Resume

Security Officer Information Technology

Location:

Jacksonville, FL

Posted:

December 10, 2023

Contact this candidate

Resume:

William L. Smiley

Phone: 308-***-**** / E-mail: ad1uri@r.postjobfree.com

Objective: Program Manager / Chief Information Security Officer/Chief Information Officer/Director of Cybersecurity

Summary: Over 35+ years of specialized CYBER/ISR/Information Technology Naval-Industry experience. A self-Motivated Manager; Strategic/Operational/Tactical planner; design/architecture and operations subject matter expert. Industry/Military qualifications are Designated Technical Warrant Holder (TWH)/Technical Area Expert (TAE) for Naval Sea Systems Command, Designated Naval Sea Systems Command Functional Security Control Assessor (FSCA) Liaison, Fully Qualified Navy Validator (certification # I0836), Risk Management Framework (RMF) Navy Qualified Validator

(NQV) II (certification # I00075), Certified Chief Information Security Officer (certification # CC- WS-731), Industrial Control Systems Cyber Security SME – U.S. Department of Homeland Security, Security +, NAVSEA Lean Six Sigma Green Belt/SPAWAR Systems Center Pacific (SSC PAC) Lean Six Sigma Yellow Belt, Logistics, Qualified Contracting Officer's Representative

(COR), Member of the Defense Acquisition Corps and Defense Acquisition Workforce Improvement Act (DAWIA) Level III Acquisition Certification in Information Technology and Engineering & Technical Management (ETM) Practitioner. Master’s Degree in Telecommunications Management

University of Maryland University College

Master’s Degree in Business Administration

University of Maryland University College

Bachelor Degree in Information System Management

University of Maryland University College

Military Colleges Attended:

• Defense Acquisition University, San Diego, CA

• Naval War College, Newport, RI; Maritime Staff Operators Course

• Joint Forces Staff College, Norfolk, VA; Joint Command, Control, Communication, Computer and Intelligence/Reconnaissance Staff Operations (JC5ISRSOC) Staff and Operations course

• National Defense University, Washington, DC; North Atlantic Treaty Organization (NATO) Staff Officer

Expert skill sets are: Communications, Command, Control, Computers, Combat Systems and Intelligence (C5I); Project/Program Management; Leadership and Team Building; CYBER Security; TEMPEST, Mentorship; Process Improvement; Information Systems C5I Strategic/Operational/Tactical Planner; Research, Test and Reporting Analysis; Information Assurance Manager; Knowledge Manager; Communication Security Officer; Physical Security, Tactical communications; Electronic Key Management Systems (EKMS) Manager; Operational Systems Manager; Communications Officer; Information Systems Security Manager; Network/System Administrator; Joint C5I planner; Automated Data Processing Security Officer; Computer Specialist; Quality Assurance; Contracts/Acquisition; Programming/Database Administrator; Imagery; Manpower; Human Resources; Pay Roll; Telecommunications Supervisor; Logistics/Scheduling Specialist; Intelligence Communications; Presentations and Public Speaking; Satellite Communications; Facilitator; Project Management Acquisition; Detailer Communications - Skills & Strategies; Professional Selling Skills; Instructor and Network Engineer.

Information security applications used throughout my career: Host Based Security System (HBSS); DON Application & Database Management System (DADMS); Enterprise Mission Assurance Support Services (eMASS); Vulnerability Remediation Asset Manager (VRAM); HP Site Scope; Sonic Wall Internet Application Security; Watch Guard firewall; Borderware Firewall; Check Point Firewall; E- policy Orchestrator; SNORT Intrusion detection; WhatsUp Gold (Network monitoring); Open View

(Network mapping); McAfee Anti-virus software; Enterprise Security Management; Real Secure Intrusion Software; Internet Security Systems Intrusion Detection Suite; Intrusion Detection Systems; ISA Security & Firewall Security Systems; Security Scanning Tools; Firebox firewall; E500 McAfee Anti-virus; etc.

