Highly skilled Information Assurance Vulnerability Manager offering vast knowledge of network security at desktop, server and enterprise levels. Infosec specialist whose qualifications include certifications in Security + and C&A; with a detailed knowledge of security tools, technologies and best practices. Seventeen years of experience in the creation and deployment of solutions protecting networks, systems and information assets for a Department of Navy Aviation (NAVAIR) organization. Background includes a thorough upstanding of IT/IM policies and procedures, computer hardware and software in a DOD environment.
|Skills||Experience||Total Years||Last Used|
|eEye Retina Network Security Scanner||Expert||5||2013|
|Host Based Security System||Advanced||3||2013|
|IAVA Patch Management and Compliance||Expert||10||2013|
Deployment of Token Based Access:
For the last seven years I have worked as the IAVM (Information Assurance Vulnerability Manager) for Fleet Readiness Center East, Cherry Point, a NAVAIR Depot (Department of the Navy Aviation) rework facility. As the IAVM I am responsible for the security and certification of Information Technology systems supporting an unclassified and classified WAN (Wide Area Network) infrastructure interfacing with the Navy GIG (Global Information Grid).
As the IAVM I have several areas of responsibility, basically broken down into three areas; the day to day operations; Computer Security and Investigations; and C&A (CERTIFICATION AND ACCREDITATION).
My duties in the day to day operations of the Information Assurance Office include but are not limited to:
-I perform daily network compliant security scanning using Retina to ensure compliance with applicable IAVA (Information Assurance Vulnerability Alerts). I report compliance of all system to NCDOC (Navy Cyber Defense Operations Command) and DISA (Defense Information Systems Agency) via OCRS (Online Compliance Reporting System). I evaluate vulnerability of systems and provide mitigation analysis and present written plans to NCDOC for approval when a system cannot meet NCDOC or DISA deadlines for IAVA compliance.
-I notify all System Administrators of any new IAVA or cyber vulnerability and update the CPIAVA webpage. I manage the CPIAVA web page and track system IAVA compliance and mitigation progress.
-I monitor information system activity, collect, review, and retain audit logs to include system logs and records and determine actions to be taken when discrepancies are detected.
-I ensure all system security protocols, virus signatures and access controls are up to date and in place using HBSS (Host Based Security Scanner). I insure all HBSS modules are installed and communicating with the EPO server on all systems. I work with the SA to insure STIG requirements are maintained and systems stay hardened and meet NMCI, NCDOC and DISA security requirement.
My second area of responsibility is Computer Security and Lead in house investigator.
-I document, evaluate, and report all computer security risks and violations to the IAM and management. I assist with Commands Security Violation and Incident Reporting procedures.
-I assist the legal office, the IG (Inspecting General) department and the command investigator team to investigate computer misuse.
-I use computer forensics procedures to investigate computer hacking, unauthorized system access, unauthorized data access, data manipulation, the introduction of viruses, and the uses of unauthorized hardware or IT devices on the Navy networks or within the FRC East facility.
-I manage access to the Navy network, via account creations, processing of SAAR-N (SYSTEM AUTHORIZATION ACCESS REQUEST NAVY) and computer user agreements. I validate security clearances and background check via JPAS (Joint Personnel Adjudication System).
-I provide customer service and help desk support; I troubleshoot account issues, CAC (common access cards) issues and help users with security issues that may arise.
-I manage the secure token program for all the SA and DBA for administrative access for the FRC East LAN.
My third area of responsibility is C&A (CERTIFICATION AND ACCREDITATION).
- I work with the SA and DBA to ensure their new systems have HBSS installed; have compliant Retina scans, that all DIAS gold disk and STIG are compliant before authorizing the system to be placed on the network or Navy GIG.
-I ensure all new system meet the C&A requirements outlined in the 5239 and that they are added to the correct SSAA (System Security Authorization Agreement).
-I work with system owners, the SA and DBA on system reaccreditation and updating SSAA.
- I work on the DON (Department of the Navy) transition plan from DITSCAP to DIACAP. I assist system owners and SA in creating and updating SSAA and provide guidance for the completion of documentation and required testing producers to meet certification and accreditation of system that reside on the WAN.
- I work with the SA and lab managers to document labs and standalone system within a secure and unsecure environment.
-Served as operating system expert, providing technical support for entire V22 organization.
-I provided desktop, server and program specific application support.
-Provided technical support for LAN and WAN users as well as establishing VPN access for some of our V22 technical partners.
-I worked with Bell, Boeing, Rolls Royce, Lockheed and IBM (V22 technical partners) to setup and integrate their program specific application into the V22FST environment for use by the V22 engineers and logisticians.
-Developed and maintained accurate network documentation and Visio diagrams to provide management with proper understanding of organizational needs.
-Designed, documented and executed maintenance procedures, including system upgrades, patch management and system backups.
-Developed and managed project plans while providing status updates to management.
-I designed the V22 computer room and emergency power backup system at the V22FST facility bldg 488.
-I managed a staff of seven employees (two government and five contractors).
-Assisted in the development, design and publishing of the V22FST website.
-Setup access controls and security to safeguard V22 data published on the V22fst web.
-Troubleshot and resolved web application issues escalated from customer support and other departments with a 100% success rate.
-Provided administrator support for servers and network operations with-in the computer room and industrial depot environment.
-Provided server support and executed maintenance procedures, including system upgrades, patch management and system backups.
-Provided desktop remote capabilities via SMS for computer support for 3800 computer users within the Navair Depot.
-Executed security hardening procedures of all servers and ensured compliance of DISA STIG and Gold Disk standards to establish benchmarks for the creation of SSAA as defined by IA.
--Monitored information system activity, collected, reviewed, and retain audit logs to include system logs and records and determined actions to be taken when discrepancies are detected. Reported any discrepancies to the IAVM and security.
--Verify all Virus Signatures are kept up to date, and Automated and Manual Virus Scans are documented, scheduled and are being completed. React to and report actual or suspected events to the IAVM.
-Review Information Assurance Vulnerability Alerts (IAVA) for applicability and impact to the servers or networks. Ensure that all systems are patched and report compliance or problems in achieving compliance to the IAVM and provide information for a mitigation plan.
-Evaluate information systems for compliance with Defense Information Security Agency (DISA) Security Technical Implementation Guideline (STIG) and review measures needed to bring systems into compliance.
-Updated departmental standard operating procedures and database to accurately reflect the current practices.Identified and resolved system and account issues.
-Provided desktop computer support for 3800 computer users within the Navair Depot.
-Diagnosed, installed, configured and repaired computer systems and software.
-Installed motherboards, processors, RAM and graphics cards.
-Troubleshot and resolved hardware, software and network issues with a 100% success rate.
-Served as operating system expert, providing technical support for entire organization.
-Prepared and presented technical proposals for clients.
-Worked with clients to analyze computing and network needs and installed appropriate solutions within each organization's budget.
-Provided thorough support and problem resolution for customers.
-Set up, tested and configured networks, desktops, laptops and printers.
-Resolved technical issues for clients in person, on the phone and through e-mail.
Information Assurance Certification and Accreditation
-Security Plus Certification
-Coursework in Business Administration and Information Processing
Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.
Many factors go into creating a strong resume. Here are a few tweaks that could improve the score of this resume:
Job Titles Held: