Darian Stultz, CISSP

ad3u7p@r.postjobfree.com

Harpers Ferry, WV 725-***-****

SUMMARY

Skilled multi-disciplinary System, Site, and Security Architect with strong experience in both physical and cybersecurity seeking a challenging and competitive role with an Intelligence Community client. Mission-focused and experienced with direct customer engagement. Highly adept at learning new technologies, processes, and methodologies with a desire for continued growth. CLEARANCE

TS/SCI – Counterintelligence Polygraph 2022

NOTABLE CERTIFICATIONS

• ISC

2

CISSP #347-***-****

• Professional Continuity Practitioner 2015

• Qualified Ethical Hacker 2015

SKILLS AND QUALIFICATIONS

• Cyber, Personnel, and Physical Security

• Author MoU/MoA as required by the

program

• DoD 8570.01 IAT/IAM Level III compliant

• Complex Classified Sensor Networks

• Joint projects with Multiple Intelligence

Community Partners, DoD, NGOs

• Technical Project Management

• Author/contributor to all A&A Body of

Evidence. (Steps 1-7) and compliance

auditing. (SSP, RAR, SOP, PPS, etc.)

• COMSEC support, provisioning, TPI

• Vendor Patch Management, updates

• Led Technical Exchange Meetings with

stakeholders

• Produced “Smartbook” guides

• Data Center Program/Project Management

• Classified Network Infrastructure & SCIF

Construction and secure implementation

• ICD 503/Risk Management Framework

(RMF) / DITSCAP/DIACAP/NIST/CNSS

(SME Level)

• Communications hardening and security

• Radio Frequency (LMR/Terrestrial/SATCOM)

• Federal Continuity of Operations

(COOP/COG)

• Disaster Recovery/Contingency

Planning/Emergency Travel Planning and

Logistics

• Work with Developers at all stages of the

SDLC

EDUCATION

Liberty University, Lynchburg, VA 2008

BS in Computer Science

Darian Stultz, CISSP

ad3u7p@r.postjobfree.com

Harpers Ferry, WV 725-***-****

PROFESSIONAL EXPERIENCE

General Dynamics Information Technology (GDIT), Chantilly, VA December 2018 – January 2024 Senior Information Systems Security Engineer (Federal Agency)

• Supported Technical Director for the Office of Security & Counterintelligence as Information Systems Architect.

• Previously served as site-wide Information Assurance Engineer and Subject Matter Expert for joint clients/programs for the Site Information Systems Security Manager (ISSM) and Program Security Officers

(PSO) at a ground processing station.

• Provide business continuity processes, planning, and remediation proposals to enhance the overall efficiency concerning mission success.

• Balances security of the operational mission with the economic costs of protective measures.

• Monitor and track authorizations (ATO) using Xacta, and successor tools, and assist with the accreditation documentation and system reviews.

• Appointed as Subject Matter Expert for ICD 503 Risk Management Framework to support the Assistant Chief Information Officer (ACIO) at the division level.

• Architected solution to enhance the cybersecurity posture of laptops used for special testing in the field; such that each is maintained in a cyber-ready state for immediate deployment, evaluated vendor architecture and proposals to replace end-of-life video and computer systems in several Branch Office Locations.

• Participated as a stakeholder in developing regulations governing service contractors responsible for surveying land audits with Government Staff and independently to ensure site-wide Physical, Communication, Personnel, and Information System security best practices are met or exceeded.

• Continually audited site for prohibited technologies, using engineering tools, such as Radio Frequency Detection, protocol analysis, and other methods. Provided written reports of findings to mitigate devices that did not meet site standards. Referred any follow-on matters to the TEMPEST team as needed through the Government Chain of Command.

• Mentor staff from other teams to promote a multi-disciplinary approach to serving the client.

• Provided forensic investigation and mitigation of data spills using engineering analysis/best practices.

• Provide Program Assistance with creatively solving System Engineering tasks to comply with ICD503 RMF and Plan of Action and Milestones (POA&M) of classified networks.