U.S. Navy Military Service Information: LCDR (retired Disabled Vet/Honorable Discharge) – N2/N6 Limited Duty Officer (LDO Mustang)/Information Professional/Information Warfare Officer (Highest enlisted rank was Information Technology Senior Chief) Awards/Decorations: Information Warfare Pin; Enlisted Surface Warfare Specialist Pin; Enlisted Air Warfare Specialist Pin; Meritorious Service Medal; Joint Service Commendation Medal (3); Navy and Marine Corps Commendation Medal (4); Joint Service Achievement Medal (2); Navy and Marine Corps Achievement Medal (2); Good Conduct Medal (4); Armed Forces Expeditionary Medal (3); Global War on Terrorism Expeditionary/Service Medals; Joint Meritorious Unit Award Medal (4); Navy Meritorious Unit Commendation; Navy Battle “E” Ribbon (5+); National Defense Service Medal (2); Military Outstanding Volunteer Service Medal; Sea Service Deployment Ribbon (7+); Navy and Marine Corps Overseas Service Ribbon (2); Navy League winner and numerous Flag letters of commendation. Civilian Awards: Department of the Navy Meritorious Civilian Service and Civilian Service Achievement Medals.

PROFESSIONAL EXPERIENCE: (Active Top Secret/SCI SSBI) Civilian Government Experience:

07/2023 – Present: Director of Business Development & Capture for U.S. Navy, United States Marine Corps (USMC) and Coast Guard: Dulles VA

• Responsible for identifying, shaping and collaborating near-term/long-term with the U.S. Navy, USMC, Coast Guard and related DoD Cybersecurity, engineering, U.S. Space Command and Intelligence Community (IC) stakeholders with a focus on Other Transaction Agreement/Authority

(OTA’s) and other non-traditional Request For Proposal (RFP) options. Key Responsibilities:

• Utilizing my extensive knowledge of government contracting and acquisition practices to direct business development activities within the U.S. Navy/USMC/Coast Guard.

• Develop and execute customer penetration strategies and individual opportunity win strategies, account plans, and partnering strategies to achieve aggressive business growth within 2-3 years.

• Generate and maintain extensive knowledge of current developments in the U.S. Navy/USMC/Coast Guard and related DoD Cyber offices in order to assess current and upcoming needs and to identify and qualify opportunities.

• Gather actionable market intelligence through researching prospective accounts in target markets.

• Develop leads and move them through the sales cycle.

• Provide feedback and recommendations to our Innovations Research & Development (R&D) organization on Artificial Intelligence Operations (AIOPs) and Cyber Operations Capability and Services development and refinement based on identified requirements in target markets.

• Capture complex services contracts meeting or exceeding financial targets.

• Develop value propositions through program strategies, supporting business cases and project plans.

• Develop early win strategies and evolve the strategy throughout the capture lifecycle.

• Strengthen key vendor, supplier and partner alliances and bring new products/solutions capability into the company’s portfolio.

• Maintain and foster territory relationships with key partners and Original Equipment Manufacturers (OEM).

• Write complete and concise competitive bid analyses for executive management review. 09/2022- 07/2023: 1043 Branch Head, Risk Management Framework (RMF) Supervisor and Command Information Systems Security Manager (CISSM): NSWC Carderock, West Bethesda, Maryland

• The position is responsible for the implementation and administration of the Cybersecurity Program across the entire command, to include the detachments. This includes providing cybersecurity (CS) support activities for post validation review of Assessment and Authorization (A&A) and Certification and Accreditation (C&A) packages for Naval Sea Systems Command (NAVSEA) enterprises using the Risk Management Framework (RMF) and the Department of Defense (DoD) Information Assurance Certification & Accreditation Process (DIACAP). i.e. PIT AFLOAT, PIT ASHORE, Research, Development Test & Evaluation (RDT&E)/IATT, TEMPALTs/ECIs and Defense Business Systems (DBS). Additionally, I was dual-hatted as the C-ISSM this position was designated in writing, by the CO, and is officially registered with NAVNETWARCOM to perform these duties. As the CISSM I was responsible for supporting the Command Information Officer

(CIO), Deputy Command Information Officer (DCIO), Commanding Officer (CO), and Technical Director (TD) on all cybersecurity related issues to include the reporting/execution of the Cybersecurity Program and Assessment & Authorization (A&A) process.

