From: route@monster.com
Sent: Thursday,
October 27, 2016 4:44 PM
To: hg@apeironinc.com
Subject: Please
review this candidate for: SRR
This resume has been forwarded to
you at the request of Monster User xapeix03
|
|||||||
|
|||||||
|
|
|
||||||
|
||||||
|
NORMAN E. NELSON INFO. ASSURANCE ENGINEER P.O. Box 442
24 hr. Cell: (937) 408-1645 Fairborn, Ohio 45324-0442 norman.nelson@sbcglobal.net SUMMARY OF QUALFICATIONS •
Information Assurance Analyst / Engineer = 28 years experience •
Electronic Security Technology Analyst / Engineer = 27 years
experience •
Secure Electronic Communications Analyst / Engineer (CRYPTO) = 13
years experience •
Disaster & Recovery / Contingency Of Operations Planning
(COOP) = 16 years experience •
Law enforcement / Criminal Justice = 36 years experience •
Military service – United States Air Force (USAF) = 20 years
experience EDUCATION AND TRAINING: Academic: ·
B.S., 1989, Electronic Systems Maintenance Technology / Electronic Security
Technology / Criminal Justice/Business Management, Graduated Magna Cum Laude,
3.71 GPA, Wayland Baptist University, Plainview, TX ·
A.A., 1986, General Studies, Emphasis: Law Enforcement, Class Valedictorian,
3.80 GPA, Central Texas College, Killeen, TX · A.A. Community College
of the Air Force (CCAF) - Security Police Services, Aircraft Armament
Systems, Secure Electronic Communications (CRYPTO) Equipment Maintenance EXPERIENCE: Oct 2015 – Present, Leaders Communications Inc. (LCI), Dayton, OH Senior Cybersecurity Engineer: Norman Hit-the-Ground-Running as he
transitioned from the Aircrew Training (ATS) Simulator environment to the
Reality Platform / System Development effort for the KC-46 the Attended /
Participated in the USAF / Boeing Information Assurance Working Group (IAWG) regarding
the Avionics / Cybersecurity status of the KC-46 Tanker (Pegasus). Mr. Nelson conducted a physical security audit of the aircraft in it's
present state - being able to secure all entry/exit portals with
Sargent-Greenleaf High Security padlocks. He also conducted a
Cybersecurity Control Applicability and Ownership analysis of the DoDI
8500.2 Security Controls as they apply to the KC-46 Tanker
Program. He also assisted the Information Assurance Manager (IAM)
generated slides on each of the DoDI 8500.2 Security Controls to
identify the Artifact "gaps" in preparation for Operational
Testing. May 2013 – Oct 2015, National Technologies Associates (NTA), Inc,
Dayton, OH Senior Information Assurance Analyst: Mr. Nelson supports the
US Air Force’s newest air refueling platform, the KC-46 Tanker aircraft
program, specifically the Aircrew Training System (ATS) and Maintenance
Training System (MTS). These programs fall under the purview of the Air
Force Life Cycle Management Center (AFLCMC), at Wright-Patterson AFB,
OH The ATS / MTS programs include the development, production and
sustainment of the total ground-based training of the KC-46 Aircrew members =
Pilots and Aircraft Boom Operators as well as the Aircraft Maintenance
Technicians. As the primary Information Assurance (IA) / Cybersecurity Engineer and
Security Analyst (SA) supporting the Agile Combat Support Directorate;
Simulators Division (AFLCMC/WNS), he is responsible for establishing
telecommunications concepts and principles as well as assess and advise on
Vulnerability –To- Attack from various sources (e.g., espionage, disruption
of services as well as destructive programs, applications, devices and
Aircraft / Aircrew threats). From an IA / Cybersecurity perspective, he
is responsible for developing an Acquisition IA Strategy, Program Protection
and System Security Plans, Risk Management Framework (RMF) and Platform
Information Technology (PIT) Certification & Accreditation packages as
well as time-phased, event driven Security Classification Guides &
Program Security Directives. Norman has been extremely active
in the several ATS facilities initial construction / building modification
Charrette events as well as the 35%, 65% & 95% reviews for these
structures supporting both classified and unclassified environments for the
ATS simulator devices / Pods. He provided IA as well as Physical
Security guidance to ensure proper facility access controls and security
countermeasures are in place before facility occupation. This effort has
proved Penny-Wise on several occasions on new as well as existing
construction. He identified a serious physical
security inadequacy, notified the appropriate responsible agencies and
attempted to mitigate the matter, unfortunately, ended up generating a Memorandum
For Record (MFR) to document the non-compliance and serve as an historical
document for the Program Management Office (PMO). Mr. Nelson was responsible for establishing and kick-starting the IA
Cybersecurity program for both the ATS & MTS programs after contract
award. Within the first 30 days, he developed a 16 slide PowerPoint
presentation explaining the basis, purpose and requirements of IA as it
applies to the Agile Combat Support Directorate; Simulators Division for
presentation during Program Start-up Workshop, Jun. 2013, Dayton, OH.
