SUMMARY

PROFILE

Innovative, results-driven Cyber Security Specialist with more than 20 years of progressive, hands-on experience directing Cyber Security, Penetration Testing, information technology and business management plans which not limited to managing complex IT projects, leading technical and professional teams, providing critical business strategy to support and bridge IT, Engineering, cyber security to achieve security goals and compliance. Proven ability to direct complex high-profile projects requiring coordination of multiple resources. Excellent motivator with the aptitude for assessing corporate needs, delivering outputs that meet goals and remain in budgetary guidelines.

QUALIFICATIONS

Directed and managed services provided for clients involving multiple programs such as IT Security, IT Policy, Network Control, Enterprise Migration, Customer Relations Management, etc.

Demonstrated ability to lead and manage others coupled with solid experience and training in Administration Management, Project Management, forecasting, budget setting, and risk mitigation.

Directed and managed technical assistance program involving multiple projects and legislative initiatives. Improved department professionalism, enhanced consistency, reduced local risk, increased availability and revenue while reducing local costs.

Managed multiple technical assistance projects designed to reduce liability, promote professionalism, and enhance staff awareness; policy and procedure reviews; facility design; organization, training, assessments, and evaluations; staffing analysis; and department meetings.

Demonstrated capacity to implement innovative security programs that drive awareness, decrease exposure, and strengthen organizations.

Hands-on experience leading all stages of system development efforts, including requirements definition, design, architecture, testing, and support.

Outstanding leadership abilities; able to coordinate and direct all phases of project-based efforts while managing, motivating, and leading project teams.

Adept at developing effective security policies and procedures, project documentation and milestones, and technical/business specifications.

Strong analytical skills that include insight on successfully applying technological solutions and best practices to resolve business issues, while improving overall efficiency.

STRENGTHS/ABILITIES

Network configuration/Network Protocols Computer Forensics

Industrial Control System Management Business Process Re-engineering

Network / Security Infrastructure Advanced Security Strategies

System Development Lifecycle Vendor Management

Customer Relationship Management Enterprise Migration

IT Policy / Procedure Development Staff Leadership / Employee Hiring

Penetration Testing Vulnerability Assessment / Management

Business Process Engineering Risk Identification & Mitigation

ICS (Industrial Control System) Security Compliance and Policy Validation

WORK EXPERIENCE

Cyber Security Architect (Term) SBA Washington DC 07/2020 – Present

Provide support by leveraging industry and NIST best practices, standards, and assessment methodology, to assist in development and maturation of an SBA Cybersecurity Architecture. provide recommendations on methods, standards, and approaches for describing, analyzing, and documenting an organization's enterprise information technology (IT) architecture (e.g., Open Group Architecture Framework [TOGAF],Agile, Federal Enterprise Architecture Framework [FEAF]), ITIL, NIST Cyber Security Framework (CSF) and NIST 800-53 publications to ensure compliance. Integrating developments and changes in business and threat environments to ensure that they are adequately addressed in security strategy plans and architecture artifacts. Participate in application and infrastructure projects to provide security planning advice and Draft security procedures and standards to be reviewed and approved by executive management and the CISO.

Key Contributions:

Determine baseline security configuration standards for operating systems, network segmentations, applications, Identity and Access Management using Zero Trust principle.

Develop and maintain standards and practices for data encryption and tokenization based on SBAs data classification criteria.

Ensure a complete, accurate, and valid inventory of all systems, infrastructure, and applications that should be logged by the Security Information and Event Management (SIEM) using Microsoft Centennial and Security Center

Establish a taxonomy of Indicators of Compromise (IOCs) and share this detail with other cyber security team members, including the Security Operations Center (SOC), Cyber Security Manager, Cyber Security Analyst, Enterprise Operations Center (EOC), and other stakeholders.

Coordinate with the Chief Compliance Officer and Quality Management office to document data flows of sensitive information in the organization, recommend, and validate controls to ensure that this data is adequately secured.

Validate IT and Supplier infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risk, where applicable within Azure, AWS, Rackspace and On Prem environments.

Asses the partners' cyber security frameworks and independent certifications/attestations for security risk and required user controls and report any findings to the appropriate stakeholders and the CISO.

Liaise with internal Audit team to review and evaluate the design and operational effectiveness of cyber security related controls. To Support the testing and validation of internal cyber security controls as directed by the CISO.

Review and stay current on security technologies, tools, services, and processes and make recommendations to the broader security, IT teams, compliance teams for their use, based on security, financial, and operational metrics.

Liaise with the Emergency Preparedness Committee and business services lines to validate security practices for business continuity and disaster recovery teams.

