Working with Crypto, Communications and Ground systems with an emphasis on security.

Identify threats and vulnerabilities in systems and software, develope and implement high-tech solutions to defend against hacking, malware and ransomware, insider threats and all types of cybercrime. Serve as a go-to team member for security policies and procedures. Perform as-sessments and penetration testing. Managing security technology and audit/intrusion systems. Develop and fielding secure network solutions to protect against advanced persistent threats.

A Security Control Assessor (SCA) is a security professional that provides information security Assessment and Authorization (A&A) support throughout a program's lifecycle to Contractor and Government facilities processing information. SCAs enhance the lnformation System (IS) security awareness of Offices' staffs, ensure that proper IS security resources are appropriately applied, and act as an IS liaison between the Offices and the Government.

Expertly provide direct support to assure compliance to the most current revision of the Security Directives applicable to PIT, PITI & non-PIT systems being supported. These include DIACAP, DoDRMF, DCID 6/3, JAFAN 6/3 NIST 800-53, directives/guidance identified in the Program Protection Plan (PPP) and/or MIL-HDBK-516B Expanded.Provides support to review required PMO artifacts and make recommendations to support RMF analysis & recommendation to the PMO. In order to support approval decisions, provide support to develop a A&A report and a A&A presentation on required systems. PIT A&A approvals consist of the following: AAR, SCTM, SSP, CS, & SAR.Provides support to manage, plan, document and conduct IV&V of security requirements for weapon systems. Assits with evaluating the technical implementation of the security design to ascertain that security software, hardware and firmware features have been implemented.Provides support to perform IA site audits to verify architecture analysis, IA requirements and controls, verify mitigation actions, witness IA testing and evaluation, and to support final approval for IATT and/or ATO.Provides support to review and make recommendations to the AT Certifying Officials regarding critical technologies requiring protection, PPP, AT plans, techniques, threats/vulnerabilities, risk and results. Provide support to review the program’s CPI/CT list. Provide support to identify and document the threat, vulnerability, attack scenarios, impacts if exploited and the exploitation timeline.Assits with identifying the software weaknesses & document the results. The results should be documented & reported to the PM & SCA. Assits with developing an approach for performing operational SWA. Assits with developing SWA test metrics.Provide support to conduct SCRM. Assits in developing and documenting SCRM plans and implementation activities in appropriate acquisition and security documents (e.g., acquisition strategy, SEP, PPP, and SSP).

Primary liaison between the Program Managers and the Security Department. Represents the program and security elements for classified and unclassified information system operations and management, access control, and other policy implementation, implementation of information systems security planning/documentation, security monitoring and evaluations. Authors the configuration management plan (CMP), system security plan (SSP), Risk management documents, and continuity of operations plan (COOP).Coordinates A&A efforts on mainframe environment operating on a z/OS, z/VM, and z/Linux environments; security maintained on more than 30 case management databasesCoordinated resolutions of noted finding report (NFR) on time & attendance financial system; edited event auditing documentation to properly reflect FBI and DOJ compliance directivesDirected vulnerability scanning efforts for more than $100M in network assets; complied with Financial Statements Audit, A123 and FISMA complianceWorking with Mainframe SMEs to properly document the event auditing of Production and Test LPARSCoordinated dialogue between various units with the FBI to resolve event auditing incidents on mainframe systemsManages information system security awareness and training; information systems security awareness annual privileged user security training and other training briefingsManages and documents program artifacts via the CARA system for all reportable syste

Maintains security requirements and risk management reviews. Performs security test and evaluation (ST&E) and evaluates contingency plans. Provides restoration of information systems by incorporating protection, detection, and reaction capabilities. Implements new business methods, processes and/or office systems. Analyzes, evaluates, modifies and improves existing methods/processes and/or procedures. Determines the effect of objectives and future planning and the most efficient, least costly but quality driven way to accomplish the assignment.Led IA team responsible for more than $2 Billion of Space Systems Information technologyLed team obtaining ATOs for assets—totalled at more than $100 Million Evaluates current security implementation and authors BSA for $1.5M contract Worked with client to ensure enforcement of proper compliance policies, directives, standards, plans and procedures at both local and remote server sites for mission information systems.Work with management and technical staff to establish the most efficient process for mitigating risks in classified and unclassified information systems that meets FISMA and NIST requirementsDecomposed results and established a Plan of Action and Milestones (POAM) based on the findings.Directed ISSO & Sys Admins in implementing and maintaining multi-compartmented classified and unclassified information systems to adhere to the standards for ICD 503/DCID/JAFAN and JDCSISSS.Directed efforts with ISSO to validate all equipment moves within multi-compartmented spaces.Specified guidance on strategic and tactical planning with the restructuring of current information systems assets to facilitate the most efficient configuration to maintain compliance.Managed ISSO and ISSM to develop and submit the Risk Assessment Report (RAR) and then build an SRTM for new and reaccrediting information systems.Experienced in working with acquisition programs (weapons systems and/or satellites)

