Project Manager Information Systems
Resume:
MARK E. GINEVAN II, CISSP, PMP, Security+
Arcadia, OK 73007
301-***-****, ad2jkc@r.postjobfree.com
Mr. Ginevan is a proven team leader with 17+ years collective experience in the Cybersecurity, Critical Infrastructure Protection, and Law Enforcement Intelligence communities. He specializes in project/program management, information systems security and compliance, information systems auditing, as well as all-source intelligence analysis. Mr. Ginevan is currently serving as both Information Systems Security Manager (ISSM) and Project Manager (PM) to the U.S. Army Ground Vehicle Systems Center (GVSC), responsible for all security operations on a Research, Development, Testing, & Evaluation (RDT&E) network. Mr. Ginevan previously served at the same installation in a dual-hat role, managing three separate projects as a Program Manager while also maintaining responsibility for the development, security, and accreditation of a RDT&E system utilizing the Risk Management Framework (RMF), a pioneer endeavor in this DoD environment. In his previous position, Mr. Ginevan served as Deputy Program Manager to the FEMA IT Security Resiliency Review effort, leading a cast of 100+ individuals tasked with the Security Authorization development for each of FEMA’s IT systems, in the effort to elevate FEMA’s FISMA compliance scorecard from red to green. Prior to this engagement, he functioned as an Information Systems Security Officer (ISSO) to the Department of the Treasury. He has also served as an ISSO and Deputy Project Manager to the United States Secret Service, as well as Task Lead to the Cyber Security Advisor (CSA) Program for DHS National Cyber Security Division (NCSD), supporting the development and sustenance of a nationwide cybersecurity advisement program for the Department of Homeland Security. In earlier assignments, he functioned as a Project Manager or Team Lead in three separate roles. Mr. Ginevan has developed a reputation for correcting projects that are at risk. He shows excellent communication and project management skills, and excels in demanding environments while maintaining an eclectic set of responsibilities.
SPECIALTIES
Project/Program Management
Information Systems Security & Compliance
Information Systems Auditing
Assessment & Authorization (aka Certification and Accreditation)
Risk Management Framework (RMF)
Information Assurance
NIST 800 Series Compliance
All-Source Analysis
Financial Crimes Investigations
Immigration and Compliance Enforcement
EDUCATION
Master of Business Administration (MBA), Capella University, 2019
B.S. Psychology, Lebanon Valley College, 2005
CLEARANCES
DoD Secret (Active)
DoD and DHS Top Secret/SCI (Inactive)
CERTIFICATIONS
Certified Information Systems Security Professional (CISSP) - ISC2
Project Management Professional (PMP) - PMI
Security+ - CompTIA
EXPERIENCE
DCS Corp, Golden, CO & Arcadia, OK (Remote), 2020 to Present. Information System Security Manager.
Information Systems Security Manager, Project Manager, 08/2020 – Present
Serving as both Information Systems Security Manager and Project Manager to the Modeling Simulation and Software (MS2) Immersive Simulations (IS) group at GVSC in Warren, MI, in a fully remote capacity. Responsible for all system communications with governing authorities, liaising with local security offices, establishing and maintaining all security documentation, designing and enforcing all system continuous monitoring, as well as all remaining security operations management of the IS RDT&E system at GVSC. Project management duties include personnel management for a team of ISSOs, System Admins, and Network Admins. Notable ISSM accomplishments include: restructuring the full onboarding process for all IS lab systems seeking accreditation on the network, restructuring the system network architecture to suit a wave of new customers, and bringing an organization with 0% accreditation compliance to 100% through implementation of a self-designed and newly established compliance program within six months. Successfully migrated the system to Army Sentinel inheritance model. Currently in progress with the system’s migration to RMF 2.0 accreditation, as well as pursuing migration to cloud computing capabilities. Also assisting in Business Development efforts to enhance DCS’s business portfolio.
Alion Science and Technology, Golden, CO (Remote), 2016 to 2020. Data Security Principal.
eVigilant, Golden, CO, 2015 to 2016. Program Manager.
