SUMMARY
Adaptive, reliable, goal-driven, cleared technical professional. Highly adept at understanding customer requirements and agency needs, identifying risks, developing stable and cost-effective solutions. With over 20 years of experience within the information technology & telecommunications sector. Has performed various types of migrations, deployments, assessed/strengthened an organization’s security posture, performed gap analyst of evolving DoD/NIST requirements such as CMMC, RMF/CSF, DITSCAP, DIACAP/NIACAP, NISPOM and other relevant NIST Special Publications. As the Customer advocate, has realized a cost-saving to the United States Government and private sector companies in millions.
A proven asset with 20+ years of work experience within DoD, DHS, DOJ, and other various U.S. Government Agencies supporting overseas program/project management in the information technology, cyber security/compliance, and telecommunications industries.
EXPERIENCE
CyberSecurity Compliance Analyst/Specialist, Thales & TCM Ltd. 2020 – Present
Arlington Corporate Headquarters; (Remote work due to COVID-19)
●Provides high-level presentations to CIO & CISO of Thales US North America supporting all domestic United States Defense and Canadian Defense networks.
●Meets client needs to comply with US government regulations mandating the protection of controlled unclassified information (CUI) with implementing DFARS 252-***-**** (Safeguarding Covered Defense Information and Cyber Incident Reporting) governed by NIST 800-171 Standard. The regulations have shifted to a new Model - Cybersecurity Maturity Model Certification (CMMC) in 2020.
●Provides pre-assessments of a Thales business entity's networks to determine its existing level of maturity, and develop strategies, roadmaps, and implementation of new architectural designs and security standards to meet its desired certification level.
●Work collaboratively with Thales business and IT to help them prepare for NIST 800-171 compliance and CMMC certification including scoping, risk assessment, maturity assessment of current controls, risk/gap remediation plan development, remediation plan, execution, System Security Plan Development, etc.
●Provides assessments of DFARS NIST 800-171 controls compliance status and identify the gaps, evaluate technical controls and advise appropriate solutions, and design & implement cloud-based security monitoring.
●Performs CMMC Level 3 gap analysis on AWS GovCloud instances & Microsoft GCC-High networks.
●Ensure adherence to DFARS 252-***-**** (Safeguarding Covered Defense Information and Cyber Incident Reporting) governed by NIST 800-171 Standard.
●Performs analysis of Customer enterprises’ security posture to align with both the CMMC (Cybersecurity Maturity Model Certification) at their required level formerly known as NIST SP 800-171 rev.1 / DFARS self-assessment.
●Provides road maps/POAMs (Plan of Action Milestones) & SOPs to achieve organizational and program compliance.
●Engineer and build-out AWS GovCloud instances & Microsoft GCC-High networks compliant networks.
●Deliver weekly project briefing to business leadership of regulatory compliance and recommendations demonstrating experience of implementing NIST 800-171 controls and knowledge of Cybersecurity Maturity Model Certification (CMMC) requirements Experience in implementing cloud-based monitoring and handling information security incidents Experience in Amazon Web Service Gov Cloud or Microsoft Azure Government Cloud Experience and knowledge with Governance, Risk Management and Compliance Strong communication and technical skills.
Information Technology Infrastructure Operations Manager, Pragmatics Inc. 2018 – Present
Corporate Headquarters; Off-sites include OPIC, State Department, USPTO, Iran Litigation, FDIC
●CMMI Level 3 Services certification awarded /achieved for IT Operations
●ISO 9001, ISO/IEC 20000-1, ISO/IEC 27001 performs all three ISOs within the audit cycle to minimize expenses;
●Performs analysis of Customer enterprises’ security posture to align with both the CMMC (Cybersecurity Maturity Model Certification) at their required level formerly known as NIST SP 800-171 rev.1 / DFARS self-assessment;
●Provides road maps/POAMs (Plan of Action Milestones) & SOPs to achieve organizational and program compliance;
●Ensure adherence to NIST SP 800-53 and ISO/IEC 27001 relevant security controls;
●Develop, analyze, maintain and conduct business analysis, business needs assessments and documentation for development, enhancements, and custom develop services to align organization/agency strategic vision;
●Transitioned both corporate and program legacy ticketing systems to ServiceNow platform;
●Create, manipulate, automate reporting from Tableau’s Nessus vulnerability scanner with ServiceNow templates utilizing workflows to ensure compliance and measuring the network’s security posture.