• Stakeholder in planning and secure transitioning of data and applications to (C2S/C2E) cloud environments. Darian Stultz, CISSP

ad3u7p@r.postjobfree.com

Harpers Ferry, WV 725-***-****

River Front Services, Inc. Chantilly, VA May 2015 – July 2018 Sr. Information Systems Security Engineer (Government Program) Facility Security Officer (FSO), Insider Threat Senior Program Official (ITPSO), Laboratory Testing Manager (Industry)

• Special Project Security Engineering of classified sensor networks for Computer Network Defense (CND)

• Served as Facility Security Officer (FSO) and Insider Threat Program Senior Official (ITPSO) for the River Front Services CAGE. Maintained personnel clearances and investigations and interfaced with the Defense Security Services, Industrial Security, and Counterintelligence representatives as needed. Additionally, I maintained self-inspections under the NISP guidelines and produced facility clearance packages (e-FCL).

• Managed product development test lab and conducted scientific testing of aerospace and defense inventions.

• Wrote policy and standard operating procedures in conjunction with Government staff.

• Worked with Government ISSM and CISO staff to ensure security best practices and regulations were being followed during the expansion of classified enclaves.

• Acted as Security Control Assessor (SCA) for sites around the United States. Performed audits of NIST/CNSS controls and policies related to SCIF physical and logical security. Worked to remediate deficiencies in control responses with partner agencies, external customers, and other stakeholders.

• Performed audits and testing at NGO partner sites for compliance with cybersecurity and Management Oversight

• Led a team of ISSOs to obtain Authority to Operate (ATO) for a classified system with few artifacts needed for accreditation. Used interviews, investigation, and un-formalized documentation to create a Body of Evidence completed well before the ATO expiration. The end product was modular and exceeded expectations. This system initially was a Congressional Mandate, and many inputs were provided by my team where obvious deficiencies became negotiated POA&M items.

• Appointed as Action Officer (AO) on behalf of the Government client to authorize certain sensitive operations.

• Appointed as Alternate ISSO for other classified enclaves.

• Authored Contingency Plans (CP) to provide solid plans supporting both Continuity of Operations (COOP) and Continuity of Government (COG) functions.

• Served on the team to obtain SCIF co-use/joint-use agreements with Intelligence Community partner agencies.

• Assisted SCIF SSO and SCIF ISSO in matters related to TEMPEST and other security vulnerabilities.

• Key resource to create and execute Contingency Plan Testing (CPT), gather artifacts, and gain consensus from the Government that the test was complete and each team member was aware of their roles and responsibilities. Facilitated both training and testing support for various Government and contractor staff.

• Worked almost exclusively under direct tasking from the Government client.

• Mentored (and learned from) staff during lunch or off-hours to strengthen our multi-disciplinary team. Darian Stultz, CISSP

ad3u7p@r.postjobfree.com

Harpers Ferry, WV 725-***-****

Sr. Information Systems Security Specialist, Infrastructure Architect December 2009 – May 2015 National Interest Security Corporation, a division of IBM Allegany Ballistics Laboratory, Rocket Center, WV

• Designed, Maintained, and enhanced several closed “air-gapped" networks and provided program support to include specialized evidence ingest equipment such as Scanners, Full Motion Video, Audio, Large Format, etc., up to the TS/SCI level.

• Maintained inventory of classified seized items from IC Operations to include chain of custody where applicable. Items included various electronic equipment; radios, cellphones, computers, maps, audio and video records, accounting, and sensitive lists up to the TS/SCI level.

• Maintained and enhanced computing infrastructure such as a complex 3-tier storage network, providing gold copy evidentiary data (read-only), a faster tier for exploitation of working copies(read/write), and the fastest available storage for intelligence analysis.

• Configured COMSEC Equipment and Cisco routers to distribute RED/BLACK communications.

• Provided subsets of data to Analysts for manipulation, exploitation, and targeting.

• Information Assurance Officer (IAO); Inspected and verified AIS reports; conducted Certification/Accreditation of IS architecture, networks, and computing systems, reviewed/validated documentation on up to TS/SCI systems.

• Technical Lead for building a classified facility/SCIF network consisting of multiple floors and multiple Intelligence Community (IC) partner agencies.

• COMSEC Custodian, maintained KEYMAT inventory, key loader for various devices (STE, KIV-7, KG- 175A, KG-175D, KG-340, KG-345, KIK-20, AN/PYQ-10 SKL)

• Maintained PKI control compliance of EKMS/NKMS.

• Produced documentation for new hardware/software/services such as Tactical Satellite Communication Systems (VSAT/SNAP Terminal), providing systems to the authority to operate during emergencies.