He also generated and presented the new DoD mandated Risk Management
Framework (RMF) briefing for Milestone conferences and Program briefings. Norman was responsible for developing and instituting the RMF Security
Controls for the KC-46 ATS Part Task Trainers (PTT), Weapons Systems Trainers
(WST), Boom Operator Trainer (BOT) and the Fuselage Trainer (FuT) and
implementing Cybersecurity Assessment Test procedures on the devices during
In-Plant testing, prior to delivery and set-up On-Site and government
acceptance of the ATS Simulator devices. He recently completed: 15 Jun 15 – Ongoing. Source Selection Team = Cybersecurity Analyst for 6
competitive bids. Site Activation Task Force (SATAF) for KC-46 ATS - Identified Security
Risks & facilitated the Cybersecurity Break-out during these week long
events: Pease ANGB, NH - 13-17 Jul 15 Altus AFB, OK – 6-10 Jul. 15 McConnell AFB, KS – 13-17 Apr. 15 Altus AFB, OK - 23-27 Mar. 15, 21 Jun. 14, The DoD IAA CyberAwareness Challenge V2.0 annual Information
Assurance Mandatory Training. 28 Feb. 14, Large Aircraft Infrared Counter Measures (LAIRCM) training as
it relates to KC-46 aircraft threats. 14-16 Jan. 14, 88 ABW Information Assurance Office 3 day course on Program
Protection Planning 3 Dec. 13, the WPAFB Trusted Systems and Networks System Engineering
course as well as received new and Emerging Program Protection Program policy
and guidance described in detail. 15 - 21 Aug. 13, the Acquisition Center of Excellence (ACE) Request for
Proposal (RFP) Sections L&M Development Training Norm is responsible for numerous Contract Data Requirements List (CDRL)
documents; A001 – Information System Accreditation Document (ISAD); C010 -
System Security Plan & Information Support Plan (ISP & SSP) and C026
- Design Review Information Package (DRIP) in support of the KC-46 Simulator
PMO. Mr. Nelson is ultimately responsible for ensuring the KC-46 Simulator PMO
has a durable Cybersecurity Policy & Guidance which addresses the new
Information Assurance guidance: Risk Management Framework (RMF), Access
Management, Cyber Readiness as well as Preventing & Delaying Cyber
Attacks. April 2012 – May 2013, Self-Improvement, Board Member &
Charitable IT Recycling, Dayton, OH Actively sought full-time employment within the DoD community as well as
commercial entities that require expertise in Information Technology (IT),
Information Assurance (IA) training, Certification & Accreditation
(C&A) package development, Disaster Recovery (DR) and Contingency of
Operations Planning (COOP). Mr. Nelson serves as the Area Coalitions for Education – Excellence
(ACE-E) Executive Vice President for Resources, accumulating over $ 65 K
dollars in Computers, Software, and Corporate Sponsorship and Individual
Lifetime Member contributions over the past 4 years. He also
recruited numerous active duty Company Grade Officers and Civil Service
Personnel that serve as Mentors for the ACE-E program; “ACE-E Pilots”. Norm successfully secured over $ 144,454.00 dollars for family members as
a result of fraudulent Trust activities by the bank – work in progress. He also supports the local Charitable IT Recycling organization by
conducting destruction of computer hard drives that contain Personal
Identifiable Information (PII), Health Insurance Portability and
Accountability Act (HIPPA) data, Corporate Proprietary Information (CPI) and
Privacy Act Data (PAD) in accordance with the contributing organizations
destruction procedures. A detailed “Third Party” Certificate of
Destruction is provided back to the organizations IT Security Department by
Charitable Recycling to serve as proof of proper destruction of IT equipment
as well as data contained on computer hard drives, to satisfy audit
requirements. October 2011 – April 2012, CDO Technologies, Dayton, OH Senior Information Assurance Specialist / Capture Manager: Mr.
