Cyber Security Consultant / Architect Cissp, Ccse, Nsa Iam, Aws Ccp
Resume:
CHARLES D. HARE JR.
**** ****** ***** **. – Brandywine, MD 20613 *****.****@*****.***
CAREER OBJECTIVE
Obtain a career position that utilizes my leadership and expertise in IP Networking, IT Security, VoIP, Operating Systems and advanced Security applications and technologies. I offer demonstrated dedication, technical leadership, personal drive and superior performance. Past experience gained with leaders in government, information assurance, intelligence, defense, and financial products. I currently hold the following certifications;
Certified Information Systems Security Professional (CISSP)
NSA Information Assurance Methodology (NSA IAM)
AWS Certified Cloud Practitioner (AWS CCP)
Zscaler Certified Cloud Administrator Internet Access (ZCCA-IA)
Federal Information System Security Officer (ISSO)
FedRAMP 200 Level Certification
Cisco IP Telephony Certified (CIPT)
CheckPoint Certified Security Engineer (CCSE)
NSA (INFOSEC) CNSS 4011 Certified
NSA (INFOSEC) CNSS 4013 Certified
DISA HBSS 4.5 Administrator Certified
DoD 8570.01 IAT and IAM Level 3 Certified
.
PROFESSIONAL BACKGROUND
Senior Security Architect, Security Solutions – NTT DATA – Security Services
Washington, D.C. – December 2016 to Present
Trusted Advisor and Thought-Leader to our Clients world-wide.
Design, engineer and build distributed, reliable, and fault-tolerant Security Frameworks,
across hybrid networks for our customers.
Delivering Highly-scalable, Zero-Trust security solutions for customers across Hybrid / Multiple Cloud platforms and networks.
Develop Optimized and Automated security solutions that mitigate threats as they emerge.
Creating and Delivering Security solutions for customers in many different verticals with vastly different compliance and regulatory requirements.
Delivering Secure design and modelling across multiple frameworks for our national and international customers.
Senior Security Architect – US Customs and Immigration Service – Dept. of Homeland Security
Washington, D.C. – January 2015 to December 2016
Provide IT Security assessments under NIST, FISMA and FedRAMP frameworks.
Conduct assessment interviews and conduct network, host, application and Database vulnerability scans using a variety of tools that include, but not limited to Splunk, WebInspect, Fortify, Qualys, Palo Alto, DB Protect, Tenable / Nessus, Kali, Metasploit and various offensive frameworks.
Conduct full, limited, partial or hybrid Vulnerability Assessments on customer systems both traditional, Cloud-based and Hybrid networks.
Develop and update PO&AM tables and perform the validation and verification of remediation efforts to close PO&AMs.
Support customer in developing processes and procedures in support of Security Compliance and Risk Management for customers systems.
Senior Systems and Security Engineer – US Export / Import Bank
Washington, D.C. - August 2014 to January 2015
Subject-matter expert in network security practices that include the full administration of firewalls, vulnerability identification and mitigation, and best practices for securing/hardening network systems. Network penetration testing and exploitation experience across many modes and mediums.
Provide technical oversight of security and systems administration to manage the execution of daily enterprise operations, while driving the identification, prioritization and fulfillment of new tasks/projects that increase the performance, availability, supportability, and security of customer systems.
Global Cyber Security Architect / Consultant – Booz Allen Hamilton
National Business Park, Annapolis Junction, MD. – June 2011 to August 2014
Former Network Analyst at NSA in the TAO group. Offensive Network penetration, persistence and exploitation experience across many modes and mediums.
Demonstrated expertise in the areas of systems, networks and applications engineering and analysis applicable to IA / INFOSEC and C&A engineering and policy within DIACAP, NIST and ISO27001 frameworks.
Expert in Defense-in-Depth principles and technology, that includes network and enterprise security architectures, IAM, AAA (authentication, authorization and accounting), vulnerability assessments and remediation, security risk analysis and Public Key Infrastructure (PKI). Deep Technical knowledge with many years hands-on experience across a vast array of security platforms.
Utilized Secure Configuration Control mechanisms to secure local services and applications, set permissions on files and directories and improve access control parameters, limiting privileged user access and improving security posture across multiple platforms. Experience with SCAP and OpenSCAP tools and specifications to include OVAL, CPE, CVE and CVSS specifications.
Responsible for network security operations and cyber warfare tactics, techniques, and procedures focused on networked weapons platforms and US and DoD information networks. Experienced in CNE/CNA analysis and operations.