●Manage and perform credentials scans for internal network devices as well as outer network boundary security penetration testing via Nessus vulnerability scanner tool suite;
●Utilize automated Nessus reporting to identify High Value Assets (HVA) and multi-system tenancy.
●Oversee the support of multiple programs enterprises geographically dispersed.
●Support corporate and customer environments that reside within Azure and/or AWS;
●Utilize AWS’ complete arsenal of tools to architect mature solutions (CloudFormation) and execute rapid deployment of cloud environments;
●Perform customer enterprise migrations of their on-premise footprint into the AWS cloud via CART (Cloud Adoption Readiness Tool) transparent to their users and maintaining compliance (CloudTrail) throughout the project roll-out;
●Provide oversight of Cybersecurity Framework (CloudWatch), manage quality-control/availability of resources (Elastic Load-Balancers/Auto-Scaling), disaster recovery (CloudEndure), audit Change Management of AWS resources (AWS Config);
●Provide Weekly, Monthly, Quarterly Status Reporting of Visual Data Analytics (Power BI & Tableau);
●Lead execution operations and management of all Windows devices: servers (2008 R2, 2012 R2, 2016) and workstations (Windows 7 and 10);
●Active Directory Services administration and management including, cleanup and routine maintenance and configuration;
●Developed and lead oversight of update, documentation and management of GPOs across complex multiple domain, network environments;
●Manage, monitor and respond to alerting for systems and IT Operations services maintained;
●Patch management of physical and virtual environments to adhere to DoD STIG, CIS benchmarks and Information Assurance regulations.
●Provide organizational security posture analysis and score via Tenable Nessus, Microsoft Health Monitor, AWS Config;
●Support implementation and enforcement of RBAC (Role Based Access Control) environments safeguarding CUI (Controlled Unclassified Information) / CDI (Covered Defense Information);
●Performs analysis of SIEM (System Information Event Management/AWS GuardDuty) logs that surface from security incidents;
●Automation of system management and text/email alert monitoring via SolarWinds and CloudWatch;
●Audit Splunk (on-premise) and CloudWatch (AWS cloud) logs to home in on threat vectors both internal and external;
●Support Linux systems, Apple MacBook, iOS, including other AMIs (Amazon Machine Images);
●Management oversight of Tiger team resolution of operational issues;
●Lead documentation and adherence of operational execution in compliance with program and customer change and configuration management processes and standard operating procedures (SOPs);
●Review/audit technical support teams’ delivery of IT services to further mature their SOPs (Standard Operations Procedures) to align with the Cybersecurity Framework;
●Provide customer and program stakeholder updates on a weekly basis of operational concerns.
Mgmt. Network Systems Supervisor, Director of International Programs, Pragmatics Inc. 2016 – 2018
Defense Intelligence Solutions Division (DISD)
●Provides assessments for IT Service Management program pursuits;
●Analyzes stages from Request for Information (RFIs), Performance Work Statements (PWS), Statement of Objectives (SOO), Statement of Work (SOW), management and oversight and fiduciary responsibility for the full-service delivery lifecycle for both foreign and domestic programs supporting DoD;
●Supports Business Development and Proposal operation groups. Provides assessment of services and metrics for programs to discern that technical success criteria are met and where resources should be allocated.
Regional Bandwidth Project Manager, Senior Manager, CACI 2014 – 2015
DTS-PO (Diplomatic Telecommunications Service – Program Office; State Annex 43 (SA-43)
●Oversight and fiduciary responsibility for the full lifecycle of communications connecting foreign and domestic offices to enterprise services, systems, and resources.