Program Manager, Information Systems Security Manager, 06/2015 – 08/2020
Served as Program Manager (PM) to the GVSC and Information Systems Security Manager (ISSM) to the Scientific Computing Network (SCN) system, in a dual-hat role. Managed ISSOs, system admins, network engineers, and computer scientists across three projects while also maintaining responsibility for all system security on the SCN system. Responsibilities included: maintaining budget/schedule, managing contract personnel, security operational duties (CCB Board, vulnerability management, POAM management, incident response, architectural decisions, etc.) and development of all security documentation for a full Assessment & Authorization (A&A) package for a RDT&E system utilizing the Risk Management Framework (RMF). Key accomplishments included: individually developing an ATO’d security package for a RDT&E system utilizing “zoned” architecture, restoring a significantly delayed project schedule inherited from previous management, assembling an Operations & Maintenance (O&M) team to support the SCN system from the ground up, and successfully leading system accreditations five separate times, utilizing NIST framework documentation such as the 800 series documents.
Network Security Systems Plus (NSSPlus), Falls Church, VA, 2014 to 2015. Deputy Program Manager.
Deputy Program Manager, 06/2014 – 07/2015
Served as Deputy Program Manager to the FEMA IT Security Resiliency Review contract, supervising a cast of 100+ local and remote analysts, engineers, business process analysts, and penetration testers assigned to the Independent Verification & Validation (IV&V) and Security Authorization efforts for each of FEMA’s IT systems. Also served as the Subject Matter Expert (SME) to NSSPlus for classified information security matters. Accomplishments on the FEMA contract include: successful management of Security Authorization documentation of 73 IT systems through 7 separate engagements, managing the Xacta IACS Workflow Project consisting of 50+ resources to upload 200 systems into the Xacta IACS workflow, development of FEMA Office of Cyber Security’s (OCS) security authorization documentation templates, developing a share drive repository for project workflow, development of FEMA’s Common Controls catalog, creation of a POAM population tool to assist analysts with documentation, and development of other various tools to be used to collect data for the Security Authorization process across FEMA. Recognized by both the client and peers as one of the top performers in FEMA OCS.
Avineon Inc., Washington, DC, 2013 to 2014. Information Systems Security Officer.
Information Systems Security Officer, 06/2013 – 06/2014
Served as the sole ISSO to a DoD security-governed classified system and Alternate ISSO to an intelligence community classified system, supporting the Program Management Office (PMO) and the Information Systems Security Manager (ISSM) office at the Department of the Treasury, under the Treasury Classified Information Systems (TCIS) program. Revered as a Subject Matter Expert on information security matters and received high praise from the client on multiple occasions for “cleaning up” the system from previous lack of security management. Various activities include: POAM management, Incident Response management, Counter-Intelligence support, Security Authorization (C&A) development and maintenance, Configuration Management, Inventory Management, Contingency Planning and Testing, Vulnerability Management, Audit support, Change Control Board participation, Malware analysis, Controlled Hacking via lab environment, and Policy and Procedures Development. Key accomplishments include: Hosting a successful Inspector General (IG) audit, developing a new sRTM tool to track control testing, and creating a full ICD 503 C&A package (Security Plan, sRTM, Risk Assessment, POAM & Exceptions, and Baseline Configuration documents) to grant system Authorization to Operate (ATO) after a key system change.
Dynamic Research Corporation (DRC), Washington, DC, 2011 to 2013. Information Systems Manager.
Deputy Project Manager, Information Systems Security Officer 12/2011 – 06/2013
Served as Deputy Project Manager and ISSO on a Stevie Award winning team, supporting the Chief Information Security Officer (CISO) of the United States Secret Service (USSS). Managed security on three unclassified and two classified information systems. Various tasks included: POA&M management, Security Authorization package development, Incident Response support, Configuration Management support, Inventory Management, Change Control support, Contingency Plan testing, Vulnerability Management, Audit support, Policy and Procedures Development, and conducting Annual Assessment testing. Key responsibilities included: weekly team status updates to the USSS CIO, ownership of the USSS System Inventory, and serving as point of contact for all FISMA related tasks, among others. Key accomplishments included: managing a Service-wide Cybersecurity annual conference, co-developing a slide deck presentation for the executive team at Secret Service, authoring a Privacy Impact Assessment to be distributed to the public, creating a new Annual Assessment Tracker and 3-year testing schedules for each USSS information system, as well as developing a common control tracker used to exhaustively identify and test the common controls across all USSS information systems. On a project management level, handled monthly updates of the Project Work Plan for the project manager and developed a program to establish Enterprise Audit capabilities at USSS.
