Cyber Security Architecture

Location:

Grifton, NC

Salary:

$126,529.00

Posted:

February 17, 2025

Contact this candidate

Resume:

QUALIFICATIONS PROFILE

Technically sophisticated, seasoned, and talented professional, offering hands-on experience in information assurance and cyber security architecture. Consistently thrive in finding innovative ways to improve operation productivity through introducing new technologies, systems, methods, and controls. Strong team builder and coach; skilled at inspiring confidence, leading by example, and managing high-performance teams committed to protecting critical systems of industry and government. Expert with USAF SABER, NSA ISSE Guard, Juniper STRM SIEM, HP Fortify, McAfee Total Protection For End Point complete product line and NIST 800-53, and FEDRamp. Adept at maintaining high ethical and quality standards, professional demeanor, and a cooperative attitude. Display keen eye for detail with extreme ability to multitask in fiercely competitive, multi-platform, and fast-paced environments. Multilingual in Spanish, Dari, and Pashto.

CORE STRENGTHS

Federal Enterprise Architecture Framework

Department of Defense Architecture Framework

Web Based Applications Architecture and Development

Joint Architecture Reference Model

Project Management and Operations

Technical Support and Troubleshooting

Leadership, Training, and Team Building

Continuous Performance and Process Improvement

Quality Assurance and Regulatory Compliance

Time Management and Prioritization

Analytical with Strong Organizational Skills

Cyber Threat Intelligence

Cyber Threat Management

Dark Web and Deep Web Collection and Analysis

SOC Management

Threat Modeling

FedRamp

GRC

Conflict Resolution and Decision Making

NERC CIP

Cyber Program Management

Cyber Program Assessment

Cyber Incident Response

NIST 800-53

NIST 800-30

EMPLOYMENT HISTORY

Cradlepoint/Ericsson

Senior Cyber Security Architect

August 2022-Present

As the Senior Cyber Security Architect, I provide expert leadership and advice to Cradlepoint and Ericsson clients in Enterprise Security Engineering and Architecture, Applications Security Architecture and secure applications development using NIST 800-53, NIST 800-30, MITRE ATT&CK, ISO 270001, Threat Modeling, the Software Security Framework and TOGAF, Zachman, and FEAF architecture frameworks. I am responsible for advising clients on the planning, implementation and auditing of security policies and procedures which safeguard the integrity of and access to systems and electronic information to protect information against accidental or unauthorized modification, destruction, or disclosure. I am also responsible for identifying areas where information security policies and procedures require creation or update and work collaboratively with clients to develop and implement these policies and procedures. I lead IT Security and Architecture initiatives, IT Security Assessments, Technical Security Assessments, related to critical cyber security issues and recommend remediation and enhancement projects. I also led the Cradlepoint/Ericsson FEDRamp initiative.

Commonwealth of Virginia richmond, VA

Senior Cyber Security Architect, Office of the CISO

August 2017-August 2022

As the Senior Cyber Security Architect in the Office of the Chief Information Security Officer, I provided expert leadership and advice to Commonwealth Executive Branch clients in Enterprise Security Engineering and Architecture, Applications Security Architecture and secure applications development using NIST 800-53, MITRE ATT&CK, ISO 270001, the Software Security Framework and TOGAF, Zachman, and FEAF architecture frameworks. I was responsible for advising clients on the planning, implementation and auditing of security policies and procedures which safeguard the integrity of and access to systems and electronic information in order to protect information against accidental or unauthorized modification, destruction, or disclosure. I was also responsible for identifying areas where information security policies and procedures require creation or update and work collaboratively with clients in order to develop and implement these policies and procedures. As a Senior Manager, I advised C suite executives, senior management, developers, and auditors, in identifying and planning security for data, software applications, hardware, telecommunications, and computer installations. I also advised the Commonwealth CIO, CISO, CFO, and Office of the Governor, and other senior executives with risk assessments and cyber security briefings related to critical cyber security issues and recommend remediation and enhancement projects.

