• Implement and oversee the organization’s information security program, ensuring alignment with federal security policies and standards.• Maintain compliance with FISMA, NIST, and other relevant security regulations. Conduct regular reviews and updates to security policies and procedures.• Identify and assess security risks. Develop and implement strategies to mitigate risks and address vulnerabilities.• Manage and coordinate responses to security incidents. Oversee incident analysis, reporting, and remediation efforts to minimize impact.• Prepare and present security metrics, status reports, and briefings to government officials and stakeholders. Ensure accurate and timely documentation of security activities and incidents.• Lead and support the security team in implementing security measures. Provide guidance and training on security best practices and procedures.• Develop, review, and update security policies, standards, and procedures to ensure effective management of information security.• Work closely with other departments and external agencies to ensure comprehensive security coverage and address security concerns.

• Led a team of 25 analysts in a 24/7 Network Operations and Security Center (NOSC), providing oversight, direction, and mentoring to ensure effective performance and professional growth.• Ensured continuous staffing and effective shift management, maintaining 24/7 coverage and handling staff leave, sick days, and official travel.• Developed and implemented policies, instructions, standards, and procedures for NOSC operations to streamline processes and enhance efficiency.• Analyzed incident reports and followed up with reporting sites to ensure comprehensive incident documentation and resolution. Provided timely and accurate reporting to external agencies regarding incidents and threats.• Produced weekly and monthly metrics reports detailing NOSC performance, incident trends, and operational efficiency. Briefed government officials and project managers on current issues, events, and relevant information.• Participated in routine and ad-hoc status meetings with key customer personnel to convey current status, risks, and mitigation strategies.• Provided oversight for the use and implementation of Security tools to ensure effective monitoring and incident response.• Performed review and validation of all deliverables related to NOSC activities, ensuring accuracy and quality.

• Led and mentored a team of 25 analysts, providing guidance, training, and performance management to ensure high levels of efficiency and professional development.• Oversaw the day-to-day operations of the Network Operations and Security Center (NOSC), including scheduling, staffing, and ensuring 24/7 coverage.• Analyzed and responded to security incidents, coordinating with reporting sites to ensure complete and accurate incident documentation. Ensured timely resolution and reporting of incidents.• Developed and implemented operational policies, standards, and procedures for NOSC functions, contributing to the optimization of security operations.• Produced weekly and monthly performance metrics and status reports for internal and external stakeholders. Presented updates and briefings to government officials and project managers.• Participated in routine and emergency status meetings with key customer personnel to provide updates on current status, risks, and mitigation strategies.• Provided oversight for the deployment and usage of SOC tools, ensuring they were effectively utilized for monitoring and incident response.• Reviewed and validated all deliverables related to NOSC activities to ensure accuracy, quality, and compliance with established standards.

• Ensured the Security Operations Center (SOC) maintained effective security operations, including monitoring, incident response, and threat analysis.• Acted as the primary point of contact for the SOC in the absence of the SOC Lead. Provided leadership and decision-making support for SOC operations and incident management.• Ensured timely and effective response to all security incidents. Coordinated incident handling and follow-up activities to minimize impact and recover operations.• Created and produced weekly WAR (Weekly Activity Report) metrics and SOC Intelligence Metrics Reports for upper management, providing insights into SOC performance and threat landscape.• Participated in classified intelligence meetings and relayed critical tasks and information to upper management, ensuring informed decision-making.• Reviewed and validated data spill incidents, overseeing the documentation, validation, and sanitation processes to ensure compliance and accuracy.• Maintained shift coverage within the SOC, ensuring adequate staffing and effective management of SOC operations during all shifts.• Managed the Security Services Remedy Incident Queue, ensuring that tickets were updated and resolved in a timely manner.• Trained SOC staff on reporting procedures and best practices, enhancing their skills and ensuring consistent performance across the team.• Participated in proof of concept evaluations with external vendors, assessing potential new tools and technologies for integration into SOC operations.