SRA International, Inc., Fairfax, VA, 2005 to 2011. Senior Member of the Professional Staff.
CSA Program Task Lead, 09/2010 – 12/2011
Led a task to develop the Cyber Security Advisor (CSA) Program for the National Cyber Security Division (NCSD), within the Department of Homeland Security (DHS). Worked on SRA’s Cyber Security Evaluation Program (CSEP) project, also supporting the Cyber Resiliency Review (CRR) and National Cyber Security Review (NCSR) teams. Served as SRA’s main point of contact for the CSA program, working in partnership with a non-local point of contact from DHS. Worked with client and fellow team members in an initiative task to create immediate and sustained assistance to state, local, and private efforts by providing personnel to assist in the identification, assessment, and protection of critical infrastructure key resources throughout the US. Duties involved program planning and development, policy assessment, records management, outreach efforts, and training development. Key accomplishments include designing a tool to conduct stakeholder assessments, developing a measures and metrics document, as well as designing a tool to support the prioritization of outreach efforts to regional protective security groups.
EXFRA Deputy Project Manager, 01/2008 – 09/2010
Led a team of 10 analysts and 3 interns for the Expeditionary Fraud Resident Agency (EXFRA), under the Major Procurement and Fraud Unit (MPFU), a division of the US Army Criminal Investigative Division (CID). Supported Army CID agents and agents/attorneys from other agencies (FBI, DCIS, USDOJ) in the collective effort to build cases against military and government officials suspected of committing contract fraud in Kuwait during the reconstruction period in Iraq. Accomplishments included developing a criminal intelligence program, developing a unit-wide Standard Operating Procedures document, and maintaining a case information tracking system.
Special Programs Group Team Lead, 03/2007 - 01/2008
Led a team of 11 analysts for the Department of Homeland Security (DHS) Immigration and Customs Enforcement (ICE) unit. Completed extensive analyses of US visitors with significant derogatory history and supplied the client with information on each lead to assist in the removal of criminals and national security threats from the US. SPG worked highest elevated leads in the unit, including: Visa Revocations, Biometric Watchlist hits, Admitted Watchlist hits, TECS Lookout leads, Interpol requests, Biometric Support Center leads, Lost/Stolen Passport leads, including all other specialized leads. Individually assisted in the development and testing of the unit’s database tool.
Special Operations Deputy Team Lead, 11/2005 - 03/2007
Led a team of 5 analysts for the Department of Homeland Security (DHS) Immigration and Customs Enforcement (ICE) unit. This personally selected team led the unit in leads processed each month, since inception. Completed extensive analyses to identify US visitors staying beyond their visas or visiting with derogatory history, among other operational duties.
Intelligence Analyst, 05/2005 - 11/2005
TECHNICAL SKILLS
Proficient in: Microsoft Office, i2 Analyst Notebook, Tenable Nessus, Tripwire, Arcsight, McAfee HBSS, eRetina, Wireshark, SQL Queries
Data systems: eMASS, Xacta IACS, Trusted Agent FISMA (TAF), CLAIMS, CIS, Leadtrac, SEVIS, SEVIS Ad-Hoc, ADIS, NetLEADS, ENFORCE, DACS, SIT, AR-11, Accurint/LexisNexis, RAPS, CCDI, NCIC, TECS, ORION Magic, Omega, ACI2, DEIDS, FinCEN, and Summations
Scripting: VB (novice), Perl (novice)
FISMA publications: NIST 800 series, DHS 4300, CNSSI 1253
ITEMS OF INTEREST
Decent hockey player and fan
Terrible tennis player
Fish tank hobbyist
Automotive enthusiast
Home improvement hobbyist, having built one home and fully renovated another
Recently served in local community governing board capacities to manage community budgets and association duties
Contact this candidate