Information Technology Program Manager
Resume:
WORK EXPERIENCE OVERVIEW:
Security Clearance: Cleared for information up to the TOP SECRET - SCI level based on a Single Scope Background Investigation (SSBI) completed on 18 January 2018.
GS-14 (General Services Administration Federal Civilian)
GS-2210-14 [Dec 2023-Present] / GS-2210-13 [Feb 2023-Dec 2023] Feb 2023-PRESENT
Information Technology Program Manager (Enterprise Information Cyber Security) serving as cybersecurity, audit, assessment, vulnerability management, and cyber risk mitigation liaison for the GSA IT Digital Infrastructure Technologies Program Management Office (IDT PMO). Managing compliance and working to maintain cohesive relationships between IS and IDT. Ensuring FISMA compliance for a multitude of GSA infrastructure IT systems, including EIO, I-EAS, and EIP.
GS-13 (U.S. Army Civilian) United States Army, Civilian GS-2210-13 Dec 2020-Feb 2023
Information Technology Specialist (Information Security) serving as Information Systems Security Officer (ISSO) for the US Army Defense Forensic Science Center (DFSC), Biometrics Operations Directorate (BOD) at the Biometric Technology Center (BTC) in Clarksburg, WV
GS-13 (U.S. Air Force Civilian)
United States Air Force, Civilian GS-2210-13 Nov 2019-Dec 2020
Information Technology Specialist (System Administration) performing as Information Systems Security Manager (ISSM) and Government Cybersecurity Lead for the Air Force Simulation and Analysis Facility (SIMAF). Division and (AFLCMC/XA) at Wright-Patterson AFB, OH
United States Air Force, Civilian GS-1101-13 Apr 2018-Nov 2019
Acquisition Program Manager responsible for Modeling, Simulation and Analysis project software design, integration, development, and testing at the Air Force Simulation and Analysis Facility (SIMAF) Wright-Patterson AFB, OH
GS-12 (U.S. Air Force Civilian)
United States Air Force, Civilian GS-2210-12 Oct 2016-Apr 2018
Information Technology Specialist (System Administration) performing as Government Cybersecurity Lead and Information Systems Security Officer (ISSO) for the Air Force Fighter Bomber Directorate Special Programs Division, Wright-Patterson AFB, OH
United States Air Force, Civilian GS-2210-12 Mar 2016-Oct 2016
Information Technology Specialist (System Analysis) Business and Enterprise Systems, Wright-Patterson AFB, OH
United States Air Force, Civilian GS-1101-12 Oct 2013-Mar 2016
Acquisition Program Manager (Enterprise Resource Planning--ERP) Deployment/Training Program Manager at Defense Enterprise Accounting Management System (DEAMS) Business and Enterprise Systems, Wright-Patterson AFB, OH
GS-11 (U.S. Air Force Civilian) GS-1101-11 [Oct 2012-Oct 2013] / GS-1101-09 [Oct 2011-Oct 2012]
Information Technology Acquisition Program Manager at Enterprise Combat Support System (ECSS) with Business and Enterprise Systems, Wright-Patterson AFB, OH
Defense Contractor (U.S. Air Force) PE Systems, Inc. Defense Contractor Nov 2009-Oct 2011
Program Management/Database Administration, KC-46 Program Office, Wright-Patterson Air Force Base, OH
Active Duty (U.S. Army) United States Army (Active) 42L/42A/95B Sep 1987-Aug 2007
Intelligence, Military Police, Investigations, Human Resource Administration, French/German Linguist on Various Worldwide Assignments
SUMMARY OF PROFESSIONAL EXPERIENCE
Functional Areas of Expertise: Highly experienced and results-oriented Information Technology and Acquisition professional with a proven track record of success in cybersecurity, program management, and systems implementation within the federal government. Expertise in FISMA compliance, Risk Management Framework (RMF), vulnerability management, cyber risk mitigation, and IT infrastructure management. Possesses strong leadership, communication, and interpersonal skills, with a demonstrated ability to build and maintain effective relationships with stakeholders at all levels. Prior military service (U.S. Army) with experience in Intelligence, Military Police, Investigations, Human Resource Administration, and language skills (French/German). Served more than 33 years in information security and IT program management within federal and Department of Defense organizations, including ISSO, ISSM, IT Cybersecurity SME, and Cybersecurity Liaison for Infrastructure. Hands-on technical experience in networking, system administration, and development, as well as knowledge of CI/CD pipelines, virtualization, software-defined infrastructure, and cloud computing technologies, experience with FISMA and RMF compliance and managing high-profile IT projects.