Nelson utilized his 5 years of expertise and skill with the Department of
Defense Information Assurance Certification and Accreditation Process
(DIACAP) in support of the University of Dayton Research Institute (UDRI) with Certification &
Accreditation (C&A) effort for the Air Force Materiel Command
(AFMC) / Science & Engineering (S&E) community. The Engineering
Training and Knowledge Preservation System (ETKPS) was developed to preserve
the knowledge and skills of its highly specialized and aging workforce.
The ETKPS provides the capability to perform individual and organizational
competency mapping, competency gap-analysis, career planning support, and
knowledge preservation of subject matter expertise. This effort
required substantial research and analysis to support the information
decision-making process in order to achieve C&A.
He researched and identified over 229 Defense
Information Systems Agency (DISA) Security Technical Implementation
Guidelines (STIG) Information Assurance (IA) Control deficiencies
associated with the ETKPS software. He generated responses /
adjudicated over 54 Category 1 IA control vulnerabilities during the assigned
90-day period of close-out support to UDRI. Mr. Nelson coordinated
face-to-face meetings with UDRI and the Air Force Materiel Command (AFMC) IA
office to clarify certification requirements and reduce the number of
required support and certification documents. Such documents included
the Incident Response Plan and the Disaster Recovery Plan. He reviewed
numerous artifacts for accuracy and resolved any documentation for factual
errors in order to prevent security violations. Mr. Nelson also
provided UDRI personnel with their mandatory annual Clinger-Cohen Act
training as an IA material Instructor. He facilitated capture
management efforts by updating and reformatting corporate Past Performance documentation
and developed proposals for contracts to acquire additional employment
opportunities for CDO. March 2007 – October 2011, Computer Science Corporation (CSC),
Beavercreek, OH Information Security Leader / Engineer: Computer Science
Corporation (CSC) / National Public Sector (NPS), Information Security
Services (ISS), Global Security Solutions (GSS), Enforcement Security &
Intelligence (ESI) Division - Air Force Expeditionary Combat Support System
(ECSS) Program. Supported the Air Force ECSS program which replaces the
capability of approximately 400 legacy Information Technology (IT) logistics
systems with the ORACLE Product Suite COTS software for an integrated IT
suite of modules that have proven capabilities in product support &
engineering, supply chain management, expeditionary logistics C2, and
maintenance, repair and overhaul which supports the war fighter. Mr. Nelson developed Information Assurance (IA) policy and guidance for
ensuring ECSS system Certification and Accreditation (C&A) met required
IA controls utilizing the Department of Defense (DoD) Information Assurance
Certification and Accreditation Process (DIACAP). Generated the DoD
Information Technology Security Certification and Accreditation Process
(DITSCAP) - to - DIACAP Engineering Change Proposal (ECP) response to the
ECSS Program Office. He has generated numerous contract deliverable documents
as well as System Security Plans (SSP) and policies that define ECSS IA
requirements. He developed material for the ECSS C&A package as well as
Contingency of Operations Plans (COOP) documentation. He also developed the IA security awareness training plans and materials
for ECSS users and has provided the initial IA training to over 1000 ECSS
team members, Program Office personnel and Subject Matter Experts (SMEs). Mr.
