and Accreditation (C&A) test plans. Enabled the FDA to comply with Federal and agency Enterprise Architecture requirements.
Food and Drug Administration (FDA)
Responsible for defining enterprise security requirements within the FDA environment. Reviewed and audited of security policies and practices to check compliance with Federal and agency security guidelines. Prepared security baseline of the FDA security posture. Performed vulnerability assessments to determine effectiveness of perimeter and internal security controls. Audited application security controls in respective to authentication and authorization schemes. Prepared assessment methodologies, test plans, schedules and performed all technical testing on the network to locate vulnerabilities and ensure compliance with security plans and the security aspects of the Clinger-Cohen Act of 1996. Recommend corrective and preventive actions. Designing an enterprise single sign-on LDAP based security architecture with VPN, PKI, smart cards and digital signature components.
United States Department of Treasury, FMS 10/2001 – 05/2002
Contractor/Senior PKI Specialist
Lead PKI architect. Co-wrote the FMS PKI CP and CPS to operate at FIPS Level 3 assurance.
Designed and implemented FMS PKI pilot and Development network architectures based on Entrust 6.0 with FIPS 140-1 and 2 modules.
Prepared the FMS PKI concept of operations document. Performed requirement analysis and identified applications to be PKI enabled. Designed FMS PKI to support the Largest PKI application in the US Treasury, SPS (Secure Payment System). Implemented Entrust PKI based code signing with Openssl, MS Authenticode and JAVA keytool. Implemented VPNs with Cisco 3030, root key generation using Chryalis LUNAR_Key and NCiPHER nC4032W FIPS 140 device operating at level 3 assurance. I am knowledgeable in ISO17799, RACF and ACF2 standards, PKI, CAs, LDAP and x509 based directories.
Designed enterprise information security architecture FMS PKI, including: strategy, technical architecture, industry security best practices, and conformance and audit programs.
Cable and Wireless 10/2000 – 09/2001
Security Architect
Lead PKI implementer: performed requirements assessments to understand business drivers; duties involved interviewing management and technical staff, reading and analyzing documents, and gaining an understanding of the business processes. Planned applications migration to PKI. Determined impact on the user and network infrastructure, support and administration required to deploy the PKI infrastructure. Also selected the trust model to be used within the Cable & Wireless environment. Designed the PKI architecture including trust models, CA and RA architecture. Coordinated with the legal department and consultants on the development of Certificate Policy (CP) and Certificate Practice Statement (CPS). Planned and deployed a phased PKI infrastructure. Deployment involved setting up test lab to evaluate several leading vendor products, negotiating and coordinating with vendors to ensure conformance to design requirements, installation of equipment in the lab, performed a pilot deployment, then a limited deployment. Assessed the impact of the limited installation and then deployed the full PKI architecture. Set up and tested operation procedures. Manage vendor relations. Design performance and conformance testing procedures and methodologies. Designed and implemented RSA Keon and Baltimore Technologies based PKI e-security infrastructure, using Netscape LDAP directory Integrated S/MIME, and IPsec digital certificate management and issuance into Cable & Wireless network security model. Designed and implemented VPNs based on NetScreen series 500/1000 and Nortel Contivity Extranet VPN product lines. Performed tests to determine performance of different VPNs using Smartbits. Published several internal security white papers. Performed intrusion detection and vulnerability assessments using commercial and public tools including SNORT, ISS Scanner, NetSonar, Nessus, nmap, Sniffers (TCPDump, Snoop), password crackers (L0pht, crack, etc). Configured, installed and monitored PIX, and Nortel-Checkpoint firewalls. Put together and supervised a subject matter expert and incident response team. Analyzed configuration vulnerabilities in routing protocols including OSPF, BGP, and MPLS. Worked extensively with Cisco MARS, load balances, Juniper routers, and Cisco routers while maintaining the Cable and Wireless backbone and edge networks.
Microsoft Corporation 2000 - 2000
Group Program Manager, Extranet
Responsible for designing and implementing Microsoft Extranet network for hosting .Net enterprises. Managed 4 program managers each with about 10 members. Responsible for budget forecasts and staffing, setting up project timelines and ensuring projects were delivered on time and budget. Interfaced with other groups in Microsoft including Security, ITG to provide a complete solution.
Provided direction and guidance for technology security across all MS departments, to ensure the confidentiality, integrity and availability of information and the systems in the Extranet environment. Responsible for defining and implementing appropriate security measures and policies, procedures and audit systems that monitored and controlled access to Microsoft information resources. Implemented security using Active Directory and VPNS, strong authentication and single sign-on with digital certificates.