Demonstrated expertise in information security practices, Implemented OWASP best practices and remediated web pages and system vulnerabilities using tools like Tenable Security Center/Nessus, NMAP, BurpSuite, Wireshark, AVS Invicti/Netsparker, Cisco Vulnerability Management. Implemented information security practices within the Department of Defense, Department of State, federal (GSA) agencies, and higher education, ensuring compliance with regulatory standards, executive orders, binding operational directives (BOD), and cyber task orders/directives. Strong background in information security, cybersecurity, and IT program management, with multiple certifications from SANS/GIAC, plus ISC(2), CompTIA and EC Council. Cloud Security: Understanding of Cloud Security Providers (CSP) and secure engineering of cloud-based, hybrid, and on-premise solutions. Experience with Google Cloud, AWS, and Microsoft Azure environments. Knowledge and experience implementing government security standards and industry best practices, including NIST (RMF), OWASP, DoD (Common Criteria), DISA STIGS and hardening guidance, and SANS Institute best practices.
Implemented information security practices within Department of Defense, Department of State, and federal (GSA) agencies, and higher education, ensuring compliance with regulatory standards, executive orders, binding operational directives (BOD) and cyber task orders/directives. Completed SANS Cybersecurity Engineering Graduate Certificate program February 2025. System Reviews and Risk Management: Reviewed information systems to ensure effective controls during all phases of the system lifecycle. Identified and evaluated security risks, threats, weaknesses, and vulnerabilities making recommendations to management of potential courses of action and alternatives.
Performed hands-on technical tasks in networking, system administration, and development, using a defensible security architecture approach which contributed to more robust and secure IT infrastructure. Conducted static and dynamic analysis on source code and binary files. Used automated tools and manual methods for intrusion analysis, audit log reviews to determine “what happened and when” and responded to system alerting. Used Tenable Nessus and Splunk for audit log review and system alerting, and implementing remediation using BigFix, patching and legacy technology replacement.
Optimized Continuous Integration/Continuous Delivery (CI/CD) Pipelines, implemented a virtualization prototype system to facilitate rapid concept development of software, frameworks, and simulation models, migrated from hardware-based to software-defined infrastructure and networking, and cloud computing technologies, driving innovation and operational efficiency. Executed projects within Scaled Agile Framework (SAFe) development environments, ensuring efficient, secure and effective project delivery. Experience in program management and security in agile, SCRUM, SAFe development environments, and migration from traditional system authorization to ongoing authorization and continuous monitoring. Experience as a program manager and security technical expert in executing scaled agile development (Oracle ERP) methodology, CI/CD for development and testing of new capabilities and simulation software models and frameworks, and leading enterprise technology modernization projects. Provided artifacts and demonstrations for assessment and ongoing authorization. Identified and evaluated security risks, threats, weaknesses, and vulnerabilities and implemented patching, mitigation measures, or developed risk acceptance documentation.
Cybersecurity Law Enforcement Experience: Prior experience at FBI (DoD Army Biometrics) and 20 years of DoD law enforcement/investigative/intelligence operational experience. Significant experience in information security practices within federal and DoD organizations, including roles as ISSO, ISSM, IT Cybersecurity SME, and Cybersecurity Liaison. Assisted customers and management stakeholders in identifying and evaluating and planning the mitigation of security risks. Developed executive reports and provided high-level presentations and briefings
Attention to Detail: Reviewed requirements, designing and deploying software and hardware systems necessary to operate technologies crucial to meeting organizational mission objectives. Meticulous application of risk management to identify system vulnerabilities, determine risk to the mission/organizational information, implement necessary control measures, and report results for management review.
Customer Service: Provided support, guidance, and direction to both internal and external customers on user account, software, hardware network and system requirements, implementation, and usage. Coordinated with warfighter customers to ensure mission and functional requirements were being met by the provided hardware/software capabilities.
Oral and Written Communication: Prepared and presented briefings, studies, and other analyses to senior management officials, Office of the Secretary of Defense, Air Force, and Army stakeholders. Responsible for providing technical guidance, cybersecurity training, and instruction.
