• Lead the creation, planning, implementation, and integration of the strategic direction of ALCA in providing IT solutions and cybersecurity consulting services for commercial or government agencies. Provide analysis, design, development, implementation and security assessments to ensure compliance with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, (SP) 800-171, CNSSI 1253, and other frameworks.• Act as the figurative head of the organization when communicating with stockholders, government entities and the general public.• Lead the development of the organization’s long- and short-term strategies.• Manage overall operations and make major decisions affecting the organization.• Manage the organization’s resources.• Negotiate or approve agreements and contracts for the organization.• Manage company organizational structure.• Communicate with the board of directors.• Assess and minimize risks to the company.• Set strategic goals.• Provide company-wide leadership.• Serve as the company’s primary spokesperson.• Identify and address companywide problems.• Develop and uphold the company’s culture and mission/vision.• Implement strategic plans by working with senior stakeholders.• Evaluate and track the success of the company in reaching its goals

Provide training in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification. Students use tools and guidelines to build a set of security policies and procedures. Students will also design a layered security architecture and analyze it for flaws. Students use industry standards for software security. Students also cover the review, selection, and assembly of tools for performing threat and incident management.Topics include:• Cybersecurity architecture• Information security framework• Remediation of identity and access management issues• Common exploits used to compromise identity• Data analytics to determine appropriate compensating controls• Defense-in-depth to secure networks and systems• Secure coding as a part of the Software Development Lifecycle• Common Cybersecurity tools and techniques

• CompTIA Certification Trainer (Net+, Sec+)• Certification Equipment Officer- responsible for the inventory and maintenance of test systems and training materials• Provided support to Commander, U.S. Pacific Fleet N6 providing contributory support to fleet exercises as well as to the Maritime Operations Center or Title 10 Fleet HQ Element.• Provided support to the Systems Support Engineering Division, Fleet Engineering Branch 2654 C4ISR Depot Restoration located at SPAWAR Systems Center, San Diego increasing output of completed sub-assemblies by 25% and saving over 80 man hours • Operation New Dawn- Network Techo Assisted in upgrading, installing and maintaining the command's SIPRNET/NIPRNET, network to over 70 workstations and creating over 200 user accountso Assisted in planning, executing, and managing Command, Control, Communications, Computers, and Intelligence (C4I) architecture during real world events and training evolutions.o Utilized HBSS to customize, manage and enforce information security policies, create baseline security configurations, maintain up to date system protection, and monitor system security and compliance status. o Evaluated vulnerability scans logged utilizing network IDS/IPS scanning tools and software to notify system administrators of applicable Information Assurance Vulnerability Alertso Assisted in creating a disaster recovery continuity plan and periodic security assessment project testing system vulnerabilities.• Operation Iraqi Freedom/Operation Enduring Freedom- Shop Supervisoro Developed a comprehensive collection of Standard Operating Procedures that increased efficiency and improved productivity accounting for over 2,393 inspections in 553 man hourso Improved reporting accuracy and submission by automating the reporting process saving over 336 man hours o Established a cross-training program that improved the speed and quality of vehicle inspections by 30%

• Provided planning, analysis, development, implementation, upkeep, and enhancement of systems, programs, policies, procedures and tools to ensure the integrity, reliability, accessibility, and confidentiality of information systems and assets. • Oversaw, evaluated, and/or supported the documentation, validation, and accreditation processes necessary to assure that new Information Technology (IT) systems meet the organizations' information security requirements. • Followed a systematic methodology to assess, identify and demonstrate attack vectors and their impacts to provide risk mitigation/remediation strategies.• Provided for the restoration of information systems by incorporating protection, detection, and reaction capability. This includes system/network protection; intrusion detection and monitoring; readiness assessments; firewall administration; security policy enforcement; risk and vulnerability assessments; security evaluations and audits; and contingency plans and disaster recovery procedures.

•Ensured that the networks and systems that comprise the Marine Corp Enterprise Network (MCEN) comply with DoD Security Technical Implementation Guides (STIGs) and Information Assurance Vulnerability Alerts (IAVAs).•Under broad direction, operated and managed all aspects of Information Systems, data availability, integrity, authentication, confidentiality, and non-repudiation. •Utilized Network Intrusion Detection and Forensics to conduct performance analysis of Information Systems security incidents.•Supervised operation of Electronic Key Management System, other information security duties, and Public Key Infrastructure. •Operated Host Based Security System (HBSS), firewalls, Intrusion Prevention Systems, Intrusion Detection Systems, other point of presence security tools, Virtual Private Networks, and related security operations. •Provided value-added control assurance/governance as it relates to security and IASE compliance requirements and controls while assessing the effectiveness and risk(s) of implementation.•Coordinated preparations for external/3rd party auditors, for regulatory and Business Process Compliance and Improvement reviews•Managed internal IT audit engagements including: system platform audits, DISA and MARFORCYBER Command Compliance Readiness Inspections, IT Vulnerability Risk Assessments, change management, and business process control assurance•Coordinated and performed compliance audits in accordance to the information protection, data asset and threat provisions under DISA and USCYBERCOM.•Coordinated with Incident Response teams for post-event diagnosis, investigation, mitigation and documentation.•Provided assistance with the creation and documentation of IA controls applied to respective accreditation packages; DoD Information Assurance Certification and Accreditation Process (DIACAP), the Risk Management Framework (RMF) and the Federal Information Security Management Act (FISMA).

•Lead large scale IT projects overseeing application updates, OS/hardware upgrades, patch remediation, and federal standards audits.•Contributed to the development of security solutions based on risk balancing, business need, technology availability, and practicality.•Focused on audit projects across multiple platforms targeting risk assessment, risk reduction, compliance, and business continuity.•Assessed data security controls for clients, including the implementation of infrastructure security to safeguard enterprise files and data elements. •Liaised with departments responsible for administering security software, monitoring functions and application security across all platforms and networks. •Performed server design, installation, and maintenance, ensuring all systems were securely installed according to applicable security standards.•Facilitated end-of-audit exit conferences with Corporate and IT executive management. •Performed managerial functions related to the Vulnerability/Risk Management staff (mentoring, training & development, creating standard operating procedures (SOPs)).•Initiated incident-handling procedures to isolate and investigate potential information system compromises utilizing IDS/IPS logs and alerts.•Implemented and evaluated information security governance frameworks based on ITIL, NIST, COBIT, and PCI DSS best practices.