Cybersecurity Leader with Top Secret Clearance

Sonny Nguyen, CISSP, CSSLP, IAM, IEM

Mobile telephone: 571-***-****

Cyber Security Director Project Manager Solutions Architect

Proposals Technical Security & Operations Incident Response Delivers Results

Highly skilled with increasing responsibility as an Enterprise Solutions, Cybersecurity Solutions Architect, and Information Assurance Security leader. Doctorate Candidate in Computational Sciences and Informatics with Master’s degree in Electronic/Computer Engineering at George Mason University.

IT Security Program Manager for multimillion-dollar contracts providing tactical/strategic intelligence, security program management, IA business capture oversight, systems security engineering and project management for government projects ensuring a robust, secure and reliable IT infrastructure.

Clearance: TS/SCI

Core Competencies

Security Program Management

Cloud Security Framework and Architecture

Cybersecurity Solutions Architect

Technical Director/ Solutions Lead

Systems Security Engineering/Architecture Design

Zero Trust Security Architecture and Framework

Assessment & Authorization

Operational Security / Software Assurance

CI/CD & DevSecOps

Cloud Security

Risk Management Framework (RMF)

Big Data and Scientific Computation

Supply Chain Security

Professional Experience

Solutions Architect, GDIT, Herndon, VA – 2024 to Present

Provide proposal development support for several opportunities: CDM OS, STIRE III EPD, LUNA DA, Eclipse DA, etc.

Provide technical implementation and build out of the Zero Trust (ZT) tools stack to support the DoD ZT Purple Team Assessment for DoD.

Cyber Solutions Architect, IBM, Herndon, VA – 2018 to 2024

Provided support to IBM CTO on a number of security work streams and transformation initiatives including Cloud Framework Architecture, Supply Chain Risk Management, CD/CI, DevSecOps, Asset Management, Secure Cloud environment development, Compliance & Risk Assessment (HITRUST, DORA, ISMAP, FedRAMP, etc.)

Provided proposal development support for several opportunities across the Federal Government and Department of Defense, Intelligence Community, and Commercial

Provided support to the US Customs and Border Protection (CBP) ISSO to assess FedRAMP security controls leading to ATO of the CBP Mainframe As-A-Service (MFaaS) environment based on NIST RMF. Document and remediate findings documented in the POA&M as required.

Developed and proposed technical cyber solutions in response to RFIs, RFPs and customer requirements; architected, implemented, and integrated technical cyber/cyber security solutions, hardware, software, services, Multi-Cloud, container based security solutions including CI/CD and DevSecOps, and accelerators including Artificial Intelligence (AI)

Sr. Manager Cyber Security, Raytheon, Dulles, VA – 2016 to 2018

Chief Architect for the F-15 Infrastructure Technology Upgrade (ITU). Responsible for the High-Level Design and Low-Level Design of the Royal Saudi Air Force F-15SA Cyber Protection System (CPD) program. The goals is to deliver the Royal Saudi Air Force (RSAF)in incremental capabilities to the RSAF F-15SA Cyber Protection and related facilities environment by modernizing their internal information systems and processes to embrace network-centric concepts and capabilities in order to enhance core-mission effectiveness and efficiency.

Cyber Technical Lead for the DHS Continuous Diagnostic Monitoring (CDM) pursuit. Led the development of the technical solution and architecture in accordance with the DHS CEASARS Framework and leveraging best of breed technology to meet Federal Agencies’ requirements for CDM

Cyber Solutions Architect Lead for the Simulator Common Architecture Requirements and Standards (SCARS) initiatives. Led the development of the technical solution and architecture in accordance with the Air Force and DoD Framework to sustain the Air Force training system portfolio.

Principal Security Solutions Architect, NJVC, Chantilly, VA – 2013 to 2016

Lead Cyber Security Solutions Architect for the CIO Office to support multi-millions contract-recompetes and new opportunities supporting Intelligence Community (IC) agencies and DoD Agencies in infrastructure modernization, Cloud migration, and strategic realignment; Develop and propose technical cyber solutions in response to RFIs, RFPs and customer requirements; Experience in security controls, incident response, assessment and authorization, cross domain technology, Zero Trust Security, risk management framework (RMF) assessment, identity management, threat analysis; Provide Assessment & Authorization (A&A) life cycle management support for over 500 systems; Architect and modernize the existing infrastructure by leveraging Cloud services of Microsoft Azure and AWS platforms; Leverage Security automation and orchestration to streamline operations to reduce costs while improving efficiency; Provide pre-sale technical support to Business Developers; Collaborate with other Community of Practices to define future business development goals and objectives. Provide Assessment & Authorization (A&A) life cycle management support for over 500 systems; Architect and modernize the existing infrastructure by leveraging Cloud services of Microsoft Azure and AWS platforms; Leverage Security automation and orchestration to streamline operations to reduce costs while improving efficiency; Provide pre-sale technical support to Business Developers; Collaborate with other Community of Practices to define future business development goals and objectives. Provide leadership and oversee A&A testing activities for a large project use across the IC leveraging Virtual Desktop Infrastructure (VDI) and Cloud transformation for the IC/DTE program.