Problem Solving: Skilled in developing / analyzing technical specifications, problem diagnosis and resolution, procurement/contract and project management, such as analyzing system dumps, network packet captures, and application and systems logs to locate errors, alert management and security personnel of problems, and identify security issues and respond appropriately to them. Provided leadership with options to choose from in balancing security and mission capability by providing cost, schedule, performance, and risk implications to decisions that had to be made regarding functionality and development/deployment schedules.
Analysis: Extensive experience using customary approaches, techniques, and requirements appropriate to analyze requirements, develop acquisition strategies, and implement system enhancements.
Information Technology: Demonstrated expert-level information technology skills. Experience in broad range of hardware, operating systems, applications software, databases, and complete Software Development Life-Cycle (SDLC) for large/small systems, including development, installation, configuration, maintenance, and troubleshooting. Experienced with large enterprise resource planning systems (Oracle ERP) and Air Force modeling and simulation software and hosting environments.
Program/Project/Contract Management: Experienced in assessing and managing the cost, schedule, and technical performance progress of projects supporting multiple Billion dollar plus acquisition programs through phases of the acquisition cycle, developing and implementing program controls and planning, organizing, and executing contracting, engineering, testing, logistics, training, deployment, operations, and sustainment activities. Supported Contracting Officer and Contracting Officer’s Representative review and validation of contract deliveries, invoicing and billing, submitting performance ratings using Contractor Performance and Rating System (CPAR). Possess understanding of acquisition and contracting requirements necessary to manage contract quality and performance and serve as a technical representative on IT hardware, software, and services contracts. Reviewed/managed requirements during initiation through completion for software design and development contracts for multiple programs.
Military: Global cybersecurity, financial management, contracting, and intelligence experience in SCIF/SAP/SAR assignments requiring maintenance of a TS-SCI clearance as a French linguist for the Defense Intelligence Agency at three U.S. Embassies in Africa and the National Air and Space Intelligence Center (NASIC); as well as cybersecurity specialist for the United States Air Force Fighter Bomber Special Programs Division and Simulation and Analysis Facility (SIMAF).
Special Skills (French and German Linguist): Trilingual; speaking, reading and writing English, French, and German fluently with twelve years of overseas immersion experience.
Security Clearance: Cleared for information up to the TOP SECRET - SCI level based on a Single Scope Background Investigation (SSBI) completed on 18 January 2018.
EDUCATION
Cybersecurity Engineering Graduate Certificate, SANS Institute, MD (2025)
Masters, Management Information Systems (MIS), Wright State University, OH (2012)
Computer Usage/Applications Certificate, Rio Salado Community College, AZ (2008)
Bachelor of Science, Excelsior College, NY (2006) Major-German/French, Minor-InfoTech
Associate of Arts, University of New York, NY (1995)
CERTIFICATIONS and TRAINING:
Associate C CISO, 2024 EC-Council
Governance and risk management, Information security controls and audit management, Program management and operations, and Information security core competencies.
GIAC Certified Intrusion Analyst (GCIA), 2024
The GIAC Intrusion Analyst Certification validates a practitioner’s knowledge of network and host monitoring, traffic analysis, and intrusion detection.
Fundamentals of Traffic Analysis and Application Protocols
Open Source IDS: Snort and Bro
Network Traffic Forensics and Monitoring
GIAC Defensible Security Architecture (GDSA): 2022
The GIAC Defensible Security Architecture Certification validates a practitioner’s understanding of design and implementation of an effective combination of network-centric and data-centric controls to balance prevention, detection, and response.
Cloud-based Security Architecture
Data Discovery, Governance, and Mobility Management
Data-Centric Security
Fundamental Layer 3 Defense
Fundamental Security Architecture Concepts
IPv6
Layer 1/Layer 2 Defense
Network Defenses
Network Encryption and Remote Access
Network Proxies and Firewalls
Zero Trust Endpoints
Zero Trust Fundamentals
Zero Trust Networking
ISC(2): Cybersecurity Information System Security Professional (CISSP), 2021
Security and Risk Management
Asset Security
Security Architecture and Engineering
Communication and Network Security
Identity and Access Management
Security Assessment and Testing
Security Operations
Software Development Security
GIAC Security Leadership Certification (GSLC): 2021
The GIAC Security Leadership Certification validates a practitioner’s understanding of governance and technical controls focused on protecting, detecting, and responding to security issues.