EY McLean, VA

Senior Manager, Advisory Risk Cyber Security

March 2015-August 2017

As a Senior Manager in the Global Advisory practice at EY, I provided expert leadership and advice to EY clients in Enterprise Security Engineering and Architecture, Applications Security Architecture and secure applications development using NIST 800-53, MITRE ATT&CK, the Software Security Framework and TOGAF, Zachman, and FEAF architecture frameworks. I was responsible for advising clients on the planning, implementation and auditing of security policies and procedures which safeguard the integrity of and access to systems and electronic information in order to protect information against accidental or unauthorized modification, destruction, or disclosure. I was also responsible for identifying areas where information security policies and procedures require creation or update and work collaboratively with clients in order to develop and implement these policies and procedures. As a Senior Manager, I advised C suite executives, senior management, developers, and auditors, in identifying and planning security for data, software applications, hardware, telecommunications, and computer installations. I also advise the CIO, CISO, CFO, COO, other senior executives with risk assessments and cyber security briefings related to critical cyber security issues and recommend remediation and enhancement projects.

The College Board reston, VA

Senior Cyber Security Engineer, Office of the CIO

Nov 2014–March 2015

Provide expert oversight in Applications Architecture and applications development using the Software Security Framework. Planned and coordinated Cyber Threat Intelligence, SSDL Touchpoints, SEIM integration and deployment, Cyber Incident response Team, and deployment activities associated with best in breed Cyber security technologies. Led and mentored staff employees and contractors to develop their competencies and achieve their maximum level of performance.

Initiated the development and integration of Services Oriented Architectures, in compliance with Zachman and TOGAF frameworks.

Gained comprehensive experience on Attack Models, Security Features and Design, Standards and Requirements, Architecture Analysis, Code Review, Security Testing, Penetration Testing, Software Environment, Vulnerability Management, and Change Management

Demonstrated proficiency in utilizing various vulnerability analysis tools, such as Vera Code, HO Fortify, Rapid 7, Metasploit, Wireshark, and Qualys.

Played a vital role in developing strategic architectures, in alignment with enterprise IT cost reduction goals of national and organizational leadership

Served as integral contributor in the development of desktop integration

GCI Federal Fairfax, VA

Managing Consultant, F35 Lightening II Program Office, Office of the CIO, GS-15

March 2012–Nov 2014

Planned and coordinated the development and deployment of the enterprise security architecture of the Joint Strike Fighter Multi-Level Security Architecture with the USAF SABER, SEIM, and the NSA ISSE Guard

Led the Certification and Accreditation efforts for the Joint Strike Fighter Multi-Level Security Architecture

Initiated the development and integration of Services Oriented Architectures, in compliance with Joint Architecture Reference Model and Federal Enterprise Architecture Framework

Demonstrated proficiency in utilizing various software testing tools, such as Vera Code, as part of the testing phase in the software development lifecycle

Played a vital role in developing strategic architectures, in alignment with enterprise IT cost reduction goals of national and organizational leadership

Served as integral contributor in the development of desktop integration

Central Intelligence Agency National Reconnaissance Office Chantilly, VA

Group Chief, Enterprise Service Integration Group, Office of the CIO, GS-15

Nov 2011–March 2012

Provide expert oversight in Applications Architecture and applications development using the Software Security Framework. Planned and coordinated Intelligence, SSDL Touchpoints, and Deployment activities associated with secure software development. Led and mentor CIA Staff Officers and contractors to develop their competencies and achieve their maximum level of performance.

Initiated the development and integration of Services Oriented Architectures, in compliance with Joint Architecture Reference Model and Federal Enterprise Architecture Framework

Demonstrated proficiency in utilizing various software testing tools, such as Vera Code, as part of the testing phase in the software development lifecycle

Played a vital role in developing strategic architectures, in alignment with enterprise IT cost reduction goals of national and organizational leadership

Served as integral contributor in the development of desktop integration

Central Intelligence Agency Washington, DC

GS-15

Aug 2008–Nov 2011

Participated in ground level NCS/CTC operations against global terrorism such as the High Value Detainee trials at Guantanamo Bay and ground operations in Afghanistan, Pakistan, Iraq, and other areas of the world.

