Cyberfox Security is a CMMC-approved Registered Provider Organization (RPO). We provide professional cybersecurity consultation and services to Defense Industrial Base (DIB) and Defense Supply Chain (DSC) contractors. We specialize in CMMC and NIST 800-171 Gap reviews and remediation. Our experienced CMMC Registered Providers (RPs) and Certified CMMC Assessors (C) work alongside clients to simplify the web of CMMC requirements and help them meet CMMC compliance. We have extensive experience working with DoD, Defense Industrial Base (DIB) contractors, and Federally Funded Research and Development Centers (FFRDCs) in the areas of cybersecurity and compliance.The owner and founder of our security firm has been in this industry for over 25 years. He is a retired Air Force veteran and has worked with and advised many companies to include ACS Defense Inc., Lockheed Martin Corp., Northrop Grumman Corp., and several Federally Funded Research and Development Centers (FFRDCs). You can trust the knowledge and experience that he brings to your table. We offer a wide variety of personalized business relationships with our partners. Our business model is best-value pricing and we work hard to help clients make optimal security decisions without attempting to oversell.

Provided professional consulting services and managed the security program at the Hanscom Air Force Base. Collaboration and Innovation Center (HCIC) on Hansom AFB. Advised the director on all matters pertaining to information security, network security, compliance, and accreditation for the facility infrastructure/network and three distinct networks: Defense Research and Engineering Network (DREN), Secure Internet Protocol Router Network (SIPRNet), and Joint Worldwide Intelligence Communications System.

Serve as Chief of Intelligence Systems Security for Hanscom AFB, MA. Responsible for all aspects of developing, planning and conducting cyber risk and vulnerability evaluations on a wide range of cyber systems and networks to include critical systems. Consult with a diverse set of customers to include military, government, Federally Funded Research and Development Centers (FFRDCs), and contractors. Geographical scope of responsibility is Hanscom AFB and the Boston area, which includes multiple facilities; and seven out-of-state organizations. Establish and maintain excellent relationships and communications with stakeholders.

Manage and lead cybersecurity program and team that ensures current tools, techniques and methods are used to evaluate the security of customer systems and networks. Interpret and develop policies and guidance for customers as appropriate. In collaboration with functional managers, develop strategies and methods to address and mitigate gaps between security, compliance and business requirements. Adapt procedures as necessary to meet changing regulatory and/or business needs. Consult with customers to identify functional requirements and critical business processes and systems. Work with systems engineers and designers to ensure relevant security guidance and directives are observed and complied with as necessary. Develop and recommend strategies for pre-incident planning, business continuity, incident response, and recovery. Provide technical analysis and security review consultation pertaining to system development, testing, and deployment.

Ensure cybersecurity concepts, principles and directives are implemented across areas of responsibility. Manage all aspects of the classified systems for large FFRDC customer enclave to include computer security and configuration management of Linux, MAC and Microsoft clients and servers; and Cisco routers and switches. Established and stood-up the enclave, which included extensive collaboration, and coordination with Defense Intelligence Agency, FFRDC management, contacting agency and other stakeholders. Cobbled together agreements and procedures necessary to comply with NIST, DoD, ICDs and other policies. In addition, serve as Information Systems Security Manager, oversee Information Systems Security Officers (ISSOs) to ensure compliance with security directives and guidance. Ensure network and site security posture is maintained at a high level. Plan and conduct cybersecurity compliance audits and work with contractor organizations to resolve observations or finding. Develop reports and assist with strategy to improve cybersecurity posture and adapt as needed. For new systems, conduct analysis using risk management principles and techniques, apply additional security controls or overlays as necessary prior to authorizing integration. Ensure all planning and configurations meet specified guidance and directives. Lead Incident Response Team (IRT) in assessment, mitigation and system recovery.

As lead, responsibilities include developing and implementing network solutions to include servers, clients, routers, switches, encryption devices, associated cabling, and software to support client organizations. Plan, coordinate and integrate system updates and solutions to include domain creation and sub-netting. Configure Cisco 7200, 4500, 3600, and 2500 routers, switches, CSUs/DSUs, and cryptographic equipment located across the network to include geographically separated locations in compliance with Security Technical Implementation Guides (STIGs), Security Requirement Guides (SRGs); and National Security Agency (NSA) security guides. Planned and acquired funding to upgrade network backbone to fiber optic cable in order to address concerns of emanation of classified information and increase bandwidth. Project included conversion to fiber optic equipment, patch panels and termination of fiber. Configure firewall, IDS and IPD.