Cryptographic Applications
Cryptography Concepts for Managers
Incident Response and Business Continuity
Managing a Security Operations Center
Managing Application Security
Managing Negotiations and Vendors
Managing Projects
Managing Security Architecture
Managing Security Awareness
Managing Security Policy
Managing System Security
Managing the Program Structure
Network Monitoring for Managers
Network Security and Privacy
Networking Concepts for Managers
Risk Management and Security Frameworks
Vulnerability Management
GIAC Security Essentials (GSEC), 2020
The GIAC Security Essentials Certification validates a practitioner's knowledge of information security beyond simple terminology and concepts.
Prevention of attacks and detection of adversaries
Networking Concepts, Defense in Depth, Secure Communications
Foundational Windows and Linux Security
GIAC Certified Incident Handler (GCIH), 2020
The GIAC Incident Handler Certification validates a practitioner’s ability to detect, respond, and resolve computer security incidents using a wide range of essential security skills.
Incident Handling and Computer Crime Investigation
Computer and Network Hacker Exploits
Hacker Tools, (NMAP, Nessus, Metasploit and Netcat)
CompTIA: Security+, 2016
Assess the security posture of an enterprise environment and recommend and implement appropriate security solutions
Monitor and secure hybrid environments, including cloud, mobile, and IoT
Operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance
Identify, analyze, and respond to security events and incidents
Cybersecurity Training and Education
- SEC530 Defensible Security Architecture and Engineering: Implementing Zero Trust for the Hybrid Enterprise (SANS Institute) Course (2022)
- MGT512 Security Leadership Essentials for Managers (SANS Institute) Course (2021)
- CISSP (Training Camp) Course (2021)
- US Army Cybersecurity Fundamentals Course (formerly known as IAF) (2021)
- SEC503 Intrusion Detection (SANS Institute) Course (2020)
- SEC504 Hacker Tools and Incident Handling (SANS Institute) Course (2020)
- CISSP (New Horizons) Course (June 2020)
- Linux Essentials (DCITA) Course (2020)
- SEC401 Security Essentials (SANS Institute) Course (2019-2020)
- Cyberspace 200 (AFIT School of Strategic Force Studies), (2017)
- Risk Management Framework (RMF) (ManTech) Course (2017)
- Civilian Cyber Fundamentals Course (CCFC) (2016)
- Security+ (New Horizons) (2016)
Acquisition Professional Development Program (APDP) Defense Acquisition Workforce Improvement Act (DAWIA) Certification and Training
- Information Technology – APDP certified at level II (all level III training completed)
- Program Management – APDP certified at level III
Air Force Institute of Technology
- Software Professional Development Program-(SPDP) Certificate, PM Track (2013)
- Architecting in the Air Force SYS383, (2013)
- Basics of Architecture SYS283 (2012)
- Intermediate Project Management Skills Course, IPM 301 (2012)
Acquisition Training
- Acquisition Leadership Challenge Program-I (ACLP-I) – (2019)
- Contracting Officer’s Representative (COR) Type-A Training (2015)
- Acquisition Program Manager Journeyman-Level Training (2013)
DETAILED EXPERIENCE:
INFORMATION TECHNOLOGY (GS-2210-14)
Information Technology Specialist (Security Liaison) 26 Feb 2023–Present
40 hours per week
GS-2210-14, General Services Administration (GSA) security liaison, served as cybersecurity, audit, assessment, vulnerability management, and cyber risk mitigation liaison for the GSA IT Office of Digital Infrastructure Technologies Program Management Office (IDT PMO). Managed FISMA and CISA compliance and maintained cohesive relationships between Information Security (IS) and IDT Digital Infrastructure Technologies. Ensured FISMA compliance for a multitude of GSA infrastructure IT systems, including EIO, I-EAS, and EIP. Worked independently on various simultaneous high-profile enterprise-level IT projects. Presented system security findings, reports and solutions to upper management. Prepared briefing slide decks and background papers for executive level management reviews and briefings. Collaborated and communicated with ISSO’s, ISSM’s, and stakeholders on critical security initiatives. Assisted with projects related to IT Security and FISMA Audits. Participated in security team meetings and discussions regarding important security updates, vulnerabilities, data calls, initiatives, and other system security related initiatives. Ensuring security efforts are coordinated across IDT programs for: System Security & Privacy Plans (SSPPs), Known Exploited Vulnerabilities (KEV), Critical/high vulnerabilities tracking, Acceptance of Risk (AOR) tracking, Application Programming Interface (API) reviews, Plan of Actions and Milestone tracking.