• Audited systems for vulnerabilities and misconfigurations.

• Conducted SCIF workstation planning, installation, support/troubleshooting of internal/external networks IAW DCID 6/3 or ICD 503, ICS 705 configuration management plans.

• I conducted malware analysis using forensic tools by investigating incoming/outgoing media associated with the SCIF(s) so auditing and accountability were achievable, including COTS/GOTS software and backups.

• Configured VLANS for each enclave on Cisco distribution switches; provides color-coded cabling/labeling to minimize server/workstation exposure to NIPR, SIPR, and JWICS systems, including copper, fiber, telephony, and satellite emergency communications.

• Reviews and performs testing of facility infrastructure/physical operation mitigation of power, POTS, Secret, and TS/SCI telephony services and external classified network communications.

• Provided support to in-building armed guards, Contract Special Security Officer (CSSO), and Government Security staff.

• Provided Data Center Environmental Monitoring while using APC InfrastruXure and APC Netbotz to monitor critical environmental data (chilled glycol temperatures, Data Center space temperatures, UPS, Generator, Automatic Transfer Switches, remote security alarms.)

• Responsible for the overall management of Facilities, including Operations and Maintenance of all infrastructure and performance of contractor personnel. Wrote Statement of work, interfaced with Darian Stultz, CISSP

ad3u7p@r.postjobfree.com

Harpers Ferry, WV 725-***-****

procurement and government clients in source selection, and ensured contractor compliance with all SOW requirements, life safety, and other applicable code and regulatory compliance.

• Served as Subject-Matter Expert on SCADA control systems, up to 2-Mw Emergency Generator sets, Chiller Farms, Pump stations, fire and intrusion alarm systems, and proactive monitoring to ensure 24-hour uninterrupted facility operations.

• Upgraded server hardware, providing initial operating system images and special configurations for Windows 2003 and 2008 servers, domain controllers, and Red Hat Linux.

• Maintained racking and configuring Blade server chassis, VLAN mapping, configuration of onboard administrator cards, SAN storage switches, and performed validation testing and storage.

• Maintained CLARiiON CX3/CX4 arrays, RecoverPoint servers, DMX-4, Violin and COPAN systems.

• Performed monitoring, troubleshooting/problem resolution in the Systems/Network Operations Center.

• Served on Tier III service desk for user issues, move/add/change, new equipment provisioning, etc.

• Created LAN/WAN technical diagrams and building cable distribution, including penetrations between classified and unclassified spaces, equipment rack elevations, and network riser diagrams.

• Authored "smartbook" instructions to perform routine/emergency tasks, such as providing programmatic artifacts that checked critical infrastructure for unreported errors or anomalies.

• Authored facility accreditor documentation of new construction, including network and power penetrations, including drawings/written documentation with before and after photographs.

• Documented degree of protection based on the risk of classified spaces to maintain program security posture.

• Accountable Property Custodian for over 2500 trackable inventory (government) client equipment items.

• Accounted for the movement of classified materials to CONUS/OCONUS deployed locations.

• Served as a primary emergency on-call staff member for after-hours monitoring of systems and facility. Sr. Information Systems Security Consultant 2008 – 2009 Stultz Enterprises, LLC, Roanoke, VA (self-employed)

• Conducted Security Risk Assessments/Analyses/Audits in accordance with USG IS security policy, identifying and remediating gaps and producing a high-quality upgrade package for our clients.

• Implemented security hardening controls on Harris Corporation’s Land Mobile Radio systems in a laboratory environment before implementation at Department of Defense (DoD) sites.

• Ensured IA Hardening activities did not impede functionality with Force Protection, Fire, EMS, etc., by participating in functional testing of customer radio systems (DoD LMR system).

• Participated in the DoD Information Technology Security Certification and Accreditation Process (DIACAP) Information Assurance process, providing security testing and change management to the DoD customer.

• Monitored 5700 Army and Navy systems, Windows Server 2003, XP, Windows 7, digital voice recorders, CISCO switches and routers, Network Load Balancers, Linux servers, networks/servers, and dispatch consoles.

• Wrote UNIX and Windows scripts, reducing downtime of radio systems during the upgrade process.

• Developed simulations of Solaris, Windows Server, and Windows workstations using virtual machines to test procedures in a laboratory environment before customer site implementation.