Conduct integrated information technology audits, including but not limited to pre/post-implementation phases, privacy, data governance, and cybersecurity reviews using accepted audit and risk assessment frameworks adopted to the LHC environment. + Communicate complex technical issues in a simplified manner to relevant staff and management.

Sr. Lead Cyber Security Architect CenterPoint Inc Rockville MD

09/2017 – 08/31/20

Providing support for cross-agency security initiatives such as compliance, Information Security Continuous Monitoring Mitigation (ISCM), Identity, Credential, and Access Management (ICAM), Anti-Phishing & malware defense (APMD), and Continuous Diagnostics and Mitigation (CDM. Conducting risk assessments and provide recommendations for application design. Deeply involved in a wide range of security issues including architectures, firewalls, electronic data traffic, network access for external customer enterprise-wide cyber systems and networks. Providing analysis, evaluation, and recommendations designed to promote economy, efficiency, and effectiveness in the customer's security program. Integrating new architectural features into existing infrastructures, designs cyber security architectural artifacts, provides architectural analysis and relates existing system to future needs and trends, embeds advanced forensic tools and techniques for attack reconstruction, provides engineering recommendations, and resolves integration/testing issues and interface with external entities including law enforcement, and intelligence/government agencies.

Key Contributions:

Enhancing security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.

Determining security requirements by evaluating business strategies and requirements, researching information security standards, conducting system security and vulnerability analyses and risk assessments, and identifying integration issues and preparing cost estimates.

Implementing intrusion detection methodologies and equipment, directing equipment and software installation and calibration, preparing preventive and reactive measures.

Working with 3rd party vendor units and with other risk functions to identify security requirements, which includes not limited to risk and business impact assessments. Business system analysis. Communication, facilitation, and consensus building.

Working with information security leadership to develop strategies and plans to enforce security requirements to address identified risks and mitigation.

Providing oversight and management of audit finding remediation, including generating requirements for full remediation, providing feedback and suggestions on managerial responses to findings, and tracking progress and providing status and updates to the audit team for reporting purposes.

Providing architectural leadership and design capabilities to ensure Enterprise Architecture is properly implemented and maintained.

Configure AWS Config Rules to evaluate AWS resources for compliance. Configuration of Splunk notifications by creation of topic and subscription models.

Leads Incident Response Team as necessary to address potential breaches of information security

Leads the design and development of security monitoring of cloud architectures for AWS, Azure cloud, and cloud/hybrid systems. Which directly contribute to the overall enterprise cloud security architecture at SAMHSA and lead the security vision and strategy around cloud-based applications.

Serve as the central point of contact for the Enterprise Security Operations Center (ESOC) for other Technology teams within the organization.

Testing and Implementing AWS security tools such as guard duty, AWS Inspector, AWS WAF and Architecture of universally available, modular Amazon VPC architecture on the AWS Cloud using Federal and commercial standards and best practices.

Enabled and configured Cloud Trail for API logging, and preventative measures for unauthorized changes to Cloud Watch Logs, S3 Buckets Logs, Security Groups, and Network Access Control Groups to support CDM / ISCM mandate using Splunk /Qmulos

Information Systems Security Specialist (ISSO) Department of Education 12/2016 –08/2017

Provided support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies. Maintained operational security posture for information systems to ensure information systems security policies, standards, and procedures are established and followed.

Assisted with the management of security aspects of the information system and performs day-to-day security operations of the system. Evaluated security solutions to ensure they meet security requirements for processing classified information. Performs vulnerability/risk assessment analysis to support Assessment & Authorization (A&A) (Formally Certification and Accreditation (C&A)). Provided configuration management (CM) for information system security software, hardware, and firmware.

Manages changes to system and assesses the security impact of those changes. Prepared and reviewed documentation to include System Security Plans (SSPs), Risk Assessment Reports, A&A packages, and Security Controls Traceability Matrix (SCTM). Supports security authorization activities in compliance with Risk Management Framework (RMF).

Key Contributions:

Developed security standards and best practices for the organization and recommend security enhancements to management as needed. Responsible for educating the workforce on information security through training and building awareness.

Conducted periodic scans of networks to find any vulnerability and penetration testing, in which they simulate an attack on the system to highlight or find any weaknesses that might be exploited by a malicious party.

Served as a recognized technical expert in InfoSec principles and practices and is responsible for overseeing the technical implementation of vulnerability remediation efforts for zero-day threats.