• Supervisory duties included independently making assignments, setting and adjusting short term priorities, goals and objectives and providing guidance on work or administrative issues to ensure completion of work. In addition, I had to develop performance objectives, conducted performance evaluations which included setting performance corrective actions; identified, recommended and arranged developmental training needs of the staff; recommended appointments, promotions, reassignments, awards and disciplinary action; and assisted in resolving employee complaints and grievances.

• Managed and executed an effective A&A Program; including providing technical advice and guidance on a wide variety of A&A processes, guidance, documentation, and review of authority to operate (ATO) documents to confirm that the level of risk is within acceptable limits for each software application, system, and network. Ensuring that all systems maintain a current ATO.

• Conducted preliminary cyber incident/spillage investigations and the associated reporting for both NMCI and RDT&E IT systems and networks.

• Provided technical advice and guidance on a wide variety of CWF personnel matters.

• Developed policies and procedures to support Cybersecurity, A&A, Forensics, and an evolving cloud and remote environment.

• Managed the Media Transfer Agent (MTA) Program and reviewed, approved, and trained the MTAs to include reviewing the quarterly authorized letter.

• Conducted system security evaluations, lab audits, and reviews at all Carderock sites and detachments at least annually.

• Managed the compliance and reporting for the Command's Vulnerability Management Program.

• Reviewed and approved all new PKI Trusted Agents.

• Conducted digital forensic examination and analysis.

• Reviewed and responded to SIPRNet Task Orders (TASKORD), Warning Orders (WARNORD), Fragmentary Orders (FRAGO), Operational Directives (OPDIRS), and Executive Order (EXORD) for all Cybersecurity Incident Response tasks.

• Reviewed and approved all information system user account requests (SAAR-N) and privileged access requests (PAAs).

• Reviewed and approved all information system authorization (A&A) documents.

• Reviewed and approved all information system configuration changes and oversight of the Change Control Board (CCB).

• Analyzed business and technical requirements of components, systems, and/or networks to evaluate risk and make recommendations regarding security compliance.

• Evaluated the security of hardware and software.

• Responsible for providing cybersecurity training.

• Designated Naval Sea Systems Command Functional Security Control Assessor (FSCA) Liaison directly supporting the Functional Security Control Assessor Chief Engineer (CHENG) by addressing all Risk related items in all accreditation type packages that go to the Functional Authorizing Official

(FAO) Commander NAVSEA Command and the Navy Authorizing Official (NAO) U.S Fleet Cyber Command (U.S. Tenth Fleet) for approvals. Additionally, in this role, I manage the interface with PMs, Information System Owners, Program Executive Offices and NAVSEA Directorate Lead ISSMs.

• Designated Technical Warrant Holder (TWH)/Technical Area Expert (TAE) for Naval Sea Systems Command. Appointment also provides authority to approve/sign by direction on behalf of the FSCA

(CHENG). Responsibilities include ensuring conformance with the Cybersecurity TA cybersecurity policy, requirements, architectures, and standards throughout NAVSEA; implement and ensure RMF cybersecurity assessment oversight and standardization for NAVSEA assigned areas of responsibility and systems; work in conjunction with Navy appointed Space and Naval Warfare Systems Command

(SPAWAR) security control assessor (SCA) and SPAWAR Cybersecurity TA to report relevant RMF security control assessment products; provide technical expertise to ensure all RMF tasks are initiated and completed, with appropriate documentation, for assigned systems as well as reviewing of assigned RMF technical documents; Apprise the cybersecurity DWO in a timely manner of significant engineering and TA issues, including technical disagreements that cannot be resolved with other TWHs or with programmatic authorities; ensure and grade Navy qualified validators that have been approved by the Cybersecurity TA etc.