Delivered HBSS (Host-bases Security System) solution to a major DoD Health services and billing provider. Subject Matter Expert for Virtualization Security and Cloud Security. Created client network and security Cloud FedRAMP transition plan to allow large government client to transition applications and services to a Commercial Cloud Service Provider. Member of Network and Security requirements gathering and SOC Planning team for major “quasi-governmental’ energy client.
Information Assurance Lead – United States Marine Corp – Dependable Global Solutions
Quantico, Va. – June 2010 to June 2011
Responsible for all aspects of Information Assurance for USMC’s Global Combat Systems Support (GCSS) at the Marine Expeditionary Force (MEF) level. Duties include completion of a full DIACAP Certification and Accreditation (C&A) with ATO (Authorization to Operate) under MARCORSYSCOM, DISA and MCNOSC oversight.
Perform security readiness reviews and insure STIG (Secure Technical Implementation Guides) deployment across multiple platforms. Perform Network Penetration testing and Application and Infrastructure scanning using DIACAP, NIACAP and NIST Best practices, techniques and tools.
Significant technical experience allows me to develop POA&M’s with attention to detail and rapid actions and planning for issue mitigation and remediation within DoD 8500.1 and.2 guidelines. Regularly meet with all project stakeholders to incorporate Information Assurance best practices into all aspects of the program life-cycle.
IT Security Lead – United States Census Bureau – Federal Working Group for IBM Corp.
Washington, DC. – March 2009 to June 2010
Responsible for key aspects of Certification and Accreditation (C&A) at US Census. My duties include directing engineering resources towards each phase of certification. I incorporate a broad range of security and privacy skills and extensive experience in security engineering and architectures including ISSE experience. Broad experience with C&A, FISMA, FIPS-140, FIPS-140-2, OMB A-130 and ISO/IEC 27001 security requirements such as NIST 800-53 A through Rev. 3 series of controls within Census.
Perform security assessments, and lead in the overall security risk assessment and management process for Census. “Go-To” person for engineering, risk and problem solving issues. Lead a review of SIEM Vendors to include ArcSight, QRadar, SenSage and others.
Review requirements; identify problems, gray areas, and specific issues. Conduct analyses to validate technical and operational requirements. Identify interfaces, logical sequence of task execution, information flows, and interfacing requirements. Develop, coordinate, and monitor testing (ST&E), implementation and remediation plans (POA&Ms) in support of C&A.
Engineering Lead, Information Systems Security - Northrop Grumman Corporation
Richmond, Virginia - December 2007 to March 2009
Responsible for all aspects of Information Systems Security engineering. Lead a team of 20+ highly qualified and motivated engineers in designing, deploying and managing a World-class government Information Systems Security solution.
Sustained transformation of Virginia Information Technology Agencies’ WAN Provider Solution into a Next General Multi-Service Network (IP/MPLS Based Core, State-wide VPN Services, VoIP, Video & other IP Telephony Solutions)
Design, engineer, deploy and manage all network and operational security devices including 600+ firewalls from multiple vendors, 30+ IPS/IDS sensors, multi-vendor VPN solutions that included 2-factor authentication with both SSL and IPSec encryption, enterprise content management and wide-area caching.
Develop secure technical solutions to complex business problems which require the regular use of ingenuity and creativity. Exercise considerable latitude in determining technical objectives of assignment. Guide the successful completion of major programs and function in a project leadership role. Represent the organization as the prime technical and security contact on contracts, projects and services. Interact with senior external personnel on significant technical matters often requiring coordination between multiple organizations.
In depth experience with Internet protocols vulnerabilities, intrusion detection systems, firewall management, network vulnerability analysis, cryptographic theory and practice, incident analysis and response, software testing and security assessment, malicious code and software exploitation techniques, continuous monitoring and event logging, counterterrorism cyber crimes, computer forensics analysis, and computer crime investigation.
Deliver extraordinary results in an extremely high-pressure environment.
Information Systems Security Engineer- Northrop Grumman Corporation
Richmond, Virginia - September 2005 to December 2007
Design, test, and implement state-of-the-art secure Networks, Windows operating systems, and Unix / Linux products. Conduct risk assessment and provide recommendations for Infrastructure design. Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, Voice, Video and network access.
