YULY M. BENINK
14128 Clatterbuck Loop
Gainesville, Virginia 20155
703-203-8406 (Cell)
703-754-7403 (Home)
yulybenink@me.com

·               DOD TOP SECRET – SSBI

·               DHS EOD (entry on duty)

 

·               Nearly 18 years of experience as a Subject Matter Expert (SME) in the areas of Information Assurance, Information Technology, Computer Security, Telecommunications, Network Operations, Network Systems, Service Provisioning, Guard Provisioning, New Technology Services Development & Implementation, Customer Relations, Vendor Management Relations, and Supervisory Expertise

·               Integrated and installed X.509 Certificates (FORTEZZA, and PKI Certificates) in numerous Army and Air Force installations

·               Integrated and installed X.500 directory for DOD Defense Messaging System

·               SME, Information Assurance Vulnerability Management (IAVM) for various DOD (Army, Air Force and Navy) UNIX and Windows systems

·               SME, System Security Readiness Review (SRR’s, Gold disk) which involved scanning various Army Knowledge Online (AKO) systems and analyzing the reports to assess security posture and compliance

·               Highly proficient with MS Office Suite, Word, PowerPoint, Excel, Access, MS Windows, Sun O/S, and Unix operating Systems and numerous research and target related applications and tools

·               Fluent in both English and Spanish

 

·               Certified Authorization Professional (CAP)

·               CompTIA Security+

·               Certified Novell Engineer (CNE)

·               Microsoft Certified Systems Engineer (MCSE trained and certified)

 

ACCENTURE/AGILEX TECHNOLOGIESJanuary 2015 Present

As the Information Systems Security Officer (ISSO) for the different systems I am responsible for:

·   Preparing, maintaining, and implementing a Computer Security Plan that accurately reflects the security protection measures for each classified information system for which I am responsible.

·   Works closely with the System Administrator to maintain the system's security and accreditation status.

·   Ensuring implementation of these security measures by conducting security reviews and system tests.

·   Implementing site procedures for marking, handling, controlling, removing, transporting, sanitizing, reusing, and destroying media/equipment containing classified information.

·   Responsible for reviewing changes to the classified system components, environment, and location, including temporary relocation to another classified area.

·   Serves as a resource to users for all questions concerning classified systems.

·   Verifies users' access requests are approved; controls users' access.

·   Ensures users are instructed on the appropriate use of computer systems.

·   Assist in the determination of an appropriate level of security commensurate with the impact level

·   Assisting in the development and maintenance of system contingency plans for all systems under my responsibility.

·   Participate in risk assessments to periodically re-evaluate sensitivity of the system, risks, and mitigation strategies.

·   Notify the responsible IT Security Officer (ITSO) of any suspected incidents in a timely manner, and assist in the investigation of incidents, as necessary.

·   Maintain cooperative relationship with business partners or other interconnected systems.

Computer Sciences Corporation (CSC)September 2013 to January 2015

Senior Security Analyst

·               Subject Matter Expert (SME) at CSC on current TSA program initiative for Certification and Accreditation of TSA IT Systems.

·               Subject Matter Expert (SME) on current TSA program initiative for Security Assessment and Authority to Operate (ATO) Kick-Off Meetings, Vulnerabilities Findings Meetings, and System Security Scan coordination with the various system engineering teams.

·               Liaison with Information Systems Security Officers (ISSOs) in support of Technical Vulnerability Audit (TVAs), Information System Security Audit (ISSAs), Critical Control Review (CCRs), Annual Assessments, and System Authorizations

·               Manage and coordinate with engineering teams to resolve issues in Plans of Action and Milestones (POAMs) and Security Findings Remediation, analyze raw system security scan results data to provide better understanding to the engineering teams how to remediate system security vulnerabilities through creating Internal Service Request (ISRs) and creating Remedy Tickets, to provide the ISSO the necessary security evidence (Artifact) to close out vulnerabilities and POAMs findings

·               Manage, coordinate, review and update different security documents [Systems Security Plan, Contingency Plan, POAMs Closure Packages, and System Requests For Changes (RFCs)] in support to the ISSO for system security audits and system Authority to Operate (ATO)

 

Occam Solutions, Inc.