Information Technology Specialist (Information Security) 20 Dec 2020–25 Feb 2023
40 hours per week
GS-2210-13, US Army, Defense Forensic Science Center (DFSC), Biometrics Operations Directorate (BOD), Clarksburg, WV
Organization: Information Technology (IT) Specialist performing as Information Systems Security Officer (ISSO) for the Defense Forensic Science Center (DFSC), Biometrics Operations Directorate (BOD) in Clarksburg, WV.
Information Technology Specialist (Systems Administration) 24 Nov 2019–19 Dec 2020
40 hours per week
GS-2210-13, Air Force Life Cycle Management Center AFLCMC/XZS/XA, Wright-Patterson AFB OH.
Organization: Information Technology (IT) Specialist performing as Information Systems Security Manager (ISSM) and Government Cybersecurity Lead at the Air Force Materiel Command (AFMC), Air Force Life Cycle Management Center (AFLCMC), Program Development and Integration Directorate (XZ), Simulation and Analysis Facility (XZS/XA), located at Wright-Patterson AFB OH. Organizational functional lead for Information Technology Investment Portfolio System (ITIPS) and Clinger-Cohen Act (CCA) Compliance. Perform as Contracting Officer’s Representative (COR) on multiple contracts. Maintained TOP SECRET-SCI security clearance and SAP/SAR access. Cybersecurity government lead; responsible for information assurance, cybersecurity, day-to-day management of junior and mid-level information technology and cybersecurity specialists, obtain Accreditation and Approval (A&A), compliance and auditing of multiple government networks and systems processing sensitive information at varied levels of security and special access classification.
ACQUISITION PROGRAM MANAGEMENT (GS-1101-13)
Acquisition Program Manager 29 Apr 2018–23 Nov 2019
40 hours per week
GS-1101-13, Air Force Life Cycle Management Center AFLCMC/XZS, Wright-Patterson AFB OH.
Organization: Acquisition Program Manager at the Air Force Materiel Command (AFMC), Air Force Life Cycle Management Center (AFLCMC), Program Development and Integration Directorate (XZ), Simulation and Analysis Facility (XZS), located at Wright-Patterson AFB OH. Government Acquisition Program Manager responsible for managing multiple modeling, simulation and analysis efforts supporting Office of the Secretary of Defense, the US Navy, the intelligence community, aircraft system program offices, and additional external customers. Managed cost, schedule, performance and risk on multiple simultaneous highly-technical software design, development, integration, and analysis efforts. SIMAF Lead for Intelligence Mission Data (IMD) modeling simulation and analysis efforts. Organizational functional lead for Clinger-Cohen Compliance. Perform as Contracting Officer’s Representative (COR) on multiple contracts. Maintained TOP SECRET-SCI security clearance and SAP/SAR access.
INFORMATION TECHNOLOGY (GS-2210-12)
Information Technology Specialist (Systems Administration) 16 Oct 2016–28 Apr 2018
40 hours per week
GS-2210-12, Air Force Life Cycle Management Center AFLCMC/WWG, Wright-Patterson AFB OH.
Organization: Information Technology (IT) Specialist performing as Information System Security Officer (ISSO) at the Air Force Materiel Command (AFMC), Air Force Life Cycle Management Center (AFLCMC), Fighter Bomber Directorate (WW), Special Programs Division (WWG), at Wright-Patterson AFB OH. Government Cybersecurity lead responsible for information assurance, cybersecurity, Accreditation and Approval and auditing of multiple government networks and systems processing sensitive information at varied security levels and special access classification.
Information Technology Specialist (Systems Analysis) 6 Mar 2016–15 Oct 2016
40 hours per week
GS-2210-12, Air Force Life Cycle Management Center AFLCMC/HIAM, Wright-Patterson AFB OH.