Oversee the technical implementation of vulnerability management and provides technical recommendations in support of subsystems and external connections.

responsible for overseeing test effectiveness, and track exceptions to established cloud governance processes such as cloud inventory, network proxy access to cloud applications, cloud vendor engagement, and network proxy request

Recommended and documents protection level and security requirements of new information systems under development, being procured, or under delivery/adoption.

Provided expert technical advice, guidance, and recommendations to management and other technical specialists on critical IT issues; and applying new developments to previously unsolvable problems

Developed and making decisions or recommendations that significantly influence important agency IT policies or programs.

Testing and evaluating POC(Proof of concept) for CASB solutions such as Cisco Cloudlock, Microsoft Cloud App Security, and Cloud Access Security Broker (CASB) for AWS

Acts as the senior technical representative for Enterprise Security while engaging with other senior technical leaders throughout organization in design and implementation of cloud and

cloud/hybrid-based implementations and solutions.

Lead the ADHOC vulnerability scans efforts to support planned and upcoming security events (ATOs, site security visits, CCRIs, etc.).

Conducted vulnerability scans, reports, asset creation/modification, and policy creation/modification using tenable Security Center.

Program Manager /SME Consulting Practice CenturyLink 11/2014- 12/2016

Security Controls and Architecture: Reviewed security architecture specifications and modeled real-world threats against the architecture. Recommend improvements and additional security controls to protect critical data, applications, and systems.

Security Assessments and Consulting: Conducting network & application penetration testing, web application security reviews, mobile application reviews, and source code security analysis across all verticals. Consistently excellent performance led to a high rate of repeat business and being requested by name.

Served as the Subject Matter to both internal and external entities to the clients on issues related to IT security, Policy, compliance including but not limited to high level policy issues.

Served as the SME administering the systems and tools that support IT Security Operations Program such as the VPN Security, Anti-virus and Application White listing, Encryption Technologies

Managed and conducted vulnerability scanning, Anti-phishing campaigns, Penetration testing, continuous diagnostics, Security Event, and Incident Management (SEIM) system and internal firewalls.

Leads the coordination and implementation of security measures to protect information and information processing assets. This will include leading policy and procedures within each departments and external vendors to support mission critical functions.

analyzing existing cloud structures and creating new and enhanced security methods. They often serve as part of a larger team dedicated to cloud-based management and security.

Managed vulnerabilities, incidents, threats, and counters measures within the information processing infrastructure.

Conducted analysis across Security Center to determine the current open vulnerabilities,

credentials failures, total hosts scanned, and total scans run during a defined frequency.

Performed the PCI DSS required daily review of log data for each system type and instance using the on-premise systems to support, generate and store the evidence required for QSA review.

Performed monitoring of all patch/firmware/software updates applicable to the devices in use within the clients operating environment. For each new release: review the items covered and provide a document stating if each is applicable to their PCI/DSS environment and if deployment is required, prepare detailed reports outlining the potential risks that have been identified and make recommendations as to how to mitigate those risks

Conduct analyses of existing Tenable security solution implementations to incorporate requested

enhancements. Review/analyze requested changes to scans, assets, and credentials, which may impact existing configurations.

Business Security Consultant / Penetration Tester

Independent Contractor Winquest Engineering 01/2012-04/2014

Security Vision & Strategy: Consulting on baseline assessments, strategic vision, and gap analyses for complex enterprise information security programs. Produce executive roadmaps for continual improvement in teams, technology, and processes. Implementation of these security strategies resulted in increased ability to withstand cyber-attacks, as measured by annual sophisticated attack simulations.

Business Development & Solution Engineering: Designing solutions to meet client needs for adversary simulation and strategic advisory services, with a reputation for closing deals through demonstration of technical excellence and understanding of the client’s security program.

Sophisticated Attack Simulations: Executed advanced scenario-based red team assessments designed to evaluate the organization’s ability to prevent, detect, and respond to sophisticated adversaries. Consistently identify critical technical and procedural issues with the potential to expose possibly catastrophic impact to the client business.

Security Controls and Architecture: Reviewed security architecture specifications and modeled real-world threats against the architecture. Recommend improvements and additional security controls to protect critical data, applications, and systems.

IT Security Specialist (Information Security)

Bureau of Engraving and Printing Department of Treasury 08/2011 – 11/2014

Developed and Maintained BEP’s cyber security policies, procedures, and standards Ensuring that BEP’s automated information systems meet or exceed Federal, Department of Treasury, and BEP requirements for information security and privacy. Completed system analysis, documentation, and testing necessary to support the CIO’s ATO decision for BEP information systems (ensuring implementation of Federal, Treasury, and BEP cyber security requirements in information systems developed and operated by or on behalf of BEP)

Key Contributions:

Information Security Architecture Support: assisted in the development of security architecture and security policies, principles, and standards. Participated in the enterprise architecture (EA) community and provides strategic guidance during the EA process. Researches, evaluates, designs, tests, recommends, and plans the implementation of new or updated information security technologies. Researched and assesses new threats and security alerts and recommends remedial actions. Provided guidance for security activities in the system development life cycle (SDLC) and application development efforts. Participated in organizational projects, as required.

