Senior Security Specialist Resume
CAREER SUMMARY
Security professional with unique experience leading people, implementing and overseeing security activities, implementing audit compliance, and administering security policies. Possess thorough understanding of information security network and system security technologies and practices across major-computing areas. Fifteen plus years experience in planning and directing information technology activities that provide innovative solutions while addressing information security regulatory compliance requirements. Currently holds active Top Secret Clearance.
PROFESSIONAL CERTIFICATIONS
Certified Information Systems Security Professional, (CISSP)
Certified Information Security Manager, (CISM)
National Security Agency's IAM INFOSEC Assessment Methodology, NSA-IAM
TECHNICAL TRAINING:
National Security Agency INFOSEC Assessment Methodology (IAM) ( hours)
COBIT audit & Control Objectives ISACA ( hours)
IBM Tivoli Business Partner Training, June ( hours)
XYLAN ATM Switch Training, October ( hours)
Novell Instructor Training, Herndon Virginia, February ( hours)
DITSCAP Certification & Accreditation training XACTA Oct ( hours)
Business Recovery and Business Continuity Training, IT Alliance ( hours)
EDUCATION:
Master of Science IT (Research - Wireless Security), East Carolina University May
Bachelor of Science Business, Park College Dec
Associates of Science in Business, Sinclair Community College Dec
SPECIFIC WORK/TASK EXPERIENCE:
Science Applications International Corporation (SAIC), Beavercreek OH
Information Security Engineer June – Present
• Provides information security (INFOSEC) engineering, certification and accreditation and analysis for Defense Logistics Agency.
• Performs and analysis of planned and operational system security architectures.
• Ensuring secure design and developing and reviewing security requirements and specifications; developing security policies, procedures and plans.
• DoD Controls analysis
• Conducting Certification and Accreditation (C&A) activities.
• Serves as lead for security test and evaluation team activities to include, Retina scanning, Gold Disk, SRR Unix scripts.
ManTech Security and Mission Assurance
Security Manager June – June
• Responsible for oversight and support the overall security related activities related to multi-level secure architecture to include overall threat/risk assessment, and audit compliance activities.
• Mapping complex multilevel security processes, identifying and testing manual and systemic controls and evaluate the relevance of key controls with mitigating significant risks.
• IT Audit using COBIT's security baseline principles to bring legacy systems into compliance.
• Created transition plan from DCID / to JAFAN / for PL and PL systems.
• Created plan to implement SenSage enterprise audit compliance tool.
• Worked with National Security Agency (NSA) to determine certification, test, and evaluation (CT&E) criteria for F/A- modernization of the Air Vehicle (AV).
• Prepared policies and procedures for downgrading and declassification of data and electronic media.
Sinclair Community College, Dayton OH -Present
Part Time Instructor, Computer Information Systems department
• Instructed courses in the following:
o CompTIA Security +
o Web Server Security & Maintenance
• Developed the following courses
o Web Server Security & Maintenance
Haverstick Consulting
Senior Security Consultant Nov , – Jun ,
• Lead the planning and execution for security tasks to ensure the business objective of the project is in compliance with the proper regulatory requirements to include NIST special publications and NIST FIPS .
• Performed architecture specific analysis for interoperability connection compliance (Firewall Port Exception requirements).
• Provide system security architecture development and documentation to include, site test plans, threat/vulnerability/risk assessments, security and awareness.
• Develop and prepare plans for Disaster Recover (DRP) as input to DITSCAP. Prepare supplemental technical papers including technical solutions and security requirements.
• Developed plans and guidelines for Windows , Oracle i, and Solaris scripts to mitigate vulnerabilities found using DISA STIG/SRR reviews.
• Performed security assessments for Windows , Oracle i, and Solaris to mitigate vulnerabilities found using DISA STIG/SRR reviews.
Senior Network Engineer
Analytical Systems Engineering Corp. –
• Solely responsible for the design and implementation of an ATM network to include multiple sites. Current project value around million dollars.
• Conducts feasibility studies, analyzes the infrastructure, and calculates circuit requirements for network infrastructure.
• Recent research project completed for a remote access solution for WPAFB using K technology.
• Determines network cost schedules, installation, and design schedules.
• Documented CISCO router configuration.
• Determined Barrier Reef requirements for firewall placement with a remote access project.
Senior Network Engineer
Computer Sciences Corp., Dayton OH
• Member of a team responsible for the design and implementation of a Windows NT network to include multiple sites.
• Determines network cost schedules, installation, and design schedules.
• Responsible for the administration and day-to-day upgrades for a Novell . network.
• Performed basic CISCO router configuration.
• Member of a team responsible for the design and implementation of a Windows NT network to include multiple sites.
• Determines network cost schedules, installation, and design schedules.
• Responsible for the administration and day-to-day upgrades for a Novell . network.
• Performed basic CISCO router configuration.
Network Engineer/Instructor
BlueChip Computers, Kettering OH –
• Solely responsible for the design and implementation of an Ethernet networks to include multiple sites.
• Conducts feasibility studies, analyzes the infrastructure, and calculates circuit requirements for network infrastructure.
• Determines network cost schedules, installation, and design schedules.
• Taught classes in introduction to networking, Novell NetWare .x, .x administration, advanced administration, and installation and configuration.
Network Support Engineer
LOGTEC, Fairborn OH
• Taught classes in introduction to networking, Windows ., Microsoft Mail ., Microsoft Word, and Excel.
• Developed customized courseware for NCR Corporation. Copyright Manual for MS Exchange.
Network Support Analyst
Frontier Engineering Inc, Fairborn OH
• As a Network Support Analyst provided ongoing support as Novell Administrator for a -user NetWare . network.
• Provided ongoing software and hardware support for NetWare, Lotus --, and Word Star.
National Tag Company, Fairborn OH
Network Support/Programmer
• Installed and maintained Magna Desktop Publishing Software.
• Provided necessary project management support for to implementation of a printing project.
• Developed and programmed an order entry system for a turn key solution using FoxBASE and dBase+ programming
• Wrote a series of front-end menus for a turnkey system using dBase + and FoxBASE language.
Valcom Learning Center, Dayton OH
Instructor
• Taught classes WordPerfect, and Enable software, and Introduction to computers.
PROFESSIONAL PUBLICATIONS:
Greater Dayton IT Alliance, Technology First, November issue
“Locking down your home wireless network”
PROFESSIONAL ORGANIZATIONS:
ISACA, Information Systems Auditing & Control Association
ISC, International Information Systems Security Certification Consortium
ISSA, Information Security Systems Association
IIA, The Institute of Internal Auditors
HARDWARE:
PC’s, Sun, HP, Dell, Compaq, VAX, DEC, Gateway, servers, routers, ATM/Ethernet switches, and indirect experience with all types of hardware components
