Engineer Security
Resume:
Joel E. Lange
***** ******* ***** • Fairfax, VA *2033 • 703-***-****
***********@*****.***
Professional Summary:
** ***** ** ** **********, including at least 5 years of experience as in Enterprise Architecture (EA) and its components. For the Federal Retirement Thrift Investment Board (FRTIB) $4M Identity, Credential, and Access Management (ICAM) program, provides expertise in EA and its components, including CONOPS formulations, requirements definitions, and system architecture; analysis; and engineering principles to accommodate complex business needs and design architecture. Ensures product solutions meet and exceed customer expectations and acknowledge technical, schedule, and cost constraints. Conducts functional and timeline analyses, trade studies, requirements, and interface definition studies to translate customer requirements into sustainable hardware, software, and engineering specifications. For the $2.4B/$240M per year large-scale DOS Vanguard 2.2.1 program, applied expertise in EA and its components to the Enterprise Security Office (ESO) for Bureau of IRM. Guided EA strategies and implementation for a long-term and sustainable solution to obtain security-related information from enterprise disparate data sources. Managed risk exceptions from technical vulnerabilities and iPost requirements. Provided engineering and architectural requirements for the best placement of Splunk and ForeScout CounterAct appliances.
IT Professional dedicated to applying my knowledge and skills of information technology, organizational efficiency, and decision-making to create functional and effective business organizations. Strong analytical and interpersonal skills. Effectively utilize resources to creatively solve problems in a timely and professional manner. Committed to providing superior customer service and promoting a team environment. Demonstrates a continuing record of professional education and training to keep current with best practices, trends and technologies.
Skills And Technology Summary:
Identity & Privileged Access Management (IAM, PAM)
VMware vSphere 7, 6.7, 6.5, 6, 5.5, 5.1, 5, 4.1, 4, 3.5
DevOps, Dev, Test and Production Environments
Build Proof of Concepts (POC)
vCOPs Operations Manager
Linux Environments
Security Analysis and Solutions
vCenter Physical Servers
DoD Network Environments
IT Security Threat Intelligence
vCenter VCSA Appliances
NIPR and SIPR Environments
Security Tools POC to Integration
VMware 5 and 4 Instructor
Classified Launch Systems
DHS CDM CMaaS TO2
Dev/Test VMware Labs
Military Health Systems
Cisco Network Hardware
HP, Dell, SAN and NAS
MS Server 2016, 2012, 2008
Backup Solutions: Veeam; Symantec’s Backup Exec System Recovery (BESR) 2010, Backup Exec 12.5; VMware Clones and Snapshots; Norton Ghost; Acronis; CA ARCserve
Databases: Oracle 11g, 10g, 9i; Microsoft SQL 2016, 2014
Hardware: Cisco Routers and Switches; HP Fiber Switches, HP Proliant Servers, SAN, and NAS; Dell PowerEdge Servers, SAN; IBM eServers; iSCSI devices; ForeScout CounterAct; Tandberg and Polycom VTCs
Issue Tracking Systems: ServiceNow; Remedy; Siebel; Track-It!
Mail Servers: MS Exchange 2007 and 2003; ArGoSoft Mail Server
Operating Systems: Cisco IOS; VMware ESXi7 thru ESX3.5; Windows Server 2016, 2012, 2008, 2003; Windows 10, 8, 7; Mac OS X; Linux RH, CentOS, Ubuntu; AIX; OpenVMS; openfiler
Protocols and Services: TCP/IP; SNMP; SMTP; LDAP; SSH; DNS; DHCP; IIS; SMS; ADDS; ADCS; ADFS; WSUS
Scripting: PowerShell; WMIC; Bash
System Monitoring Tools: VMware vSphere 7 thru 3.5; vCenter Operations Manager (vCOPs); ForeScout CounterAct; Splunk; Tripwire; Tivoli Netview; PacketTrap; OpManager
Virtualization Software: VMware vSphere 7 thru 3.5 (vCenter, ESXi and ESX), VCSA, vCOPS, VMware View, Microsoft Hyper-V and Virtual Server 2005, VMware Workstation, Fusion and Player, VirtualBox, Microsoft Virtual PC 2007 and 2004
Vulnerability Assessment Tools: Burp, WebInspect, Tripwire, Tenable Nessus; SCCVI/eEye Retina; DISA Army Gold Disk; SRR
Security Clearances Held:
Top Secret SSBI w/SCI Eligibility (Granted October 7, 2013) - Archived in JPAS
Secret (NATO)
Public Trust - Currently
Certifications:
Microsoft Certified Azure Fundamentals Cert# H482-7016
(ISC) CISSP Cert# 504672
EC-Council C EH v8 Certified Ethical Hacker, Cert# ECC15650738968
EXIN ITILv3 Foundation, Cert# 5606296.20502009
Cisco CCNA, Cert# CSCO11187725
VMware VCP5-DCV, Cert# VMW-00458737X-00072149
VMware VCP4-DCV, Cert# VMW-00458737X-00072149
Microsoft Certified Solutions Associate (MCSA 2008) Cert# D717-9824
Microsoft MCITP-EA & SA, Cert#s D422-3079, D412-0583
Microsoft MCSE & MCSA, Cert#s D077-2017, D077-2016
CompTIA Security+, Career ID# COMP001005738380
Education:
University of La Verne – La Verne, California
M.B.A., Information Technology Concentration, GPA 3.97
Chapman University – Orange, California