Computer Network Defense Support: I was responsible for selecting, implementing, and monitoring results of enterprise network and application security monitoring tools (e.g., anti-virus tools, host and network intrusion prevention and detection tools), investigating anomalies reported by these tools, and identifying potential security incidents and tuning the tools. Assisted IT compliance in managing technical aspects of the Security Event Information Management (SEIM) tool, including network hierarchy, tuning, and remediation of offenses.

Computer Security Incident Response Capability (CSIRC) Support: Maintained the BEP CSIRC procedures; supports the OCIITS Director in executing incident investigation and response activities; and manages the interfaces with the other cyber security entities, including the Treasury

CSIRC and Global Security Operations Center (GSOC), and the US Computer Emergency Readiness Team (US-CERT) to satisfy national and Department of Treasury reporting requirements. Worked with IT Operations to identify, test, and implement technical solutions to prevent recurring or similar future incidents.

Reporting and Computer Network Defense Data Call Support: Conducted data gathering and reporting for event monitoring, vulnerability and patch management, configuration compliance, and continuous monitoring of the enterprise security control systems. These activities supported the Bureau’s risk management processes and provide situational awareness and control of security processes used to protect the BEP’s systems and intellectual property. For example, vulnerability management reports support internal BEP reporting requirements, Department of Treasury’s reporting requirements (e.g., Government Security Operations Center (GSOC) and the Cyber Analysis and Reporting (CARD) Dashboard), and external reporting such as Department of Homeland Security’s CyberScope data calls. The reporting requirements were in a constant state of flux as requirements and the reporting process evolve. Also supported data gathering and reporting associated with system reviews and audits including the annual Federal Information Security Management Act (FISMA) audits and Sarbanes-Oxley (SOX) audits.

Security Event Information Management (SEIM) Support: Implemented, configured, and managed the SEIM tool for BEP, and works with other groups to identify and investigate anomalies for offense investigation and resolution.

System Penetration Testing: Conducted ad-hoc penetration testing for finding security vulnerabilities/flaws in target systems, networks, and applications to improve the security posture of BEP. Documented the results of the testing in a formal report after each assessment. Presented test findings to stakeholders.

Software Support: Demonstrated success in the design, deployment of large-scale hardware and software applications in either the public or private sector. Experienced with software system design development and systems administration. Worked with the End-users to determine business needs from a software perspective, envision solutions, and prioritize strategic initiatives to meet deliverables and deadlines.

ICS (Industrial Control System Security): Created and Maintained NIST 800-32 Baseline procedure and processes for the Agency. Conducted ad-hoc penetration testing for finding security vulnerabilities/flaws in target systems.

Configured and deployed Tenable security solution which included not limited to overall architecture guidance, operational testing and evaluation support for Nessus Scanners and Security center components.

Provided target system configuration guidance to customers to ensure successful vulnerability scans. Diagnosed and resolved Nessus vulnerability scanning credential failures, false positives, scanning issues, and reporting issues.

Conducted vulnerability analysis on common vulnerability exploits (CVEs) to determine if they are applicable to DISAs assets, the impact, the severity, and mitigation techniques. Uploads applicable DISA STIG benchmarks to Security Center(s) on periodic basis.

Senior Systems Engineer 08/2008 – 08/2011

Bureau of Engraving and Printing –Contractor

Provided Technical leadership to design, implement, and validate Windows 2003/2008 server and network infrastructure for corporate and production network. Coordinating and implementing numerous large and small-scale technical projects, assisting in the creation of strategic and long-term planning, and participating in a 24x7x365 on-call support rotation. Extensive experience in Windows 2000/2003/2008 Active Directory design, group policies, and domain maintenance and the ability to leverage a thorough understanding of the interactions between systems to not only troubleshoot problems, but also identify performance-tuning opportunities.

Key Contributions:

Acted as the SME on Virtualization for the bureau by evaluation Existing legacy systems, applications and migrating the systems to Windows Hyper V systems.

Installed configured, maintained, and administered Physical and Virtual Servers for the Bureaus Enterprise Network project.

