Scrum Master Security Officer
Resume:
Summary of Experience
Over ** years of diversified experience in managing large departments and programs, as well as large-scale implementations, transformations, continuous improvement and developing people and teams
Led 120 FTE IT Operations group, Cyber Security, Software Development groups, Integrated Teams
Budget management: $50M human capital, services & technology, capital expenditures, profit & loss
Certified Trainer in Socratic Methods: trained over 2000 individuals on technical and non-technical topics
Adjunct Professor with University of Maryland Global Campus (Cybersecurity and Cloud Computing)
Certifications: Project Management Professional (PMP), CISSP, Scrum Master SAFe v5, ITIL v2,v3, v4, AWS Cloud Practitioner
Clearance: Top Secret Clearance, formerly held TS/SCI
March 2022 to Present General Dynamics Information Technology
Senior Director, Program Operations Director
Currently, Program Director for DISA DEOS O365/Azure migration
Release Train Engineer for SAFe process: Scrum Master for several products
Program Director for Army Cloud Managed Services – 90+ FTE managed
Responsible for: Cyber operations, SOC, AWS cloud architecture and engineering, Operations/IT Service Management, SAP migration and development, PMO, ServiceNow operations
Managed reduction of scope and project closeout; resource planning, P/L, transition to new service provider
Managed approximately $17M in annual labor and $4M in ODCs
December 2020 to March 2022 Envisage / Vector Solutions
Federal Accounts Director, Customer Success
National Account for Federal Customers of Acadis
Responsible for identifying and resolving issues that prevent the client from achieving maximum value from the product
Collect enhancement requirements for new features and communicate the progress of requests
Scrum Master for 3 products
February 2018 to March 2022 Kabine Consulting (self employed)
Subcontracts with: KPMG, Valiant Solutions, Efiia Consulting, Envisage Washington, DC
Managing Director / Senior Program Manager, Cybersecurity, IT Cloud Operations
Operation Warp Speed
National Project Manager on Operation Warp Speed for Controlant Cold Supply Chain transporter for Pfizer; reported directly to General Perna’s staff on daily basis for status of Pfizer delivery and temperature monitoring
Led portfolio to manage security and supply chain systems to align with business services
Worked closely with the Department of Defense, Department of Health and Human Services, Pfizer, and Controlant to establish a change management process to ensure changes to tools, services, vendor updates, and process changes aligned with contractual requirements and the best interests of Operation Warp Speed
Scrum Master for product and supply chain for distribution of Pfizer COVID vaccine
Department of Energy
Performed government product owner duties as a representative for the GS-14 responsible for the duties of Information System Security Manager for new systems, projects, and security management
Re-designed ServiceNow module usage to leverage Security Operations, Vulnerability Management and GRC modules to integrate to Splunk; developed a risk scoring system to quantify risk
Lead Change Management process and Change Advisory Board
Scrum Master for 3 products
Department of Justice – Executive Office of the US Attorney
Responsible for establishment and management of the Risk Management Framework processes, continuous monitoring and accreditation, penetration testing, audit and governance, and Insider Threat programs
Implemented a Governance, Risk and Compliance (GRC) dashboard in ServiceNow for real-time portal view of risks, implemented agile process management with Confluence, Jira, and ServiceNow
Established repeatable accreditation and monitoring process for SaaS/cloud/Amazon Web Services (AWS) /Azure FedRAMP and non-FedRAMP applications and systems. Stood up 6 applications in AWS in 12 months
Managed integration of SailPoint and Okta for Identity Management solution
Managed establishment of Splunk as the GRC aggregation solution with CSAM, Nessus, HP WebInspect, DBProtect and IBM Qradar as a federated solution for input sources.
Led migration of 30 servers from Columbia, SC data center to AWS govcloud; designed VPC/hybrid architecture;
Appointed as interim Information System Security Manager for 9 months as the government replaced the GS-14 who was in that role
April 2021 to Present University of Maryland Global Campus
Adjunct Faculty / Cloud Computing, Advanced Cloud Computing
Deliver content on current cloud computing principles and technologies
Assess student assignments, labs, papers and presentations
Contribute to the course content
Dec 2015 to Feb 2018 Deloitte Federal Services, Arlington, VA
Senior Manager, Cybersecurity
Program Manager responsible for the 63 person security operations team that includes: vulnerability scanning, security engineering, independent audit and assessment, and the security operations center
Daily management of continuous monitoring and detailed reporting of vulnerabilities, working with application teams, system administrators and database administrators to remediate security findings through developing POA&Ms and change requests for traditional waterfall projects, agile development projects and DevOps teams
Scrum Master for Sailpoint implementation for identity management and governance
Design architectures to improve security posture and facilitate an enterprise standard for platforms in accordance with NIST SP 800-53a Rev 4, 800-37, 800-171, 800-60
Responsible for financial management and P/L of project with 55 on site resources and 8 resources in different geographic locations. Manage $15M yearly budget.
