Emanuel Payton
SUMMARY
Mr. Payton is an exceptional professional with experience in Enterprise Architecture, Business Continuity, Information Security, Disaster Recovery, and Information Assurance skills in support of computer networks and Information Technology security, to include all aspects of certification and accreditation of multiple platforms in and out of the Intelligence community.
EDUCATION
Master of Science, Information Security Management, Trinity University
Graduate Diploma, Naval War College
Bachelor of Arts, Computer Science, Morehouse College
TRAINING/CERTIFICATIONS
Certified Business Continuity Planner (CBCP)
Member Business Continuity Institute (MBCI)
Certified Information System Security Representative (CISSR) for NRO, May 1997
Certified ISSO via FBI training academy 2006
CLEARANCE
Top Secret/SCI w/CI-Poly (renewed May 2019)
WORK EXPERIENCE
PAE Consulting, Inc. Lead, BC/DR /Resiliency Consultant
September 2021 – Present
Responsibilities:
1. Designs and administers programs to include policies, standards, guidelines, training programs, and a viable quality assurance process for disaster recovery.
2. Oversees and reviews the testing and implementation of software, data systems, and data networks to ensure that the integrity and security of all electronic data and data systems are adequately protected.
3. Facilitates the preparation of an organization-wide business resumption plan.
4. Assists in the coordination and establishment of disaster recovery programs and business resumption planning across mainframe and client server platforms.
5. Coordinates and monitors simulation testing across all platforms.
6. Designs and administers programs to include policies, standards, guidelines, training programs, and a viable quality assurance process for disaster recovery.
Support to develop, maintain, and execute a TT&E program that complies with DoD, federal directives, and Homeland Security Exercise & Evaluation Program (HSEEP) requirements.
Perform enterprise-level planning and exercise activities that support national-level exercises that verify alignment of other Customer programs with the DoD and training events.
Oversee development of after-action reports and corrective action plans following tabletop exercises, drills, or full-scale exercises as well as real-world events.
Facilitate review and out brief of senior Customer leaders' performance during tabletop exercises, drills, or full-scale exercises.
Support, participate, and lead design and planning of exercise scenarios designed to meet routine DoD or Federal directive evaluation periods that include development of the Master Scenario Event Listing (MSEL) with Customer leadership.
Prepares and conducts briefings and overviews to education Agency personnel.
Monitors contingency plan exercises, assesses plan effectiveness, and recommends plan improvements to improve responses to emergencies.
Cognizant of national policies and provides expertise to act as trusted advisor to senior leadership.
Able to provide strategic direction in leading activities in support of team and enterprise objectives.
Supports the office of the Chief Information Officer in the area of business continuity; Acts as the point of contact regarding matters involving Intelligence Community continuity plans; Act as Crisis Communications subject matter expert in charge of quarterly test of the senior staff. Act as in-house e expert for GETS/WETS phone used by senior staff;
Parsons Corporation, Lead, Business Continuity Planner/Functional Specialist
December 2020 – August 2021
Support to develop, maintain, and execute a TT&E program that complies with DoD, federal directives, and Homeland Security Exercise & Evaluation Program (HSEEP) requirements.
Perform enterprise-level planning and exercise activities that support national-level exercises that verify alignment of other Customer programs with the DoD and training events.
Oversee development of after-action reports and corrective action plans following tabletop exercises, drills, or full-scale exercises as well as real-world events.
Facilitate review and out brief of senior Customer leaders' performance during tabletop exercises, drills, or full-scale exercises.
Support, participate, and lead design and planning of exercise scenarios designed to meet routine DoD or Federal directive evaluation periods that include development of the Master Scenario Event Listing (MSEL) with Customer leadership.
Prepares and conducts briefings and overviews to education Agency personnel.
Monitors contingency plan exercises, assesses plan effectiveness, and recommends plan improvements to improve responses to emergencies.
Cognizant of national policies and provides expertise to act as trusted advisor to senior leadership.
Able to provide strategic direction in leading activities in support of team and enterprise objectives.
Supports the office of the Chief Information Officer in the area of business continuity; Acts as the point of contact regarding matters involving Intelligence Community continuity plans; Act as Crisis Communications subject matter expert in charge of quarterly test of the senior staff. Act as in-house e expert for GETS/WETS phone used by senior staff;
Carefirst, BCBS Lead, Disaster Recovery Administrator
June 2017 – October 2020
Fusion System Administrator 2018. Develops and manages recovery processes to insure all tech req. are identified, documented and in alignment with business drivers.