●Provides consults and guidance for large application and system development efforts.
●Assesses services and architectural metrics - incorporating user reports, communication services’ costs, and knowledge of industry trends - to discern whether both business and technical success criteria are being met and determines whether resources should be allocated to pursue other opportunities;
●Assesses budgetary alignment as complex and interrelated activities progress, to include consideration of the micro and macro service portfolio impacts and success of the strategies being applied;
●Develops detailed investment business cases and strategies targeted to advance quality, functionality, and resource and cost efficiencies;
Technical Project Manager / Senior Business Analyst, CACI 2008 – 2014
DTS-PO (Diplomatic Telecommunications Service – Program Office; State Annex 43 (SA-43)
●Led strategic efforts to advance service capabilities and reduce costs
●Responsible for DTS-PO’s Service Level Agreement (SLA) which included negotiating terms and coordinating with stakeholders and customers and developed pricing methodologies and marketing strategies; and ensured accurate metrics.
●Redesigned a specialized, international network that reduced costs by 60% and improved performance
●Managed global telecommunications service accounts
●Provided service portfolio management across client field operations
●Utilized industry best practices of IT financial management to reconcile client invoices, conduct cost-benefit analyses and leverage economies of scale for over 200 client service offerings.
●Responsible for full life cycle project management and coordination of Telecommunication services from logistics to configuration changes in support of 300+ Diplomatic Consulates, Embassies, Regional Relay Facilities, Diplomatic missions Worldwide to include the Olympics (both Summer & Winter), the World Cup, and emergency communications in support of U.S. government telecommunications overseas.
●Managed and tracked telecommunications projects for change management process in accordance to the Interconnection Security Agreement.
●Telecommunications experience and formal training of the MPLS (Multiprotocol Label Switching) networks, in-depth understanding of Carrier VPN (CVPN) technologies, and SATCOM terminals (SC-3/7 retrofit, SC-9, SC-11, 3.7X meter X-Band, CT and DTS).
Senior Data Security Admin / Network Systems Security Engineer, Lockheed Martin 2005 – 2007
Federal Bureau of Investigation; John Edgar Hoover (JEH)
●Responsible for data center system development, migration and deployment initiatives
●Responsible for the budgetary, schedule, and technical performance of multiple, concurrent IT contracts, task orders, and programs with an aggregate annual revenue of more than $47 million;
●Assisted with negotiation and later responsible for the continued execution of a reciprocal services agreement with a competing company. The agreement enabled our mutual Department of Homeland Security customers to simplify two burdensome contract processes. Through formal cooperation, customers gained confidence their needs would be met. The result, our customers began placing more orders, and revenues for both companies increased substantially.
●Responsible for the Project Management and implementation of design, development, evaluation, and integration of security systems across LAN/WAN networks to ensure the highest levels of data integrity from internal and external threats.
●Conducted risks assessment evaluation of the client's network to provide and implement new technologies adhering to Federal Government standards.
AOC Network Engineer / Exchange Administrator, Titan (L3) 2003 – 2005
PENTAGON, ARMY G3/G4
●Administration and support for over 340,000+ user accounts and mailboxes for United States Army, PENTAGON and off site
●Penetration testing of applications and data servers within the production networks for both Classified and Unclassified traffic.
●Performs security analyst duties against log captures;
●Optimized more than forty-five (45+) servers as well as off-site server connectivity.
●IT liaison/correspondent to the Information Management Officers (IMO), Requirements and Analysis (RA), Divisions Directors, and military telecommunications officers in command.
●Supported the AMHS (Army Message Handling System) on both administrative and user levels.
●Managed both Classified and Unclassified Print queues via HP Webjet admin in parallel with security applications to ensure data integrity and availability.
●Provided 24/7 monitoring, optimization, and troubleshooting of outages over a dozen Classified and Unclassified domains.
