Yyyyyy x. yyyyyy

Address: 0000 xxxxxx xxxx , xxxx , xxxxx 00000                      

Phone: (xxx-xxx-xxxx

Email: abc@xyz.com
Citizenship: United States

Social Security Number: XXX-XX-XXXX

 

Vacancy Posting:      IHC-295175-CDH-DE

 

Core Qualifications

 

Information Systems Security; Risk Management; Strategic Planning; Physical and Logical Security Assessment/Analysis; Performance Optimization; Presentation & Documentation; Security Requirements Subject Matter Expert; Crisis Management; Productivity/Efficiency Improvement; Proposal Review & Drafting; Decision-Making; DHS Environment Knowledge; DOD Information Assurance Certification and Accreditation Process (DIACAP) Knowledge; Certification and Accreditation Subject Matter Expert;

Federal Information Security Management Act (FISMA) Reporting and Implementation Specialist;

Federal Acquisitions and Procurements; Project Management; Team Building; Training & Development

 

Professional Experience

 

06/09-Present

DEPARTMENT OF HOMELAND SECURITY (DHS)
0000 xxxxxx xxxx , xxxx , xxxxx 00000
Supervisor: May Contact - Loretta Lemon xxx-xxx-xxxx                    Starting Salary: $XXX,XXX/yr
Hours: 40-50 per Week                                                                                                 Ending Salary: N/A

Information Technology Specialist, Branch Chief, Security Assurance Branch, Department of Homeland Security (DHS) Office of Compliance and Technology

In charge of steering broad projects targeted toward optimizing DHS technologies security, risk mitigation and compliance.  Effectively build, lead and evaluate top-performing teams; facilitate a motivating work environment by taking the initiative to work with staff to achieve career and personal goals.

 

Key achievements have included successfully spearheading project employing 10 staff to surpass critical timelines in testing, implementing and deploying Trusted Agent FISMA (application) on the Homeland Security Data Network, within a classified environment; through strategic planning and leadership, achieved testing, certification, accreditation, deployment, and user training within 3 months, attaining goals 3 months ahead of 6-month project timeline while maintaining specifications and quality standards.  Ensure consistent user connectivity to system via Homeland Security Data Network (HSDN) and Secure Internet Protocol Router Network (SIPRNET) for optimal performance.  Actively manage development team in enhancing and modifying system to address current and emerging user needs.

Serve as Project Manager in driving Security Test and Evaluation (ST&E), risk assessment (RA) and Security Assessment Report (SAR) supporting Information Assurance (IA) Compliance system.  Collaborate with DHS vulnerability scan team, using SPI Dynamics WebInspect Oracle and Nessus tools for full system scan and thoroughly analyze vulnerability results in order to define, develop and execute targeted strategies for risk mitigation.  Partner with ISSO and ISSM teams in facilitating system certification and accreditation.

Contribute dynamic leadership skills toward directing teams in conducting site visits focused on defining security posture of both sites and systems. Conduct security personnel interviews as well as vulnerability scans to determine validity of sites/systems C&A documentation. Proficiently write detailed security status repots and brief DHS leaders on security posture; apply expertise toward recommending innovative solutions for mitigating potential impact and risk.  In capacity of Project Manager, presently leading a 5-member team in initial stages of testing, certifying, accrediting, and deploying as well as training users in support of 5-month project geared toward implementing Classified RMS on Homeland Security Data Network.

page 1 of 4

Yyyyyy x. yyyyyy

Job Posting: IHC-295175-CDH-DE

Social Security Number: XXX-XX-XXXX                                                                                  page 2 of 4

 

8/2005-06/0000 xxxxxx xxxx , xxxx , xxxxx 00000

Supervisor:  May Contact - John Braden, 202-447-5136                                Starting Salary: $XXX,XXX/yr

Hours:  40-50 per Week                                                                                  Ending Salary: $125,000/yr

 

Lead Information Security (INFOSEC) Engineer, Department of Homeland Security (DHS) Chief Information Security Officer (CISO) Support

 

Actively collaborated with the DHS Chief Information Security Officer (CISO) in all information security matters, exhibiting strong communication and interpersonal relation skills.  Conducted comprehensive policy reviews and recommendations, FISMA coordination and remediation, acquisition/procurement reviews and recommendation, certification and accreditation training/assistance and DHS Security Conference coordination.  Effectively planned, coordinated and hosted DHS Security Activities Working group (SAWG) meetings to promote team building and collaboration to achieve operational goals and timelines.