CIA Information Assurance Architect/Information Assurance Architect, GS-15

Aug 2007–Aug 2008

Wrote and implemented guides for the development of Common IA Architecture Artifacts; additional IA Architectures, methodologies, and frameworks; Roadmap to Zachman Framework for Enterprise IA Architecture; Roadmap to FEA Enterprise IA Architecture; IA Architecture for SOA; and Implementation of SML. Drove all efforts in the completion of tactical mobile requirements of NCS at the TS and SECRET layers. Forged critical and ongoing collaborative coalitions across organizational lines in ODNI, NRO, NGA, FBI, as well as inside the CIA and IAG.

Pioneered the creation and establishment of an IA Architecture framework doctrine that blends the Department of Defense Architecture Framework (DoDAF), the Zachman Framework, and the Federal Enterprise Architecture (FEA) Framework into what is known as the IAG IA Architecture (I2A2) Framework, thus providing:

oA FEAF compliant Business Reference Model (BRM), Service Reference Model (SRM), Technical Reference Model (TRM), and Performance Reference Model (PRM)

oA “snap-in” architecture framework and supporting artifacts that will facilitate strategic IA architecture development for all CIA information system projects

Commended for generating thousands of Enterprise IA Architecture Artifacts and eight Enterprise IA Architecture Standards and Technical Directives

Earned distinction from peers and stakeholders as an expert in architecture frameworks and development; as a strategic thinker; an agent for changes; a strong proponent for early technology adoption; and an excellent collaborative partner

Senior CIA Staff Officer / Chief of the Vulnerability Alert Management Program (VAMP)/Chief Technology Officer (CTO)/INFOSEC Engineer, GS-15

Mar 2006–Aug 2007

Supervised daily activities of five CIA staff officers and contractors toward fulfillment of target goals. Architected and deployed a security patch management program throughout CIA enterprise information systems and networks. Reviewed and evaluated best-of-breed INFOSEC technologies and recommended INFOSEC technologies to the CIO for implementation into the CIA information system architecture.

Recognized as CIA representative for the ODNI Information Assurance Vulnerability Alert (IAVA) Program, the ODNI Information Operations Condition (INFOCON) Program, the OSD Joint Task Force-Computer Network Operations (JTF-CNO), the DoD Anti-Virus Program, the US-CERT Intrusion Detection and Analysis Program, and the ICIRC

Successfully co-authored several DoD, IC, and national level policies and directives on CND while simultaneously participating in numerous DoD, IC, and national level CND working groups and task forces

Senior CIA Staff Officer/Chief of the Threat and Vulnerability Assessment Program (TVAP)/INFOSEC Engineer, GS-15

Aug 2005–Mar 2006

Applied dynamic leadership talents to 10 CIA staff officers and contractors. Responded to computer emergencies at all CIA locations worldwide.

Appointed as program manager of the CIA Computer Incident Response Team/Computer Network Defense (CIRT/CND) Operations and Services Program which includes Attack Warning and Sensing (IDS and anti-virus), CND Course of Action (CoA) development and execution, Situational Awareness (CND Intelligence), Indications and Warning (IDS), and Blue Team Activities; the CIA Corporate Anti-Virus Strategy Program; the CIA Information Operations Condition (INFOCON); the CIA Information Assurance Vulnerability Alert (IAVA) Program; the CIA CND Intelligence Program; the CIA Vulnerability Analysis and Assessment Program; and the CIA Computer Incident Response Program (CIRT)

Highly praised as an expert in investigation through analysis of forensic evidence for computer crime and misuse, investigation of and recovery from outbreaks of malicious code, investigation and recovery from network penetrations and hacker attacks, and monitoring of all network and Agency Internet activity through the use of specialized Intrusion Detection Software (IDS) tools

Senior CIA Staff Officer / System Engineer, GS-15

Aug 2004–Aug 2005

Presided over five CIA staff officers and contractors. Gathered and disseminated intelligence on countries and groups that may pose risk to CIA information systems and networks. Expertly managed the Agency Virus Response Team (VRT) and responded to special requests in support of INFOSEC and CIRT/CND operations and services from internal and external customers.