• Coordinated/Submitted/Presented Risk Management Framework (RMF) accreditation package(s) risk and authorization Objective Quality of Evidence to the Functional Security Control Assessor (FSCA) and the Functional Authorizing Official (senior level SESs and Admirals) for signature/approval.

• Reviewed/Commented/Guided all program Cyber Security teams on how to submit their packages for approval by using current Information Assurance (IA)/Cyber Security policies (CYBERSAFE, IA TA Standards, NIST 800-53 etc.); how to implement/develop A&A/C&A artifacts as well as instructing them on how to conduct A&A/C&A validation processes on their systems and how to implement correct security postures.

• Managed a team of 6 Civilian employees and 12 government contractors. 05/2020-9/2022: Deputy Director of Cybersecurity, Director of Information Technology, Activity Chief Information Officer (ACIO), Information System Security Manager (ISSM) and Activity Security Manager (ASM) for Team SUBS (made up of Program Executive Office Submarines

(PEO SUBS), Program Executive Office Columbia (PEO Columbia) and Naval Sea Systems Command (NAVSEA 07)) Lead IT Project Security Manager NH-2210-4): Team Submarines, Washington Navy Yard, Washington DC

• Responsible for all Cybersecurity requirements for Team Submarine (Team SUBS) which is a combination of the Program Executive Office, Attack Submarines (PEO SSN formerly PEO SUB), Program Executive Office, Undersea Warfare Systems (PEO UWS formerly the Deputy Commander, Undersea Warfare (NAVSEA 07) and the Undersea Technology Officer (NAVSEA 073)) and Program Executive Office, Strategic SUBS (PEO SSBN formerly PEO CLB). This includes providing cybersecurity (CS) support activities for post validation review of Assessment and Authorization (A&A) and Certification and Accreditation (C&A) packages for Naval Sea Systems Command (NAVSEA) enterprises using the Risk Management Framework (RMF) and the Department of Defense (DoD) Information Assurance Certification & Accreditation Process

(DIACAP). i.e. PIT AFLOAT, PIT ASHORE, Research, Development Test & Evaluation

(RDT&E)/IATT, TEMPALTs/ECIs and Defense Business Systems (DBS).

• Key collateral duty was TSUB Career Field Manager (CFM) for all Information Technology (IT) Naval Acquisition Development Program (NADP) interns.

• Additional responsibilities was managing the 5 key areas of TSUB Cyber that report directly to me which are: Trusted Program Submitting Office (TPSO), RMF A&A, Plans & Policy, Engineering and TEMPALTs & ECIs, validating SWFTS TS/SCI OQE for authorization by Naval Intelligence Activity (NIA) via JWICS and XACTA 360, all Cross Domain Solutions (CDS) Defense Security/Cybersecurity Authorization Working Group (DSAWG)/ DoD Information Security Risk Management Committee (DoD ISRMC) approvals as well as a voting member on NAVSEA and OPNAV working groups.

• Direct Liaison to DON CIO, NAVWAR, ONI, NIA, NSA, NAVAIR, NAVFAC, SSP, Fleet Cyber Command, SUBPAC, SUBLANT, CFFC, and NAVSEA CIO for all submarine tactical systems. Ensures synergistic relationships are forged and maintained between these organizations and multiple other program offices and Program Executive Offices within NAVSEA. Represents TEAMSUB on all matters pertained to assigned projects.

• Designated Technical Warrant Holder (TWH)/Technical Area Expert (TAE) for Naval Sea Systems Command. Appointment also provides authority to approve/sign by direction on behalf of the FSCA

• Hand Selected to brief/participate in senior Information Assurance Functional Integrated Process Team (IA FIPT) and Information Assurance Working Group (IAWG) meetings.

• Trained/Mentored NAVSEA engineers in the application of the Risk Management Framework and NAVSEA FAO/FSCA approval process to include understanding what artifacts are required for accreditation.

• Hand selected by Senior Leadership (SES’s/Admiral’s) to extend my current duties to become the Team SUBS organization Director of Information Technology/ACIO/ASM/ISSM.