 

Relied upon to lend information security expertise in reviewing and evaluating proposals for DHS contract awards for future projects.  Applying detail orientation and advanced writing skills, served as contributing author to the following MITRE documents to the CISO: MITRE project statement of work, IT security remediation CONOPS, DHS Certification and Accreditation process, DHS CISO Newsletter, SAWG meeting notes, and DHS Service Level Metrics guide.  Proficiently prepared and delivered information security presentations at the yearly DHS Security Conference.

 

Conducted detailed review and analysis of DHS component plan of actions and milestone (POA&M) issues in order to identify and recommend effective solutions.  Trained and motivated ISSOs and system owners on the proper use of Trusted Agent FISMA (TAF) and Risk Management System tools to complete C&A documentation and report on status, playing an instrumental role in their education and development.  Proactively supported DHS Component ISSOs in completing C&A documentation in a timely manner and assisted in writing TAF Change Control process.

 

8/1993-8/2005

SCIENCE APPLICATIONS INTERNATIONAL CORP. (SAIC)

0000 xxxxxx xxxx , xxxx , xxxxx 00000

Supervisor:  May Contact - Patrick Berkebile, 202-261-9000                         Starting Salary: $XXX,XXX/yr

Hours:  40-50 per Week                                                                                  Ending Salary: $106,000/yr

 

RISK Manager, Immigration Naturalization Service (INS)/Department of Homeland Security (DHS) Service Technology Alliance Resources (STARS) Program; 6/2001-8/2005

 

Contributed dynamic leadership skills in managing a team of security analysts and engineers to identify computer security risks and develop documentation and procedures necessary for Site security certification and accreditation (C&A).  Illustrated sharp analytical and organizational abilities in preparing diverse documentation including: risk assessment (RA) reports, security test and evaluation (ST&E) reports, security features user's guides (SFUGs), sensitive system security plans (SSSPs), contingency/disaster recovery (CP/DR) plans and Plan of Actions and Milestones (POAMs).

 

Ensured INS/DHS computer system security officers (ISSOs) and program managers were properly educated on C&A documentation development by teaching comprehensive courses and trainings.  Tracked project activities and status in Microsoft Project 2000, integral to achieving goals and timelines.  Proactively attended and participated in numerous seminars and security conferences to maintain up to date on current industry trends; presented new information to senior management to ensure they are properly informed on new security concepts and products.  Appointed and served as Master User in carrying out PKI duties.  Contributed to business development by using proactive prospecting techniques to generate new customers and applying industry expertise and strong communication skills to effectively market information security services.

 

 

Yyyyyy x. yyyyyy

Job Posting: IHC-295175-CDH-DE

Social Security Number: XXX-XX-XXXX                                                                                  page 3 of 4

 

Project Manager, United States Peace Corps; 9/2001-3/2003 

 

Built and established key relationships and liaised effectively with Peace Corps Computer Security Program Manager and Computer Security Program Director to market SAIC s capabilities.  Successfully managed all aspects of the proposal-writing process to win a $400,000 contract.  Provided deliverables (Peace Corps Server configuration guide, systems security guide and NT overseas guide) on time and within budget by strategically allocating resources and directly leading a team of engineers and a technical writer.  Spearheaded diverse managerial activities ranging from hiring and training to salary negotiations and performance evaluation.  Demonstrated exceptional interpersonal relation skills in serving as the primary point of contact with the Peace Corps Project Manager and Contracting Officer (COTR) to discuss management, timeline and budget issues.

 

Designed and developed bi-weekly status reports and held bi-weekly meetings with Peace Corps Project Manager and staff to report on project status and brief SAIC senior staff on project status and staff performance.  Facilitated quality assurance and critical compliance by comprehensively reviewing and approving all deliverables in accordance with NT and mainframe security policy/procedure for submittal to clients.