Chosen as program manager for the Agency’s Malicious Code Program (MCP)

Contributed to the development and engineering of the agency’s malware countermeasures and customization of INFOSEC software

Exemplified outstanding performance in supporting the IOC, CCG, and DO with customized Computer Network Operations (CNO) Intelligence for targeted countries and groups for operations and asset protection

Central Intelligence Agency National Reconnaissance Office Chantilly, VA

Senior CIA Staff Officer / Group Chief for the Computer Security Group, Office of the CIO, GS-15

Apr 2004–Aug 2004

Displayed unsurpassed expertise in managing 27 CIA staff officers and contractors. Fulfilled expanded responsibilities as the NRO CND Architect.

Primarily held responsible for the NRO CIRT/CND Course of Action (CoA) development and execution, Situational Awareness (CND Intelligence), Red Team Activities, the NRO Anti-Virus Strategy Program, NRO Information Operations Condition (INFOCON), the NRO Information Assurance Vulnerability Alert (IAVA) Program, and the NRO Computer Incident Response Program

Central Intelligence Agency/National Geospatial-Intelligence Agency Washington, DC

Computer Scientist/Engineer, GS-15

December 1988–Apr 2004

Functioned as Chief of the Defensive Information Operations Branch, NGA Incident Management Team (NGA IMT/CIRT). Instructed courses such as Information Systems Security Officer (ISSO) Certification training, PL 100-235 training, Designated Accrediting Authority (DAA) training, Network Security Officer (NSO) training, and System Administrator training. Established and enforced agency-wide policies and programs for NGA CND Programs and Services. Served as NGA representative for all CND Operations and Services to the Commander-in-Chief, United States Space Command (CINCSPACE), and the ICIRC.

Selected as the Program Manager for the NGA Computer Network Defense (CND) Operations and Services Program which includes Attack Warning and Sensing (IDS and anti-virus), CND Course of Action (CoA) development and execution, Situational Awareness (CND Intelligence), Indications and Warning (IDS), and Red Team Activities, the NIMA Corporate Anti-Virus Strategy Program, the NGA Information System Security Manager (ISSM) Program, NGA Information System Security Officer (ISSO) Program, NGA Public Key Infrastructure (PKI) Implementation Program, NGA Information Operations Condition (INFOCON), the NGA Information Assurance Vulnerability Alert (IAVA) Program, the NGA Cyber Counterintelligence Program, the NGA Vulnerability Analysis and Assessment Program, and the NGA Computer Incident Response Program

Gained distinction as an expert in the investigation through analysis of forensic evidence for computer crime and misuse, investigation of and recovery from outbreaks of malicious code, investigation and recovery from network penetrations and hacker attacks, and monitoring of all network and Agency Internet activity through the use of specialized Intrusion Detection Software (IDS) tools

Conceptualized and implemented Information Assurance/ Computer Security training programs, and served as NIMA instructor for all Information Assurance/Computer Security training

Selected by the Director of Mission Support Office to serve as Division Chief of the NGA Critical Information and Infrastructure Protection (CIIP) Office

Masterfully led the implementation of Presidential Decision Directive (PDD) 63, Critical Infrastructure Protection (CIP); PDD 67, Enduring Constitutional Government and Continuity of Government Operations; PDD 62, Protection Against Unconventional Threats to Homeland and Americans Overseas; PDD 39, U.S. Policy on Counter-Terrorism; DoD Directive 5160.54, Critical Asset Assurance Program (CAAP); and the DoD Critical Infrastructure Protection Plan under time constraints

Recognized as the catalyst in the creation of the CIIP Concept of Operations and CIIP Staffing Plan; developed and implemented the contract instrument for program support

Personally chosen as the NGA CND Architect responsible for the direct supervision of eight computer scientists and computer specialists

Served as the Director of NGA’s representative to the Military Intelligence Board (MIB) for Cyber Threat to the United States, ASD (C3I) for the Information Assurance Vulnerability Alert (IAVA) Program, the ASD (C3I) Information Operations Condition (INFOCON) Program, the ASD(C3I) Joint Task Force-Computer Network Operations (JTF-CNO), and the DoD Anti-Virus Program; and worked as NGA J2 POC for the DoD Intrusion Detection and Analysis Program

EDUCATION & CERTIFICATIONS

General Studies Northern Virginia Community College, Graduated magna cum laude, GPA: 3.9

General Studies George Mason University, Dean's List, GPA: 3.9

Certified Information System Security Professional (CISSP) Certified Enterprise Web Security Professional (CEWSP)

