From: route@monster.com
Sent: Thursday,
October 27, 2016 4:44 PM
To: hg@apeironinc.com
Subject: Please
review this candidate for: SRR
This resume has been forwarded to
you at the request of Monster User xapeix03
|
|||||||
|
|||||||
|
|
|
||||||
|
||||||
|
Diane M Cyran 4823
Trailside Ct. Huber
Heights, Ohio 45424 937-236-5376 dcyran@earthlink.net PROFESSIONAL SUMMARY Knowledgeable, highly qualified
professional with over 20 years combined experience in enterprise
integration, project management, functional and software requirements
analysis and specification, entire lifecycle application systems development
of planning, design, testing, and development. Educated in security
requirements and risk and vulnerability minimization for design and
modernization of systems. Exceptional debugger and problem solver.
Competent in leading facilitation sessions to extract requirements from
users. Proficient in producing comprehensive and understandable
documentation. Excellent communication and writing skills.
Capable of coding in C, C++, Pascal, Jovial, FORTRAN, COBOL, and
ORACLE. Experience in IEF, IDEF1X, and ERwin information engineering
methodologies and case tools. Very detail oriented. Thorough and
complete in analysis and design. Proficient at completing schedule on
time by multi-tasking. Good, strong team player. Knowledgeable and competent in
Information Assurance (IA) requirements to ensure that IA is built into the
entire lifecycle of a product. Stays current on National, DoD and Air
Force regulations governing IA. Know how to apply the IA regulations to
a Special Access Program. EDUCATION Master of Business Administration, University of Dayton, Dayton, Ohio, 2000. Bachelor of Science, Ohio University, Athens, Ohio, 1972. PROFESSIONAL EXPERIENCE H&R Block,
Dayton,
Ohio
January 2013 – April 2015 Tax Preparer Tax preparer to
prepare and review client tax returns. Handle client tax questions and
collect necessary information for tax return completion. Stay abreast
of current tax laws and changes to ensure that client returns are in
compliance with current tax laws. Provide timely, high-quality client
service that meets or exceeds clients expectations. Continually take
classes to increase my tax competence and obtain additional certifications. MacAulay-Brown,
Dayton, Ohio Information Assurance SpecialistNovember
2007 – October 2010 Project lead to ensure that each
subsystem of the F-22 has current Certification and Accreditation
(C&A). Each subsystem needs an Approval to Operate (ATO) each time
a new version of the software is released or every three years; whichever is
sooner. Identify and use National, Federal, Department of Defense
(DoD), and Air Force (AF) standards to evaluate the security safeguards of
the F-22 weapon system to ensure that the weapon system stays current with
regulations. Analyze the security of applications, operating systems,
and databases. Identify the known risks and vulnerabilities of the
systems. Identify the security of the interfacing systems.
Utilizes National Security Telecommunications and Information Systems
Security Policy (NSTISSP) No. 11, National Policy Governing the Acquisition
of Information Assurance (IA) and IA-Enabled Information Technology (IT) products
to ensure that all COTS IA and IA-enabled products to be used on systems have
been evaluated and validated in accordance with the requirements established
in this document. Understanding the importance of identifying IA
requirements at the beginning of a development cycle reinforces the need for
a C&A plan to be established that covers the entire development
life-cycle and helps to avoid introducing costly risks into the program. Active in the development of the
C&A plan used for the weapon system, which identifies what System
Security Engineering (SSE), Certification, Test and Evaluation (CT&E),
and C&A tasks need to be accomplished at each development phase.
This plan identifies tasks that are needed to be accomplished before System
Requirement Review (SRR), System Design Review (SDR), Preliminary Design
Review (PDR) and Critical Design Review (CDR). Create a schedule for
each C&A event to ensure that the CT&E report is delivered and
reviewed for submittal into the C&A package. Wrote the Information Assurance
Strategy section of the Information Support Plan (ISP) for the F-22
program. Worked with National Security Agency (NSA) to create the
Assurance Requirements for the F-22 A/V to ensure that the multi-level secure
(MLS) architecture of the A/V is not compromised by the implementation of new
technology. Created a process and schedule to ensure that changes made
to the Operational Flight Program (OFP) for the F-22 A/V during lab
integration received proper CT&E to ensure that the security baseline of
the OFP was not compromised. Ensure that new Commercial
Off-the-Shelf (COTS) IA security and security-enabled products being
introduced into the program have been evaluated and validated.
