Information Systems Security
Resume:
Sharon Anthony Ehlers
CISSP-ISSEP, FITSP-M, CAP
ady9s4@r.postjobfree.com
Summary
Ms. Ehlers is an Information System Security Engineer and System Advisor with Architecture and Engineering experience, including over 20 years of demonstrated professional and technical experience in planning designing, building, integrating, testing, implementing, deploying, and administration of Information Technology (IT) and Information Security (INFOSEC) solutions using emergent security products. A subject Matter Expert in the Certification and Accreditation (C&A) process and implementation of secured enterprise networks, using a Defense-in-Depth approach, in accordance with the NIST risk management framework (RMF) DCID 6/3, DITSCAP, NISCAP, ICD 503, NIST, SP830, FIPS140 processes and National Security Agency (NSA) methodologies. As the lead security engineer in the National Threat Operations Center Ms. Ehlers has coordinated with the US CYBER COMMAND and DISA in the role of advisor for the Comprehensive National Cyber Security Initiative supporting shared situational awareness Ms. Ehlers is looking for an opportunity where her overall professional experience and technical related expertise will contribute to heightened customer satisfaction and increased productivity.
Now that I have retired from a long term position I am looking for a new position. Possibly Remote.
Pilar
Pilar Services 03/20/2021- until now
Security Consultant
08/10/2020
Ms. Ehlers performed as an ISSO and ISSE. She uses current policies and procedures required to protect all categories of information as well as has a working knowledge of data access controls implemented to ensure the confidentiality, integrity, and availability of information. Apply and verify data security access controls, privileges, and associated profiles. Implement media control procedures and continuously monitor for compliance. Implement and verify data security access controls and assign privileges based on need-to-know. Investigate all suspected cybersecurity incidents confidentiality controls and processes. Implement authenticator generation and verification requirements and processes, and operations/activities, to apply standards of acceptable performance, and to recognize the need to seek and obtain appropriate expert advice (. e.g., technical, legal, safety) or consult appropriate reference materials. She demonstrates an understanding of the inner workings of individual parts of the process/topic and comprehensive, intensive knowledge of the subject or process sufficient to mitigate the issue.
DOD 06/2014 – 03/2020
Senior Information System Security Designer
Designs the architecture of new and existing information systems and recommends improvements for information systems by applying accepted security practices or in response to technical review. To accomplish this goal, she must maintain an awareness of threats so that appropriate controls are applied to the system. She also has a strong knowledge of Enterprise Standard Service including Cross Domain solutions.
Performs as a critical member of the team to bring quick turnaround projects successful through the Risk Management Framework (RMF) to achieve Authorization to Operate (ATO). The security posture of the systems was significantly improved due to enhancements established by Ms. Ehlers.
She also supported the pilot program for the cloud projects.
Ms. Ehlers provided mentoring to other Security Designers both inside and outside of her organization. She worked closely with testers and the Delegated Authorization Officer.
Designs the architecture of new and existing information systems and recommends improvements for information systems by applying accepted security practices or in response to technical review. In order to accomplish this goal, she must maintain an awareness of threats so that appropriate controls are applied to the system. She also has a strong knowledge of Enterprise Standard Service including Cross Domain solutions.
KYW Technologies Columbia, MD
11/2009 – 06/2014
Senior ISSE and Lead Security advisor in a Cyber Watch Network Threat Operations Center environment. Advise the customer in all areas of security and business analysis including security liaison between agencies (DISA, CYBERCOM) to facilitate Shared Situational Awareness as mandated by CNCI. Ms. Ehlers is the lead of the NTOC Security Working Group, servers as a member of the NTOC technology steering committee and participates in the Cyber Centers Working Group.
Performing in this capacity participated in the Architecture working group, the Requirements Board and interfaced with Project managers and developers. She provided project plans, recommended requirements, and provided information to customers at all phases of the process. When the project became operational, she provided guidance for the Continuous Monitoring Phase including configuration control by acting as a member of the Configuration Control Board (CCB).
She works with a team of Architects and Engineers to develop information system security architecture in a complex environment with few requirements in place. Define security architecture components that allow for scalable and secure IT while considering evolving IT infrastructure, changing regulations, and growing threat sources. Supports both operational and developmental phases of security engineering and has a broad knowledge of the NSA Architecture as it exists as well as the existing strategic options.
Ms. Ehlers has authored white papers including:
Comparison of MDEX VS DCAC Cross Domain Solutions
Guidance for JWICs Connectivity
Processes for Data management and Data Ownership Implementation of the NIST Risk Management Framework.
Acted as a liaison to share information by holding meetings to share information, for example, with the TD of the DoD PKI PMO and CASPORT, SASPORT with a follow-on Q&A session that assisted in providing information to system architects, engineers, and developers.
Performs as security architect and security practitioner responsible for the evaluation of the status of the system and identifying/analyzing information that in order to provide guidance that complies with IT Efficiencies and utilizes corporate services when appropriate. She also provides guidance to the development team by working with the PM to ensure that security and best engineering practices are used. She is experienced in multiple levels of security architectures: development, cloud-based data architecture, application architecture, and infrastructure in defining logical structure of the system including processes, technology and people including perimeter security, risk and threat analysis, data security, application security, and infrastructure security, Ms. Ehlers is also part of the team that designs the high level physical security architecture including network diagrams illustrating Cross Domain Solutions, firewalls, internal and external connections and devices used, and diagrams of other architecture solution to the security architecture.