Senior Security Analyst and SME           June 2011- September 2013

·               Lead Subject Matter Expert (SME) at Occam Solutions LLC on current TSA program initiative for Security Assessment and Authority to Operate (ATO) Kick-Off Meetings, Vulnerabilities Findings Meetings, and System Security Scan coordination with the various system engineering teams.

·               Liaison with Information Systems Security Officers (ISSOs) in support of Technical Vulnerability Audit (TVAs), Information System Security Audit (ISSAs), Critical Control Review (CCRs), Annual Assessments, and System Authorizations

·               Manage and coordinate with engineering teams to resolve issues in Plans of Action and Milestones (POAMs) and Security Findings Remediation, analyze raw system security scan results data to provide better understanding to the engineering teams how to remediate system security vulnerabilities through creating Internal Service Request (ISRs) and creating Remedy Tickets, to provide the ISSO the necessary security evidence (Artifact) to close out vulnerabilities and POAMs findings

·               Manage, coordinate, review and update different security documents [Systems Security Plan, Contingency Plan, POAMs Closure Packages, and System Requests For Changes (RFCs)] in support to the ISSO for system security audits and system Authority to Operate (ATO)

 

Secure Missions Solution LLC

Senior Information Assurance Analyst and SME                            January 2010 to June 2011

As Senior Information Assurance Analyst serve as the subject matter expert (SME) in providing DIACAP, DODI 8500.1, DODI 8500.2, and Army Regulation 25–2 Information Assurance (IA) guidance in support of the Agent of Certification Authority (ACA) for Army Knowledge Online (AKO) System under the Program Executive Office Enterprise Information Systems (PEO EIS).

·               Analyze Information Assurance (IA) policy, and requirements analysis for AKO

·               Create and review Security Assessment Plan

·               Conducted vulnerability scans using Nessus, DISA Gold Disk, DISA UNIX SRR scripts, DISA STIGs and DISA Security Checklists

·               Analyze Security Assessment Results and recommend security fixes for the system

·               Evaluate DIACAP Information Assurance controls and ARMY security controls to produce certification and accreditation packages for AKO

·               Investigate and analyze new technologies that will address data encryption, audit and define access control for AKO in accordance with DOD and Army requirements

 

 

GAITS LLC

Senior Information Assurance Engineer and SME                            August 2009 to December 2009

As the Information Assurance Engineer for Defense Logistics Agency (DLA) serve as a subject matter expert (SME) providing Certification and Accreditation (C&A) Support.

·               Implemented and integrated certification and accreditation activities in accordance with the DoD Information Technology Certification and Accreditation Process (DIACAP) for the Defense Distribution Center (DDC). Incorporated information into Enterprise Mission Assurance Support System (eMASS) to update security controls listed in DoDI 8500.2

·               Integrate and implement the Certification and Accreditation (C&A) process for the Defense Distribution Center (DDC) within the J6N infrastructure

·               Implemented Security Technical Implementation Guides (STIG) for the J6N and other technology discovered at sites being certified

·               Updated and tested Information Technology Contingency and Incident Response Plans for the J6N and DDC Depots to ensure the continuance of mid-tier network connectivity and information processes that support DDCs mission

·               Updated, tested and provided guidance to incident responses for depots plans and procedures as required by DITSCAP/DIACAP control requirements

 

SNVC LLC 

Senior Information Assurance Analyst and SME            November 2008 to August 2009

As the Information Assurance Analyst for the Joint Basing Action IT operations for U. S. Army Installation Management Command Chief Information Officer (IMCOM CIO), served as subject matter expert (SME) to the Deputy Chief Information Officer.

·               Managed Certification & Accreditation (C&A) and Information Assurance tracking of CONUS IT enterprise systems

·               Consulted and provided guidance with Directors of Information Management at various Department of Defense military base IT infrastructure improvements and expansion initiatives (such as carrier-class Nortel/Siemens/Cisco switching systems, enterprise VOIP deployments, and PKI OCSP authentication) to ensure highest visibility for funding and approval

·               Maintained Microsoft SharePoint portal for lessons learned, industry best practices, and policy guidance documentation library for supported garrisons

·               Prepared briefings and white papers in support of technical projects and issues

 

 

