Air Force Security
Resume:
George Mathai, MSM adkcp3@r.postjobfree.com
210-***-**** (Cell)
PROFESSIONAL SUMMARY
Senior Cybersecurity Analyst with the Air Education and Training Center (AETC) responsible for assessing the cybersecurity posture for the Air Force Learning System Ecosystem (AFLSE) government cloud environment.
CAREER OVERVIEW
Senior Cyber Security Analyst (April 2019 – Present) Air Education and Training Center (AETC), Randolph Air Force Base Datum Software
Perform duties as the Information System Security Officer (ISSO) for Total Force Training Record
(TFTR), a cloud-based Software as a Service (SaaS) IT solution for the US Air Force. Experience in PaaS Microsoft Azure Cloud environment as the IL4 secure cloud development and deployment environment.
Provide Risk Management Framework (RMF) support to update and sustain the existing Air Force Learning System EcoSystem (AFLSE).
Utilize the Air Force instance of Enterprise Mission Assurance Support Service (eMASS). Responsible for determining Security Categorization, identifying Common Controls and provide an analysis of Security Control selections.
Lead remediation and mitigation activities to strengthen the Ecosystem’s security posture and degree of control compliance.
Conduct independent security control assessments IAW NIST SP 800-53, 800-53A, CNSSI 1253, NIST SP 800-37 and the DoD Cloud Computing Security Regulations Guide (SRG). Works directly with the Goverment Cyber Office (A3)to provide Security Assessment & Authorization
(A&A) documentation including security checklists, system security plans (SSP), and Cybersecurity Impact Analysis (CIA).
Manages Assess and Authorize (A&A) packages, completes assessments, and facilitates eMASS migration to Cloud Solution Provider (CSP) Microsoft Azure through efficient use of IaaS, PaaS, and SaaS service models.
Works along-side the Army Research Lab (ARL) as the Cloud Security Service Provider (CSSP). Cybersecurity Analyst (Sept 2017 – April 2019)
MEDCOM Headquarters CIO/G-6, Fort Sam Houston
TUVA, LLC
Served as a MEDCOM Cybersecurity analyst within the Program Management Office (PMO) responsible for reviewing partner connection architecture, DMZ, STIGs, Validation Reports, Vulnerability scans, Plan of Action and Milestones (POA&M) documentation and security for medical devices. Prepared information system registration with a thorough understanding of the Defense Health Agency
(DHA) Information Assurance (IA) process of Risk Management Framework (RMF) by the collection/development of key system compliance artifacts (boundary diagrams, inventories, compliance scans, etc.).
Utilized the Defense Information Systems Agency’s (DISA) solution Enterprise Mission Assurance Support Service (eMASS) to provide cyber security management and reporting. Prepared and submitted Security Plans for approval through the review and creation of system packages for complete RMF approval to include testing, evaluation, assessments and authorization. Reviewed Assessment and Authorization (A&A) Plan, identify any issues with the Security Plan and Procedures; execute the Validation Plan and Procedures; review POA&Ms; develop Risk Assessments for medical devices in the DOD and Army environment.
Desktop Applications Project Manager / Systems Engineer (Jan 2015- Sept 2017) Brooke Army Medical Center (BAMC)
FreeAlliance, LLC/ ActioNet
Information Technology (IT) Specialist within the Systems Engineering/Integration team responsible in developing, testing, and implementing software and systems installations and modifications. Tested and prepared software packages for installation on networked and standalone end user devices. Verified that all software applications meet the Certificate of Networthiness (CoN) as dictated by NetCoM; provided direction to end-users for new CoN submittal. Participated in the planning and execution of unit and systems testing, installing applications and images remotely, providing technical support on execution problems, troubleshooting applications packages, and modifying applications as necessary.
Coordinated with BAMC IT customers to install and monitor specific software packages deployed to the end user systems.
Frequently reported to branch and section chiefs and Functional Area Information Management Specialists (FAIMS) on Desktop Management functions to enhance knowledge of Army and SAMMC policies, thus affording the ability to accomplish their duties more effectively. As an INFOSEC administrator, performed duties required to conduct IAVM network security scanning using the Assured Compliance Assessment Solution (ACAS) scan tool. Responsible for scanning of all End User Devices (EUD) on the NIPRNET to validate compliance in accordance with the IAVA program. Managed specialty filters, sensors and/or devices (both network and host based) designed to monitor and/or counter specific threats. Project Manager (Dec 2010- Jan 2015)
Brooke Army Medical Center (BAMC)
CGI Federal, Lockheed Martin, Modis
Technical Project Manager for various modalities within San Antonio Medical BRAC Integration Office
(SAMBIO), Joint Medical Facilities Office (JMFO), Clark/Hunt Construction and the United States Army Corp of Engineers (USACE).
Design Engineer responsible for integrating Audio/Video and Video-Teleconferencing (VTC) Technology within the newly constructed Consolidated Tower (CoTo) for an additional 80 new Conference Rooms with an influx of over 2000 new personnel (Military & Civilian). Managed installation for new Distributed Antennae System (DAS) within CoTo and Central Energy Plant. Utilized Project Management Principles from the Project Management Body of Knowledge (PMBOK) to meet schedule, budget, and scope constraints.
EDUCATION & CREDENTIALS
Active Security Clearance: SECRET
Master of Science in Management (MSM) June 2008
Colorado Technical University Online, Colorado Springs, Colorado Bachelor of Science in Electrical Engineering (BSEE) June 1997 Temple University, Philadelphia, PA
CompTIA Security+ Cert ID Number COMP001020487636
Cybersecurity Training Certification
2017 – Defense Information Security Agency (DISA)
Risk Management Framework (RMF) Training Certification
Contact this candidate