GEORGE E. LETT

Springfield, VA 22153

Cell 317-437-5080

lettgeorge@gmail.com

SUMMARY OF QUALIFICATIONS

Active Top Secret Security Clearance (TS/SCI), and Counter Intelligence (CI) Polygraph.

CAREER PROFILE:  Accomplished leader, manager and team builder with almost 27 years of experience in the military and defense industry.  Successful program manager within the DoD Cybersecurity field; retired U.S. Naval Crypto Communications Petty Officer with more than 25 years of experience as an Information Systems Program Manager, Operations Manager, Senior Security Engineer, Information Assurance, Information Security Analyst, and Information Technology Technician.

 

Experienced in creating Current State Analysis (e.g., data flow diagrams, business problem statements, cost-benefit analysis, and business process flow diagrams) Solution Proposal (e.g., FRD, mock-ups, needs analysis, conceptual design doc, business process flow diagrams, cost-benefit analysis, and business impact analysis).

Cyber security, intrusion detection, network security analyst, and information assurance manager expert with 21 years of hands on experience in test & evaluation, software code checking, security policy, operational requirements, system security, information assurance (IA)and system requirements processes, procedures, DoD Security Technical Implementation Guides (STIGs), certification, scanning, performance metrics and life cycle management.

 

In-depth knowledge and experience with the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP), Intelligence Community Directive 503 (ICD 503), DoDI 8500.01, DoDI 8510.01, Director of Central Intelligence Directive 6/3 (DCID 6/3, Security Technical Implementation Guide (STIG), National Institute of Standards and Technology (NIST 800-53).

Experienced in monitoring, troubleshooting and implementing IDS and IPS Cyber network security tools, such as (Wire Shark, ArcSight, CENTAUR, HBSS, Retina, What's Up Gold and Solar Winds).

 

Vast understanding of Network Infrastructure to include, but not limited to AWS, Windows Azure, F5 Load Balancers, Riverbeds, SANs, KG-250s, Fastlanes, Taclanes, KIV-7s, Catalyst Switches, Cisco Routers, Catalyst, Access Control Systems (ACS) Video/Audio Teleconferencing, Cisco and AVAYA VOIP phones setup. Troubleshooting Dell, HP, Microsoft Operating Systems Windows NT, 95, 98, ME, 2000, XP, Vista, 7, and Server 2003, 2008, 2010, 2012 Client Architecture.

Citrix Thin Client Server Administration, Microsoft servers, SCCM, ISSE, OASIS, Remedy, Hyper-V, and VMware.
 

PKI management, creation, and validation of certificates experience.

 

Coordinated with the development team to create appropriate cloud solutions for client needs.

 

Keystore management, certificate authority operation, and hardware security modules (HSM) experience.

SUMMARY OF KEY SKILLS / ABILITIES

Program management level leadership qualities, organizational, coordination skills, detailed oriented, excellent interpersonal skills, customer service oriented and great team building skills.

Self-motivated, reliable, flexible, professional, competent, and able to set effective priorities to achieve immediate and long-term goals and meet operational deadlines. Ability to assess needs, analyze and solve problems.

Credited with ethics and character of the highest caliber; passionate about Cyber Security, thus giving 100% effort, performs Cyber Security research keeping abreast of current trends, and inspiring subordinates and associates to the same level of performance.

Confident, dependable, and team player with 20 years of extensive and diverse experience in information technology management that includes the following skills project management, architecture, design, budgeting, briefing, analyzing, and customer service.

 

Performed periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.

 

Prepared incident reports of analysis methodology and results.

 
Maintains current knowledge of relevant technology as assigned. 

PROFESSIONAL EXPERIENCE / ACCOMPLISHMENTS

Senior Network Security Engineer November 2012 to Present

V1 Analytical Solutions, Springfield, VA

 

Essential member of the Cross Domain PMO team that manages the Enterprise Perimeter Defense and the Enterprise Cross Domain Service (ECDS) which involves reviewing Requests for Change (RFCs), Engineering Change Proposals (ECPs) and advising the Government on technical security subjects. As well as ensuring Cyber Security/Information Security policies and directives are upheld in information technology (IT) acquisition programs within the National Geospatial Agency (NGA). Applies the following policies, guidelines, and standards to Security Engineering projects and activities:

 

General Policies and Guidance

Intelligence Community Directive (ICD) 503

DCID 6/3: Protecting Sensitive Compartmented Information within Information Systems

CJCSI 6510.01E: Information Assurance and Network Defense

DoD Information Assurance Certification and Accreditation Process (DIACAP)

NIST Risk Management Framework SP800-37 Governing Policies

DoD Directive 5200.1: DoD Information Assurance Security Program

DoD Instruction 8500.2: Information Assurance (IA) Implementation

Deputy Secretary of Defense for Cyber, Identity and Information Assurance (CIIA)

Intelligence Community Joint Architecture Reference Model (JARM)

Intelligence Community Information Assurance (IA) Architecture

GEOINT Reference Architecture (GRA)

Cross Domain Engineering Support

Subject Matter Expert (SME) in PKI related issues

 

Provides risk mitigation recommendations to improve security practices for the NGA Enterprise.

