13320 YARLAND LANEBOWIE, MD 20175

Bjacks92@outlook.com301-814-2182

SUMMARY

A seasoned IT professional with nearly 20 years of experience in the management and administration of a broad range of technical services, strategically and cost effectively conforming to corporate goals. Successfully maintains high standards, utilizing resources, and centralizing technologies to minimize downtime while maintaining systems security. Over 7 years of IT security compliance experience supporting the Department of Homeland Security (DHS) in security testing, plan of action and milestones (POA&M) management, Information Systems Security Officer (ISSO) support, and policy and security configuration compliance. Program Management experience managing multiple projects simultaneously.

SECURITY CLEARANCESTop Secret Clearance, 2014 CERTIFICATIONSCertified Ethical Hacker (CEH), 2013; ITIL v3, 2010; CompTIA Security+, 2010EDUCATIONVirginia State University, Petersburg, VA – 1993; Bachelor of Science, Business Administration Management

PROFESSIONAL EXPERIENCE

Richard S. Carson & Associates, Inc. Apr 2012 – PresentBethesda, MDProgram Manager

Managing information security contracts and task orders across several federal agencies and corporate clients, including management of up to 20 staff and independent contacts distributed across multiple locations

Providing IT security consultation including FISMA, information assurance, PCI, and operational security to federal (Office of Personnel Management (OPM), National Institutes of Health (NIH), and corporate clients while managing security projects and related staff

Managing the FISMA, Annual Assessment & Authorization (A&A), and continuous monitoring efforts for OPM, NIH, and corporate clients.

Managing cloud hosted systems, including FedRAMP approved hosting providers. Maintaining project schedules and budget tracking for each managed project and proposing

project structure, methodology, and execution strategy Establishing IT security program integration into client software development SDLC (where

security was previously not considered), identifying numerous security issues and subsequently decreasing existing issues by 80% while introducing pre-production release security testing

Byron E. Jackson

Overseeing staff work assignments, job performance, periodic reviews, and career development.

Conducted security audits for NIH and OPM systems, identified several significant risks previously unknown and worked with each organization to mitigate these issues prior to exploitation

Implementing corporate monthly training sessions and seminars for career development and knowledge transfer

Leading and assisting on proposal management efforts for government and corporate contracts

ALON, Inc. Jan 2011 – Mar 2012Washington, DCInformation Systems Security Officer

Implemented security controls and conducted ST&E for multiple Federal information systems in accordance with NIST 800-53 and 53A requirements for the Department of Homeland Security (DHS) Immigration and Customs Enforcement (ICE) and prepared SA&A packages according to NIST standards for GSS and major applications.

Responsibilities included: Conducted monthly FISMA self-assessments, technical and firewall assessments, vulnerability scanning using Nessus and analysis (i.e., FDCC), penetration testing, and risk assessments, and monitoring and deployment of Intrusion Detection Systems (IDS). Performed physical security control assessments and system inventory management at various locations using BigFix.

Developed, implemented, and managed POA&Ms

US Customs and Border Protection Aug 2010 – Feb 2011Washington, DCINFOSEC Specialist

Served as an INFOSEC Specialist providing technical guidance to the operational area of Information Assurance (IA) Policy and Subject Matter Expert support to DHS to assist with the implementation of IA activities.

Performed vulnerability assessment scans using Nessus in support of penetration analyses and provided first level of customer contact for the IASE Information Desk.

Bolling Air Force Base Nov 2009 - Aug 2010Washington, DCWindows System Administrator

Supported the Air Force District, Washington, DC, and their enterprise Windows 2003 and Exchange 2007 environment.

Duties included providing day-to-day Systems Administration support managing 12 Exchange 2007 servers supporting 13,000+ mailboxes and Symantec Mail Security for Exchange servers.

Performed routine analysis of IT systems to identify areas where potential threats may be evident.

QinetiQ, NA US Customs and Border Protection/Fort McNair Sep 2002 - Nov 2009Washington, DC

Team Lead

Responsible managing staff of 4 network engineers and system administrators.

Implemented security policies, plans, and architecture and enforced Group Policy with Access Control List (ACL) Security Technical Implementation Guides (STIG) requirements and encryption for VPN.

Coordinated weekly Windows Server patch management maintenance using Windows Server Update Services (WSUS) to ensure all systems have the most up-to-date security patches.