Profile

 

Ø       Enthusiastic Information Technology professional with over 20 years of experience

Ø       Analytical and detail-oriented problem solver with a strong work ethic

Ø       Background in network security (technical and (policy and planning)), network design engineering, technical writing, training, and project management.

Ø       Effective team player with exceptional written and oral communication skills

 

Clearance

 

Ø       Top Secret

 

Certifications

Ø       Certified In Risk and Information System Control (CRISC)   2011

Ø       Project Management Institute - Risk Management Professional (PMI-RMP)  2010

Ø       ITIL V3 Foundations Certification2009

Ø       Certified Information Security Manager (CISM)2009

Ø       Certified Information Systems Security Professional (CISSP)2007

Ø       Certified Wireless Security Professional   (CWSP)2005

Ø       Certified Wireless Network Administrator (CWNA)2005

Ø       Cisco Certified Network Associate (CCNA)2003

Ø       Microsoft Certified System Engineer (MCSE)2002

Ø       Helpdesk 20002002

Ø       Microsoft Certified Professional (MCP) TCP/IP1999

 

Work Experience

IT Specialist (Compliance Manager)

The Government Accountability Office                                                                          04/08-Present

Ø       Managing a five person NIST/SANS 20 Critical Security Controls based compliance program.  We are transitioning the compliance program from a NIST based program to a SANS based Information Security Continuous Monitoring (ISCM)program

Ø       Support the Director of Information Systems Security Group (ISSG) with all matters concerning the agency security program and ensure the confidentiality, integrity, and availability of information systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security policies, procedures, and tools.

Ø       Managing assessment teams and personally conducting information system security control assessments, analysis and reviews in accordance with the National Institute of Standards and Technology (NIST) governance provided in Special Publication (SP) 800-37 Rev 1.  For low, moderate and high impact information systems.

Ø       Manage Infrastructure as a Service, Platform as a Service, and Software as a Service component configurations and hardening guideline compliance via Tripwire. 

Ø       Managing ISCM with the following additional tools:  CISCOs WCS for wireless infrastructure monitoring, McAfee Vulnerability Manager (MVM) and HP WebInspect for vulnerability management and RSAM for assessment and authorization management. 

Ø       Information System Security Officer, for the implementation of both server virtualization, virtual desktop infrastructure, and for moving infrastructure, platforms, and software applications to cloud based technologies/cloud service providers. 

Ø       Information System Security Officer for all GAO information system’s migrating to the CLOUD.  Work with government technical monitors, contracting officers, CSP, and FedRamp, to ensure the confidentiality, integrity, and availability of GAO CLOUD based information system are within acceptable risk tolerance levels.

 

 

IT Security Program Manager

ExeterOnsite at DHHS\FDA03/08 – 04/08

Ø       Manage the Food and Drug Administrations (FDA) Agency IT Security teams.

Ø       Liaison between Exeter and FDA, providing contract support and reporting to the FDA contracting officer.

Ø       Support the FDA Chief Information Security Officer (CISO) with all matters concerning the agency security program and ensure the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security policies, procedures, and tools.

Ø       Conduct system security evaluations, audits, and reviews in support of the Federal Information Security Management Act (FISMA).

Ø       Provide Certification and Accreditation fourth phase support; continuous monitoring, for 68 FDA systems and 1 general support system.

Ø       Manage the incident response queue.

Ø       Gather, analyze, and preserved evidence used by other groups, such as the Office of Criminal Investigations (OCI) and Employee and Labor Relations (ELR), in the prosecution of computer crimes.

Acting, Information System Security Officer

ExeterOnsite at DHHS\FDA\CDER 10/05 - 03/08

Ø       Manage the Food and Drug Administration Center for Drug Evaluation and Research (FDA/CDER) security program.

Ø       Manage FISMA compliance efforts utilizing NIST guidance for FDA\CDER.

Ø       Develop and maintain Certification and Accreditation packages for Major Applications and General Support Systems. 

Ø       Modify and maintain center policies so they comply with Agency policy, NIST guidance and OMB mandates.

Ø       Research, test and evaluate new security technologies and/or methodologies; for trending, auditing, securing and investigating.

Ø       Investigate a wide range of  security issues that our clients are experiencing 

Ø       Conducted scans utilizing Nessus and NetIQ Security Module

Ø       Conduct annual wireless site surveys for three FDA sites

Ø       Special consultant for the secure and compliant implementation of wireless solutions

Ø       Technical advisor to the agency Chief Information Security Officer (CISO)

Security Engineer

STG, INCOnsite at DHHS\FDA\CDER02/05 – 10/05             

Ø       Provide FISMA compliance support utilizing NIST guidance for FDA/CDER.

Ø       Develop and maintain Certification and Accreditation packages for Major Applications and General Support Systems. 

Ø       Modify and maintain center policies so they comply with agency policy, NIST guidance and OMB mandates

Ø       Research, test and evaluate new security technologies and/or methodologies; for trending, auditing, securing and investigating.

Ø       Investigate a wide range of security issues that our clients are experiencing.

Ø       Conducted scans utilizing Nessus and NetIQ Security Module.

Ø       Special consultant for the secure and compliant implementation of wireless solutions.

Ø       Technical advisor to the Agency Information System Security Officer (ISSO).

Ø       Technical advisor to the Agency Chief Information Security Officer (CISO).

