CHARLES D. HARE, JR.

 

CAREER OBJECTIVE

Obtain a career position that utilizes my leadership and expertise in IP Networking, IT Security, VoIP, Operating Systems and advanced Security applications and technologies. I offer demonstrated dedication, personal drive and superior performance. Past experience gained with leaders in government, information assurance, intelligence, defense, and financial products. I currently hold the following certifications;

 

Active NSA TS/SCI w/ FS Poly Clearance

Certified Information Security Manager (CISM)

Certified Information Systems Security Professional (CISSP)

NSA Information Assurance Methodology (NSA IAM)

Cisco Certified Network Professional- Security (CCNP-S)

FedRAMP 200 Level Certification

Cisco IP Telephony Certified (CIPT)

Cisco Certified Network Associate (CCNA)

Cisco Certified Design Associate (CCDA)

CheckPoint Certified Security Engineer (CCSE)

NSA (INFOSEC) CNSS 4011 Certified

NSA (INFOSEC) CNSS 4013 Certified

DISA HBSS 4.5 Administrator Certified

DoD 8570.01 IAT and IAM Level 3 Certified

Cisco Certified Intrusion Prevention System Specialist

Cisco Certified IOS Security Specialist

.

PROFESSIONAL BACKGROUND

 

Senior Security Analyst – US Customs and Immigration Service – Dept. of Homeland Security

Washington, D.C. – January 2015 to Present

·   Provide IT Security assessments under NIST, FISMA and FedRAMP frameworks.

·   Conduct assessment interviews and conduct network and host vulnerability scans using a variety of tools that include, but not limited to Splunk, WebInspect, Qualys, PaloAlto, DBProtect, Nessus, Kali, Metasploit and various offensive frameworks.

·   Conduct full, limited, partial or hybrid Vulnerability Assessments on customer systems both traditional, Cloud-based and Hybrid networks.

·   Develop and update PO&AM tables and perform the validation and verification of remediation efforts to close PO&AMs.

·   Support customer in developing processes and procedures in support of Security Compliance and Risk Management for customers systems.

 

Senior Systems and Security Engineer – US Export / Import Bank

Washington, D.C. - August 2014 to January 2015

·   Subject-matter expert in network security practices that include the full administration of firewalls, vulnerability identification and mitigation, and best practices for securing/hardening network systems. Network penetration testing and exploitation experience across many modes and mediums.

·   Provide technical oversight of security and systems administration to manage the execution of daily enterprise operations, while driving the identification, prioritization and fulfillment of new tasks/projects that increase the performance, availability, supportability, and security of customer systems. 

 

 

 

Global Cyber Security Architect / Consultant – Booz Allen Hamilton

National Business Park, Annapolis Junction, MD. – June 2011 to August 2014

·   Former Network Analyst at NSA in the TAO group. Offensive Network penetration, persistence and exploitation experience across many modes and mediums.

·   Demonstrated expertise in the areas of systems, networks and applications engineering and analysis applicable to IA / INFOSEC and C&A engineering and policy within DIACAP, NIST and ISO27001 frameworks.

·   Expert in Defense-in-Depth principles and technology, that includes network and enterprise security architectures, IAM, AAA (authentication, authorization and accounting), vulnerability assessments and remediation, security risk analysis and Public Key Infrastructure (PKI). Deep Technical knowledge with many years hands-on experience across a vast array of security platforms.

·   Utilized Secure Configuration Control mechanisms to secure local services and applications, set permissions on files and directories and improve access control parameters, limiting privileged user access and improving security posture across multiple platforms. Experience with SCAP and OpenSCAP tools and specifications to include OVAL, CPE, CVE and CVSS specifications.

·   Responsible for network security operations and cyber warfare tactics, techniques, and procedures focused on networked weapons platforms and US and DoD information networks. Experienced in CNE/CNA analysis and operations.

·   Delivered HBSS (Host-bases Security System) solution to a major DoD Health services and billing provider. Subject Matter Expert for Virtualization Security and Cloud Security. Created client network and security Cloud FedRAMP transition plan to allow large government client to transition applications and services to a Commercial Cloud Service Provider. Member of Network and Security requirements gathering and SOC Planning team for major “quasi-governmental’ energy client.