B.S. Computer Information Systems, Cum Laude, GPA 3.87
Experience:
07/2016 – Present
Science Applications International Corporation (SAIC) – Vienna, Virginia
Position: IT OPERATIONS SYSTEM ENGINEER PRINCIPAL
Performs Systems Engineering activities related to Information Technology or Engineering including: concept of operations formulation, requirements definition, analysis and engineering, system architecting, system analysis and design, interface and data architectures, security analysis, validation and verification, systems integration, system and operations performance analysis, Lifecycle cost analysis and estimation, decision analysis and physical configuration analysis (PCA). Ensures the logical and systematic conversion of product requirements into total systems solutions that acknowledge technical, schedule, and cost constraints. Performs functional analysis, timeline analysis, detail trade studies, requirements allocation and interface definition studies to translate customer requirements into hardware and software or engineering specifications. Provides specific, detailed information for selection, implementation techniques, and tools for the most efficient solution to meet business needs, including present and future capacity requirements. Other activities include infrastructure management, Identity and Access Management (IAM) utilizing SailPoint, Privileged Access Management (PAM) utilizing CyberArk, operating systems, directory services, certificate services ADCS, and federation services ADFS. Manage an IAM/PAM security tools Test Lab built on VMware vSphere 6.5. Utilize VMware vSphere 6.5 to administer over 500 virtual VM production servers Applies extensive technical expertise and has full knowledge of other related disciplines. Receives assignments in the form of objectives and establishes goals to meet objectives. Provides guidance to subordinates to achieve goals in accordance with established policies. Establishes and recommends changes to policies which affect subordinate organizations.
06/2013 –
07/2016
Science Applications International Corporation (SAIC)
Company Headquarters: McLean, Virginia
Worksite Location: Department of State (DoS) Rosslyn, Virginia
Position: SECURITY SYSTEMS ENGINEER SR.
Security Systems Engineer within the Vanguard 2.2.1 program’s Enterprise Security Office (ESO) directly supported the Department of State (DoS). Helped guide the strategy and implementation of a long-term and sustainable solution that obtained security-related information from disparate data sources across the enterprise. Analyzed data to identify whether various system and security controls were being effectively maintained in support of certification and accreditation. Provided and monitored information systems that enhanced real-time awareness of security posture and threats, and supported immediate diagnosis. Supported creation of continuous monitoring strategies, identification of requirements, selection and implementation of continuous monitoring solutions. Reviewed NIST 800-53 technical and non-technical security requirements (i.e., controls) to identify good candidates for automated monitoring. Identified and developed workflows, processes, and tools to automatically collect, normalize, analyze, and present data in support of automated monitoring. Facilitated the Security Vulnerability Management Group (SVMG) in support of managing risk exceptions associated with specific technical vulnerabilities and iPost requirements. Communicated with multiple departments and levels of management in order to resolve technical and procedural information security risks. Provided recommendations, mitigation strategies and courses of action to resolve complex security flaws and vulnerabilities in Cybersecurity systems and processes. As Lead Engineer provided engineering and architectural requirements for the initial implementation of Splunk and ForeScout CounterAct appliances within the DoS. Built and maintained two development and test labs, supporting VMware vSphere 5, vCOPs and Microsoft Hyper-V to conduct requirements and integration analysis, and evaluate COTS products. Provided side-by-side comparisons of products for selection, implementation techniques, and to determine efficient solutions to meet business needs, and in support of the Continuous Diagnostics and Monitoring (CDM) initiative. Researched AWS Cloud Services and provided requirements analysis for its integration with on-premises Dev/Test Lab environments. Provided engineering and architectural documentation for implementation of approved solutions into production. Support the program’s SCA, SOS and IV&V teams as an SME in support of assessment and authorization (A&A) activities to ensure sound security integration within the Risk Management Framework (RMF) and other agency security requirements.