Intelligent Decisions LLC

Information Assurance Analyst and SME           March 2008 to October 2008

·               Managed and implemented Certification and Accreditation efforts for the IDENT/US-VISIT under the Smart Border Alliance (SBA) Program, using guidance from DHS 4300A Information Assurance (IA) Policies and Guidance, e.g. Information Assurance (FIPS and NIST)

·               Developed and submitted draft and final versions of the SSP, SRA and ST&E Plans

·               Analyzed systems using the NESUS Security Scan tool, to analyze results and recommend security fixes to the system

·               Investigated, analyzed and implemented new technologies that will address the data encryption, auditing and access control DHS requirements for Oracle databases

 

 

Lockheed Martin Inc., Manassas, Virginia

Senior Systems Architect/Engineer                             March 2006 to March 2008

·               Analyzed and provided guidance on Certification and Accreditation efforts for the Submarine system under the DISTCAP Process using guidance from DOD Information Assurance (IA) Policies and Procedures, e.g. Information Assurance (DOD 8500.1 and 2 and DITSCAP DOD 5200.40, 5200.28)

·               Developed and submitted draft and final versions of the SSAA

·               Served as Lead Analyst supporting the Information Assurance Vulnerability Alert (IAVA) Program; this includes assessment and response of applicability for the multiple Sonar Systems

·               Developed and activated Security Readiness Review (SRR) scripts, analyzed results and applied security fixes to the system

·               Installed and configured CA eTrust to ensure events are properly audited on the system

 

Lockheed Martin Inc., Arlington, Virginia                                                                 July 2005 to March 2006

Staff Systems Integrator

·               Analyzed and guided the Certification and Accreditation effort for the Missile Defense Agency under the DITSCAP Process using guidance from DOD Information Assurance (IA) Policies and Procedures, e.g.; Information Assurance (DOD8500.1 and 2 and DITSCAP DOD 5200.40, 5200.28)

·               Developed C&A project plans using Microsoft Project and Microsoft Word

·               Developed and submitted draft versions of the SSAA, ISSP, and CONOPS for review

·               Negotiated the establishment of Level of Effort and developed a schedule for Certification and Analysis, Vulnerability Assessment and Security Validation

 

Lockheed Martin Inc., Manassas, Virginia             April 2001 to July 2005

Staff Systems Integrator and Team Lead

·               Team Lead in support of the Information Assurance Vulnerability Alert (IAVA) Program for the Joint Interoperability Test Center (JITC)

·               Authored IAVA test procedures and performed functional testing against all Defense Message System (DMS) components

·               Developed, maintained, reviewed and updated system security plans and system documents

·               Conducted periodic reviews to ensure compliance with security documentation and policies

·               Reviewed and identified potential security risks in proposed architecture to include hardware, software, ports and protocols using Tripwire reports

·               Ensured that High Assurance Guard is operational, used properly, maintained, and disposed of in accordance with security policies and practices

·               Resolved security concerns and problems in high level technical meetings

 

Maden Technologies Inc., Arlington, Virginia                                                          November 1999 to April 2001

Senior Systems Engineer

·               System Engineer providing technical support of the United States Army Defense Message System Program

·               Designed, tested, and implemented the Defense Message System components for all required network elements

·               Installed Windows (NT/2000) and Unix OS (Solaris HP) with Exchange and Lotus Notes application

 

 

Wang Global Inc., Herndon, Virginia                                                                        November 1998 to November 1999

Secure System Analyst

·               System Analyst performing configuration and installations of Defense Message System components, to include High Assurance Guard for multiple network elements

·               24-7 on-call technical support and liaison among all network elements

·               Advised and guided customers on updated and newly published security policies and SOPs.

 

 

Boeing Information Services Inc.                                                                               December 1996 to November 1998

Communications Engineer

·               Communications Engineer providing technical support for the Defense Message System Program

·               Designed messaging infrastructure to support United States Air Force Defense Message System initiatives at several Continental US (CONUS) military bases

·               Configured and installed the Directory Service Agent, which utilizes the X500 directory schema

 

EDUCATION

Bachelor of Science (BS): Accounting

Instituto Comercial del Valle; Cali Colombia

Stratford University (CNE and MCSE), Falls Church, Virginia

LANGUAGE

Spanish

English