HOON LEE
zkeepr@gmail.com
hoon.lee@leidos.com
hoon.h.lee2.ctr@mail.mil
8865 WillowWood Way
Jessup, MD 20794
(W) 301-225-5126(M) 301-318-8145(H) 301-497-6196
TECHNICAL SUMMARY:
Hardware:IBM Mainframe, Wang
VS, Siemens Server, Sun Server/Workstation, HP Server/Workstation, DEC Alpha,
Dell Server/SAN/Tape library, Net apps SAN, Compaq Server, Compaq PC/Laptop,
IBM Server/PC, Macintosh PC/Printer, Dell PC/Laptop, Panasonic Laptop, HP
Printer, Quantum Tape Library, EMC SAN, Cisco Router/Switch/Concentrator/UAC
Blade/Firewall, ADIC Scalar i2000 Tape Library, Blackberry/RIM Wireless
Handheld, LANTRONIX Console switch, Sun StoreEdge. Neopath Appliance, Brocade
SAN switch, IBM Blade Servers, Taclane Micro, Sidewinder firewall,
Aruba Wireless Controller, OpenGear, InfoBlox
Cisco UCS, Cisco ASA, PaloAlto Firewall, Juniper Storm, Cisco Nexus
5K, Juniper Firewall
Software:HP Openview,
Remedy, Dell Open Manage, Arc Serve, Galaxy CommVault QineTix, Network IT, MS
Back office, MS Exchange server, MS Internet Information Server, MS System
Management Server, MS SQL server, Oracle, Veritas Net backup, Veritas Volume
Manager, Norton Anti Virus Enterprise, MS Office, Oneview, Glink, What’s up
Gold, Security Expression, Internet Security Scanner, Eventlog Enterprise
Manager, Net Screen Remote, MS Security Configuration Manager, Enterprise
Security Manager, NetIQ, Hyena, Remote Registry Tool, Informix server, Cisco
Works, BMC Patrol, Blackberry Enterprise Server, VM Ware suits, VM Ware
Virtual Center, VM Ware P2V, Citrix Metaframe Server, Symantec Ghost,
DameWare, ScriptLogic, WinBatch, Languard, MS Cluster Administrator, Double
Take, RoboCopy, Lotus Notes, McAFee Virus scan enterprise, Microsoft
Operation manager, Computer Associate Desktop management Suits, Neopath,
AutoIT,
Install Watch Pro, Install Shield, Admin Studio, Thinstall, Data
Armor, Acronis, Windows Scripting Host, WMI, ADSI, VBScript, SafeNet DAR,
Safeboot DAR
IBM Blade Center, EM7, Nessus, Retina, RSA Archer eGRC Solutions,
Appdetective, Core Impact, SolarWind, IBM ClearQuest, MS SharePoint 2010, MS
SCOM, MS SCCM, MS SCM, HBSS, ACAS
Operating System:UNIX, LINUX,
SunOS, WangOS, Novell Netware, MS Windows 2000/2003/2008/2008R2 Server, MS
Windows NT Server, MS 2000/XP/7 Windows Workstation, MacOS, IBMOS2, Cisco
IOS, NetAPP DataOnTab. VMWare ESX/ESXi server
Protocol / WAN:Active Directory,
LDAP, NFS, DAFS, Fibre Channel Protocol, TCP/IP, IPSec,
NetBIOS/NetBEUI, File and Print Services for Microsoft Networks, IPX/SPX
compatible protocol, and PPP/SLIP, Remote Access Service, Dial-up Networking,
Virtual Private Networking (VPN), Terminal Services, IPP, X.25, ATM, ISDN,
802.1x, FCoE
Security:Defense-wide
Information Systems Security Program (DISSP), DoD Information Technology
Security Certification and Accreditation Process (DITSCAP), Defense
Information Assurance Certification and Accreditation Process (DIACAP),
Certification and Accreditation (C&A), Federal Information Processing
Standard (FIPS), Federal Information Security Management Act (FISMA), Trusted
Computer System Evaluation Criteria (TCSEC), FEDRAMP, SCAP, National
Institute of Standards and Technology (NIST) Special
Publication 800 series, Enterprise Security Architecture, Risk management
Framework(RMF), Risk Assessment, Authenticator management, Configuration
Management, Data Sanitization, Network interconnection security, Boundary
Protection, Incident Management, Patch management, Log Management, DISA FSO
STIGs, DISA FSO SRR, DISA SCAP tool, e-MASS, DISA VMS, PPSM, HBSS, ACAS
-
Extensive knowledge and experience in Cyber security
implementations and C&A process according to DIACAP/DISA/FISMA/NIST/RMF
standard.