• Conducted continuous network monitoring and incident response operations for a Cabinet-Level Federal Agency, ensuring 24/7/365 coverage.• Correlated data from various sources including Intrusion Detection Systems (IDS), firewalls, web servers, and DNS logs to identify and analyze security threats.• Performed detailed packet analysis and reassembly to investigate and understand potential security incidents and breaches.• Stayed current with security threat intelligence, analyzing trends and emerging threats. Utilized this knowledge to enhance detection and response capabilities.• Contributed to the development and refinement of Standard Operating Procedures (SOPs) for the SOC, improving operational effectiveness and incident handling.• Reviewed and analyzed open source intelligence to identify cybercrime activities and advanced persistent threats (APTs).•Coordinated with Information System Security Officers (ISSO) via email and phone to implement remediation strategies and address identified vulnerabilities.• Produced weekly Watch Metrics Reports detailing security incidents, trends, and metrics for upper management. Briefed leadership on significant events and developments.• Participated in various special projects and leadership roles, contributing to strategic initiatives and operational improvements.

• Conducted network monitoring and incident response operations for a Cabinet-Level Federal Agency, providing 24/7/365 coverage to ensure the security and integrity of systems and networks.• Correlated data from intrusion detection systems (IDS) with other sources such as firewalls, web servers, and DNS logs to identify and investigate security incidents.• Developed and produced comprehensive reports on all activities and incidents, including daily, weekly, monthly, and quarterly reports. Provided situational awareness and trend analysis to management.• Coordinated with relevant organizations and internal teams regarding potential security incidents. Conducted intra-office research to evaluate and address security events.• Maintained current knowledge of security threats and vulnerabilities by monitoring Internet postings, intelligence reports, and other relevant sources.• Identified and reported misuse, malware, and unauthorized activity on monitored networks, ensuring appropriate actions were taken in accordance with security policies.• Provided ongoing training and support to team members, enhancing their skills and ensuring effective incident management and response.• Analyzed and improved incident response processes and reporting mechanisms to enhance operational efficiency and effectiveness.

• Conducted network monitoring and incident response operations for a Cabinet-Level Federal Agency, ensuring 24/7/365 coverage and rapid response to security incidents.• Correlated data from Intrusion Detection Systems (IDS) with other sources, including firewalls, web servers, and DNS logs, to identify and analyze potential security threats.• Performed packet analysis and reassembly to investigate and understand security incidents, identifying malicious activities and vulnerabilities.• Participated in the review, revamping, and creation of SOPs for the Watch, contributing to improved incident handling and operational efficiency.• Utilized case management processes to document incidents, including alert messages, packet captures (PCAP), and analysis tools, ensuring comprehensive and accurate records.• Coordinated with Information System Security Officers (ISSO) via email and phone to implement remediation strategies for identified security issues.• Produced weekly Watch Metrics Reports detailing security incidents, trends, and performance metrics. Briefed leadership on significant events and developments.• Contributed to various special projects and leadership roles, enhancing security operations and response capabilities.

• Supervised a shift of 8 analysts, including performance reviews, training, attendance management, ticket audits, and counseling sessions to ensure effective and efficient team performance.• Conducted network monitoring and incident response operations for a 24/7 Cabinet-Level Federal Agency, providing continuous oversight to maintain the security and integrity of systems.• Reviewed, updated, and oversaw the implementation of policies and procedures related to security incident identification, threat response, and reporting.• Produced detailed ‘Daily Shift Reports’ covering device issues, shift roles, action items, and hot issues. Provided regular updates and briefings on shift activities to higher management.• Managed and resolved security incidents during the shift, coordinating with global teams and ensuring timely and accurate responses to potential threats.• Ensured adherence to Standard Operating Procedures (SOPs) for incident management, threat analysis, and response, maintaining high standards of security operations.• Coordinated with various internal and external teams regarding security incidents, ensuring effective communication and collaboration.• Provided training and guidance to shift analysts on security practices, incident management, and reporting procedures.

• Reviewed and updated policies and procedures related to security incident identification, threat response, and reporting. Ensured that incident response processes were comprehensive and addressed various types of incidents.• Identified and assessed the impact of security incidents on services and information systems. Conducted thorough risk assessments to determine potential vulnerabilities and threats.• Verified the implementation of security policies for operational procedures, including data backup, configuration management, and equipment maintenance. Ensured compliance with established policies and best practices.• Reviewed and verified policies for managing risks associated with third-party controls, removable media (e.g., tapes, disks, memory cards), and access control policies.• Applied FISMA, NIST, OMB, and FIPS compliance regulations to develop a risk-mitigating framework. Created a Risk Assessment Best Practice Checklist for incident management during security breaches.• Documented risk assessments and incident evaluations, providing detailed reports and recommendations for mitigating identified risks and vulnerabilities.