Organization: Information Technology (IT) Specialist performing Systems Analysis at the Air Force Materiel Command (AFMC), Air Force Life Cycle Management Center (AFLCMC), Business and Enterprise System Directorate (HI), Legacy Logistics Sustainment Division (HIA), Enterprise Logistics Maintenance Systems Branch (HIAR/HIAM), Wright-Patterson AFB OH. Responsible for program technical project leadership to plan/design/implement the Requirements Management System (RMS) and associated business IT systems including the D200 family of systems and DD1000 to meet the operational requirements of the AFMC Logistics/A4 customer organizations and system end users. Additional duties include Cybersecurity Specialist, Office Security Manager, and Alternate Contracting Officer’s Representative
ACQUISITION PROGRAM MANAGEMENT (GS-1101-9/11/12)
Acquisition Program Manager 6 Oct 2013–5 Mar 2016
40 hours per week
GS-1101-12, AFLCMC/HIQB, Business and Enterprise System Directorate (HI), Enterprise Applications and Integration Division (HIQ), Defense Enterprise Accounting and Management System (DEAMS) system program office (HIQB), Wright-Patterson AFB OH.
Organization: Served as a business and enterprise systems acquisition program manager for the Air Force Materiel Command (AFMC), Air Force Life Cycle Management Center (AFLCMC), Business and Enterprise System Directorate (HI), Enterprise Applications and Integration Division (HIQ), Defense Enterprise Accounting and Management System (DEAMS) system program office (HIQB), Wright-Patterson AFB OH. Responsible for developing, establishing, implementing, and deploying processes used by the Program Manager and Product Support Manager in accomplishing contractual, financial, and technical aspects of the largest Air Force Business Information Technology system through Production and Deployment and Operation and Sustainment phases of the acquisition cycle. Responsible for management of Post-Production Support (PPS), Software Change Requests (SCR) and enhancements, development and implementation of new requirements, program office lead for deployment, sustainment, and training of an Air Force ACAT 1 Financial Defense Business System (DBS).
Acquisition Program Manager 1 Apr 2013–5 Oct 2013
40 hours per week
GS-1101-11, AFLCMC/HIQD, Enterprise Applications and Integration Division (HIQ), Business Systems Development Planning Branch (HIQD), Wright-Patterson AFB OH.
Organization: Served as an information technology acquisition program manager for the Air Force Materiel Command (AFMC), Air Force Life Cycle Management Center (AFLCMC), Business and Enterprise System Directorate (HI), Enterprise Applications and Integration Division (HIQ), Business Systems Development Planning Branch (HIQD), Wright-Patterson AFB OH. Responsible for performing Defense Business System (DBS) Development Planning (DP) data services activities supporting pre-Milestone Development Decision (MDD) for logistics information technology modernization and transformation initiatives. Managed multiple activities to develop high-level objectives and data management strategies integral to the success of integrating data across all the logistics initiatives to improve the integrity, reliability, and availability of data supporting interoperability of logistics information systems.
Acquisition Program Manager 3 Oct 2011–31 Mar 2013
40 hours per week
GS-1101-09 (2011-2012) GS1101-11(2012-2013), Enterprise Systems Center (ESC/HGB) WPAFB, OH,
Organization: Serve as an information technology acquisition program manager for the Enterprise Systems Center (ESC), Enterprise Combat Support System (ECSS) system program office (HGB), Wright-Patterson AFB OH. Responsible for integrating an Oracle-based Enterprise Resource Planning (ERP) system to replace hundreds of legacy information systems.
Acquisition Program Manager, Journeyman Level (Contractor) 10 Nov 2009–2 Oct 2011
40 hours per week
KC-46 Aerial Refueling Tanker Replacement Aircraft Program Office, PE Systems, Inc. at Aeronautical Systems Center (ASC/WKP), WPAFB, OH
Organization: Served as an Acquisition and Administrative Services (A&AS) contractor providing principal database administration for the Air Force Materiel Command (AFMC), Aeronautical Systems Center (ASC), ACAT 1D Aerial Tanker Replacement (KC-X/KC-46) program office (WKP), at Wright-Patterson AFB OH. Responsible for database development, programming, and admin for multiple complex relational databases used to track information for the $35B Acquisition Category 1D aerial refueling tanker replacement aircraft program (KC-46).
Contact this candidate