 

 

Information Assurance Lead – United States Marine Corp – Dependable Global Solutions

Quantico, Va. – June 2010 to June 2011

·   Responsible for all aspects of Information Assurance for USMC’s Global Combat Systems Support (GCSS) at the Marine Expeditionary Force (MEF) level. Duties include completion of a full DIACAP Certification and Accreditation (C&A) with ATO (Authorization to Operate) under MARCORSYSCOM, DISA and MCNOSC oversight.

·   Perform security readiness reviews and insure STIG (Secure Technical Implementation Guides) deployment across multiple platforms. Perform Network Penetration testing and Application and Infrastructure scanning using DIACAP, NIACAP and NIST Best practices, techniques and tools.

·   Significant technical experience allows me to develop POA&M’s with attention to detail and rapid actions and planning for issue mitigation and remediation within DoD 8500.1 and.2 guidelines. Regularly meet with all project stakeholders to incorporate Information Assurance best practices into all aspects of the program life-cycle.

 

IT Security Lead – United States Census Bureau – Federal Working Group for IBM Corp.

Washington, DC. – March 2009 to June 2010

·   Responsible for key aspects of Certification and Accreditation (C&A) at US Census. My duties include directing engineering resources towards each phase of certification. I incorporate a broad range of security and privacy skills and extensive experience in security engineering and architectures including ISSE experience. Broad experience with C&A, FISMA, FIPS-140, FIPS-140-2, OMB A-130 and ISO/IEC 27001 security requirements such as NIST 800-53 A through Rev. 3 series of controls within Census.

·   Perform security assessments, and lead in the overall security risk assessment and management process for Census. “Go-To” person for engineering, risk and problem solving issues. Lead a review of SIEM Vendors to include ArcSight, QRadar, SenSage and others.

·   Review requirements; identify problems, gray areas, and specific issues. Conduct analyses to validate technical and operational requirements. Identify interfaces, logical sequence of task execution, information flows, and interfacing requirements. Develop, coordinate, and monitor testing (ST&E), implementation and remediation plans (POA&Ms) in support of C&A.

 

Engineering Lead, Information Systems Security - Northrop Grumman Corporation

Richmond, Virginia - December 2007 to March 2009

·   Responsible for all aspects of Information Systems Security engineering. Lead a team of 20+ highly qualified and motivated engineers in designing, deploying and managing a World-class government Information Systems Security solution.

·   Sustained transformation of Virginia Information Technology Agencies’ WAN Provider Solution into a Next General Multi-Service Network (IP/MPLS Based Core, State-wide VPN Services, VoIP, Video & other IP Telephony Solutions)

·   Design, engineer, deploy and manage all network and operational security devices including 600+ firewalls from multiple vendors, 30+ IPS/IDS sensors, multi-vendor VPN solutions that included 2-factor authentication with both SSL and IPSec encryption,  enterprise content management and wide-area caching.

·   Develop secure technical solutions to complex business problems which require the regular use of ingenuity and creativity. Exercise considerable latitude in determining technical objectives of assignment. Guide the successful completion of major programs and  function in a project leadership role. Represent the organization as the prime technical and security contact on contracts, projects and services. Interact with senior external personnel on significant technical matters often requiring coordination between multiple organizations.

·   In depth experience with Internet protocols vulnerabilities, intrusion detection systems, firewall management, network vulnerability analysis, cryptographic theory and practice, incident analysis and response, software testing and security assessment, malicious code and software exploitation techniques, continuous monitoring and event logging, counterterrorism cyber crimes, computer forensics analysis, and computer crime investigation.

·  Deliver extrodinary results in an extremely high-pressure environment.

 

 

Information Systems Security Engineer- Northrop Grumman Corporation

Richmond, Virginia - September 2005 to December 2007

·   Design, test, and implement state-of-the-art secure Networks, Windows operating systems, and Unix / Linux products. Conduct risk assessment and provide recommendations for Infrastructure design. Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, Voice, Video and network access.

·   Use encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research. Prepare security reports to regulatory agencies such as Department of Defense (DOD) or Department of Energy (DOE). Participate in various Information Security Certification and Accreditation (C&A) programs and Frameworks including ISO 27001, FIPS, NIST and FISMA at multiple levels and in various roles, from catagorizing systems, through implementation, assesment and monitoring of systems and data.