-
Extensive knowledge and experience in Cyber security implementations and
Enterprise Risk Management process according to NIST Risk Management
Framework.
-
Extensive knowledge and experience in Cyber security implementations and
IA management, administration.
- Extensive knowledge and experience in applying Cyber security
principles, concepts, methods, standards and practices to develop and
interpret policies and strategies governing the operation of information
systems and networks.
-
Extensive knowledge and experience in developing Cyber security policies and
procedures to ensure information systems reliability and accessibility.
-
Extensive knowledge and experience in conducting risk and vulnerability
assessments throughout a system development lifecycle according to NIST
guideline.
-
Extensive knowledge and experience in advising and defining Cyber security
best practices, plans and policies to improve Cyber security incident
response and coordination.
-
Extensive knowledge and experience in working with virtual Infrastructure
using VMWare.
-
Extensive knowledge and experience in backup and recovery strategies,
Disaster Recovery.
-
Extensive knowledge and experience in supporting Microsoft Windows server
operating systems and Unix/Linux operating systems.
-
Extensive knowledge and experience in designing, implementing, and
maintaining Microsoft Windows Active Directory, and other core MS
infrastructure technology (DNS, DHCP, Wins, DFS, Group Policies, RDP,
Security, and TCPIP network).
-
Extensive knowledge and experience in supporting High Availability and
clustering with Storage Network technologies.
-
Extensive knowledge and experience in automating system administrative tasks
with scripting language.
CERTIFICATION:
· GIAC Certified Windows Security Administrator / GCWN(GIAC)2011
· GIAC Systems and Network Auditor / GSNA(GIAC)2011
· Certified Authorization Professional / CAP(ISC)22011
· Certified Information Systems Security Professional / CISSP(ISC)22008
· VMWare Certified Professional / VCP(VI3 Infrastructure)2008
· Microsoft Certified Systems Administrator / MCSA(Windows 2003)2008
· Security Plus / Security+(CompTIA)2008
· Cisco Certified Network Associate / CCNA(Cisco System)2002
· Microsoft Certified Systems Engineer / MCSE(Windows 2000)2001
· Dell Certified Systems Expert / DCSE(Master, SAN Cluster)2000
· Dell Certified Systems Expert / DCSE (Server)1999
· Dell Certified Systems Expert / DCSE (Associate)1999
· Microsoft Certified Systems Engineer / MCSE(NT 4.0)1998
· Microsoft Certified Professional / MCP1998
· Microsoft Certified Professional + Internet / MCP+I1998
· A Plus / A+(CompTIA)1997
· Compaq Certified Technician1996
· SIEMEN Server1996
WORK HISTORY:
LEIDOSColumbia,
MD
Sr. Application Security Engineer 2013 to Present
· Contracted on DOD DISA GCCS-J Project as a sr. application
security engineer.
· Supporting DOD DISA GCCS-J Project at DISA C2C PMO office
as a SME in DOD PPSM process.
· Supporting DOD DISA GCCS-J Project at DISA C2C PMO office
as a POC of DOD PPSM process.
· Supporting DOD DISA GCCS-J Project at DISA C2C PMO office
as a SME in DOD CCRI process.
· Supporting DOD DISA GCCS-J Project at DISA C2C PMO office
as a POC of DOD CCRI process.
· Supporting DOD DISA GCCS-J Project at DISA C2C PMO office
as a SME in security engineering.
· Supporting DOD DISA GCCS-J Project at DISA C2C PMO office
as a SME in RMF process.
Datum
SoftwareDuluth, GA
Risk Manager 2013 to 2013
· Contracted on DOD Joint Chief of Staff Cyber security
contract as a risk manager.
· Supporting DOD Joint Chief of Staff Cyber security process
such as security architecture risk
analysis, communication/network device security configuration risk analysis
and risk-assessment consulting.
· The duty includes application of the Risk Management
Framework (RMF), a review of the organizational structure, and the business
process/mission as the foundation for the implementation and assessment of
specified security controls, identifies vulnerabilities and countermeasures
and determines residual risks.
· Supporting DOD Joint Chief of Staff Cyber
security in Risk management support such as writing risk management plan
following the NIST risk management guide line.