Nelson is responsible for establishing over 130 Memorandum Of Agreements
(MOAs) which will facilitate the proliferation of the ECSS for the multiple
systems that comprise the Air Force’s complex war fighter supply system. As a
member of the ECSS IA Independent Verification & Validation (IV&V)
team, Norman utilized both DoD and Industry “Best Practices” to develop
policy & procedures to reduce risks associated with the Development,
Configuration and Implementation of ECSS. He was solely responsible for developing, updating and submitting to the
ECSS program office in a secure / encrypted manner the Contract Data
Requirements List (CDRL) 128 which tracked ECSS Personnel, Security
Clearance, Information Assurance (IA) Training and Professional
Certifications. Ultimately, Mr. Nelson was instrumental in strategic planning
sessions for the ECSS program which ensures that IA is "integrated"
not an afterthought, resulting in successfully obtaining Approval To Operate
(ATO) thru Pilot B. August 2006 - March 2007, Sumaria Systems Inc.,
Fairborn, OH Principal Systems Security Analyst: Mr. Nelson was responsible for
the development of DoD Information Assurance Certification Accreditation
Process (DIACAP) package to the 88th Communications Group & Air Force
Materiel Command (AFMC) at Wright-Patterson AFB, OH for the Air Force
Metrology and Calibration (AFMETCAL) Metrology Web (METWEB) Server which
provides the entire Air Force and National Aeronautics and Space
Administration (NASA) with precision measurement capabilities. The AFMETCAL
program provides its customers precise, accurate, measurement capabilities
through world class technology, engineering, and calibration services, thus ensuring
accurate, reliable, and safe air and space systems performance. During the DIACAP process, a thorough Security Risk Analysis Assessment,
Automated Information System (AIS) System Security Audit (SSA) and
Information System Security Analysis (ISSA) was conducted to prepare the
AFMETCAL system for Designated Approval Authority (DAA) review /
approval. May - July 2006, Disaster Recovery Consultant Department of Homeland
Security (DHS), Wash. D.C. Interim Team Lead: IMSG & HPTI Contractors: Supported the
Headquarters Directorate of the Department of Homeland Security (DHS)
Contingency Of Operations Planning (COOP) division. Responsible for the
development of elaborate exercise scenarios and facilitating table-top
exercises for various divisions of DHS in preparation of TOPOFF 4 Command
Post Exercise (T4 CPX), 19-22 June 2006. TOPOFF 4 is a Congressional mandated
counter-terrorism exercise for top officials within DHS, Federal Emergency
Management Agency (FEMA) and the Federal Bureau of Investigation (FBI). The
following URL is for the DHS Press Release which provides greater detail: http://www.dhs.gov/files/training/gc_1179430526487.shtm January 2003 – March 2006, General Dynamics – Advanced Information
Engineering Servs, Dayton, OH Principal Systems Security Analyst: Supporting the Air Force
Research Laboratory (AFRL) Sensor Automatic Target Recognition (ATR)
Technology Assessment and Integration (SNAA) Division with overall security
guidance. Installed, maintained and conducted safe combination changes on
Sargent and Greenleaf mechanical & Kaba-Mas High Security Electronic
locks. Responsible for development and maintenance of Memorandum of Agreement
(MOA) documentation for sites connecting to AFRL Collaborative Engineering
Environment (CEE). Generated Information Assurance Certification &
Accreditation documents in DITSCAP format. Development and maintenance of a
Data Repository Log system to track classified media, whether electronic or
paper documents. Additional duties include support of the SNAA Directorate in
tracking destruction of classified media and sensitive material. October 1995 – December 2002, LOGTEC Inc., Fairborn,
OH Principal Systems Security Analyst: August 2002 – December 2002. Headquarters
Air Force Materiel Command / Information Technology (AFMC/IT) - Command
Disaster Recovery/Business Continuity (DR/BC) Assessment, Wright-Patterson
AFB (WPAFB). Designed and administered Disaster Recovery/Business Continuity
policies, standards, guidelines, testing, training and a viable quality
assurance program. Conducted site surveys of AFMC managed bases, gathering
data related to the survivability of the headquarters operated Network
Operations Control Center (NOSC) and five (5) of the twelve (12) AFMC base
Network Control Centers (NCCs). Analyzed the "For Official Use
Only" material gathered during visits and developed a classified
assessment report for each base. Assisted in developing a proposed solution
using Disaster Recovery / Business Continuity (DR/BC) "Industry Best
Practices" to AFMC/IT. Senior Systems Security Analyst: October 1995 - August 2002. Headquarters
Materiel Systems Group, Information Logistics (MSG/IL) - Weapons Systems
Management Information Systems (WSMIS) Program Management Office, WPAFB.
