Sunteți pe pagina 1din 3

Information Security Professional

SUMMARY
* 15 years of Project Management and Information Security experience
* Active DoD Security clearance (Secret) as well as ISA/TS/SI/TK/G
* Master of Business Administration (MBA) specializing in international business
* Master of Project Management (MPM)
* Master of Information Systems Management (MISM) specializing in information se
curity
* Academic and professional certifications include CISSP, CISM, CISA, IAM, IEM,
Information Assurance, Project Management, and e-Commerce Management
* Experience in various C&A disciplines including NIST, DIACAP, and CNSS; adhere
nce to FISMA and OMB mandates
* Working knowledge of Checkpoint, Symantec, and SonicWall Firewalls, Intrusion
Detection Systems (IDS), VPN, SSL, Trend Micro and Symantec AntiVirus Enterprise
Edition, HFNetChkPro, NetIQ, and FoundStone
* Experience with RETINA, DISA Gold Disk, DISA STIGS and SRR, as well as intrusi
on detection devices, phishing ploys and protection, data backup, recovery, arch
iving, and retention; business recovery and business continuity planning and tes
ting
AREAS OF EXPERTISE
* Information Systems and Security Programs
* Information Security Needs Assessment and Planning
* Policy Planning
* Information System Security Mechanisms
* Disaster Prevention and Recovery Planning
* Security Compliance, FISMA, DIACAP & CNSS
* Computer Hacking and Forensic Investigation
* Ethical Hacking and Counter Measures
* Security Analysis, Design and Architecture
* Penetration Testing
PROFESSIONAL EXPERIENCE
Confidential, Silver Spring, MD, USA (2003 - Present)
Senior Information Security Consultant
* Established and maintained a corporate-wide information security program to en
sure that information assets are adequately protected
* Managed the enterprise's security projects, consisting of direct reports and o
ther members of the technical information security team, including hiring, train
ing, staff development, performance management and annual performance reviews
* Developed policies and procedures to safeguard information and systems, and ad
vised user departments in appropriate security processes and procedures. Ensured
compliance with government and industry requirements
* Successfully managed a 5 year contract providing IT Security consulting servic
es for the Executive Office of the President in Washington DC. Improved system
security with active vulnerability assessments and adherence to FISMA and NIST g
uidelines as well as government mandates
* Successfully managed a multimillion dollar contract for Certification and Accr
editation of client's network that included transitioning from DITSCAP to DIACAP
and CNSS
* Implemented integrated situational awareness and management, field business re
sumption, and disaster recovery efforts
* Coordinated clients' efforts in planning for stabilizing incidents and protect
ing life, property, and the environment, while maintaining operational capabilit
y
* Developed Crisis Management documents and Standard Operating Procedures to sup
port and manage crisis events
* Developed a comprehensive training, exercise, and test program to ensure incid
ent response readiness of the organization
* Led vulnerability assessments against emerging technology in a fast paced, hig
h visibility environment
* Identified potential risks to critical information through assessments of oper
ating systems, web applications, networking devices and other technology
* Developed a physical and data security plan to ensure the technical and physic
al safeguarding of agency and participant/beneficiary information, including pre
cautions to prevent the misuse of data
* Performed risk assessments to identify threats to security, ensuring that data
, systems, and databases are protected from unauthorized users
* Participated in security investigation and implementation of corrective action
s
* Interacted with the applications security and networking team members to ensur
e adequate security measures are implemented and maintained
* Provided security process improvement guidance to client's team leaders
* Identified, implemented, and tracked security metrics for client's operations
Confidential (1999 - 2003)
Internet Banking Project Manager
* Successfully implemented a multi-million dollar Internet banking project for t
he Bank using PRINCE II methodology
* Directed and managed project development from beginning to end
* Defined project scope, goals, and deliverables that support business goals in
collaboration with senior management and stakeholders
* Developed full-scale project plans and associated communications documents
* Effectively communicated project expectations to team members and stakeholders
in a timely and clear fashion
* Liaised with project stakeholders on an ongoing basis
* Estimated the resources and participants needed to achieve project goals
* Set and continually managed project expectations with team members and other s
takeholders
* Delegated tasks and responsibilities to appropriate personnel
* Identified and resolved issues and conflicts within the project team
* Identified and managed project dependencies and critical path
* Planned and scheduled project timelines, milestones, and deliverables using ap
propriate tools
* Developed and delivered progress reports, proposals, requirements documentatio
n, and presentations
* Proactively managed changes in project scope, identified potential crises, and
devised contingency plans
* Defined project success criteria and disseminated them to involved parties thr
oughout project life cycle
Confidential (1996 - 1999)
Project Leader - Senior Webmaster
* Managed and completed several Web site development projects for major clients
including a Web based E-Commerce/Electronic Ordering system with secured transac
tions capability for the United States Naval Facilities Engineering Command (NAV
FAC)
* Developed the RS Information Systems' corporate Internet and Intranet Web site
s
* Implemented networked project planning and reporting tool to inform all projec
t members of progress and milestones
EDUCATION
* MISM - Master of Information Systems Management, Keller Graduate School of Man
agement - DeVry University (2010)
* MBA - Master of Business Administration (Specialization: International Busines
s), KGSM - DeVry University (2009)
* MPM - Master of Project Management, Keller Graduate School of Management - DeV
ry University (2008)
* BS - Management, University of Maryland - UMUC (2003)
Academic Certifications:
* Graduate Certificate - Information Assurance - One year study program - DeVry
University (2010)
* Graduate Certificate - Project Management - One year study program - DeVry Un
iversity (2008)
* Undergraduate Certificate - e-Commerce Management - One year study program -
University of Maryland (2002)
PROFESSIONAL CERTIFICATIONS:
* ISC2 Certified Information Systems Security Professional (CISSP)
* ISACA Certified Information Security Manager (CISM)
* ISACA Certified Information Systems Auditor (CISA)
* NSA Certified INFOSEC Assessment Methodology (IAM)
* NSA Certified INFOSEC Evaluation Methodology (IEM)
* PMI Certified Project Management Professional (PMP) - exam scheduled for Oct 2
010