· Supporting DOD Joint Chief of Staff Cyber
security in Risk management support such as writing risk management review
following the NIST risk management guide line.
· Supporting DOD Joint Chief of Staff Cyber
security in Risk management support such as writing risk management SOP
following the NIST risk management guide line.
EXCENTIUM
Inc.Falls Church, VA
Sr. Information Systems Security Engineer 2011 to 2013
· Contracted on DOD DHHQ BRAC Project as a Security
engineering lead.
· Supporting DOD DHHQ BRAC project in DIACAP process such as security architecture analysis, communication/network
device security configuration analysis and pre-assessment consulting.
· Supporting DOD DHHQ BRAC project in IA engineering support
such as assisting communication/network device security configuration, system
vulnerability scan and remediation, research vulnerability mitigation,
security control implementation.
· Supporting implementation and configuration of Cisco Unified
Computing System (UCS), VMware Virtualization, Storage architecture as a
converged network following BRAC guideline.
· Supporting enterprise data center security implementation
including Cisco Unified Computing System (UCS), VMware Virtualization, Storage
architecture, network convergence configuration.
· Supporting CNDSP selection as a IA engineering
consultant to review CNDSP Subscriber Services options for all CNDSP
services (Protect, Detect, Respond and Sustain).
· Consulting on implementation of CND technologies into the
operational environment in support of BRAC 198 project.
· Create assessment plan(s) for DHHQ Shared Services network
according to the requirements by DoD Directive
8500.2, “Information Assurance (IA) Implementation”.
· Perform IA assessment test(s) for DHHQ Shared Services
network according to the
requirements by DoD Directive 8500.2, “Information Assurance (IA)
Implementation”.
· Create IA assessment report(s) for DHHQ Shared Services
network according to the
requirements by DoD Directive 8500.2, “Information Assurance (IA)
Implementation”.
· Create assessment plan(s) for DHHQ Army OTSG Enclave
network according to the
requirements by DoD Directive 8500.2, “Information Assurance (IA)
Implementation”.
· Perform IA assessment test(s) for DHHQ Army OTSG Enclave
network according to the
requirements by DoD Directive 8500.2, “Information Assurance (IA)
Implementation”.
· Create IA assessment report(s) for DHHQ Army OTSG Enclave
network according to the
requirements by DoD Directive 8500.2, “Information Assurance (IA)
Implementation”.
· IA support on NBIMC network in Navy Medical
Center / Walter Reed Medical Center
Softek
International Inc.Edison, NJ
Cyber Security Information Specialist 2010 to 2011
· Contracted on USA DOE NNSA Cyber Security support Project
as a C&A lead.
· Supporting NNSA network/sites C&A efforts.
· Supporting NNSA OCIO Cyber Security effort following the
shift on FISMA reform according to NIST Risk management Framework with
continuous monitoring.
· Reviewing, updating, and revising current NNSA Cyber
System Security Plan (CSSP).
· Reviewing, updating, and revising current NNSA Security
policy (NAP) on NNSA Cyber Security baseline.
· Reviewing, updating, and revising current NNSA Security
policy (NAP) on NNSA C&A process.
· Creating new risk management and cyber security standards
drafts as a member of Cyber Security reform group to be coordinated with the
NNSA sites and labs.
· Reviewing, updating, and revising current (AS-IS) NNSA
security architecture/Risk management/Enterprise network security on secrete
networks (NSAN/NESAN/ESN).
· Creating proposal plan draft (To-Be) on NSAN Enterprise
Security Architecture.
· Creating guideline draft on Site Specific Management Plan
(SSMP) to decrease current number of Information System Security Plan (ISSP)
and for streamlining current C&A process of NNSA site systems according
to NIST Risk management Framework with continuous monitoring.
· Assisting security activities and admin/configure network
border protection devices on NNSA secrete networks (NSAN/NESAN/ESN).
ASD
INC.Arlington, VA
Network Operation Center / Engineering Team Lead2009 to 2010
· Contracted on USA DOD WHS ITMD support Project.
· Provide managed windows infrastructure based engineering
support in a high-energy environment maintaining a broad range of
technologies on a 4,000 plus users network spread across multiple domains and
wide area of office divisions as an Engineering and Network Team Lead.
Network has 450 plus primarily Windows 2003 servers and large ESX 3.5 VMWare
infrastructure mostly on IBM blades connected to an EMC SAN cluster backend
with Autostart real time fail over to remote and COOP site on mission
critical environment which also consists of many Unix and Linux enterprise
servers.