Coordinate with the DAA representative on deviations to requirements because
of the MLS operating system restrictions and identify mitigations put in
place to counteract the limitations of the operating system to ensure that
the MLS architecture is not compromised. Responsible for analyzing new
designs going into the software to ensure that no security vulnerabilities
are introduced into the system. Ensures that software development
procedures are followed, thorough and adequate testing is performed, and that
the IA requirements are accomplished. Create the C&A package, which
is submitted to the Designated Approving Authority (DAA) for an Approval to
Operate (ATO). Created the Weapons System Security Certification and
Accreditation Plan (WSSCAP), which defines the coordination needed between all
government agencies and the signatures needed for the C&A package to
present to the DAA for the issuance of the ATO. Created the Plan of
Actions and Milestones (POA&M) which is used by the Air Force Network
Integration Center (AFNIC) in their issuance of the Approval to Connect
(AtC). Sumaria Systems,
Inc., Dayton, Oh Information Assurance SpecialistMay
2005 - November 2007 Identify and use National, Federal,
Department of Defense (DoD), and Air Force (AF) standards to evaluate the
security safeguards of the F-22 weapon system. Analyze the security of
applications, operating systems, and databases. Identify the known
risks and vulnerabilities of the systems. Identify the security of the
interfacing systems. This analysis resulted in the creation of the
System Security Authorization Agreement (SSAA), in accordance with DoDI
5200.40, DoD Information Technology Security Certification and Accreditation
Process (DITSCAP), obtaining a FULL accreditation of the system.
Analysis also resulted in a System Security Plan (SSP), in accordance with
JAFAN 6/3, Joint Air Force, Army, Navy Manual. These Approval to Operates
(ATOs) validate the system is operating in a secure environment. Review system wide Certification and
Accreditation (C&A) documents to ensure that these documents are kept
current and reflect the current threats and vulnerabilities for the F-22
systems and update these documents as needed. Organize, chair and
support the F-22 Certification and Accreditation Working Group (CAWG) and
annual meetings. Track all action items resulting from these meetings
and pursue the timely completion of these action items BAE SYSTEMS,
Dayton, Ohio Senior Security Officer/Data ModelerFebruary
2001 - May 2005 Identified and used National,
Federal, Department of Defense (DoD), and Air Force (AF) standards to
evaluate the security safeguards of systems. Analyzed the security of
applications, operating systems, web servers, and databases; several of these
systems are located on the GCSS-AF portal. Identified the known risks
and vulnerabilities of the systems. Identified the security of the
interfacing systems. This analysis resulted in the creation of the
System Security Authorization Agreement (SSAA) obtaining a FULL accreditation
of the system. This Approval to Operate (ATO) validates the system is
operating in a secure environment. Identified and used National,
Federal, Department of Defense (DoD), and Air Force (AF) standards to
identify the security requirements that must be incorporated into the
development and modernization of operating systems, resulting in the
development of the command, control, communications, computers, and
intelligence (C4I) support plan (C4ISP). The C4ISP documents the operational,
system, and technical views of a system, which demonstrate how that system
fits into the DoD architectural framework. Created the Conceptual Data Model
for Weapon System Management Information System (WSMIS), which captures the
business rules and major entities of the entire business process.
Created the Logical Data Model (LDM) for WSMIS, which contains the data
elements used in SAV and RCAS processing. Added SAM, RealmH, RealmPC,
and RealmG legacy system data elements and business rules into the Logical
Data Model of WSMIS. Analyzed the Interface Control
Documents (ICDs) for data coming into and going out of WSMIS, identified the
primary keys to represent the data being supplied, and logically modeled the
data in the LDM. Participated in enhancing the
Database Change Request (DCR) document which records the new requirements
that need to be added to the WSMIS database, shows the proper key structure
and table structure for the new requirements, and identifies any business
rules for processing the data when loading the data into the WSMIS database. Analyzed the data structure for the
modernization effort of RCAS, provided changes that need to be made in order
to integrate the modernization effort into the current WSMIS database, and
integrated the revised structure into the LDM. A.F. Kelly, Dayton,
Ohio Senior Data EngineerFebruary 2000 -
February 2001 Participated in discussions with the
key stakeholders of Materiel Systems Group (MSG) to identify their goals and
objectives for designing a new technical architecture that will take
advantage of new technologies while using the existing systems to provide
asset visibility to the warfighter. Created the design for the
conversion of legacy master files into the integrated Data Depot
database. This involved analyzing the physical model for the Data Depot
to facilitate mapping the legacy data to the physical database, and analyzing
legacy source code and master file layouts to capture the business rules
necessary to correctly convert the legacy data into the new database. Created the design for the
processing of both input and output interfaces for the legacy systems that
are to be incorporated into the new Data Depot database, and the other legacy
systems that are interfacing with these incorporated legacy systems.