·   Security specific experience includes design, configuration, installation, operation and management of various security platforms from Cisco, Juniper, Internet Security Systems, RSA, Blue Coat, EMC Clariion and Symmetrix Enterprise Storage systems, McAfee, ArcSight and Intellitactics SIEM’s.

 

Senior Telecommunications Analyst – Virginia Information Technologies Agency – Richmond, Va. 2005

·   Conduct the engineering, design, architecture, review and risk assessment of LAN, VLAN, and WAN implementations for statewide telecommunication and network projects utilizing wide area and local area network technologies and protocols.

·   Perform the configuration of routers, switches, firewalls and other network equipment.

·   Perform research to develop recommendations for enhancements, expansions and/or consolidations of telecommunications and network implementations and deployments, facilities, and services. 

 

Senior Voice over IP Engineer, Dept. of Commerce for Insight Global – Washington, D.C. 2004

·   Serve as NOC support expert for Cisco Secure AVVID deployment of 7,000+ phones utilizing Cisco CallManager, Unity Voicemail and assorted Cisco and non-Cisco Voice Application servers in a Windows 2000 and 2003 environment.

·   Implementation engineer in the deployment of QoS switch and router architecture in a secure MIL-spec environment.

·   Responsible for all aspects of Microsoft Server and Securing the networking environment.

·   Experienced in all aspects of T1 and T3 Telecom circuits for Voice and Data, and Video communications.

 

 

Senior VoIP Implementation Engineer, LogicaCMG Telecom – Richmond, VA 1999 – 2004

(formally Cisco Systems)

®       Part of a small world-wide team to implement first VoIP-based Voicemail at a major Wireless vendor in 13 countries.

®       Served in critical role of subject matter expert for Cisco VoIP and Video over IP Telephony and Messaging Solutions in UNIX, Linux and Windows environments.

®       Multiple Operating System experience. Hands on and in depth (UNIX, Linux, Windows).

®       Designed and delivered advanced network solutions utilizing Cisco routers, switches, remote access, storage, network security and Telecom components.

®       Complex system integration and installation and on-time delivery at customer site.

®       Communication level from customer engineers to customer CEOs (written and oral presentation skills)

®       Deployment of various Telecom circuits (T1, T3, POTS, etc…) to service Voice and Data communications needs.

®       Onsite deployment of IP based voice and video Unified Communications solutions into both enterprise and service provider carriers worldwide. This includes a wide variety of Cisco AS5xxx voice access servers, switches, routers and media gateway controllers utilizing H.323, H.263, MGCP and SIP VoIP and video protocols; Sun servers and arrays; HP/Compaq based servers; in conjunction with a variety of hardware and software based IMAP messaging, EMC SAN Storage, SunOne, OpenLDAP and other X.500 directory products.

®       Network Security, Veritas Backup, Clustering, Failover, and High-Availability knowledgeable

 

Senior Technology Integration Analyst, Capital One Financial – Richmond, VA 1998 - 1999

®       Selected as the Test Manager in Emerging Technologies and Integration Group.

®       Successfully implemented and utilized Netware, Windows NT and UNIX platforms.

®       Performed in-depth testing of e-commerce, voice-over-IP, secure remote access, LAN/WAN, ATM and Load-Balancing components.

®       Provided strong management of multiple enterprise-level projects from initiation to deployment.

 

Internet Specialist/Owner, HareNet Computing – Richmond, VA 1997 - 1998 

®       Started-Up and managed all aspects of this regional ISP and network consulting firm.

®       Effectively used web-based NT, Netware 3.x/4.x, TI, ISDN, Windows NT servers, routers, DNS, World-wide Web, Radius and remote access equipment.

 

Network Analyst, Philip Morris for IPC Technologies – Richmond, VA 1996 - 1997 

®       Hired to manage and support corporate LAN/WAN architectures.

®       Integrated Cisco routers, Cabletron switches and AT&T CSU/DSU set-up and support.

®       Managed corporate WAN data communications links including FDDI, dedicated and switch circuits.

 

Sperry Marine Inc. – Product Engineer                        1995 - 1996

Charlottesville, Virginia.

Designing WinNT based Networking products for Global Navigation.  Set corporate standards in Portable Electronic Documentation.  Principle in bringing Internet Worldwide Web implementation into Sperry Marine.  Worked closely with customers in Cross-Platform Documentation and Data Transmittal using HTML, The Internet and Intranets, CD-ROM and other formats.