• Subject matter expert to talk to engineering projects that support design and integration of combat systems for ships to receive an Authority To Operate.

• Held the position of a Modernization Officer in the military.

Major Duties:

• PROGRAM SECURITY MANAGEMENT: Managed the rigorous application of information security/information assurance policies, principles, and practices in the delivery of all IT services for TEAMSUB. Develops and executes IA plans and strategies for multi-level

(SEI, S, TS) information/data across assigned tactical networks. Manages Submarine Warfare Federated Tactical Systems (SWFTS) such that the IA Systems are designed, developed, and executed using the most advanced technical concepts possible within existing funds, schedules, requirements and policies. Develops policies and procedures to ensure the reliability and accessibility of information systems and to prevent and defend against unauthorized access to systems, networks and data for all submarine tactical networks. Participates in development of network and systems security policies. Manages risk and vulnerability assessments of planned and installed information systems aboard submarines to identify vulnerabilities, risks and protection needs. Conducts system security evaluations, audits and reviews.

• PROGRAM MONITORING/REPORTING: Monitored assigned project/program progress, assesses schedule and performance viability and periodically and/or when needed reports status and potential problems to TEAMSUB, upper management and to all participating activities on a mastery knowledge level.

• POLICY PLANNING: In charge of strategic planning, capital planning and investment control, workforce planning, policy and standards development, resource management, knowledge management, auditing, and information security management.

• NETWORK SERVICES: In charge of the planning, analysis, design, development, testing, quality assurance, configuration, installation, implementation, integration, maintenance, and/or management of networked systems used for the transmission of information in voice, data, and/or video formats.

• ENTERPRISE ARCHITECTURE: In charge of doing the analysis, planning, design, implementation, documentation, assessment, and management of the enterprise structural framework to align IT strategy, plans, and systems with the mission, goals, structure, and processes of the organization.

• INTERNET: In charge of the technical planning, design, development, testing, implementation, and management of Internet, intranet, and extranet activities, including systems/applications development and technical management of Websites. This specialty only includes positions that require the application of technical knowledge of Internet systems, services, and technologies.

• DATA MANAGEMENT: In charge of the planning, development, implementation, and administration of systems for the acquisition, storage, and retrieval of data.

• IT SECURITY: In charge of ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools.

• SYSTEMS ANALYSIS: In charge of applying analytical processes to the planning, design, and implementation of new and improved information systems to meet the business requirements of customer organizations.

• SYSTEMS ADMINISTRATION: In charge of planning and coordinating the installation, testing, operation, troubleshooting, and maintenance of hardware and software systems.

• APPLICATIONS SOFTWARE: In charge of designing, documenting, developing, modifying, testing, installing, implementing, and supporting new or existing applications software.

• CUSTOMER SUPPORT: In charge of planning and delivering customer support services, including installation, configuration, troubleshooting, customer assistance, and/or training, in response to customer requirements.

• OPERATING SYSTEMS: In charge of planning, installing, configuring, testing, implementing, and managing the systems environment in support of the organization’s IT architecture and business needs.

• Team Leader: Led a team of multi-disciplined personnel, including systems engineering, operational analysis, systems analysis, and network hardware/software design and configuration management experts in developing open architecture system Interoperability.

• Provided Mastery level knowledge in management, leadership, and coordination between all participating NAVSEA/Field Activities and external organizations investigating new technology applications for meeting the requirements for the platform level accreditation, data reduction, interoperability, and security.

• Assessed and recommended research projects applicable to IA development; translates fleet generated requirements and develops plans and solutions to meet these requirements.

• Direct liaison between the team and management by providing opinions and inputs to personnel processes for team members including development of performance plan, performance evaluations, performance training needs, attendance at particular courses, promotions and employee recognition; reporting to supervisor on team progress and individual accomplishments; representing the team consensus to the supervisor on actions impacting the team; interceding with the supervisor on behalf of the team regarding issues of performance, team assignments, or possibly reassignment of team members; preparing, maintaining and providing formal presentation to supervisor of team's accomplishments, and approving emergency leave as delegated by supervisor.