Provides project management regarding all technical aspects of achieving a department or corporate. obj; Assesses the BC implications of proposed technological, organizational or business plan changes recommending required revisions to existing business continuity processes, plans, procedures, and recovery services contracts necessitated by such changes then implementing the recommendations once approved; Performs data center recovery capacity planning with CareFirst IT teams in support of specific business unit current, in plan and new initiatives, with a major focus on proactively assuring an adequate recovery environment exists; Coordinates, schedules and project management of disaster recovery exercises: includes tracking, follow-up and management reporting required to resolve all issues identified with the goal to ensure the organization’s ability to recover in the event of a disaster; Reviews and suggests improvements on the recovery exercises of CareFirst vendors; Validates that resources (specifically data) that are required for a successful recovery are protected and available; This position is also subject to being "on call" for potential disaster situations; This position requires travel between all CareFirst locations and overnight travel to facilitate recovery exercises from the hot-site; QALIFICATION REQUIREMENTS: Required: This position requires a BS in either Information Systems, Computer Science or Business Administration or a combination of education and technical training which totals at least 10 years’ experience in the IT industry. The position requires a background in mainframe or mid-range systems, along with solid conceptual knowledge of databases, networks, distributed systems, client server, and Windows and NT Server environments.
Xerox Services Senior IT Security Principle
October 2013 – March 2017 (3 years)
Provide security support for Xerox MD DHR project development and existing MD DHR applications
Act as a security liaison to the application developer and project management groups
Lead the incident response team, including directing engineers and analysts in security incidents
Assist with updating and implementing the annual security awareness training, annual developer training, and annual administrator security training
Work with the IT program groups and IT vendors to evaluate and improve IT vendor security posture
Validate remediation efforts of findings related to vulnerability and system configurations
Respond to day-to-day IT operations and internal requirements requiring security support
Assist in identifying security initiative gap assessments
Implement, test, and maintain defined security solutions
Define desired state for people, process, and technology solutions that are to be utilized to support other IT efforts;
RMF or NIST knowledge requirements
IT network knowledge/implementation experience (e.g., firewalls, secure topologies/architectures, intrusion detection/analysis, Microsoft/UNIX/OS security, vulnerability assessments)
Experience with reviewing Intrusion Detection reports incident response and computer forensic experience
Identify application development security concerns and the ability to define and test application security requirements; Understanding of application assessment software (WebInspect or others);
Previous experience with security information / event manager configuration Analytical thinker who solves problems and develops continually more effective solutions to them;
Make informed decisions quickly and leverage your communication abilities to implement them
PAE Consulting, Inc. July 2012 – October 2013: Sr. Disaster Recovery Consultant
Applied current Disaster Recovery methodologies and best practices to environment
Collaborated to architect, design, engineer and implement technical DR strategy and solutions
Researched options in managed hosting and DR outsourcing for client
Researched DR tools and technologies, such as NetApp Flexpod, NetApp replication solutions, VMware SRM and other DR solutions for customer
Reviewed designing, developing, maintaining and exercising/testing efforts for DR Plans
Applied working knowledge of core IT functions to the company's key functional processes and resources
Applied knowledge and understanding of current disaster recovery planning techniques and technologies to client alternative site plans
Continue to grow knowledge of current business continuity planning methodologies
Collaborate with data management in order to assist in the preparation of recovery procedures
Kaiser Permanente Senior Business Continuity Planner
March 2013 - June 2013 (4 months)
Assist IT units with: Assessment of potential business impact; development and documentation of work area (business function) business continuity plans
Recommend recovery strategies and options, and assist with the implementation of recovery solutions
Coordinate business continuity plan exercises up to and including the Sr. VP level
Develop schedules for training / awareness for all Infrastructure Management teams
Coordinate development of business unit schedules for annual business continuity documentation maintenance and update, exercises, and independent review and validation
Report the business continuity status of IMG business units
