✅ David Gould Email & Phone Number

United States

Charlotte Hall, Maryland

• Worked with our development lead to design a Jenkins workflow to integrate Aqua MicroScanner (open source) into the DevSecOps design to automatically scan container images and flag vulnerabilities in a report within.
• Worked with our development lead to design a pull request system (PR) to automatically incorporate SonarQube scanning on pull requests where 2 or more people must approve before code is released. Using SonarQube.
• Incorporated JFROG XRAY for continuous security and artifact analysis of container components for IA/CS oversight.
• Setup and secured AWS VPC to provide a cloud resource for multiple teams in dispersed areas to work together in a secure environment.
• Setup an AWS Virtual Private Cloud setup with IP controlled access over HTTPS and contains Atlassian JIRA, Confluence, and Bitbucket for full development support and requirement traceability.
• Working with the Business Development team on concepts and architectures for Cyber Security controls implementation and technologies as well as responses to contract requests and bids for various government customers.

Washington D.C. Metro Area

• Established communication channels to educate developers for a strong understanding of application security best practices and assisted with developing process to streamline validation.
• Coordinating assignments for Systems Engineering and Information Assurance teams for multiple projects with broad scope, ambiguity, and high degree of difficulty serving a variety of stakeholders, resulting in.
• Demonstrating proficiency in a wide range of information IT security technologies and platforms to customer, resulting in customer acceptance of the majority of Novetta’s recommendations.
• Gathering and interpreting complex qualitative and quantitative data to provide snapshots of the current security status of the software and systems, resulting in increased customer confidence.
• Maintaining ACAS, Fortify, HBSS, and DISA STIG checklists/documentation as artifacts for the Risk Management Framework (RMF) process, resulting in cybersecurity compliance and justified software.
• Implemented an Information Assurance program at Novetta, which provided advantage in negotiating contracts with government agencies using the RMF process and improved the cybersecurity posture of the software.

• Planned, implemented, and administered the HBSS to NIPR, SIPR, and JWICS as well as multiple IA national assets, resulting in 100% compliance with DIA mandated requirements.
• Maintained and supported existing antivirus, application, and system patch processes and procedures, resulting in a response time of less than 24 hours to critical incidents and continual compliance with all mandated.
• Participated in the development, implementation, and adherence to Technical Services documentation, system standards, policies, and procedures, leading to improved communication and repeatable and efficient services.
• Assisted in drafting SOPs for DIA services when implementing and administering HBSS.

Dahlgren, VA

Supported RDTE networks with multiple disciplines from Active Directory, VMWare, NetApp storage and other products.- Provided techincal support to keep systems up and functional for end users.- Updated Group Policy and scripts to meets IA guidelines for STIG's validating using Retina, Gold Disk and SCAP tool.Planning, design and implementation for Data at.

Afghanistan

As the Regional South Command Lead/Systems Security Engineer, I provided integration, operation and maintenance support for Persistent Surveillance and Dissemination of Systems (PSDS2). - Developed and updated policy and procedure documentation for NIST and DOD compliance with regulations and requirements. - Presented with Regional Command, O-6 and higher.

Lanham, MD

As the Active Directory Infrastructure Engineer, I provided expert analysis for Global Active Directory design, architecture, security, migrations, and consolidations that employ solutions to meet organizational business needs. - Resolved highly complex technical issues and conducted advanced research applicable to an enterprise Active Directory.

- Assessed and mitigated security risks from an enterprise including but not limited to Active Directory domains and forests, Windows domain controllers, Exchange servers, and IIS servers.- Assist in team building, testing, training, implementation of standard operating procedures involving Windows and Linux/Unix based systems that support security.

As the Systems Architect/Engineer for the Personnel Recovery Mission Software (PRMS), I worked with multiple personnel on the design and deployment of the system from 2.0 to 2.1.5 version, which consisted of the migration of data between two geographically different locations. I was responsible for coordinating efforts across development, database design.

Support for the NAVAIR deployment, operation, and maintenance of DOD’s host-based security system (HBSS) solution, of the following components include McAfee e-Policy Orchestrator, Host Intrusion Prevention System (HIPS), Policy Auditor (PA), Rogue System Detection (RSD), and McAfee Virus Scan (VSE). Support and supervised the upgrade of products along.

Engineering Systems Solutions

As a Senior Systems Engineer, I provided a lead role in creating and managing projects involving Active Directory Sites and Services Consolidation and Active Directory Group restructuring to provide a more stable replication topology and security with personnel in groups based on roles and capabilities. I developed network infrastructure diagrams to.

Systems Administration / Information Assurance support.

Systems Administration Support