 

 

 

Network Design Engineer

Unisys Onsite at DHHS\FDA\OC10/04 – 02/05             

Ø       Provide Technical writing (Guides, SOPs, assessments, business cases, CRFs, technical diagramming and report generation).

Ø       Manage backup systems   (SANS), with Backup Exec 8.6/9.1 and Exabyte’s robotic library (SCSI and Fiber Channel)) over LAN, SAN, and VLAN technology via Vixel and brocade switches.

Ø       Manage server health monitoring program  (Utilizing Netiq and Netiq’s Network Security Analyzer)

Ø       Manage DHCP server, user accounts, and file/folder/group permissions.

Ø       Engineering and securing Microsoft Windows NT/2000/2003 server technologies.

Ø       Design and implementation of HP and Windows 2003 Enterprise Server Cluster.

Ø       Project Management from concept/initiation to post-implementation.

Ø       Team Lead server migrations WIN2K and WINNT to WIN2003.

Ø       Handling Peregrine tickets/incidents generated by our client community.

Ø       Training of junior and entry level staff.

Ø       Test and evaluate new products and methods.

Network Engineer

Dynanet CorporationOnsite at DHHS\FDA\OC12/03 – 10/04

Ø       Provide Technical writing (Guides, SOPs, assessments, business cases, CRFs, technical diagramming and report generation).

Ø       Manage backup systems  (SANS/VLANS, with Backup Exec 8.6/9.1 and Exabyte’s robotic library (SCSI and Fiber Channel)) over LAN, SAN, and VLAN technology via Vixel and brocade switches.

Ø       Manage Server Monitoring  (Utilizing Netiq and Netiq’s  Security Analyzer)

Ø       Manage DHCP server, user accounts, and file/folder/group permissions.

Ø       Engineering and securing Microsoft Windows NT/2000/2003 server technologies.

Ø       Design and implementation of Windows 2003 Enterprise Server Cluster

Ø       Project Management from concept to implementation.

Ø       Team Lead server migrations WIN2K and WINNT to WIN2003.

Ø       Handling Peregrine tickets generated by our client community.

Ø       Training of junior and entry level staff.

Ø       Test and evaluate new products and methods.

Senior Analyst

Interactive Technology SolutionsOnsite at DHHS\FDA\OC10/02 – 12/03

Ø       Provide technical writing services  (SOPs, business cases, and other reports)

Ø       Responsible for tier 1, 2 and 3 support (responded to incidents in Peregrine and Unicenter ticket tracking systems)

Ø       Tracking and reporting on work flow trends (utilizing Unicenter ticketing system data)

Ø       Mange the technical library

Ø       Image Engineer(Built Core and non-core images) (standardized agency desktop environment)

Senior System Analyst

TranTech Inc.Onsite at DHHS\AHRQ05/00 – 10/01

Ø       Managed helpdesk for over 500 users.

Ø       Technical lead Windows 2000 migration.

Ø       Project lead for network migration to Windows 2000.

Ø       Supervised the testing and evaluation of Windows 2000 professional.

Ø       Engineered a secure Y2K compliant standard desktop solution for the Agency for Healthcare Research and Quality (AHRQ).

Ø       Technical Writing:  business cases, SOP’s and broadcast messages.

Ø       Provided support for:  desktops, network, users, executives, directors, junior and entry level technicians.

Ø       Responsible for training:  one on one and technical brown bag sessions.

 

Other Work History

 

Ø       System Analyst Onsite at DHHS\AHRQ02/99 – 05/00

Ø       Computer Specialist    Onsite DHHS\NIH05/95 – 02/99

Ø       Director of Online Operations  Aunet Inc.01/97 – 08/97

Ø       Computer Operator               Citibanksummer 1993

Ø       Desktop Publisher       University of Maryland05/93 – 09/92

Ø       Computer TechnicianUniversity of Maryland08/92 – 09/91

 

Education

Ø       Bachelors of Science in Cyber Security

Minor in Forensics (Expected)

University of Maryland, University CollegeSpring 2018

Ø       Bachelors of Science in Computer Science

University of Maryland, College Park1991-1993

 

Training

 

Learning Tree

Ø       ITIL v3 Foundations

Conferences

Ø       Security Survival Skills for Network Administrators

Ø       GOVSEC

Ø       Cyber Security

Ø       IT Governance

Ø       Certification and Accreditation Training Workshop

Ø       Leading the way in wireless government

Ø       Cloud Computing

Ø       Leadership Training

Ø       Tripwire

Ø       RSAM

 

 

Awards

 

Ø       Outstanding Performance Award(Trantech)

Ø       Certificate of Appreciation(AHRQ)

Ø       Presidential Medal(Presidential Council on Year 2000 Conversion)

Ø       Performance Awards(The Government Accountability Office)

Ø       Spot Awards(The Government Accountability Office)

Ø       Visionary Awardx2(The Government Accountability Office)

Ø       5 years of service Award(The Government Accountability Office)

 

References

 

Mr. Dennis Delrosario

Cell:  301-467-1839

E-mail:  Dennis.DelRosario@us.army.mil

 

Mr. Sobonna Ong

Cell:  240-888-3483

E-mail:  camvak@yahoo.com

 

               Mr. Felix Wang

Cell:  240-676-1642 

E-mail:  superfelixwang@gmail.com