Provide expertise and support to management and IT functional areas, as requested, when a business disruption occurs
Works with vendors of recovery services and facilities
Studies and recommends outside services for use during a disaster situation
Acts as a coach and guide to incident command during an emergency situation;
Maintains contact with outside contingency planning professional organizations and local/regional emergency response groups
Expert Network and Software Engineering, Inc., March 2012 – July 2012 Mission Assurance Continuity Specialist
Provided Business Continuity and Mission Assurance (MA) services support Facilitated the creation of Continuity of Operations Plans (COOP)
Guided the implementation of and adherence to MA and COOP policies, standards, and regulations
Contributed to the design of disaster recovery policies, standards, guidelines, training programs and related quality assurance processes using knowledge of business processes, management structures, and technology programs/platforms
Provided guidance and training to COOP Planners and Enablers on the use and utility of Living Disaster Recovery Planning System (LDRPS) application
SMS Data Products Group, Inc., July 2011 – February 2012, Sr. IT Consultant
Responsible for maintaining and enhancing the OCIOs COOP plan and subsequent continuity documents for department of homeland security (DHS)
Provided support in the areas of risk management and incident management within DHS
Used superior organizational skills to support DHS
Worked on team of certified business continuity professional to support DHS efforts
Applied FCD1, FCD2 requirements to DHS environment
Applied Risk Assessment, Business Impact Analysis, and Disaster Recovery experience
Worked to develop work plans for OCIO with emphasis on a COOP Multi-Year Strategy
PAE Consulting, Inc. – Senior Disaster Recovery Consultant (October 2010- July 2011)
Provided insight for various clients regarding Disaster Recovery Planning for agencies and organizations to include Disaster Recovery Plan development, identification of critical assets and personnel, testing of current DRP/COOP documents, updates to documentation as necessary
Preferred System Solution (IT Infrastructure Operations), August 2010 – October 2010 Disaster Recovery - Application/Technology Specialist
Requirements definition, facility design, and planning and implementation are the cornerstone skills required for this effort
Worked with open-systems application and infrastructure teams to coordinate Disaster Recovery (DR) tests on UNIX and Windows server environments. This includes: Identify and engage ITO teams in DR and Business Continuity (BC) planning functions. Provide awareness of BC and DR to teams
Steer IT teams in DR testing using resources hosted in the Dearborn datacenters.
Coordinate equipment and resource requirements for DR tests. Facilitate the failover and failback testing of high-end infrastructure and applications
Participate in any planned data center failover testing events
Help report metrics on BC/DR compliancy to ITO management. Assist in driving Business Continuity concepts across IT
Centauri Solutions, December 2009 – August 2010; Sr. Disaster Recovery Planner
Senior Disaster Recovery Planner for Defense Intelligence Agency responsible for Business Continuity Management (BCM) program which included both business continuity planning and disaster recovery planning for a client with a world-wide footprint. This required a unique approach that involved training, notification, crisis management, resumption, etc. efforts
NCI Information Systems, 2008 – April 2009; IT Consultant
Responsibilities included providing support to the Air National Guard (ANG) customers, by insuring the confidentiality, integrity, and availability of systems, networks, and data
Ensured that ANG customers are in compliance with policies, directives, instructions, and guidance prescribed by Congress, DOD, Air Force ANG, and Office of Management Budget (OMB)
Demonstrated a systematic understanding of the following core competencies: IT concepts, principles, methods, and practices
The mission and programs of ANG customer organizations
The ANG's Enterprise Architecture framework
IT Information Assurance principles and methods
IT requirement analysis principles and methods; COTS/GOTS products and components
Enterprise Information Technology Data Repository (EITDR) compliance; New and emerging information technologies and/or industry trends; Acquisition management policies and methods Analytical methods and practices; Program Management principals and methods; and Oral and written communication techniques
General Dynamics Information Technology, 2007-2008; Enterprise Architect
Provide insight for clients regarding Enterprise Architecture and Information Security for the organization to include COOP development, artifacts development of System Interface Diagram, System Communication Description, System Interface Matrix, System Data Flow Diagram, System/Operations Matrix, Systems Data Exchange Matrix, System Performance Matrix, System Evolution Diagram and Web Application Diagram
Helped to develop Federal Enterprise Architecture Service Reference Model artifacts for the customer as well as testing of current COOP documents, updates to documentation as necessary.