 

Attends regularly scheduled weekly system development technical meetings involving Preliminary Design Reviews (PDR), Cyber IPT, Cross Domain Security Engineering (CDSE), Critical Design Review (CDR), Interim Progress Review (IPR), Test Readiness Review (TRR), Baseline Acceptance Testing (BAT), and Post Test Reviews (PTR) for the Cross Domain PMO Program.

 

Member of the NGA Enterprise Cross Domain Service (ECDS) program, which includes NGAs Certification and Accreditation requirements, consolidation, and Department of Defense Intelligence Information System (DoDIIS) / Combatant Command (COCOM) support efforts.

 

Supports the ECDS program management office in the certification and accreditation (C&A) requirements needed for systems engineering activities. Participates in the creation, management and resolution of Engineering Change Requests (ECRs) and Work Requests (WRs) that includes attending review boards for approval of the ECRs. Provides security engineering support for technical implementation of security solutions comprised of COTS, FOSS, and custom products.

 

Develops security testing and evaluation plans to conduct system certification testing and consolidation of existing systems into the NGA Enterprise solution. Applies security standards, principles, theories, concepts and techniques in order to solve complex engineering problems for the agency.

 

Established the development of user training guides ensuring customer involvement and understanding in all aspects of Cyber Defense and Information Assurance (IA) on all of the NGA Enterprise networks.

Operational manager for over 50 programs to include planning, tracking, status reports, benchmarking, tracking trends, and documenting from initial phase to completion.

 

Performs Computer Security Incident Response activities for a large organization, coordinates with other government agencies to record and report incidents.

 

Monitors and analyzes Intrusion Detection Systems (IDS) to identify security issues for remediation.

 
Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.

 

Evaluates firewall change requests and assess organizational risk. 

Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.

 

Assists with implementation of counter-measures or mitigating controls. 

Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.

 

Participates in special projects as required.

 

Systems Administrator January 2012 to October 2012

GDIT, Stuttgart, Germany

Performed tasks required on a continual basis (e.g., system backups, disaster recovery, and end-user file recovery) to keep U.S. military Command, Control, Communications, and Computer (C4) network devices, servers, systems (e.g., Global Command and Control System, video teleconferencing (VTC) systems, Joint Operations Planning and Execution System, Requirements Development and Analysis system), and end-user workstations functioning correctly.

- Analyzed and administered system software (e.g., Network Information Service, Domain Name System, Network File System, Microsoft Active Directory Services) used to make network routers switches, servers, and workstations function properly.

- Ensured appropriate access for end-users to C4 data and applications programs. This is accomplished by monitoring end-user and workstation access privileges to the C4 Network resources and by validating end-user preferences, data, security, and accessibility to the system.

- Analyzed complex C4 problems which involved the interaction of different software applications, computer hardware/software, multimedia hardware/software, computer-controlled projection systems, video switching equipment, television cameras, monitors, video teleconferencing, and other visual information systems and recommended alternative solutions for correcting the problems.

- Monitored the effectiveness of end-user C4 hardware and software. This includes evaluating system operation and identifying potential problem areas before they became catastrophic.

- Analyzed and administered databases such as Oracle, Sybase, and other various E-mail Systems.

 

- Evaluated network security by running scans in accordance with EUCOM/AFRICOM IA level security requirements.

- In concert with System Engineers, conducted C4 upgrade projects and extend existing systems to support new locations or functionality.

- Participated as a member of integration teams to install new U.S. military C4 system networking and audio-visual/video teleconference (AV/VTC) hardware and software on existing classified and unclassified networks, including full-range testing of the old and new components to make sure that they work together well, that they performed the function they are designed to perform, that they can be supported after they are installed, and that they can be expanded when the military mission requires it.

Reason for leaving: End of contract.

System Administrator December 2010 to December 2011

Manila, Philippines, AC4S

- Responsible for the Tier I/II systems support for laptops and servers connected to LAN/WAN at three forward deployed customer sites. Primary duties include configuring, installing CAT 5/6/Fiber cables, maintaining and troubleshooting; NIPRNET, SIPRNET, and JWICS Windows 2003 servers and Windows Panasonic Tough Books, to include ensuring data recovery (backup and restore) procedures are completed in a timely manner. Other duties include scheduling and maintaining connectivity for high visibility VTCs, Information Assurance (IA) Management: proactively securing information systems, updating virus database signatures, monitoring for and deploying IAVAs to remediate network vulnerabilities and software/hardware/application installation/upgrades.

 

- Evaluated network security by running scans in accordance with SOCOM IA standards and compared results against DISA Standard Technical Implementation Guides (STIGS) and reported IA information and alerts.

Reason for leaving: End of contract.

Computer Information Systems Analyst August 2010 to November 2010

United States, DISA, Scott AFB, IL

- Performed network vulnerability analysis and reporting, network security monitoring and analysis, identified suspicious and malicious activities, identified and tracked malicious code (including worms, viruses, trojan horses, etc…), entered and tracked events and incidents. Supported incident escalation and assesses probable impact and damages, identified damage control, assisted in developing course of action and recovery procedures.