04/2010 – 06/2013
Science Applications International Corporation (SAIC) – Falls Church, Virginia
Position Held: SYSTEMS ENGINEER III SME
Served as subject matter technical expert in areas relevant to projects supporting Advanced Information Technology System (AITS) for the National Guard Bureau (NGB), Army National Guard (ARNG), and Army Reserve (USARC). Worked with a team of engineers supporting and sustaining Reserve Component Automation Systems (RCAS) systems and applications utilizing VMware’s virtualized infrastructure. Traveled to 22 of the 54 National Guard sites supporting multiple initiatives such as (1) to implement new and emerging technologies such as VMware’s vSphere 4 and virtualized their physical web application and Oracle database servers (P2V) and installed and configured Veeam’s Backup solution. (2) Upgraded said technologies, one year later upgraded their ESX4 and ESXi4.1 racked and blade servers to ESXi5. (3) Provided instructor-led training to National Guard personnel as the RCAS and VMware instructor covering administration of RCAS servers and how to effectively utilize and maintain their virtualized infrastructures with vSphere 4 and 5 products. And (4) provided on-site support that included VMware reconfigurations, resolved local network issues, installation of application and database patches and updates, and rebuilt web application and Oracle database servers when necessary. Installed and configured VMware View VDI, Cisco routers and switches in MDLC mobile racks for NGB distant learning centers. Provided guidance to technical staff and peers on functional procedures, processes and policies. Assisted with testing new technologies for Guard wide implementation. Built Development and Test VMware infrastructure environments (two Labs) for testing web applications and Oracle database installations before implementation onto production servers. Evaluated, tested, and deployed all software and hardware upgrades to test and production environments. Collected and reviewed system data for capacity planning purposes. Served as SME in areas of network communications, system integration, installation, debugging, maintaining, upgrading, and Tier3 support. Scanned and remediated all physical and virtual servers with Army Gold Disk, Retina and Security Readiness Reviews (SRR) to comply with Army IAVA and STIG security requirements. Monitored all SAN, NAS, application and database servers to ensure high availability in adherence to SLA’s. Performed regular and on-demand system backups and recoveries. Interfaced with vendors for procurement and maintenance of equipment within the test and production environments.
11/2009 – 02/2010
Advanced Management Technology, Inc. (AMTI)
Company Headquarters: Arlington, Virginia
Worksite Location: Federal Aviation Administration (FAA), Washington, DC
Position Held: SYSTEMS ENGINEER III
Worked with a team of engineers integrating new hardware and software, and managing database servers, VMware vSphere 4 and 3.5 virtual servers, and web servers at sites in DC and Atlanta. Supported Windows 2003 and 2008 Servers and Active Directory. Managed SAN/NAS enclosures utilized for file storage and backups. Maintained servers and IIS in development, test and production environments. Automated systems monitoring tasks using standard monitoring tools. Managed data backup and restore requirements for all physical and virtual servers. Authored internal documents such as hardware diagrams utilizing Visio and created As-Built design documentation.
11/2008 –
11/2009
Advanced Management Technology, Inc. (AMTI)
Company Headquarters: Arlington, Virginia
Worksite Location: National Science Foundation (NSF), Arlington, VA
Position Held: SENIOR SYSTEMS ANALYST
Provided IT support to NSF’s Computer Information Science and Engineering (CISE) directorate and its divisions. Researched integration technologies for their existing infrastructure. Made recommendations and provided specifications for procurement of new hardware and software. Provided technical expertise for network connectivity issues. Supported video conferencing equipment training, maintenance, troubleshooting, and firmware upgrades. Installed, configured, and troubleshot Windows, Linux, and Mac OS X systems and software products. Resolved security vulnerabilities on Tandberg and Polycom video conferencing equipment and networked printers, and computers. Responded timely to customer service requests and resolved issues in a timely and professional manner to maintain AMTI’s exceptional customer satisfaction rating. Composed detailed performance status reports for delivery to Program Manager and government COTR.