PAE Consulting, Inc., 2007; Senior Business Continuity Consultant
Provide insight for clients regarding Business Continuity Planning for the organization to include COOP development, identification of critical assets and personnel, testing of current COOP documents, updates to documentation as necessary
SRA International, 2006; Senior Disaster Recovery Planner
Provided disaster recovery planning and IT contingency planning to the CIO for the GAO’s Information Systems and Technology Services Division
Supplied the leadership for the relocation of the backup site to a more secure location
Maintain a level of engagement with upper management regarding COOP planning for the possible Pandemic crisis. Supported efforts to increase the level of training in the area of awareness for the entire agency
Computer Science Corporation, 2005; Senior Information System Security Representative
Provided support to Federal Bureau of Investigation’s systems for FISMA compliance and System Security Planning for more than 80 systems
Main point of contact for Certification & Accreditation packets for these systems
Supported table topic exercises for each of these systems as scheduled. Graduated from the FBI’s Academy training for ISSO’s at Quantico, Virginia per client’s requirement
Veterans Administration, 2004; COOP Consultant
Provided Continuity of Operations (COOP) management consulting to the Enterprise Architecture team as an independent contractor
Evaluated level of preparedness of the organization for COOP events at VA Headquarters and Chinatown locations
Mahoning County (Youngstown, Ohio) Democratic Headquarters, 2004;
Field/Volunteer Coordinator
Met with community leaders, and coordinated volunteer groups to increase the number of registered voters
Implemented the DNC vision by integrating strategic goals, priorities, and values of the DNC. Scheduled volunteers and interns
Provided customer service to all staff. Maintained general administrative and technical oversight
Democratic National Convention Committee, 2003 – 2004; Deputy Director of Technology
Explains, advocates and expresses facts and ideas (both orally and in writing) in a convincing manner to a diverse group of contractor engineers, including multiple disciplines, Systems Architecture, & Protocol Architecture to include CISCO, Microsoft, Blackberry, IBM, etc.
Provided daily reports to the Director of Technology to develop and implement the organizational vision by integrating strategic goals, priorities, and values of the DNCC
Scheduled volunteers and interns. Maintained Vendor accountability
Provided customer service to all staff. Negotiates with individuals and groups both internally and externally when needed
Maintains general administrative and technical oversight.
Supports direction of functional departments for Overall Architecture, Protocol Architecture, Physical Layer Architecture and RF Systems
Defines overall IT security functions and performance requirements, as well as high-level Security design requirements
Booz Allen Hamilton, Inc., 2002 – 2003; Associate
Conducted computer security evaluations and develops computer security plans.
Interfaces with clients to conduct requirement analyses, reviews system security plans, and develops client questionnaires to gather information and dispel misinformation.
Conducted site visits to determine security enhancements or improvements and then briefs clients on recommendations for improving their computer security.
Examined ways to secure computer software (encrypting).
Analyzed client installed software security measures.
Ensured user adheres to sound security practices.
Confirmed security procedures are present and properly configured.
Conducted evaluations to ascertain sufficient software security to protect sensitive client information.
Performs risk assessments to examine client’s physical environment to assess client-identified vulnerabilities.
Interviews technical staffs to assess system vulnerabilities and identify possible threats to system integrity or data.
Sprint E-Solution, November 1999 – August 2002; Technical Solutions Consultant
Serves as an Information Security generalist with a background in enterprise level security, security process re-engineering and managing security practices to maximize the IT investment to enable and maintain business goals and objectives.
Provided services to both the Federal Government, as well as Commercial clientele.
J.G. Van Dyke/Wang Government Systems, 1999; Senior Information Security Engineer
Served as Task Leader for Army Backdoor Initiative to detect the five categories of backdoors on the client’s UNIX, NT and DOS based LANs.
Provided Certification and Accreditation support for the Pentagon Renovation Project for the various backbone networks and the worldwide Army Lodging system.
Executive Security & Engineering Technology, Inc., (ESET), 1998; Senior Management Analyst
Made recommendations for consolidating or developing information security systems (ISS) policy, and reviewed and recommended ISS solutions based on major products for various INFOSEC tasking.
Coordinated tasks between various team members to meet deliverable deadlines.
Worked independently or under only general direction to compile, analyze, and monitor quantitative information regarding the progress and compliance of program activities.
Lead instructor for the Certified Information System Security Professional study course held in house.
Developed and evaluated policies and business practices associated with migration strategies.
Lockheed Martin Management & Data Systems, October 1995 - October 1998; Senior Electronic Information Security Specialist
Responsible for the day-to-day operations for Information Security at the customer site.