· Provide lead engineering support in immediate environment
over a team of 14 other Engineers. Worked as the primary liaison between
customers / government / management and the technical staff.
· As an Enterprise Systems Manager, also responsible for
presenting plans and solutions to government, providing documentation
including project plans, diagrammed and detailed written plans and SOPs for
new technologies.
· Guided engineering staff for plan and implement HBSS
rollout.
· Guided engineering staff for plan and execute IAVA
remediation effort.
· Guided engineering staff for plan and execute C&A
effort.
· Guided engineering staff for plan and execute patch
management effort.
· Assist IA team for the overall network security.
· Managed engineering team and distributed workload and
projects amongst appropriate personnel. Regularly presented progress and
results to contractor and government staff. Followed SLA and other contract
related documentation to insure all aspects of NetOps were being managed
properly.
ASD INC.Arlington, VA
SR. Systems Engineer2007 to 2009
· Contracted on USA DOD OSD PAE IT support Project.
· Provide managed windows infrastructure based engineering
support for design and implementation of Windows servers in Active Directory
environment.
· Provide research and development support for
Desktop/Network/Operation engineering.
· Document technical and implementation solutions
· Provide information security assurance support for the
C&A according to DOD guidelines.
· Provide IAVA remediation effort.
· Provide patch management effort.
· Assist IA team for the overall network security.
WFI NetAlexandria, VA
SR. Systems Engineer2004 to 2007
· Contracted on US Federal government GSA DMS Network
Maintenance Project.
· Provide managed windows infrastructure based engineering
support for design and implementation of Windows servers in Active Directory
environment.
· Provide managed UNIX / Linux infrastructure based
engineering support.
· Document technical and implementation solutions
· Provide security assurance support according to Federal
guidelines, administer and maintaining network/system security level with
Federal guide.
· Responsible for installation, maintenance, repairs, and
upgrade of all server/network equipment and peripherals residing on GSA DMS
AD/NT/Sun Network.
· Design and plan data migration on Network appliances from
Dell SAN.
· Install / configure and maintained Network appliances
(NetAPP NAS).
· Install / configure and maintained Network appliances
(Neopath Solution).
· Design and plan data recovery using Arc Serve on ADIC
Scalar i2000 Tape Library.
· Install / configure Cisco and Check Point VPN Client.
· Install / configure and maintained Dell SAN and Arc Serve
data backup/restoration.
· Initialize and install multiple server environments for installing
shield and batch processes.
· Design and plan data recovery on Network appliances for
COOP.
· Configure / Installed software and Operating Systems
Updates and Hot Fixes.
· Design and Install / configure IT infrastructure
virtualization with VM Ware suits, Virtual Center, P2V converter.
· Provide information security assurance support for the
C&A according to federal guidelines.
· Provide IAVA remediation effort.
· Provide patch management effort.
· Assist IA team for the overall network security.
Advanced Resource Technology INC.Alexandria, VA
Network Engineer2004 to 2004
· Contracted on US DOD WHS COOP (Continuation of Operations)
Project.
·
Plan and
Coordinate implementations of WHS (Washington Headquarter Service) IT COOP.
· Design, deploy, and manage Enterprise Systems in a Windows
2003 Server environment plan and tested the solution for WHS Active Directory
migration.
· Plan and Coordinate implementations of WHS Enterprise
Initiatives such as Remote site functions (VPN, Citrix, BES, Remote
printing), Active Directory and Exchange Migration/Consolidations, Disaster
Recovery plan/test Enterprise Backup Solution.
EgovernmentWorksSouthborough, MA
Sustaining Engineer2003 to 2004
·
Contracted on US
DOD Reserve Component Automation System Project with SRA INC.
·
Built server
Farm and Installed /configured suite of COTS/GOTS applications on USANG
sites.
·
Installed and
configured RCAS/AITS software suits on USANG sites.
·
Designed and
planed data recovery using Veritas NetBackup on each site’s network.
Intellidyne LLC.Falls Church, Virginia
Systems Engineer2001 to 2003
· Contracted on US DOD TMA Network Maintenance Project.
· Maintained 50 plus servers/network devices and providing
tier3 support for help desk request.
· Provided security assurance support according to DISA
guidelines (DITSCAP), administer and maintaining network/system security
level with DOD guideline.
· Installed Cisco routers and switches.
· Design and plan data recovery on Network appliance for
Exchange servers.