Monitor and ensure that all systems security programs are in full compliance with all program requirements
Develop, maintain, oversee and execute the operational processes and procedures to comply with information and cybersecurity laws, directives and standards as part of directing the activities of the Information System Security Officer (ISSO) workforce
Received exceptional feedback from NIST on our implementation of 800-53a
Provide expert advice on cybersecurity risks and mitigation strategies in customer service meetings; also assessed new needs and requirements, applied knowledge of existing products and services to resolve problems and issues
Led data center migration of 500 servers and containers from DHS data center in Mississippi to the Virginia data center; designed network and VPCs, security infrastructure, and cloud integration, power capacity planning, network redundancy, and disaster recovery
Manage vulnerability scanning teams using Tenable Nessus/Security Center and HP Fortify Web Inspect feeding into Archer GRC dashboard from CSAM and other tools
Advise CISO and CIO on network architecture, IT Service Management improvements and security posture
Prepare and deliver detailed weekly and monthly written and oral status reports to the Deputy CISO and CISO that included number of systems assessed, SOC issues/incidents, forecast of systems to be accredited, continuous monitoring results and budget tracking
Reviewed NIST SP 800-53a Revision 5 and sent in comments around cloud systems and architecture
Nov 2014 to Dec 2015 Cambridge International Systems, Arlington, VA
Program Manager – Information Technology Engineering Navy
Program Manager for the final year of Navy Military Sealift Command N6 Shipboard MIS Engineering contract
Led replacement of standardized shipboard platform for classified and unclassified systems on shore and afloat based systems; hands-on design of architecture compliant with DOD Defense Information Assurance Creditation Assessment Process(DIACAP) while also mapping controls to transition to NIST
Responsible for team of 25 people across 2 locations, including managing a subcontractor (CACI)
Manage annual budget of over $4.5M (contract value approximately $10M)
Revised the Risk Management assessment and reporting process to align with NIST guidelines
SME for development processes, security architecture and IT Operations
Implemented iterative agile approach for infrastructure projects resulting in approximately 30% less rework and 50% less time in requirements delivery than previous 3 years
Develop, maintain, oversee and execute the operational processes and procedures to comply with information and cybersecurity laws, directives and standards as part of directing the activities of the Information System Security Officer (ISSO) workforce
Monitored and ensured that all systems security programs are in full compliance with all program requirements
Provided expert advice on cybersecurity architecture, risks and mitigation strategies.
Budget management within 2% of target since taking over in November of 2014
Designed and implemented new engineering policies and procedures to meet the needs of the client and more efficiently utilize our resources
Monitored all systems security programs to ensure compliance with contract and program requirements and delivery of all SOW requirements
Analyzed and updated existing Service Operations and Maintenance procedures to gain efficiencies in working Incidents and updated SLAs to improve response for customers
Led Implementation of shipboard virtualization using Windows Server 2012 and Hyper-V for thin clients
Received Exceptional rating on CPAR from government client
May 2014 to Nov 2014 TCD Group LLC(Self Employed), Washington, DC
Cybersecurity Senior Manager
Managed the establishment of Security Program Office, Security Charter and formalization of Security Plan for financial management firm; led 6 security-related projects to implement SANS 20 critical controls
Led QA for Army NetCom ITSM architecture review
SME for network design and improving security posture
Developed department-wide policy for private and public sector IT departments in the areas of security, IT Operations, Service Level Management and running IT as a business
Sep 2012 to May 2014 CoStar Group, Washington DC
Senior Manager Information Systems for Finance, Human Resources, Accounting
Established Program Management Office for the company which doubled in size through acquisition over the previous year; developed project evaluation process and business cases for adopting new technologies
Responsible for SOX and PCI compliance of all systems and applications in the Accounting and Finance group; Remediated all outstanding SOX audit items and passed two follow on SOX audits with no issues
Developed and implemented ITIL-based change and release management process across all locations in collaboration with the development team and operating companies within the CoStar Group umbrella
Managed SaaS integration projects: Concur (Salesforce platform), Replicon Web Time and Medius (Accounts Payable) application migration to SaaS Cloud solutions and Workday integrations
Re-negotiated 4 existing SaaS agreements to reduce cost per transaction; migrated 2 additional solutions to vendor clouds and integrated all 6 SaaS solutions to avoid redundant entry
Developed and monitored CIS Framework compliant security plan for on-site/hybrid cloud solutions
Aug 2008 to Sep 2012 Accenture Federal Services, San Antonio, TX
Director of Technology for San Antonio Delivery Center, Public Safety Portfolio Manager
Responsible for all computer operations, networking, security, telephony, and vendor management for San Antonio Delivery Center;800 onsite users and 900 off-site personnel
Portfolio Lead for $50M in projects with Department of Homeland Security, State Department and Department of Justice. Led multi-year and multi-agency programs of up 120 people
Managed setup of internal cloud for SharePoint and test and development environments
Teamed with development group to establish Agile methodologies for software development, Project Management and IT Service Management using ITIL and ISO 20000 as the framework
Created steering committees and unified reporting process for 22 projects and 7 operational systems
Delivered monthly briefing to agency Director for US-VISIT on the financials of the program using Earned Value Management; responsible for project and operational budgets ranging from $12M-$28M
Initiated policies for Service Level Management, Capacity Management and Continuous Improvement that have resulted in 40% reduction for ticket resolution times at the San Antonio Delivery Center
Managed vendor relationships with Microsoft, Oracle, Cisco, Dell and VMWare.