IT Security Analyst, Immigration Naturalization Service (INS) Service Technology Alliance Resources (STARS) Program; 5/2000-6/2001   

 

Collaborated with and supported CSSOs in developing C&A documentation for 30+ systems in the INS Management portfolio.  Effectively prepared and developed documents including: risk assessment reports, security test and evaluation reports, security features user s guides, sensitive system security plans, and contingency/disaster recovery plans, with strong focus on optimizing productivity and efficiency.

 

IT Security Analyst, Internal Revenue Service (IRS) Service Center Mainframe Consolidation (SCMC) Project; 9/1997-5/2000 

 

Successfully supported IRS in achieving security certification and accreditation for all IRS systems that process sensitive but unclassified (SBU) data by effectively performing security activities.  Applying strong attention to detail, conducted site visits to determine IRS compliance with the Treasury Department s baseline security requirements.  Conducted comprehensive risk assessments to proactively identify security threats and vulnerabilities and recommend risk mitigation strategies. 

 

Instrumental member in SAIC s IT security engineering team, with full accountability for developing the various IRS security reports and documents including: standard C&A documentation, security design documents (SDD), trusted facility manuals (TFM), privacy impact assessments, and configuration management plans.  Educated team members on diverse security concepts and issues through afternoon seminars, exhibiting strong leadership and industry knowledge.  Steered the evaluation and recommendation of security products (access control tools, firewall and VPN products) for the IRS. 

 

Systems Analyst, U.S. Patent and Trademark (US PTO) Biotechnology and Electronic Filing Projects; 3/1995-9/1997

 

Innovatively designed and developed statistical models to explain future growth of sequence-bearing patent applications.  Performed vendors UNIX-based system reviews and testing to effectively determine feasibility of use in the PTO s Biotechnology Department. 

 

Conducted technical research and analysis and strategically defined enterprise-wide hardware and software standards instrumental to boosting productivity, efficiency and quality.  Drafted documents identifying and recommending alternatives to the agency s existing hardware and software platforms.  Independently developed and prepared the PTO s Electronic Filing Implementation Guide (IG).  Prepared numerous comprehensive documents and provided recommendations on the viability and operation of: electronic data interchange (EDI), value added networks (VANs), and electronic filing security including digital signature and data encryption.  In addition, documented interchange standards in an electronic filing environment.

 

 

 

Yyyyyy x. yyyyyy

Job Posting: IHC-295175-CDH-DE

Social Security Number: XXX-XX-XXXX                                                                                  page 4 of 4

 

Systems Analyst, Department of Energy (DOE) Environmental Management Systems Project (EMS); 9/1993-3/1995

 

Successfully supported the structuring, development and implementation of executive-level management systems on the U.S. Department of Energy s internal LAN (Novell 3.11), substantially improving performance.  Maintained full accountability for the documentation, training and support for all 30 LAN database systems; identified and addressed existing and potential issues and created proactive upgrades and enhancements for optimal results.

 

Supervised the development of an on-line bulletin board system to assist the U.S. Department of Energy in educating the public and disseminating key information, emphasizing efficiency and accuracy.  Proficiently oversaw and administered a FoxPro client-server application on a remote Novell NetWare Access Server, further illustrating strong technological skills.

 

Education

 

Masters of Science in Management Information Systems (MIS) - University of Maryland University College, Graduate School of Management & Technology (College Park, MD), 2001

Bachelor of Arts in Communications - State University of New York at Albany (Albany, NY), 1986; Cum Laude

 

Certifications

 

Project Management Professional (PMP) - Project Management Institute (PMI) PMP material through MITRE study group, 2006

Certified Information Systems Security Professional (CISSP) - ISC2 material through SAIC Study Group, 2004 

Certified Novell Engineer (CNE), Professional Certificate in Data Communications & LAN Administration - New York University & SOMA Network Center (New York, NY), 1993, 1996, 1997, 1998

Certified Novell Administrator (CNA)

Training

 

NIST Risk Management Framework Training, 2008
PMP training, MITRE Corporation, 2006
Trusted Agent FISMA (TAF) training, 2005
SecureInfo Risk Management System (RMS) C&A Tool training, 2005
Certified Information System Security Professional (CISSP), 2004
Public Key Infrastructure (PKI) Computer-Based Training, 2003
Technical Writing Course, McLean, VA, 1995
Novell Netware 4.1, U.S. Connect Novell Training Center, McLean, VA, 1995