Provided overall security support to the WSMIS PMO for the certification and
accreditation (C&A) of numerous classified and unclassified information
systems. Developed System Security Authorization Agreement (SSAA) packages
using DoD Information Technology Security Certification and Accreditation
Process (DITSCAP) methodology. Contingency Of Operations Plan (COOP) /
Disaster Contingency plan development is a critical part of the SSAA. SSAA
documents are reviewed and approved by the systems Designated Approval
Authority (DAA) at both the MAJCOM and Air Staff level. Developed more than
ten (10) Certification & Accreditation packages, the latest in DITSCAP
format. The packages were approved by various DAAs; from the 88th
Communications Group (88 CG), HQ MSG, HQ AFMC, HQ Air Force and the Secret
and Below Interoperability (SABI) Commission, within the DoD Information
System Security office at the National Security Agency (NSA). Provide
integration support for the Command & Control Guard (C2G) between the
classified and unclassified WSMIS databases to eliminate inefficient manpower
utilization. Supported the WSMIS PMO security manager and vault custodian
with physical security guidance and served as the alternate CSSO and vault
custodian for MSG/ILSW classified processing area within the vault.
Coordinated replacement and installed the latest Government standard the
"High Security" Mas-Hamilton X-07 lock within the classified
processing area. Upgraded the WSMIS Classified Processing Area with X-08 High
Security locks when they became available. February 1976 – July 1995, Active Duty, United States Air Force · Numerous
areas and levels of responsibility during this military career (e.g., Base
level TEMPEST officer, shift supervisor, resource advisor, mobility officer,
Headquarters level (Corporate Level) Air Force program manager for secure
voice/data encryption systems = HQ Air Force Special Operations Command
(AFSOC), Hurlburt Field, Ft. Walton Beach, FL As TEMPEST Officer for Elmendorf AFB, oversaw the
design and installation of the Alaskan Command and Control System Military
Automated Network (AC2MAN); AC2MAN was a fiber-optic backbone that
facilitated classified processing throughout the base and between outposts
involved with protecting the North American Hemisphere. ·
Served as a major command (Corporate) level Action Officer for such
programs as Constant Source, Multi-service Advanced Tactical Terminal (MATT),
Advanced Narrowband Digital Voice Terminal (ANDVT), and Tactical Secure
Voice/Data Encryption Systems. ·
Over four (4) years of experience as a member of integrated logistical
support management teams (ILSMT), training plan working groups (TPWG), and
contractor logistical support (CLS) working groups on numerous Department of
Defense (DoD) programs. ·
Served as an organizational and command level resource advisor, administering
over $2 million in organizational, procurement, and maintenance funding.
Submitted budget proposals, coordinated disbursement of funding, recouped
over $19,000 in erroneous charges. •
Coordinated the development of hurricane emergency evacuation plans for the
727 Air Control Squadron (ACS) at Hurlburt Field, Florida as the Unit
Mobility Officer. • Responsible
for establishing and maintaining secure satellite communications links in
support of the President of the United States and during Desert Storm/Desert
Shield. • Over
three (3) years of experience with aircraft armament systems on B-52, FB-11,
F-4 and F-15. Member of the Loading Standardization Crew (LSC) which
trained load teams and oversaw munitions load operations for the Bomb Wing /
Fighter Squadron. Conducted weapons system Reliability Analysis and
Quality Control inspections of aircraft as well as munitions. • Knowledgeable
of munitions handling safety - Small Arms, Conventional Missiles and Bombs as
well as nuclear weapons – AFCS 46270. • Trained
in and performed duties as an Air Force Security Police Officer – AFSC
81150. HARDWARE, SYSTEMS AND SOFTWARE TOOLS:
PROFESSIONAL AFFILIATIONS & AWARDS/CERTIFICATIONS/COMMUNITY
INVOLVEMENT Armed Forces Communications and Electronics Association - (AFCEA) National Military Intelligence Agency - (NMIA) Ombudsman for the State of Ohio -
Department of Aging = Senior Citizens International Order of DeMolay =
Legion of Honor Awardee
|
|
|
||||||||
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|