Use encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research. Prepare security reports to regulatory agencies such as Department of Defense (DOD) or Department of Energy (DOE). Participate in various Information Security Certification and Accreditation (C&A) programs and Frameworks including ISO 27001, FIPS, NIST and FISMA and FedRamp at multiple levels and in various roles, from catagorizing systems, through implementation, assesment and monitoring of systems and data.
Security specific experience includes design, configuration, installation, operation and management of various security platforms from Cisco, Juniper, Internet Security Systems, RSA, Blue Coat, EMC Clariion and Symmetrix Enterprise Storage systems, McAfee, ArcSight and Intellitactics SIEM’s.
Senior Telecommunications Analyst – Virginia Information Technologies Agency – Richmond, Va. 2005
Conduct the engineering, design, architecture, review and risk assessment of LAN, VLAN, and WAN implementations for statewide telecommunication and network projects utilizing wide area and local area network technologies and protocols.
Perform the configuration of routers, switches, firewalls and other network equipment.
Perform research to develop recommendations for enhancements, expansions and/or consolidations of telecommunications and network implementations and deployments, facilities, and services.
Senior Voice over IP Engineer, Dept. of Commerce for Insight Global – Washington, D.C. 2004
Serve as NOC support expert for Cisco Secure AVVID deployment of 7,000+ phones utilizing Cisco CallManager, Unity Voicemail and assorted Cisco and non-Cisco Voice Application servers in a Windows 2000 and 2003 environment.
Implementation engineer in the deployment of QoS switch and router architecture in a secure MIL-spec environment.
Responsible for all aspects of Microsoft Server and Securing the networking environment.
Experienced in all aspects of T1 and T3 Telecom circuits for Voice and Data, and Video communications.
Senior VoIP Implementation Engineer, LogicaCMG Telecom – Richmond, VA 1999 – 2004
(formally Cisco Systems)
Part of a small world-wide team to implement first VoIP-based Voicemail at a major Wireless vendor in 13 countries.
Served in critical role of subject matter expert for Cisco VoIP and Video over IP Telephony and Messaging Solutions in UNIX, Linux and Windows environments.
Multiple Operating System experience. Hands on and in depth (UNIX, Linux, Windows).
Designed and delivered advanced network solutions utilizing Cisco routers, switches, remote access, storage, network security and Telecom components.
Complex system integration and installation and on-time delivery at customer site.
Communication level from customer engineers to customer CEOs (written and oral presentation skills)
Deployment of various Telecom circuits (T1, T3, POTS, etc…) to service Voice and Data communications needs.
Onsite deployment of IP based voice and video Unified Communications solutions into both enterprise and service provider carriers worldwide. This includes a wide variety of Cisco AS5xxx voice access servers, switches, routers and media gateway controllers utilizing H.323, H.263, MGCP and SIP VoIP and video protocols; Sun servers and arrays; HP/Compaq based servers; in conjunction with a variety of hardware and software based IMAP messaging, EMC SAN Storage, SunOne, OpenLDAP and other X.500 directory products.
Network Security, Veritas Backup, Clustering, Failover, and High-Availability knowledgeable
Senior Technology Integration Analyst, Capital One Financial – Richmond, VA 1998 - 1999
Selected as the Test Manager in Emerging Technologies and Integration Group.
Successfully implemented and utilized Netware, Windows NT and UNIX platforms.
Performed in-depth testing of e-commerce, voice-over-IP, secure remote access, LAN/WAN, ATM and Load-Balancing components.
Provided strong management of multiple enterprise-level projects from initiation to deployment.
Internet Specialist/Owner, HareNet Computing – Richmond, VA 1997 - 1998
Started-Up and managed all aspects of this regional ISP and network consulting firm.
Effectively used web-based NT, Netware 3.x/4.x, TI, ISDN, Windows NT servers, routers, DNS, World-wide Web, Radius and remote access equipment.
Network Analyst, Philip Morris for IPC Technologies – Richmond, VA 1996 - 1997
Hired to manage and support corporate LAN/WAN architectures.
Integrated Cisco routers, Cabletron switches and AT&T CSU/DSU set-up and support.
Managed corporate WAN data communications links including FDDI, dedicated and switch circuits.
Sperry Marine Inc. – Product Engineer 1995 - 1996
Charlottesville, Virginia.
Designing WinNT based Networking products for Global Navigation. Set corporate standards in Portable Electronic Documentation. Principle in bringing Internet Worldwide Web implementation into Sperry Marine. Worked closely with customers in Cross-Platform Documentation and Data Transmittal using HTML, The Internet and Intranets, CD-ROM and other formats.