 

 

Sperry Marine – Asia – Service Manager     1993 to 1995

Tokyo, Japan

     Designed and supervised installation of Netware 3.x and WinNT Network based products throughout Asia.  Installed and configured office software for desktop and LAN applications.  Managed Service Dept. and responsible for all Technical aspects of regional operations.  Member of the Tokyo Computer Professionals Association.

 

Sperry Marine Systems – Service Engineer            1987 to 1993

Seattle, WA

Installation, maintenance, and training of Networked Computer Navigation and Geographic Information Systems (GIS).  Duties include Proto-typing, test creation, and 68XXX and 80XXX CPU’s.  Department Network Administrator.  National and International customer support for integrated networking products.

 

 

M I L I T A R Y   S E R V I C E

 

United States Navy - Electronic Warfare Technician   1980 - 1988

 

 

TECHNOLOGY SKILLS

Computer Networks:Voice-over-IP and Video-over-IP Based Telephony and Unified Messaging, Cloud computing, MPLS, Virtualization, VMWare, Wireless Point-to-Point and Point-to-MultiPoint Architectures (802.11b/a/g/n), Veritas Data Center, SSL and IPSec VPNs, Advanced WAN/LAN Routing Protocols, Cisco routers, switched and network security, NIST and DIACAP STIG’s All Platforms, GoldDisk, Eeye Retina, Ghost, Nessus, Rational AppScan, HP WebSphere, Unix and Oracle SRR’s, Windows Server 2003, CiscoWorks, TCP/IP, IPX/SPX, Netbios, SNMP, Token-Ring, AppleTalk and Ethernet Topologies, using Novell Netware 3.x and 4.0x, UNIX, WinNT and hybrid networks.  Also expert in T1 and Fractional T1, ISDN, Frame Relay, and Remote Access Telco Circuits. Proxy and Firewall Security policies, installation, configuration and management of same.

 

Computer Software:Unix, Linux, Solaris, Windows XP, Win95, Windows 7, Win2000 through Windows 2008, and operating system security, NIST and DIACAP STIG’s, GoldDisk, Eeye Retina, Ghost, Nessus, Rational AppScan,HP WebSphere, Veritas NetBackup DataCenter and EMC Legato NetWorker. Various Tape Hardware and RAID Arrays Lotus Notes, MS Office, MS Exchange Server 4.x thru 2000, Network Email set-up and management, FrontPage 98, PhotoShop, other web creation tools, MS SMS Beta-tester. Expert in all aspects of Data Communications and Remote Access.

 

 

EDUCATION

New River Community College – Dublin, VA

Associate of Applied Science, Electronic Engineering, 1987

 

University of Maryland, University College – Largo, MD

Bachelor of Science, Cybersecurity, Current

 

Certified Information Systems Manager - 2013

Amazon Web Services (AWS) Cloud Solutions Architect - 2013

National Security Agency - Information Assessment Methodology – 2010

eMASS Training – 2010

DIACAP Implementation Training – 2010

Information Assurance Fundamentals - 2010

High Speed Guard Cross Domain Solution Training -2010

Host-Based Security Systems 4.5 Administrator Training - 2010

Cisco Certified Security Professional - 2007

Cisco IOS Security Specialist - 2007

Cisco IPS Specialist - 2007

Cisco Firewall Specialist - 2007

Cisco Information Security Specialist - 2007

Securing Cisco Network Devices - 2007

Configuring Juniper Networks Firewall / IPSec VPN and Security Manager - 2007

Internet Security Systems Proventia, SiteProtector and IDS/IPS - 2007

Certified Information Systems Security Professional -2007

Cisco Secured Networks with PIX and ASA – 2006

Cisco Certified Network Associate – 2006

Cisco Certified Design Associate - 2006

Interconnecting Cisco Network Devices - 2005

Solaris System Administrator II – 2002

Designing Cisco Networks – 2000

Cisco IP Telephony Certified – 2000

Red Hat Linux Systems Administrator I and II – 2000

Nortel VolP Solutions Training – 1999

Cisco Internetwork Troubleshooting – 1999

Cisco LAN Switch Configuration – 1999

Cisco Routers and LAN Switches – 1999

CheckPoint Firewall – 1 Security Certification – 1997

Advanced Cisco Router Configuration – 1996

Microsoft Windows NT Enterprise Support - 1996