Consults with management on risks and recommended remediation actions to comply with FISMA, FIPS, NIST,Department of Commerce (DOC), NOAA and NESDIS-HQ directives and regulations.Prepares SSP’s, SCA’s, ATO’s and other documents according to NIST, FIPS and FISMA guidance. Loads and tracks documents including POAMs in CSAM database.Reviews and recommends the installation, modification or replacement of hardware or software components and any configuration change(s) that affects security. Provides enforcement of security directives, orders, standards, plans and procedures at server sites. Ensures system support personnel receive/maintain security awareness and training.

Certification and Accreditation (C&A) and Information Assurance (IA) Senior Engineer performing functions for the Defense Intelligence Agency (DIA) on classified and unclassified networks for DIACAP and DCID 6/3 processes. Use network vulnerability and virus scanning tools such as EEye Retina, DISA Gold Disc, DISA STIGS, DISASRR’s and manual tests to report on and assess risks of vulnerabilitiesConsults management on risks and recommended remediation actions to comply with Federal InformationSecurity Management Act (FISMA), National Institute of Standards and Technology (NIST), DoD, DISA, DCID 6/3 Manual, and DIA rules and regulationsPrepare artifacts, SSAA’s, ATO’s, SSP, and other documents for DISA and DCID 6/3 C&A controlsManage security patches, software patches, software packages, and operating system distributions for 54,000+ computers for the Federal Bureau of Investigations (FBI) using Microsoft System Center Configuration Manager (SCCM), and Windows Service Update Server (WSUS) for Windows 2000, Windows XP, Windows 2003 Server, and Linux/Unix operating systemsConsult management on vulnerability management operations in regards to updating and securing systems through patch management

Supervises work center consisting of 43 Airmen tasked with establishing long-haul satellite/wideband communications. Manages/plans installation, operation, & maintenance of tactical satellite/wideband communications equipment. Directs deployment of satellite/tropospheric communications supporting contingencies throughout the Middle East. Provides accurate/timely logistical planning support throughout multiple phases of unit deployment operations. Managed 70 deployed IT/RF technicians; maintaining $200M in first responder air support communications equipment Eliminated live satellite access demand; Managed team for squadron training area construction & drafted equipment layout/utilized CSU/DSU simulatorEnsured 100% system DIACAP compliance; Directed implementation Disaster Recovery plans at Enterprise levelSuccessful DOHA Asian games; Engineered Secure Microwave network systems solutions to integrate various systemsSuccessful 2007 Unit Compliance Inspections; Managed and coordinated efforts between various IT departments for completion of projects/trainingSuccessful OIF implementation; Managed test team for experimental IT & Satellite link worth $14.3M integrating 3 remote network feedsManaged team establishing network links in under 4 hrs; Engineered and established network systems during organization deploymentOrganizational first-ever network link; Lead multi-disciplined team that established Secure Internet, Internet, Secure Phones, POTS services via satellite linkPrepared organization for deployment; Engineered network layout integrated two IT hub systems maintained by 30 techniciansAverted systems outage during VPOTUS Support; managed team troubleshooting timing error and narrowed it to associated equipmentEnabled organization to successfully support customer; Directed engineering team designing two network site layouts used to support high profile customers 100% network connectivity maintained