●Delivered backup recoveries using a multitude of software suites to include Veritas Super DLT/DLT for Windows OS, to which, specific certification criteria were a mandatory requirement to administer.
●Built and recovered Windows 2003 servers in support of the aftermath of 9/11.
SOC Security LAN Analyst / Network Administrator, Compex Corporation 2001 – 2003
PENTAGON, ARMY G3/G4
●Directed the system development, and end-user training teams during and after 9/11 attacks on the Pentagon;
●Managed 50+ Compaq ProLiant NT servers supporting the Army’s Office of the Deputy Chief of Staff for Operations and Planning (formerly ODCSOPS now ARMY G3) at the Pentagon.
●Monitored the Optimization and resolved issues/impacts to network traffic, network connections for the LAN/WAN infrastructure.
●Responsible for configuration and installation of fiber cards for Windows NT Servers.
●Managed, installed, and designed scheduled BACK-UP EXEC software due to 9/11 attacks.
●Scan network using RealSecure® software as well as Stat software to monitor network for intrusion.
●Work within Security Office to ensure all hardware and data was properly accredited by classification and NIST standards.
●Coordinated with 12 other engineers in a 24/7 LAN operations environment to ensure continuous availability of network resources to over 800+ military and government personnel at the Pentagon and three other off-site locations.
●Reporting liaison to the Information Management Security Office (IMSO)
●Authored the Information Assurance documentation per Operation NISA Security guidelines
●Primary POC for reporting AIS exposure to materials above their approved security classification to the IASO (Information Assurance Security Officer)
●Responsible for management and containment of classified exposures as well as sanitization procedures.
NOC Network Engineer / SOC Systems Analyst, Reliable Integration 2000 – 2001
DISA / DISN Teleport; ARMY / AIR FORCE
●Led multiple strategic efforts at to advance service capabilities and reduce costs by redesigning a specialized, international networking which reduced costs by 60%.;
●Configured and maintained Services via Cisco 3600 and 2500 series routers
●Monitored an ISDN based Video Network using HP OpenView®, Microsoft DNS, and Telnet.
●Configure and maintain a nationwide Microsoft Windows NT 4.0 Server® domain using Microsoft WINS/DNS and the Remedy® Action Request System (ARS), while implementing various Microsoft Windows NT 4.0® mandatory profiles.
●Implementation of routers, switches, and encryption devices.
Senior Helpdesk Manager / Senior Systems Administrator, Compex Corporation 1999 – 2000
PENTAGON, ARMY G3/G4
●Designed, implemented, operated, and maintained three networks at multiple locations in support of the Department of Army (ODCSOPS) within the Pentagon;
●Responsible for coordinating with government customers to define Information Technology requirements;
●Member of the Pentagon Windows 2000 Deployment Team (both Server & Workstation);
●Assistant Microsoft Exchange Administrator (Microsoft Exchange Server 5.5);
●Supervise and train help-desk personnel for the Department of the Army, Pentagon
●Account administrator for NT and mail accounts supporting over 700 users as well as connection to network resources for both hardware and software of IDE, SCSI systems. Install Sound, Video, Network, Fortezza, PCMCIA, WinTV cards within a secure/classified network environment adhering to Government and Department of Defense Information Assurance standards.
●Managed and led teams during planning, engineering, and installation of network equipment at government sites including facilitating the DODIIS Trusted Workstation (DTW) System within the Pentagon.
Network Supervisor / Senior Systems Administrator, Compex Corporation 1999 – 2000
PENTAGON, ARMY G3/G4
●Responsible for network security infrastructure and processes aligning for continued vulnerability assessments,
●Coordinate and execute mail migration for over 400 users from Microsoft Mail to the Exchange Server.
●Responsible for field deployment and O&M for satellite infrastructure, systems and services as well as troubleshooting of LAN VoIP systems. Train technicians and senior level users for PCs across all network classifications, Windows NT/95/98, and Microsoft products.