• Supervised a team of 20 technicians, overseeing their performance through regular reviews, training, and counseling sessions. Managed timecard approvals and tracked attendance to ensure operational efficiency.• Planned and managed projects related to help desk operations and system administration. Developed and implemented Standard Operating Procedures (SOPs) to streamline processes and enhance service delivery.• Managed escalated incidents, including VIP issues requiring immediate attention. Ensured that all issues were resolved promptly and effectively, maintaining high levels of user satisfaction.• Produced daily reports detailing statistics trends, including answered and abandoned calls, technician performance, and other key metrics. Analyzed data to identify areas for improvement and ensure optimal help desk operations.• Supported over 12,000 users both onsite and remotely, handling a wide range of technical issues including VPN, Citrix, software applications, and printer servers.• Created and terminated user accounts for NIPR and SIPR networks. Set permissions for file shares and drives to ensure appropriate access controls.• Troubleshot and resolved issues related to VPN and Citrix connections, software applications, and network configurations. Provided expertise and support to field technicians and end-users.• Documented processes and procedures for help desk operations, including troubleshooting guides, SOPs, and training materials for technicians and management.

• Provided Tier II support for help desk operations, handling advanced technical issues related to operating systems (Windows), MS Office, MS Exchange, and other information systems technologies.• Answered, evaluated, and prioritized real-time requests for assistance from users experiencing hardware, software, networking, and other technology-related problems.• Interviewed users to collect detailed information about problems and led them through diagnostic procedures to identify the source of errors and resolve issues effectively.• Troubleshot and resolved complex issues related to VPN, Citrix connections, and BlackBerry services. Addressed problems with software applications, data backup, and recovery.• Handled trouble ticket follow-ups for routine user problems, escalating more complex issues to supervisors or senior-level analysts. Ensured timely and accurate updates to ticket statuses.• Worked with team members to identify recurring issue trends and suggested long-term strategies to mitigate recurring problems and improve service delivery.• Documented processes and procedures for technicians, including troubleshooting guides and solutions. Analyzed incident reports to make recommendations for reducing the help desk incident rate.• Installed and configured hardware components such as monitors, keyboards, printers, and disk drives on users' premises. Provided remote and onsite support as needed.

• Directed day-to-day help desk operations for the Pentagon Force Protection Agency (PFPA), including the installation, configuration, and troubleshooting of Windows 2000 and MSXP operating systems according to PFPA specifications.• Installed, configured, and troubleshot a range of commercial off-the-shelf (COTS) applications, such as MS Office, antivirus software, and Adobe products, ensuring seamless functionality for end-users.• Executed tech refreshes by updating BIOS and device drivers, applying service packs, and installing software updates, enhancing system performance and security.• Installed and troubleshot hardware components, including external media drives, onboard memory, video, network, and sound cards, as well as peripheral devices, to ensure optimal system functionality.• Created, modified, and updated user accounts and permissions in Active Directory, streamlining user management and access control.• Utilized Ghost cast server software to create and deploy ‘ghost’ images for re-imaging machines, standardizing configurations and improving deployment efficiency.• Installed and configured desktop software for synchronization between PDAs and Microsoft Outlook, facilitating mobile access to emails and calendar events.• Troubleshot network connectivity and remote access issues, including VPN services, PIN resets, and password changes for PKI and CAC access, ensuring secure and reliable remote connectivity.• Supported remote clients using Cisco VPN software over ISP cable and DSL connections, providing assistance and resolving connectivity issues to maintain effective communication,

• Provided direct support to the Lead Data Generator for the safe testing and verification of various in-house software programs, including JDAM 6 Degrees of Freedom (6DOF) GUI, Aircraft Target Area Maneuver Simulation (ATAMS), and Guided Weapons (JDAM) GUI.• Developed software test plans and matrices for certification and functional testing, including software requirements specifications (SRS), test case execution, and truth data generation.• Identified and documented defects during test execution, contributing to the improvement and refinement of software programs.• Assisted the Ballistic Weapons Team in drafting Software User’s Guides for various programs, such as the Dual Mode Laser Guided Bomb (DMLGB) GUI.• Acquired a general understanding of aircraft performance for supported platforms (AV-8B, F/A-18A/B/C/D, and F/A-18E/F), enhancing the ability to address specific software and performance requirements.