Led 4 ITSM implementation and customization projects with Accenture LLP before moving to AFS
May 2004 to Aug 2008 TCD Group (Self Employed), Greenville, SC
Managing Director/Lead Developer
Lead developer and process designer for ITIL tools and processes on BMW global project to transform internal IT
Responsible for implementation of Enterprise software packages (SAP, PeopleSoft, Remedy)
Led 3 international project teams composed of clients and vendors in the U.S, Europe and India
Managed financial aspects of projects up to $5M budget using EVM, NPV, IRR reports
Lead technical architect for U.S. effort for a 6-month project to consolidate ITSM applications from 3 U.S. sites to Germany for South Carolina based German automotive manufacturer
Managed development, implementation and cost performance of ITIL processes for Change Management (CM), Incident Management (IM) and Service Level Management
Led global workshop with stakeholders from Europe, South Africa, Malaysia and the United States to identify areas for internal ‘in-sourcing’ the engineering of new global infrastructure
Partnered with senior management to form project budgets, ensure business case validity and alignment with business plans and the establishment of agile development framework
Managed projects and provided SME support across financial, health, government, and automotive sectors
Created web services in Remedy to communicate with a variety of tools using SOAP, REST API, and direct query
Sep 2001 to May 2004 Ahold Information Services, Greenville, SC
Project Lead Sr. Systems Integrator
Led virtual project teams for consolidation and standardization project consisting of technical managers, and vendors from 7 geographically separate business entities
Managed PeopleSoft platform migration and upgrade from v7.5 on Solaris/Oracle to v8.4.2 on AIX/Oracle
Managed Remedy migration from Oracle to SQL Server
Senior Systems Analyst – Remedy Development
Led requirements gathering and development of a Change Management application that encompassed a single set of standards and processes for submittal and approval of change requests across internal companies that previously used 5 separate systems
Created a documented process for testing and validation of enhancements using CMM principles
Provided development support for Problem Management system; implemented over 100 changes to the system in 24 months
Jun 1999 to Sep 2001 Tek Systems- Professional Services Group, Greenville, SC
IT Management Consultant
Provided consulting services for Fortune 1000 companies.
Managed 9 IT improvement projects over 18 months resulting in savings of $150,000 to $1,500,000 annually per company by improving selected processes
Implemented Remedy’s IT Service Management application projects for Mt. Sinai Medical Center, Catholic Health Systems and Spartanburg Regional Hospital
Managed, planned and implemented 5 new large-scale support center and asset tracking systems with Web-based interfaces for end-users and technicians using Remedy product
Performed requirements analysis and implemented a problem management solution to support over 800 nationwide locations in 2 weeks.
Conducted training classes for over 900 end-users at a large southeastern utility provider
Authored over 20 Statements of Work, responded to 12 Requests For Proposals and performed role of Pre-Sales Engineer to close sales of 9 projects out of 11 opportunities
Mar 1998 to Jun 1999 Electronic Data Systems, Greenville, SC
Development and Support Team Lead.
Responsible for gathering requirements, setting up the project plans and developing the applications for software projects related to SAP and Remedy development. 2 direct reports
Developed interface for SAP and Remedy developing an ABAP program and Action Request escalations and filters, saved $60k over Commercial product
Managed global application enhancements to Complaint Management System
Led team of 2 junior programmers in automating the billing of telephone services
Aug 1998 to May 1999 Greenville Technical College, Greenville, SC
Part Time Adjunct Instructor. Responsible for developing and instructing curriculum
Instructed courses on Networking and Event Driven Programming
Designed and revised curriculum, lesson plans, projects, and examinations
Mar 1989 to Sep 1997 U.S. Air Force, Shaw AFB, SC Offutt AFB, NE
Jan 1996-Sep 1997
1st Lieutenant – Manager, Test and Integration, Defense Meteorological Satellite Program (DMSP)
Managed staff of 35 enlisted, officers and contractors; Coordinated and validated changes with contractors and other government agencies
Responsible for all software changes to the DMSP satellites
Top Secret / SCI security clearance
Streamlined support team by reducing number of personnel and re-allocating under-used resources, saving $80,000 annually out of a budget of $480,000
Renegotiated vendor contract, reduced the need for vendor support by 50%, saving $150,000 over 2 years
Restructured mid-level IT management, saving over $110,000 annually.
Certifications and Education
Project Management Professional - PMP #227991 ISO IEC 20000 Internal Auditor and Consultant
CISSP #495949 Remedy Approved Consultant (2000)
ITIL v2, v3, 2011 Foundations Certified BMC CMDB Skilled Professional
SCRUM Master AWS Cloud Practitioner
Clemson University MBA
East Carolina University B.S., Computer Science
Contact this candidate