08/2007 – 10/2008
TCAssociates – Springfield, Virginia
Position Held: SENIOR NETWORK ENGINEER
Researched, planned and deployed new technologies. Supported IT infrastructures in three locations that included Dell PowerEdge servers, Cisco routers, switches, and VoIP. on a fiber backbone. Completed the buildout of two remote sites, San Antonio TX and Portsmouth VA. Installed fiber and copper cabling for the two remote sites and the corporate office’s expanding infrastructure. Supported 802.11 WLAN infrastructures. Maintained LAN and WAN networks that included DSL, T1 and DS3 circuits. Built and maintained 20+ web and application servers including two Deltek Time and Expense servers. Created and maintained numerous AD DCs and Domains. Managed Active Directory, Exchange 2007,2003, and ArGoSoft .NET email servers. Migrated many of these physical servers using Microsoft’s Virtual Server 2005 utilizing Acronis Backups. Installed and supported all applications and servers on the network including SQL 2005 and 2000, ColdFusion 7 and 8, Exchange 2007 and 2003, ArGoSoft, SharePoint 2007, Track-It! 8.1, Acronis Enterprise, Pointsec encryption, and Deltek Time and Expense accounting software. Provided oversight and support to web and ColdFusion developers and other system administrators to ensure project timelines were met. Imaged PCs and servers utilizing Norton Ghost and Acronis. Provided 24/7/365 ITSS to maintain IT infrastructure across these three locations, LAN, WAN, routers, switches, VoIP phones, workstations, and printers. Monitored, tracked, and resolved connectivity and user issues. Utilized Track-It! issue reporting software. Provisioned various Verizon products including Blackberry and broadband wireless access cards.
06/2005 –
08/2007
InDyne, Inc.
Company Headquarters: Reston, Virginia
Worksite Location: Vandenberg Air Force Base, California
Position Held: SYSTEMS ANALYST
Supported Range Safety Display and Western Range processing centers as part of the Vandenberg AFB’s Western Range Operations Communications and Information (WROCI) contract, supported the implementation of the Range Standardization Automation Phase IIA (RSAIIA) systems designed to replace Vandenberg’s flight control and safety legacy systems. Installed, configured and maintained the department’s Linux Red Hat 7.2 and 4 Enterprise workstations, Windows 2000 and 2003 IBM Servers and printers. Worked with Cisco 4506 Switched networks. Monitored network devices utilizing Tivoli NetView for Windows and AIX. Installed critical patches and updates to Launch Systems in compliance with local security policies. Supported all systems involved with RSAIIA Systems integration.
01/2002 –
06/2005
Evolvent Technologies, Inc.
Company Headquarters: Falls Church, Virginia
Worksite Location: Vandenberg Air Force Base, California
Position Held: SYSTEMS SPECIALIST Military Health Systems (MHS)
Served as MHS Systems Integrator, Project Coordinator, Network Administrator, and Security Manager for Vandenberg’s 30th Medical Group’s Clinical Facility. Planned, administered, and monitored various medical databases, such as CHCS (Composite Health Care System), CHCS 2, BOBJ and a list of others. Supported and installed modules and instances for MUMPS and Oracle 9i databases. Implemented network security, information security, and information assurance policies fulfilling the roles of ISSO and IAAP. Supported Multinet switches, TCP/IP configurations, Compaq Alpha servers, and StorageWorks drive enclosures. Coordinated with DISA and SAIC on numerous military health systems projects in support of the clinic’s medical services. Resolved network connectivity issues. Supported an Active Directory network consisting of 300+ users over three locations. Created new user accounts, assigned user privileges, secondary menus, and security keys in a VMS environment. Performed daily journal backups, and weekly system and log (full and incremental) backups. Tracked work orders and trouble calls ensuring prompt response. Worked directly with U.S. Military (customer) representatives and multiple outside agencies providing technical assistance and liaison with affiliate contractors and management personnel at other worldwide military installation sites.
08/2001 –
05/2002
Technomics, Inc. - Santa Barbara, California
Position Held: SOFTWARE ANALYST (part-time, telecommuting)
Assisted software development by testing new and revised software developed for the Navy with VB6 and Excel on multiple platforms. Identified program and GUI problems. Recommended solutions and system requirements for newly developed software. Collaborated findings with senior programmer. Prepared reports and documentation.
Community Service:
02/1997 –
06/1999
University of California, Davis Cooperative Extension – Santa Barbara, CA
VOLUNTEER
Maintained computer systems for Cooperative Extension, consisting of multiple brand computers, printers, and print servers. Installed system software and application software. Provided all services for maintaining computers and finding solutions for all computing and networking requirements.
Contact this candidate