• Expert leader/mentor in the following areas of integrating the office goals into the team's strategies; assigning, overseeing and reviewing the work of the team; providing project-specific information regarding issues/deadlines/milestones; coaching the team in the selection of analytical tools/techniques; assuring the teams workload is balanced across all team members and all members' skills are integrated into the team; as necessary, employing team effectiveness tools/techniques and representing the team's consensus in meetings with peers.

• Manage 6 government civilians, 15 IA/CYBER Security contractors and 14 ACIO contractors supporting the Team SUBS organization.

01/2018-05/2020: CYBER/Information Technology Specialist (IT SPECIALIST INFOSEC NT- 2210-06) / Technical Area Expert (TAE): Commander Naval Sea Systems Command (NAVSEA), Washington Navy Yard, Washington DC 20376

• Responsible for the NAVSEA 00I Ech II Cyber Security Validation Review Support Services. This includes providing cybersecurity (CS) support activities for post validation review of Assessment and Authorization (A&A) and Certification and Accreditation (C&A) packages for Naval Sea Systems Command (NAVSEA) enterprises using the Risk Management Framework (RMF) and the Department of Defense (DoD) Information Assurance Certification & Accreditation Process

(DIACAP). i.e. PIT AFLOAT, PIT ASHORE, RDT&E/IATT, TEMPALTs and Defense Business Systems (DBS).

• Hand selected to be designated as a NAVSEA Technical Area Expert (TAE). This role also supports the Technical Warrant Holders (TWHs) within the NAVSEA command structure engineering (non-construction) competency domain 10.0 Research & Systems Engineering (R&SE).

(NAO) U.S Fleet Cyber Command (U.S. Tenth Fleet) for approvals. Additionally, in this role, I manage the interface with PMs, Information System Owners, Program Executive Offices and NAVSEA Directorate Lead ISSMs.

• Designated Technical Warrant Holder (TWH)/Technical Area Expert (TAE) for Naval Sea Systems Command. Appointment also provides authority to approve/sign by direction on behalf of the FSCA (CHENG). Responsibilities include ensuring conformance with the Cybersecurity TA cybersecurity policy, requirements, architectures, and standards throughout NAVSEA; implement and ensure RMF cybersecurity assessment oversight and standardization for NAVSEA assigned areas of responsibility and systems; work in conjunction with Navy appointed Space and Naval Warfare Systems Command (SPAWAR) security control assessor (SCA) and SPAWAR Cybersecurity TA to report relevant RMF security control assessment products; provide technical expertise to ensure all RMF tasks are initiated and completed, with appropriate documentation, for assigned systems as well as reviewing of assigned RMF technical documents; Apprise the cybersecurity DWO in a timely manner of significant engineering and TA issues, including technical disagreements that cannot be resolved with other TWHs or with programmatic authorities; ensure and grade Navy qualified validators that have been approved by the Cybersecurity TA etc.

• Provided feedback on the SPAWAR Audit criteria for FSCAs and FAOs to include recommendations on undocumented requirements or un-communicated process changes when necessary.

• Observed on 2 of the SPAWAR FSCA TWH audits (SPAWAR and NAVFAC) and Co-Chaired 1 SPAWAR FSCA TWH audit on NAVAIR SYSCOM. Provided feedback and recommendations to the SPAWAR audit team to ensure the proper required items were graded correctly, lessons learned where captured and any new process was identified that could be beneficial to all SYSCOM audits in the future.

• Worked with the other FSCA TWH SYSCOMs to have documented process and procedures that would be standard across all SYSCOMs.

• Designated as an Advanced/Master of the Cyberspace Information Technology/Cybersecurity Workforce (Cyber IT/CSWF) for HQ NAVSEA per the DoD Manual 8570.01-M and DoD Directive 8140.01.

• Hand Selected to brief/participate in senior Information Assurance Functional Integrated Process Team (IA FIPT) and Information Assurance Working Group (IAWG) meetings.

• Trained/Mentored NAVSEA engineers in the application of the

Contact this candidate