●Provided forensic analysis and support to the Department of Army (ODCSOPS) within the Pentagon;
●Responsible for NT account administration across multiple military and government networks.
Executive Legal Assistant, Frank J. Rooney & Associates 1997 – 1999
EDUCATION
Diploma – Information Technology Program 1995
Marquette Senior High
CREDENTIALS
●CEH (v11) Certified Ethical Hacker Expires: January 2024
●PMP Project Management Professional Expires: January 2024
●CISA Certified Information Systems Auditor Expires: January 2025
●CASP+ ce CompTIA Advanced Security Practitioner+ ce® Expires: December 2023
●CompTIA Security+ CE® Certified Expired
●Verify at http://CompTIA.org Code: VPKG2QQMKGV45GKE
●DTS-PO (Diplomatic Telecommunications Service Program Office) Certifications
● FASTNet (Foreign Affairs Sensitive-But-Unclassified Telecommunications Network)
Post (U.S. Embassies) O&M (Operations & Maintenance) 2014 - Current
Core (Regional Relay Facilities) O & M (Operations & Maintenance) 2014 - Current
●DTS-PO Administrator of Data Networks Certified 2014 - Current
●DISA Provisioning and Order Entry Training Certified 2010 - Current
●Veritas® Input / Output Device Management Certified 2006 – Current
AWARDS & HONORS
●DTS-PO DIRECTOR: Certificate of Appreciation 2014 (Successful Completion of ONYX FIRST ARTICLE DEPLOYMENTS)
●DTS-PO DIRECTOR: Certificate of Appreciation 2012 (Recognition of Selfless and Tireless Support of FRONT OFFICE)
●DTS-PO DIRECTOR: Award of Excellence 2011 (Successful Completion of Deployment and Implementation of FASTNet)
●FBI Information Assurance Technology Infusion (IATI): Award of Excellence 2005-2006 (Successful Completion of Cyber Initiative)
●FBI Information Assurance Technology Infusion (IATI): Certificate of Appreciation 2006 (Successful Completion of Cyber Project Deployment)
●PENTAGON, DEPARTMENT OF ARMY – DIRECTOR OF ANALYSIS CIO AND DEPUTY CIO OF STAFF, G3: Letter of Appreciation in support of 9/11 attack on PENTAGON 2001-2002
●PENTAGON, DEPARTMENT OF ARMY – LIEUTENANT GENERAL, U.S. ARMY DEPUTY CHIEF OF STAFF, G3: Certificate of Distinguished Service/Outstanding Recognition in response to 9/11 attack on PENTAGON 2001
●PENTAGON, DEPARTMENT OF ARMY – DIRECTOR OF ODCSOPS INFORMATION MANAGEMENT: Letter of Appreciation for Technical Excellence 2000
●CONGRESS OF THE UNITED STATES – NATIONAL ADJUTANT: Certificate of Nomination Certifying Accepted Membership to the American Legion for Honorable Service to United Armed Forces
AFFILIATIONS
●National Cybersecurity Center of Excellence (NCCoE) – Speaker Series
●National Institute of Standards and Technology (NIST)
●Cybersecurity for Smart City Infrastructure
●Designed-in Cybersecurity for Smart Cities (Finalized Whitepaper expected publication July 2015)
●Global City Teams Challenge (GCTC) – United States Ignite
●Cybersecurity Maturity Model Certification (CMMC)
●DoD CMMC accreditation body analyst & CMMC auditor trainee
<script type="text/javascript" src="https://platform.linkedin.com/badges/js/profile.js" async defer></script>
<div class="LI-profile-badge" data-version="v1" data-size="large" data-locale="en_US" data-type="horizontal" data-theme="light" data-vanity="michael-deguzman-pmp-ceh-cisa-casp-3b659883"><a class="LI-simple-link" href='https://www.linkedin.com/in/michael-deguzman-pmp-ceh-cisa-casp-3b659883?trk=profile-badge'>Michael DeGuzman PMP, CEH, CISA, CASP</a></div>