Served as SME (Subject Matter Expert) and lead in Evaluating, Testing, implementing, and maintaining BEP’s IT assets and support customers and IT project teams.

Maintained standard software images for all servers, desktop, and notebook, and PDA computing platforms containing BEP standard operating systems, application software, and configuration settings that adhere to BEP policies and procedures in accordance with FDCC rules.

Responded to (contact user, update trouble ticketing system), troubleshoot, and resolve issues routed to the Contractor through the BEP's help desk system (recent historical data shows approximately 160 Calls per month).

Use the automated "Imaging" technique install and configure Commercial off-The Shelf (COTS) Operating Systems and application software on new and recycled personal computers and servers to be deployed.

Advised and recommended to BEP personnel on matters relating to software patches, upgrades, service packs, hot fixes, etc. to ensure system availability, reliability, and serviceability.

Performed Microsoft Active Directory administrative functions that include, but are not limited to, operating system level file and folder permissions administration; creating users and groups; assigning user and group permissions and membership; folder structure administration, etc.

Tracked and managed all IT hardware and software warranties and work with various vendors on site when warranty support is required.

Configure new and existing personal computers and peripherals to connect to the BEP local area network (LAN), which may include minor network cable connectivity, DHCP or static Internet Protocol (IP) configuration, and operating systems configuration.

Developed and documented the BEP Enterprise system Architecture, including the business units and key processes and evaluates the impact of Enterprise Architecture products and services on BEP IT investments, operations, End User satisfaction.

Assisted in providing guidance and recommendations related to software and hardware requirements, system engineering development processes, maintenance, and IT security compliance accordance with FISMA, DISA and FDCC standers.

Configured and deployed Tenable security solution which included not limited to overall architecture guidance, operational testing and evaluation support for Nessus Scanners and Security center components and future releases.

Supported potential security violations and/or incidents by providing vulnerability scan results against target machines.

Provided target system configuration guidance to customers to ensure successful vulnerability scans. Diagnoses and resolves Nessus vulnerability scanning credential failures, false positives, scanning issues, and reporting issues.

Conducted vulnerability scans, reports, asset creation/modification, and policy creation/modification using Tenable Security Center.

Worked with IT Security to Led comprehensive security infrastructure upgrades (e.g., firewall/VPN upgrades, intrusion detection, token-based authentication, and remote management).

Assured newly planned systems can be integrated into legacy operational system environments while adopting new methods and processes to improve the availability of existing systems.

Implemented and tested Disaster Recovery Planning and testing using VMware and Hyper V locally and remotely.

Utilized superior communications skills to motivate staff and develop effective working relationships with peers, executives, and clients.

EDUCATION

MS, Network Management, Strayer University, DC (6/2005)

BS, Computer Programming, Strayer University, DC (6/2001)

MA Computer Information Systems, City College, London, UK (1997)

AA, Computer Science, City College, London, UK (1996)

Professional Certification

CISSP (Certified Information Systems Security Professional)

GCP (Google Cloud Certified Professional Architect)

AMCA( Microsoft Certified Cloud Master Architect)

CISA (Certified Information Systems Auditor)

CISM (Certified Information Systems Manager)

CDPSE (Certified Data Privacy Solution Engineer)

CEH (EC-Council Certified Ethical Hacker)

LPT (EC-Council Licensed Penetration Tester)

ECIH (EC-Council Certified Incident Handler

CEHFI (EC-Council Computer Hacking Forensic Investigator)

ECSA (EC-Council Certified Security Analyst)

CNDA (EC-Council Certified Network Defense Architect)

Security +

AWS-PSA (AWS Certified Solutions Architect – Professional)

AWS-ASA (AWS Certified Solutions Architect – Associate)

MILITARY

• U.S Army (12/2002-11/2006)

Training:

Project Management Institute (PMI), World cell Inc (06/2007)

DHS Cyber Warrior

Project / Program Management (Level 1 and 2)

Red and Blue Team Pen testing – Carnegie Mellon Institute

IBM Qradar Vendor Training

MacAfee e-Policy, IDS /IPS SIEM Training

Palo alto, WatchGuard, Juniper, Citrix VPN Vendor Training

Splunk Enterprise Administrator / Splunk Security

Trend Micro Deep Security

Fire eye Incident Response / Malware Analysis

AWS Security Architecture

Volunteer experience

ATARC (Advanced Technology Academic Research Center) Speaker

EC-Council - Item Writer

MCISSE CyberPatriot Mentor

National Women's Cricket League President

United States Youth Cricket Association Vice President

National Youth Cricket League (NYCL) Executive Team

Maryland Youth Cricket Association Head Coach

Contact this candidate