Sperry Marine – Asia – Service Manager 1993 to 1995
Tokyo, Japan
Designed and supervised installation of Netware 3.x and WinNT Network based products throughout Asia. Installed and configured office software for desktop and LAN applications. Managed Service Dept. and responsible for all Technical aspects of regional operations. Member of the Tokyo Computer Professionals Association.
Sperry Marine Systems – Service Engineer 1987 to 1993
Seattle, WA
Installation, maintenance, and training of Networked Computer Navigation and Geographic Information Systems (GIS). Duties include Proto-typing, test creation, and 68XXX and 80XXX CPU’s. Department Network Administrator. National and International customer support for integrated networking products.
M I L I T A R Y S E R V I C E
United States Navy - Electronic Warfare Technician 1980 - 1988
TECHNOLOGY SKILLS
Computer Networks: Voice-over-IP and Video-over-IP Based Telephony and Unified Messaging, Cloud computing, MPLS, Virtualization, VMWare, Wireless Point-to-Point and Point-to-MultiPoint Architectures (802.11b/a/g/n), Veritas Data Center, SSL and IPSec VPNs, Advanced WAN/LAN Routing Protocols, Cisco routers, switched and network security, NIST and DIACAP STIG’s All Platforms, GoldDisk, Eeye Retina, Ghost, Nessus, Rational AppScan, HP WebSphere, Unix and Oracle SRR’s, Windows Server 2003, CiscoWorks, TCP/IP, IPX/SPX, Netbios, SNMP, Token-Ring, AppleTalk and Ethernet Topologies, using Novell Netware 3.x and 4.0x, UNIX, WinNT and hybrid networks. Also expert in T1 and Fractional T1, ISDN, Frame Relay, and Remote Access Telco Circuits. Proxy and Firewall Security policies, installation, configuration and management of same.
Computer Software: Unix, Linux, Solaris, Windows XP, Win95, Windows 7, Win2000 through Windows 2008, and operating system security, NIST and DIACAP STIG’s, GoldDisk, Eeye Retina, Ghost, Nessus, Rational AppScan,HP WebSphere, Veritas NetBackup DataCenter and EMC Legato NetWorker. Various Tape Hardware and RAID Arrays Lotus Notes, MS Office, MS Exchange Server 4.x thru 2000, Network Email set-up and management, FrontPage 98, PhotoShop, other web creation tools, MS SMS Beta-tester. Expert in all aspects of Data Communications and Remote Access.
EDUCATION
New River Community College – Dublin, VA
Associate of Applied Science, Electronic Engineering, 1987
University of Maryland, University College – Largo, MD
Bachelor of Science, Cybersecurity, December 2022
AWS Security Engineering - 2020
Zscaler Certified Cloud Admin-Internet Access (ZCCA-IA) - 2020
Certified Information Systems Manager - 2013
Amazon Web Services (AWS) Cloud Solutions Architect - 2013
National Security Agency - Information Assessment Methodology – 2010
eMASS Training – 2010
DIACAP Implementation Training – 2010
Information Assurance Fundamentals - 2010
High Speed Guard Cross Domain Solution Training -2010
Host-Based Security Systems 4.5 Administrator Training - 2010
Cisco Certified Security Professional - 2007
Cisco IOS Security Specialist - 2007
Cisco IPS Specialist - 2007
Cisco Firewall Specialist - 2007
Cisco Information Security Specialist - 2007
Securing Cisco Network Devices - 2007
Configuring Juniper Networks Firewall / IPSec VPN and Security Manager - 2007
Internet Security Systems Proventia, SiteProtector and IDS/IPS - 2007
Certified Information Systems Security Professional -2007
Cisco Secured Networks with PIX and ASA – 2006
Cisco Certified Network Associate – 2006
Cisco Certified Design Associate - 2006
Interconnecting Cisco Network Devices - 2005
Solaris System Administrator II – 2002
Designing Cisco Networks – 2000
Cisco IP Telephony Certified – 2000
Red Hat Linux Systems Administrator I and II – 2000
Nortel VolP Solutions Training – 1999
Cisco Internetwork Troubleshooting – 1999
Cisco LAN Switch Configuration – 1999
Cisco Routers and LAN Switches – 1999
CheckPoint Firewall – 1 Security Certification – 1997
Advanced Cisco Router Configuration – 1996
Microsoft Windows NT Enterprise Support - 1996
Contact this candidate