Cyber Security Solutions Architect – DMI Corp., Bethesda, MD – 2012 to 2013

Cyber Capture Manager - performed market and economic analysis, conduct business intelligence, designed and executed formal capture plans, and monitor competitor activity for each capture; leveraged customer relationships and personal experience to identify and assessed Cyber business opportunities; track and maintain Cyber opportunity pipe line.

Cyber Solutions Architect - Developed and proposed technical cyber solutions in response to RFIs, RFPs and customer requirements; architected, implemented, and integrated technical cyber/cyber security solutions, hardware, software, and services.

Oversee proposal capture process to include proposal development process, schedule, and internal and external partners.

Technical Volume Lead and Solution Architect for the winning CMaaS proposal to provide Continuous Monitoring to DHS based on the CAESARS Framework.

Contributed to assessments of the cyber capabilities of customer systems, services, and programs.

Maintained expertise with latest Cyber solutions and emerging technical requirements of industry sectors.

Examined policy, strategy, programs, and resource allocation across cyber security activities to establish a service strategy and drive higher margins in part through increased product sales; developed discriminators for large program where technology can be a key discriminator.

Principal (Various Roles)- SRA International, Arlington, VA – 1996 to 2012

IA Capture Manager for the National Security Sector (NSS) and collaborate with IA business developer to accurately identify DoD IA related specifics, track and lead in proposal document development, and solutions development.

oAscertained new client requirements and collaborate across all internal/external sectors to successfully complete project deliverables—determining R&D requirements and strategic planning tactics.

oProvided technical leadership for numerous multimillion-dollar acquisitions greater than $50MM.

Deputy Program Manager for multimillion-dollar, multiyear contract for the National Science Foundation (NSF), and providing direct support for current IT Security Officer.

oDeveloped security roadmap, incident response, forensics analysis, policy development, security design/architecture, vulnerability management, COMSEC TIC security oversight, COOP, Cloud readiness planning and daily operations and FISMA support.

IA Lead for Pentagon Force Protection Agency (PFPA) and IAD division; Delivered project management direction/leadership of IA services, incident response, onsite technical expertise services and certification/accreditation

oManaged PFPA computer incident response team (CIRT) and provide technical expertise in support of security operations ensuring timely monitoring and implementation of all IT automated processes utilizing approved DoD solutions.

oTested and deployed Host Based Security System (HBSS) to all network devices on the NIRPNET and SIPRNet backbones.

Project Manager - responsible for the Certification & Accreditation of the Department (C&A) of Treasury Network (TNet). Prepared and conducted DIACAP C&A for 780 sites which led to Authorization to Operate (ATO) for AT&T secure NetworX.

oServed as Certifier Agent between solutions provider AT&T, PMO and Treasury/IRS ensuring TNet compliance with NIST SP 800-53 and all Bureaus security requirements including IRS, HRCPO, BPD, FINCEN, OIG, etc.

Project Manager - Provided oversight and IT leadership supporting Department of Education (DoED) information assurance group performing security audits for all applications, gap analysis to develop security blueprint/roadmap for DoED, developed security framework architecture following Federal regulations and Department guidelines and CM support.

oManaged top tier group of technical writers and configuration personnel in support of DoED Document and Configuration Management Group.

Project Lead for C&A of Army Installation Information Infrastructure Modernization Program (I3MP) at Port of Jacksonville (JaxPort), Florida, developing System Security Authorization Agreement (SSAA), conducting system security testing, risk assessment, policy development, and various security related initiatives leading to the Authority to Operate (ATO) of the site network.

oManaged project implementation of enterprise-wide SSL VPN solution providing data encryption to all complex and critical Federal Deposit Insurance Corporation (FDIC) applications.

Project Manager for General Accounting Office; Successfully deployed secure wireless network within 48 hours providing connectivity to more than 1,500 congressional staff members relocated within the GAO building—quickly responding to anthrax attacks and other critical post Sept 11 events that facilitated 2 congressional building closures.

Conducted FISMA Risk Assessment and ST&E (NIST 800-53) on mission critical applications and systems for the Center for Disease Control (CDC).

Acknowledged subject matter expert in support of Phase I of the ARMY Financial Management Information System (FMIS), and influenced in-line testing of live systems while simulating roll-over of Y2K and date tests.

Provided technical leadership in support of IRS TIPPS contract and proposed system architecture for the Budget and Economic Analysis Support (BEAST) system.

Education / Certifications

Ph.D. (Candidate) Computational Sciences and Informatics / M.S., Electronic/Computer Engineering

George Mason University, Fairfax, VA/ B.S., Electrical Engineering Virginia Polytechnic Institute and State University (Virginia Tech), Blacksburg, VA

Certifications / Additional Training:

NASA Summer School for High Performance Computational/ INFOSEC Evaluation Methodology (IEM) – NSA Certified/ Certified Secure Software Lifecycle Professional (CSSLP)/ Certified Information System Security Professional (CISSP)/ InfoSec Assessment Methodology (IAM) – National Security Agency (NSA) Certified/ InfoSec Evaluation Methodology (IEM) – National Security Agency (NSA) Certified

Contact this candidate