Planned, organized, coordinated & directed the maintenance on C2 Communications systems in support of the U.S. War reserve munitions mission. Established/maintained Emergency Action Message communications links utilizing the Companion UHF Tactical Satellite Systems & Secure Mobile Anti-Jam Reliable Tactical Terminal. Performed & supervises fixed & mobile radios, high speed & special purpose data processing equipment. DIACAP/DITSCAP program management effectiveness - Auditors noted as exceptional; Personnel/Computer Risk Management mitigation proceduresUser training noted as exceptional by IG; Wireless maintenance schedule and equipment conditioning lauded Plan benchmarked by command equipment managers; Revised maintenance routines on primary information system "Award of Excellence; Superb manager-leadership of 3 key functional areas bolstered work center's '04 NSINoted as exceptional by USAFE IG during 2003 Surety Inspection; Department 100% qualified in 4 monthsSaved AF $20K replacement parts and increased availability by 55%; Implemented stringent IS hub maintenance inspection routines for mobile IS terminal in fixed configurationEnsured reliability of IS system; Identified potential critical safety issue with UPS configuration on satellite terminalExpanded maintenance area by 1600sq ft; Procured additional $43K to unit's baseline fundingInvaluable engineering skill; Augmented contractor led engineering and installation teams as subject matter expertExpert technician; Quickly became proficient in maintaining network and communications systems outside of standard trainingOrchestrated NSA approved level encryption scheme for wireless system with no systems outagesFirst ever 'Excellent' rating during audit; Set the standard, keen oversight of key departmental programs led to 19 error free reportsIncreased visibility in secure areas 50%; Procured and installed anti-glare materials in side CCTV controlled areas

Process/Scheduled Presidential, Vice Presidential & DoD communications frequencies on Air Force & Navy satellite communications networks. Maintained user discipline by performing real-time monitoring and supervision of networks. Operated Satellite Management Center Pacific, Demand Assigned Multiple Access (DAMA) Network Control Stations, Air Force/Navy resources integration, and AFSATCOM Monitoring System. Managed satellite access requests & schedules EHF SATCOM resources apportioned to USCINCPAC on satellites. Provided SATCOM maintenance/operator expertise to maritime, tactical and strategic users.Assured DAMA radio operations; Updated DAMA database entered over 2,000 user terminal addressesFacilitated operational success; Coordinated over 7000+ hours of satellite access for Pacific WarfightersRestored critical data transfer; Troubleshot and repaired Integrated Data Terminal in under 5 minutesRestored operations; Reconfigured system profile data after primary computer workstation crashedPrimary network planning reference; Authored operational SATCOM support plan for US Forces Korea

Installed/operated, & performed scheduled/unscheduled maintenance & modifications on high frequency, very high frequency, and ultra high frequency radio communications equipment; ultra high frequency satellite communications equipment; cryptographic equipment; facsimile, telephone and other peripheral equipment. Deployed as maintainer/operator employing ground-to-ground & ground-to-air communications to provide command/control information in addition to flying mission status over voice and data networks in support of Special Operations Command Europe.Increased equipment reliability by 21%; Authored preventive maintenance inspection work cards for broadband and IS systemBecame flight's expert and focal point; quickly trained on Analogue/Digital tactical switch boardIncreased qualified operators from 1 to 15 in less than a month; Developed, initiated and conducted training courses on commercial satellite telephone (INMARSAT)Increased operability of test units, improved reliability & accuracy of maintenance diagnostics and decreased contract maintenance time by weeks; Engineered & fabricated test cable for use between systems and laptop computersRestored organizations network operations; designed network system worth $11M for organizational relocationTested operability of 250 item ranging from secure telephones to commercial satellite systemsEnsured 100% network coverage; Engineered and installed network systems in under 3 hoursExpanded effective communications network range; Programmed 500 wireless devices and repeaters for organization

Performed scheduled/unscheduled/emergency maintenance actions on 47 low speed, time division multiplexers, 13 voice frequency carrier terminals, the base public address system, fixed and portable satellite transcievers, high frequency transcievers, and the base cable television system. Accomplished maintenance documentation and supply requisitioning. Trained newly assigned technicians.Reduced maintenance work load & saved over $12K in annual repair costs; Initiated replacement of antiquated timing systems with off-the-shelf equipmentEliminated unnecessary tools; Saved work center $200 and reduced inventory by 50%Eliminated the need for paper printouts while report was in draft stage; Initiated suggestion to completely automate Enlisted Performance Report system through the use of squadron's LANImproved command and control communications supporting 5AF real world operations; Installed high frequency radio for 5 AF's Joint Tactical Air Operations Voice Product Network