Interacted daily with customer to consult on a wide variety of technical issues involving Windows NT, UNIX, Firewall evaluation, Virus Detection, Security Investigations, removal of sensitive equipment from the site, etc.
Responsible for Information Security Engineering in a networked environment using IBM 3090/Es9000, SUN and PC systems.
Supported all facets of operations to include physical security, product production, communications security, personnel security, software upgrades, etc.
Provided technical support and analysis of current and proposed system architectures, and security capabilities.
Evaluated new security products and security audits. Responsible for security audits, configuration controls of security systems and as required, design security for current information systems.
Led a team of three junior Information Security Specialists via delegation of duties and daily guidance.
Monitored local system usage and audit trails. Responsible for reviewing proposals for any additions, modifications or deletions of security access information.
Assisted with IC&T preparation activities and tests for all involved sites.
Booz Allen & Hamilton, Inc., 1994; Senior Consultant
Conducted computer security evaluations and developed computer security plans.
Interfaced with clients to conduct requirement analyses, reviewed system security plans developed client questionnaires to gather information and dispel misinformation.
Conducted site visits to determine security enhancements or improvements and then briefed clients about recommendations for improving computer security.
Examined ways to secure computer software (encrypting).
Analyzed client installed software security measures.
Ensured user adherence to sound security practices.
Confirmed that client built-in security procedures were in place and properly configured.
Conducted evaluations to ascertain whether software security was sufficient to protect sensitive client information.
Performed risk assessments examining the client’s physical environment to assess client-identified vulnerabilities.
Interviewed client technical staffs to assess system vulnerabilities and to identify possible threats to the system integrity or data.
U. S. Department of Agriculture (USDA), April 1993 - November 1994; Computer Specialist
Project leader for automated processing projects, which involved USDA policy initiatives, technical procedures and security standards. Performed site visits to assess remote sites’ compliance with USDA’s Information Resources Management requirements.
Acted to negotiate agreements to standardize automated data processing systems so connectivity could be provided and departments could communicate with other USDA departments.
Evaluated different software packages to determine the best method for providing connectivity between two disparate departments.
Evaluated USDA policy to determine if it should be adapted to maximize department compliance with Information Resource Management (IRM) regulations.
Coordinated the automated data processing procurement process for USDA.
Initiated, devised and directed new IRM and ADP policies covering systems, information security, data administration, system standards development, and CASE tools use and to help standardize the hardware and software procurement process.
Naval Surface Warfare Center (NSWC), February 1986 - April 1993; Computer Security Officer
Disseminated Navy computer security requirements information to NSWC personnel;
Conducted quarterly meetings; showed educational films; booked experts in computer security to present seminars on password maintenance, encrypting, and determining what constituted a security vulnerability, threat, etc.
Provided technical direction and guidance to laboratory and field personnel in the areas of computer security research, design, and implementation and testing.
Supported design, code requirements; and verification analyses and testing of software security packages developed by outside contractors and other agencies.
Conducted pre-acquisition software evaluations; installed and tested software upgrades on large-scale machines and microprocessors;
Assisted in customizing control and computational software; and advised users, managers and contractors on information security technical issues.
OTHER ACCOMPLISHMENTS
External Publications:
“Laptop Security”, Direct Wire Magazine, 8/1998;
“Windows 95 verses Windows 98, A Comparison”; Direct Wire Magazine, 10/1998
Internal Publications:
Lockheed Martin, 1997 Internet Policy for Customer Site; Standard Operating Procedures for Virus Detection; Area Security Plans; Risk Assessments and a number of existing policy updates or rewrites
Speaking Engagement:
Connected International Meeting Professionals Association (CIMPA) Las Vegas, Nevada, 11/1998; Bangkok, Thailand, 10/2000; Assumption University and Chulalongkorn University, Cairo, Egypt, 1/2002; Amsterdam, Holland, 09/2002; Lisbon, Portugal 11/2003; Athens, Greece, 10/2005; Prague, Czech Republic 10/2006, Beijing, China 02/2008.
Organizations:
National Contractor’s Automated Information System Security Working Group (CAISSWG), 1996, Contingency Exchange, DC Chapter 2016, Association of Contingency Planners, 2018
Honors
Outstanding Young Men of America, 1984
Who’s Who Among Young Men in America, 1990
Connected International Meeting Planners Association, Friendship Corps Award for ten years of service 2006