• Contracted with a correctional facility to troubleshoot and repair Pelco and Axis Security Camera Systems, intercoms, and gate controls.

Darian Stultz, CISSP

ad3u7p@r.postjobfree.com

Harpers Ferry, WV 725-***-****

Data Center Manager/Sr. Technical Team Lead 1999 – 2008 AT&T (formerly BellSouth), Roanoke, VA

Served as Single Point of Contact (SPOC) for all business unit physical and information systems security, reporting directly to AT&T Corporate Security.

Managed Facility Security of about 65,000 square feet; Supervised 14 full-time and 38 contract personnel.

Conducted performance reviews, coaching, disciplinary actions, and salary merit increases.

Managed multiple budgets totaling approx. 6.5M for the entire I/T department, including 55 programmers, managers, and CIO salaries, approving expenses to maximize the $2.5M annual spending plan.

Coordinated the design/construction of a new 5000 square feet Data Center.

Engineered/deployed Windows, Solaris, HP-UX, Linux, and other servers, including technology refreshes and 9 Regional networks.

Implemented high availability software and hardware infrastructure – Oracle RAC, Veritas Clustering, Weblogic, MC/ServiceGuard, Checkpoint Firewall-1/VPN-1, Lawson ERP, EMC Connectrix SAN Switch and Symmetrix DMX series disk, Nortel Ethernet switches, Redundant router configuration, N+1 Communications circuits (T1-T3), Microsoft Cluster Server, IIS, Citrix, VMware, remote power monitoring, APC Silcon UPS systems, static power switching and backup power.

Directed all tiers of helpdesk operations, user account creation, password resets, granting privileges to users with proper authorization, maintaining all equipment in the Data Center, and proactively monitoring systems with various automated toolsets such as SolarWinds.

Achieved 99.99% operating status by establishing strategies that ensured customer service.

Led a project that provided secure wireless communication services to over 13500 BellSouth Corporation employees, providing secure Wi-Fi in its major facilities using Cisco and RSA SecurID Products.

Managed all security alarm systems, including CAD Graphics, showing the location where alarms occurred, for 24-hour on-call support and a new high availability Data Center of approx. 5000 sq ft.

Increased profitability and led project teams to implement new software and hardware, resolve performance issues, perform maintenance, and plan systems to meet future needs.

Implemented building life safety systems addressing fire and burglary alarms.

Performed yearly Business Continuity and Disaster Recovery plan testing at different Data Centers.

Managed all aspects of Facility Safety Engineering and compliance with life safety codes.

Led proactive biannual audits of system security and user access rights.

Reduced the risk of data loss using industry best practices for systems and security management.

Honored with multiple awards and recognition, including the “Whatever It Takes” award and “The Customer Rules Service Leader” award, and featured in BellSouth Connections magazine for leadership in driving service improvement (distributed to 60,000 employees). Darian Stultz, CISSP

ad3u7p@r.postjobfree.com

Harpers Ferry, WV 725-***-****

CERTIFICATIONS / TRAINING YEAR

Risk Management Framework II 2019

Introduction to Risk Management Framework 2018

FSO Program Management for Possessing Facilities 2017 Establishing and Insider Threat Program for Your Organization 2017 Ongoing Authorization 2017

ISSO Compliance Operations Program 2016

Qualified Ethical Hacker (Q/EH) 2015

DHS/FEMA - Professional Continuity Practitioner 2015 ITILv3 Foundations 2013

Honeywell Enterprise Buildings Integrator (EBI) (SCADA/ICS) 2012 Johnson Controls Metasys (SCADA/ICS) 2012

TACLANE Operations and Maintenance 2011

VMware Vsphere 4 Install, Configure, Manage 2011

ISC2 CISSP – DoD 8570.1 IA Management (IAM) Level II & III 2010 ISC2 CISSP – IASAE I & II 2010

ISC2CISSP – IA Technical (IAT) Level III 2010

VMware Vsphere 4 Install, Configure, Manage 2011

LVM and Mirrordisk/UX 1999

MC/ServiceGuard (High Availability Computing) 1998 HP-UX Network Administration 1997

HP-UX Performance/Tuning 1997

UNIX Database Administration 1995

Fundamentals of the UNIX System 1995

Contact this candidate