Cisco Systems 11/1998 – 09/2000
Network Security Manager/SME, Center of Excellence
Design of network security models and strategies. Duties included designing, implementing and maintaining enterprise wide security solutions for our clients’ global networks. Also served as the subject matter expert on network security. Research into digital certificates and electronic payment systems, and secure algorithms. Performed over 50 penetration testing and vulnerability assessments using NetRanger, NetSonar, Nessus, Stealth HTTP Security Scanner, SecureIIS on UNIX and NT platforms. Clients included Global Fortune 100 companies including: Financial institutions, Healthcare Providers, Telecommunications Energy/Oil company and Dot.com. Wrote white papers on VPNs, IPSec and digital certificates. Develop e-commerce network security solutions including VPNs, PKI and X.509 digital certificates based authentication systems. Set up security incident handling policies and procedures. Develop network security seminars and workshops for Professional Services staff and Cisco Support partners. Conduct network security product workshops including NetRanger, NetSonar, and PIX firewall. Perform recruiting activities including interviews. Provided subject matter expert support to field network engineers on security configuration issues including routing protocols, access lists, load balancing and network design.
Price Waterhouse Coopers 10/1997 – 10/1998
Senior Management Consultant
Independently designed and implemented complex client/server network environment consisting of HP UX servers to support both ERP, and Data warehousing integration for a Fortune 100 company. Network security team lead responsible for enterprise security using Checkpoint firewalls
SAIC/Network Solutions 07/1995 – 10/1997
Principal Security Consultant
Designed and implemented secure TCP/IP networks. Performed security product testing, evaluation and configuration assessments. Designed and installed firewalls. Reviewed network security policies, plans, and network architectures of major financial services clients. Determined corporate risk management objectives, and business priorities. Prepared findings, corrective actions and security enhancement reports based on industry best practices. Conducted penetration testing including network scanning, war dialing, and configuration analysis, reviewed and validated client’s current IT environment, methodologies, procedures and technologies.
SKILLS
Data Security
Public Key/Secret Key Cryptographic Algorithms and Protocols, ASN.1, PKCS Standards, Software Verisign, Entrust, and (RSA BSAFE) and Hardware Crypto Systems& Toolkits, Secure Sockets Layer (SSL), SKI, PKI Technologies including Key Management, Digital Certificates, Openssl, and Keytool code signing. HIPAA, FIPS-140, PCI, FedRAMP, RMF, SaaS, IaaS, PaaS,
VPN
IPSec, PPTP and L2TP, OCSP, SEP
Internet
HTTP/HTML/CGI, Online Payment protocols and systems
OOD
C/C++, Perl, JAVA on Unix/NT
Protocols
BGP, OSPF, IS-IS, TCP/IP, IPSec, DNS, MPLS, SNMP, Frame Relay, ATM, Ethernet, LDAP, GTP, GPRS, MobileIP, RADIUS, SSL, TLS and XML, X802.11a/b/g and WEP
Management
Budgeting, Scheduling, Pre-sales marketing and support, Hiring, and business development
SECURITY TOOLS
DLP- Fidelis, FireEye
Access Control: Counteract
IDM: - ArcSight
Firewalls: - FireEye, Fortigate and Checkpoint
IDS and IPS: Fortigate IDS and Analyzer, BroIDS, Suricata, Snort, Counteract, MX logic, Cisco ICE, Fidelis SSL Inspector, WebSense SSL Inspector
SIEM: -Splunk, Security Onion /ELSA
EPO: - MacFee
Forensic: -EnCASE
Scanners: - Tenable Security Center (5.3+), Acunetix (AWS), Kali OpenVAS, DBProtect, Qualys, HP Fortify (SCA), Nessus
Ticketing System: - OTRS
Unified Threat Management Devices: – Fortinet
Hypervisor: – VMware
Network Analyzers: - WireShark
EDUCATION
Ph.D., Electrical Engineering, 1995, Howard University
M.E., Electrical Engineering, 1990, Howard University
B.S., Electrical Engineering (Hons), 1986, University of Zimbabwe
TRAINING & CERTIFICATIONS
CISSP
CISA
CISM
Verisign Certificate Administrator
ITIL Foundations
Possess: Public Trust, Inactive: SECRET CLEARANCE
Contact this candidate