Resume of Senior Systems Security Analyst

Title
Senior Systems Security Analyst

Primary Skills
Information Security, Network/Computer Security, Electronic Commerce Security, and Security Training.

Location
US-TX-

Posted
Jun-06-07

SUMMARY OF QUALIFICATIONS:
I am a Security and Technology professional with over 21 years of experience. I also have extensive knowledge in the areas of Information Security, Network/Computer Security, Communications Security, Electronic Commerce Security, and Security Awareness Training and Education. Skilled in plans development, review, implementation, security analysis, security development, vendor management, and security implementation of Enterprise networks. Proficient in the areas of networking to include: hands-on installation, administration and management of LANs, enterprise security management. Develop reports, prepare scopes, timelines, and give presentations to senior management

PROFESSIONAL EXPERIENCE:

Jan 2004 -Present, Senior Network Security Vulnerability Analyst, Center for Disease Control
* Certifies and Accredits Information Technology Systems for the Center of Disease Control (CDC).
* Subject Matter Expert for developing Information Systems policies and procedures for data protection.
* Conducts comprehensive evaluations of security controls, analyzes risk of system operations.
* Manages and maintains vendor and client relations within CDC network security environment.
* Develops and implements auditing processes and procedures to insure systems are network compliant.
* Developed security awareness program and processes and procedures to implement it.
* Plans and prepares technical reports on new system integration into CDC existing networks.

Apr 2001 - Dec 2003, Network Vulnerability Program Manager, Fort McPherson (Digicon Systems), GA
* Alternate Information System Security Officer (ISSO) for Headquarters Forces Command.
* Developed and manage organizational network security program for over 6000 users.
* Monitor network using ISS RealSecure Intrusion Detection System (IDS) and investigate security events.
* Fixed Enterprise network vulnerabilities identified utilizing ISS RealSecure.
* Developed and implemented IDS Security Policy, it became standard for Department of Army.
* Performed Network Vulnerability risk assessment. Investigated potential security incidents and exposures of network and implemented solutions to minimize risk.
* Evaluated security architecture, developed firewall security policy, and developed firewall management policy and procedures for organizational Cisco Pix Firewall.
* Developed all Information Systems certification and accreditation for the DoD Information Technology Security Certification and Accreditation process (DITSCAP). Managed configuration management policies and practices for operating or authorizing the use of hardware and software on network.

Contract Consultant; Network Security - March 1999 - December 2000

May - Dec 2000-Technical Documenter, Bristol-Myers Squibb Pharmaceuticals, Pennington NJ
* Analyzed and developed processes and procedures for B2B connectivity and Domain Name Services provided by Bristol-Myers Squibb. Resolved issues with communication, security, processes, and roles.
* Involved in setting up Beta testing for the E-Commerce DMZ and VPN solutions for the organization; included hands-on configuration of DMZ infrastructure, Cisco's PIX firewall, switches, and routers.
* Wrote organizational documents to include: operating procedures, technical engineering infrastructure guidelines, Wide Area Network (WAN) connection usage policy, organizational communications, and web-site design.

Feb - May 2000-System Security Consultant, Vanguard Mutual Funds Group, Valley Forge, PA
* Created access profiles for over 15,000 individual job functions to allow for central administration and audit of multi-platform environment using Security Administration Management (SAM).
* Trained new employees in all aspects of SAM profile development for Vanguard Mutual Funds Group.
* Created profiles on AS400 using ACF2 Security Tool, Windows NT, Sybase, and Solaris 2.7 UNIX platforms.




Mar - Oct 1999-Information Security Consultant, Banc of America Securities LLC, San Francisco, CA
* Single-handedly designed, developed, published, and implemented computer security policies and guidance for all aspects of Banc of America Securities LLC requirements in a distributed environment to include: Password Protection; Laptop, E-mail, Internet, Workstation Security; Roles and Responsibilities, Information Classification Guide, and Security Reporting Procedures.
* Involved in providing security solutions for AS400 Internet Access and Secure Video Teleconferencing.
* Designed, developed, and published security baseline guidance for AS/400 and Unix Networks.
* Performed risk assessments of new and modified systems and software to insure all new hardware and software integrates with all current systems.

United States Air Force--June 1985 - February 1999
Manager, Computer Security/Operations Control Center/Telecommunications
* Managed upgrade of Top-Secret network facility to include: circuits, equipment and all infrastructures.
* Managed the upgrade of over 70 organization Cisco routers to include hardware and software.
* Developed and managed organizational Network security program for over 5000 users and $12 million in computer and networking resources to include secret and non-secret.
* Managed security configuration changes to ensure standardization of organizational network.
* Performed assessments and investigated potential security incidents and exposures for organization. Reported findings and recommendations to Senior Management.
* Designed and developed security policy, procedures, and training plans and trained organizational personnel at all levels in security policy, assessment programs. Lauded during organizational-level program Inspection.
* Supervised over 50 individuals; ensures adherence of security policy, security directives, and network/system security resolutions.
* Responsible for operation, maintenance, and management of $33 million secure telecommunications center with 24 hour, 7-day operation schedule.

COMPUTER EXPERIENCE
Hardware: Server, Micro, and Personal Computer Systems, IBM OS390/AS400 and Sperry SF1100 mainframes, Firewall/Switch/Router configuration (Cisco, Wellfleet, Raptor)
Software: VAX/VMS, UNIX (SunOS, Solaris 2.7), HP OpenView, Remedy, Banyan Vines, SAM, SMS, Front Page, Visio, SQL, Sybase, MS Office, MS Project, Windows NT/95-98
Protocol: TCP/IP, RIP, OSPF, IPX, and SNMP
Languages: Assembler, Basic, COBOL, ECL
Other: Encryption devices, Public/Private Key Infrastructure, Satellite Communications, ISS RealSecure Internet Detection System (IDS), Altiga Virtual Private Networking (VPN), Norton and McAfee Antiviral products

EDUCATION
B. S. Business Administration, University of Southern Colorado, May 1999
A. S. Information Systems Technology, Community College of the Air Force, 1992

TRAINING
DoD Info Technology Security Certification Accreditation Process (DITSCAP), May 2002 40hrs
Certification of Training, Systems Admin/Network Manager Security, January 2003 24hrs
Certification Global Command and Control System and Database Administration 16hrs
Security Administration Manager (SAM), March 2000 16 hrs
Computer Security Management, 1998 119 hrs
Communications Security Management, 1998 120 hrs
Strategic Planning, 1998 8 hrs
Information Systems Network Management, 1997 280 hrs
Leadership and Management Training, 1992 152 hrs
Supervisory Training Course, 1990 24 hrs

SECURITY CLEARANCE
Top Secret (Special Background Investigation)

Certifications
See above


You must be logged in and have a current resume access subscription. Login or Register »

View all resumes in US-TX »

View other Senior Systems Security Analyst resumes, System / Network Administrator resumes