Certified Network Security Professional (CNSP) Certified CISCO Wi-Fi Security Professional (CCWSP)

Certified Ripken Baseball Coach Certified Advanced Ripken Baseball Coach

PROFESSIONAL TRAINING

TECHNICAL TRAINING

Introduction to JUNOS Operating System Juniper JUNOS Routing Essentials

JUNOS Intermediate Routing JUNOS Advanced Routing

CISCO Unified Wireless Basic Network Architecture Course

CISCO Wireless Clients Course

CISCO Wireless Antennae and Spread Spectrum

Technologies Course

CISCO Wireless Frame Basics and Non-Standard Technologies Course

CISCO Wireless Fundamentals Course

CISCO Wireless LAN Technologies Course

Security and the Wireless Environment Course

Wireless Communications Basics Course

Wireless Attacks and Countermeasures Course

Cyber Collections Course

The Art and Science of System Architecting Course

Advanced Concepts in Systems Engineering Course

Vital Software Engineering and Management Principals Course

Imagery Intelligence Analysis Course

Ground Enterprise Architecture Course

IMINT Electro-Optical Systems Course

IMINT Radar Systems Course

Imagery Sensor Systems Course

Space Based IMINT Course

Motion Imagery Operations Course

Overhead Persistent Infrared Course

MTX Blue Force Tracker Course

National Overhead Support to Isolated Personal Recovery Course

AZ500 Azure Security

NERC CIP

Threat Modeling

EXECUTIVE DEVELOPMENT TRAINING

Managing and Leading Change From the Middle (Brookings Institute)

Executive Leadership In A Changing Environment (Brookings Institute)

Looking Glass Executive Development (Harvard Business School)

Program on Creative Leadership (Harvard Business School)

OPERATIONS TRAINING

Glock Qualification Course

M4 Qualification Course (Qualified With ACOG and PEQ II)

Blackwater USA Tactical Operations Officer Course

Blackwater USA Isolated Personnel Recovery Course

Fundamentals of Covert Action Course

Covert Action Officer Development Course

Terrorist Watchlisting and No-Fly List Course

Blackwater USA Close Quarters Combat Course

Blackwater Tactical Raid Planning Course

Blackwater USA Tactical Combat Casualty Care

Blackwater Combat Trauma Responder Course

Blackwater Hand-to-Hand Combat Mixed Martial Arts Course

Basic EMT Trauma Responder Course

Advanced EMT Trauma Responder Course

BSR High Speed Tactical Driving Course

Behavioral Assessment and Elicitation Interrogation Course

Asset Interviewing and Validation Interrogation Course

High Threat Meetings Course

Survival, Evasion, Resistance, Escape (SERE)

Blackwater USA Advanced Helicopter Operations

Residential Security Course

Defeating Security Containers and Locking Hardware Course

Afghanistan Area of Responsibility Operations Course

Pakistan Area of Responsibility Operations Course

Iraq Area of Responsibility Operations Course

Iran Area of Responsibility Operations Course

China Area of Responsibility Operations Course

North Korea Area of Responsibility Operations Course

Syria Area of Responsibility Operations Course

Libya Area of Responsibility Operations Course

Afghanistan Area of Responsibility Operations Course

Central and South America Area of Responsibility Operations Course

Russia Area of Responsibility Operations Course

Graduate Level 3 Combatant in Krav Maga

PROFESSIONAL AFFILIATION

International Information Systems Security Certification Consortium, Inc., (ISC) ®

Krav Maga Global

MAJOR ACHIEVEMENTS

Lifetime Member, Phi Theta Kappa, International Scholastic Honorary Society President's Volunteer Action Award Finalist, 1990

CIA Exceptional Performance Award, April 2004, June 2005 and August 2005

Meritorious Unit Citation, 2002 and 2003 DoD Superior Civilian Service Award, 2002

NIMA Excellence In Service Award, 1999 NIMA Special Act Award, 1997-1999

DMA/NIMA Special Act Award, 1991, 1994 and 1996 DMA Employee of the Year, 1991

Graduate Level 3 Combatant in Krav Maga

Certified Krav Maga Global Instructor

Contact this candidate