· Install/configure and maintained Network appliance for
Exchange servers.
· Design and plan data recovery using Arc Serve on Dell(EMC)
fibre channel Storage area network and tape library.
· Install/configure Cisco and Check Point Firewall
· Install/configure and maintained Dell SAN and Arc Serve
data backup/restoration.
· Provide information security assurance support for the
C&A according to DOD guidelines.
· Provide IAVA remediation effort.
· Provide patch management effort.
Cybertech Group Inc.Oxon
Hill, Maryland
Systems Engineer2000 to 2001
· Contracted on US DOD TMA Network Maintenance Project.
· Provided security assurance support according to DISA
guidelines (DITSCAP), administer and maintaining network/system security
level with DOD guide.
· Maintained 50 plus servers/network devices and providing
tier3 support for help desk request.
· Installed Cisco routers and switches.
· Design and plan data recovery using Arc Serve on Dell(EMC)
fibre channel Storage area network and tape library.
· Install/configure and maintained Dell SAN and Arc Serve
data backup/restoration.
· Initialized and installed multiple servers for installing
shield and batch processes.
· Configure/Installed software and Operating Systems Updates
and Hot Fixes.
· Troubleshoot network issues dealing with VPN and Dial-up.
Developing accounts for users in an NT domain and in MS Exchange.
· Assisted supporting network infrastructure consisting
Netbackup, Backup Exec, Exchange 5.5 Servers and clusters, Cisco routers,
switches and hubs. .
· Assisted in a consolidation effort to a TCP/IP exclusive
environment by integrating the functions of DHCP, WINS, and DNS.
· Provide information security assurance support for the
C&A according to DOD guidelines.
Wang GlobalMcLean,
Virginia
Client/Server
Resource Engineer1996 to
2000
· Contracted to the US General Accounting office in a
Project Maintenance and support for GAO internal Network.
· Contracted to the U.S. Alcohol Tobacco Firearm in a
Project Maintenance and support for ATF internal Network.
· Contracted to the U.S. Department of Education in a
Project Maintenance and support for Department of Education internal Network.
Honeywell Federal
System Inc.Herndon, Virginia
Field Service
Engineer1991 to
1996
· Provided field engineering support for GTSI/Dell/Hughes
contract – Traveled to various government user sites to troubleshoot/repair
any computer and network problems.
U.S. ArmyFt. Lee,
Virginia
Medical Specialist1980 to 1983
· Performed the various medical duties at the Army Hospital.
EDUCATION:
BS/Computer Science George Mason
University2000 / Incomplete
TRAINING:
· DISA ACAS TrainingDISA (Virtual Training)2014
· DISA HBSS TrainingDISA (Virtual Training)2014
· DISA E-MASS training for DIACAPDISA (Arlington, VA)2013
· Auditing Networks, Perimeters, and SystemsSANS Inst.
(Virtual Training) 2011
· Securing Microsoft Windows SystemSANS Inst. (Washington,
DC) 2010
· CAP with Risk management Framework(ISC)2 (Vienna, VA)2010
· Administering MS infrastructure with VBscriptLearning Tree
(Reston, VA)2008
· Desktop Authority TrainingScriptLogic (Arlington, VA)2008
· Deploy,Secure,Analyze VM
Infrastructure VMWARE (Tampa, Florida)2008
· Managing and Implementing VM Infrastructure VMWARE.
(Washington DC) 2007
· Sun Solaris 10 administration.Sun Training (Baltimore)2006
·
Administering Lotus Notes 6ICI Inc. (Washington DC)2005
· Administering/Maintaining Win Server
2003 ICI Inc. (Washington DC)2005
· Dell SAN/ClusteringWang/Dell (Billerica, Ma)2000
· Dell Server Wang/Dell (Billerica, Ma)1999
· MS Exchange ServerWang Global (McLean, VA)1998
· Supporting Windows NTWang Global (McLean, VA)1997
· UNIX SystemWang Global (McLean, VA)1996
· Networking/InternetworkingWang Global (McLean, VA)1996
· Wang Virtual SystemHoneywell (Herndon, VA)1995
· SIEMEN ServerSIEMEN (Anaheim, Ca)1995
· Compaq SystemHFSI (McLean, Va)1995
MISCELLANEOUS:
· Secret clearance / Top Secrete clearance / DOE Q clearance
/ SCI Clearance (in process)
· US Army Veteran
· References can be provided upon request.