This involved mapping the legacy data elements to the Interface Control
Document (ICD) data elements, mapping the ICD data elements to the physical
database, and analyzing the Cobol legacy source code to capture the business
rules necessary to continue sending the correct data information in the
interfaces. Data Networks
Corporation, Dayton, Oh Senior Information EngineerFebruary
1994 - February 1999 Prepared sections of the System
Architecture Document for the Integrated Data Environment in compliance with
the C4ISR System Architecture requirements. Converted a legacy system
database into a logical IDEF1X data model. This included analyzing the
data dictionary, and participating in and leading facilitation sessions to make
sure that the correct business rules of the organization were being
captured. Converted this logical data model into an ORACLE physical
data model. Responsible for enterprise
application architecture planning, application design and development of the
Joint Total Asset Visibility (JTAV) logical data model using IDEF1X notation
and the ERwin Case tool. This effort included analyzing several existing
data models to create one complete logical data model to represent asset
visibility for all of the Department of Defense (DoD). Later,
integrated the Global Combat Support System rational rose object-oriented
model into the JTAV model. Mapped disparate legacy system data elements to
the standardized data elements in the logical data model. Converted a catalog logical data
model into a data model containing all of the standardized data elements from
the Defense Data Dictionary System (DDDS) that appear in the model.
Identified the data elements from the catalog model that were not
standardized and needed to be submitted for standardization to the DDDS. Logicon Eagle
Technology, Dayton, Oh Software EngineerFebruary 1994 -
February 1995 Prepared data standardization packet
submittals, which included converting IEF data models into IDEF1X data views
for submission to the Defense Data Dictionary System (DDDS), which included
collecting metadata by analyzing other IDEF1X data models for
completeness. Also worked on quality assurance for the Corporate
Logistics Model (CLM) while integrating data from the Depot Maintenance
model. Assisted with the compilation of the mapping plan, including
defining mapping and assessing the mapping requirements of the Joint Logistics
Systems Center. Software
Engineering Associates, Dayton, Oh Lead Software EngineerFebruary 1988
- February 1994 Software Engineering
Associates Dayton, OH Lead Software
Engineer 1988-1994 Responsible for the maintenance of
the Assembler, wrote the user manual for the Assembler, and prepared
interface control documents between the Assembler and the Linker. Led the
software development team that converted an Assembler written in a proprietary
software language into Jovial source code. During the rewrite was
responsible for the design, schedule, coding, testing and documentation of
the software in accordance with MIL-STD-2167A. Supervised four
engineers to ensure timely product delivery. Verified code changes made
by other programmers as well as wrote the code generator for the Assembler on
the VAX 11/780. Converted the Assembler to a 486 UNIX machine which
included rewriting the host interface in C, creating many test programs and
command files in C to verify the correctness and efficiency of the Assembler
on the UNIX machine. Presented both the Preliminary Design Review
and Critical Design Review for this rewrite of the Assembler to the
government. CLEARANCES Type: Top Secret. Issued By: DISCO. Description: Granted on 10 July 2008 ADDITIONAL INFORMATION Continued technical development
through seminars, workshops, textbooks, and active participation in
professional organizations. Completed Data Modeling and
Relational Data Design course sponsored by The Inteq Group, Inc. Completed Introduction to Oracle:
SQL and PL/SQL using Procedure Builder. Completed training in Rational Rose
and Rational RequisitePro generating requirements and use cases in the
Unified Modeling Language (UML). Attended Enterprise Data Forum
conference in November 2003 and developed an enterprise data strategy. |
|
|
||||||||
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|