Information Technology Technician March 2010 to August 2010

United States, RSU23, Saco, ME

Technical Support

- Performed network scans using various Anti-virus programs (ie. ClamWin, Norton, McAfee, and Threatfire). Experienced in removing worms, trojans, malware, spyware and viruses on Apple and Windows Operating Systems.

- Monitors and analyzes networks with Sonic and Cisco PIX firewall hardware.

- Provide hardware and software support to over a thousand users in the RSU23 combined three city school systems.

- Support network upgrades to include Cisco routers, firewalls and switches.

- Maintain three Microsoft Windows Servers running Windows 2003 and 2008 server operating systems.

- Daily maintenance on IMAC laptops, PC desktops and laptops.

Network Engineer short term contract August 2009 to December 2009

United States, Zenetex, Herndon, VA

Networks

- Implemented the most current Next Generation Network (NGN) hardware. Providing new functionality and modifying services at existing and new FBI locations.

- Updated and replaced Cisco routers, switches and Type-1 network encryption equipment (TACLANE Mini and Micros) for approximately 700 FBI offices.

- Performed site surveys to determine and document installation site requirements.

- Created detailed site bill of materials listings based on site requirements.

- Performed equipment staging, prior to equipment shipment to installation location.

- Completed the installation of network encryption, routing, switching, NSANET and associated equipment.

- Performed testing functions in support of implementation to ensure proper operational capabilities.

Systems Administrator April 2007 to April 2009

United States Navy, COMUSNAVCENT, Manama, Kingdom of Bahrain

Information Assurance

- Implemented the most current Information Assurance Vulnerability Alert (IAVA) patches for over 150 Microsoft Windows client workstations and six Microsoft Windows servers.

- Lead the divisional Information Assurance Vulnerability Management (IAVM) program.  Responsible for the routine Retina network scans and reports. Scanned and updated desktop PCs on networks using Norton Anti-virus software.

- Developed security test plans to conduct system certification testing for network vulnerability assessments and security test reports for DAA.

 

- Maintained certification and accreditation documentation in accordance with COMUSNAVCENT directives.

 

- Provided network security risk recommendations to increase network security to senior officers.

 

- Supported COMUSNAVCENT DIACAP policies.

- Assisted in developing security/IA policies, procedures and standards to support the security posture for the network.

- Performed, reported and identified vulnerability scans on network using Retina Network Security Scanner, and reported to the Lead Middle East Top Secret/SCI Information Assurance Officer.

Help Desk Management

- Ensured repairs for hundreds of computer trouble tickets supporting over 200 users.

- Instituted system that streamlined efficiency and enhanced customer service.

-Coordination and scheduling of Flag level Video/Audio Teleconferences

- Supported without incident over 500 hours of mission critical Top Secret/Special Intelligence conferences.

- Experience includes ping, trace-route, cache-flow, broadcast address schemes, and VPNs. Understands the basics of voice and video equipment configurations for Tandberg, Cisco Call Manager and or similar equipment suites, and familiar with BGP, ISIS, MPLS, H.323, MGCP, and SCCP protocols.

-Department of Defense Intelligence Information System (DODIIS) Access Security Officer for Commander US Naval Forces Central Command

- Implemented and enforced Public Key Infrastructure (PKI) procedures for Joint World-wide Intelligence Communications System (JWICS) users.

Network Administration

- Developed and implemented standard operating procedures on basic and advanced network administrative functions.

System backup, maintenance and site upgrading

- Coordinated migration of complete network upgrade for Windows servers, Cisco routers, and Omni-switches, using VERITAS Backup Exec Software.

- Migrated Microsoft Windows NT to Microsoft Windows 2000 Server environment. Completed upgrade of infrastructure consisting of six servers and over 200 end user hardware; eleven (11) days before project deadline.

- Restored Microsoft Exchange Server from fatal system crash with disaster recovery procedures; 100% restoration.

Microsoft Windows Server Administration

- Maintained the NAVCENT commands server network with Windows Server 2000, Microsoft Active Directory and Microsoft Exchange database for over 275 users.

- Implemented network security rules and conditions ensuring all Department of Defense security regulations were implemented; zero security violations.

Publications & Software Management

- Reduced man hours by maintaining and updating all manuals and Standard Operating Procedures to current gear specifications and Navy regulations.

Reason for leaving: Retired from Navy after 20 years of honorable service.

MILITARY EXPERIENCE:

June 1989 to July 2009

EDUCATION HISTORY:

B.S Information Systems Degree, Graduated September 2009, University Of Phoenix

Masters of Information Systems Degree, Graduated September 2013, University Of Phoenix

Certifications:

MCSE 2008

ITIL V3 Foundations

CompTIA A+ (CE)

CompTIA Network+ (CE)

CompTIA Security+ (CE)

REFERENCES:

Mr. Darnell Harvin, Senior Intel Analyst, BAE 757-675-0071

Mrs. Amanda Conrad, Senior Security Analyst, Walmart 501-538-5203

Mr. Jermaine Thomas, Senior Network Security Engineer, S2 202-674-1664