Prepare for Certification and Accreditation by interfacing with the organizations that will test and make a risk decision concerning the system. She is responsible for gathering the information and supporting evidence required for the C&A package including assessment of the management, operational, and technical security controls of the system as well as facilitating the development of necessary documents. (ST&E, SRTM, PUG, SFUG, Security CONOPS, SSP, ect.).
EA
Eagle Alliance/CSC
Annapolis Junction, MD
10/2005 to 10/2009
Information Systems Security Engineer
Senior ISSE at the Office of the Director of National Intelligence (ODNI) responsible for Security Engineering and Processes. Evaluation of tools and requirements analysis.
Performed duties as an Information Assurance Engineer support of internal and external customers. Provide technical security support for the government customer advising on a broad range of security issues including system threat vulnerability assessments, system security requirements/architectures and security risk management. In addition, contributes to policy and provides guidance for policy documentation/implementation.
Evaluates and analyses security tools to provide recommendations to the customer particularly in Continuous Monitoring to assist the customer with regulation compliance. Responsible for technical level briefings.
ISSE/SDSO: Responsible for engineering security solutions for modernization and various mission projects and enterprise level efforts using VPN (Safenet), auditing and monitoring (Esecurity), firewalls etc. Responsible for the C&A process including ST&E/CT&E. Facilitate progress from conception through all phases of the NISCAP process. Pilot program development. Risk Assessment. Enterprise Auditing and Monitoring Implementation. Provide input to the customer for process improvement and security tool evaluation and selection.
VanDyke Technology Group
Annapolis Junction, MD
Information Systems Security Engineer
2/2004 to 10/2005
Provide information systems security to support the computer network defense and vulnerability assessment using H.E.A.T., Nessus, Retina and other VA and hacker tools. Apply knowledge of vulnerabilities that may cause inappropriate or accidental access, destruction, or disclosure of information. Review maintenance and IT infrastructure procurement processes to ensure efficient and adequate security provisions using knowledge of information security standards DCID 6/3 and NSA/CSS Manual 130-1. Perform security reviews on system development projects. Assess and review current technology infrastructure to identify key risk areas, ensure adequate levels of controls are in place to address those risks. Provide directions and strategies for risk mitigation. Perform vulnerability scanning on IS to ensure adequate protection has been put in place to meet the requirements for those systems. Ms. Ehlers was responsible for planning, organizing projects, and ensuring the quality of client deliverables, out-briefs, final reports, and security recommendations. She, maintained and expanded client relationships through delivery of high-quality work, Educating and assisting clients with preparation of C&A documentation (ST&E, SRTM, PUG, SFUG, Security CONOPS, SSP, etc.).
Eagle Alliance/CSC
Annapolis Junction, MD 10/2000 to 2/2004
Information System Security Engineer
10/2000 to 2/2004st & evaluate security management tools according to specific system level security requirements that address SLA's, performance, and total cost of ownership. Identify limitations in combining components and mechanisms and provide support to the evaluation of security solutions for the infrastructure. Deliver value added security support to various frameworks across Eagle Alliance by completing testing requests in support of Service Level Agreements, while ensuring compliance to the Customer’s security requirements. Develop test plans and procedures for testing and evaluation of security management tools. Perform state of the art theoretical studies and/or laboratory experiments on contemporary IA technologies for Eagle Alliance. Conduct systems security analysis and integration testing of ISS enabling products and techniques and develop ISS test plans and procedures in support of EA major acquisitions, operations, maintenance, and training efforts. Coordinate with internal EA representatives and clients to gather information pertaining to security requirements, policies, threats, vulnerabilities, and network architecture that will be used to help minimize or mitigate risk. Provide value-added IA product technical guidance to EA and client security design activities and ISS integration testing support for EA Certification and Accreditation activities.
Information Systems Security Officer
Execute the role of an Information Systems Security Officer (ISSO). Primary responsibilities include verifying and updating Systems Security Plan (SSPs) for hardware and software. Additionally, approve and facilitate file transfers, investigate incident reports and perform virus-User Guide,
Database Administrator/Security/ Engineer
Primary responsibility was to setup and implement a government (DoD) Agency Domestic Technology Transfer Customer Service Center DTT/CSC. Duties included defining security processes and procedures, implementing, and coordinating center protocol including opsec, web and database security. Specifically:
Developed and implemented a database management system to include web data access page.
Designed, developed, and maintained a DTT/CSC database.
ARC Professional Services
Hanover, MD
1987 to 1992
Systems Analyst DoD
Subcontracted by AT&T on the Agency Standard Host (ASH) Contract. Performed as a Network/System Security Administrator on 5 3B15’s used as a security monitoring system in a UNIX environment. Duties included maintaining user accounts including access control, disk partitioning, and installation of SW upgrades, maintaining backups, implementation of security policy and procedures as well as an accurate physical and logical picture of the network including data flow.
Reviewed logs to locate an unusual or “bad” su attempts and other anomalies, check file permissions for and encrypt security and password files. Implemented security processes and procedures and sanitized disks for disposal. Update topology maps for the Starkeeper Network Monitoring System Alarm Reporting to ensure security of network from unknown devices.
Certifications: CISSP, ISSEP, CAP, FITSP-M
Education: Capella University
Master of Science 6/2016
Network Defense
University of Maryland
Baltimore, MD
Bachelor of computer Science 8/07
Computer Studies
Training
ISSEP Boot CAMP 2/2009member
Clas1198, Clas1199, OAIC1170, OAIC2225
Sourcefire Network IDS
AFCEA
eSecurity Administrator & Agent Development
Cisco Security Agent (CSA) Host IDS
SANS Security Essentials (GIAC)
Linux and UNIX Security
DISA Conference August 2011
Contact this candidate