Navy Civilian

Senior Information Technology representative supporting the organization’s four building satellite campus in California and two building site in Utah with approximately 150 users and 1,000 pieces of computing equipment. Charged with full spectrum of IT service management including system strategy, design, transition, operations, and continual service improvement. Position description split into two primary categories: 1) Information Technology Operations Manager and 2) Cybersecurity/Information Assurance Manager.

Position Description: Information Technology Operations Manager

Managed day-to-day operations of a windows-based domain including the full Information Technology Service Management lifecycle. Specific responsibilities included:

Service Desk Management - event management, problem resolution, customer service, and tier 3 service tickets
Network Engineering - Router and Switch upgrades, leased circuits
Domain Organization Unit (OU) Management via Active Directory
Oversight of local Server Administration
Policy and Procedures
User and Staff Training
Audio/Visual Support for Video-Teleconference and Conference Room
Telephone System Modification Requests
Budget Planning and Technology Procurement
Building Premise Wiring Support
Information Management - SharePoint Intranet Portal and Zylab Archival System
Special Projects Manager

Position Description: Cybersecurity/Information Assurance Manager

Responsible for ensuring the confidentiality, availability, and integrity of the organization's information resources. Specific responsibilities included:

Vulnerability Management - Scanning and Remediation
Primary Incident Response for Security Events and Alerts
Continuity of Operations - Planning and Restoration Priorities
Coordinate Host Intrusion Prevention and Firewall Modifications for White List
Remote Access Support and Public Key Infrastructure Two-Factor Authentication
Regulatory Compliance with DoD Certification and Accreditation Policies - Develop Plan of Action and Milestones (POAM)
Information Security Control Review and Validation
Special Projects Manager

Here are just a few of the things that I accomplished during this time:

Participated in a business maturity initiative defining and documenting IT/cybersecurity processes, developing roles and responsibilities, and instituting the Project Management Institute’s (PMI) Project Management framework.
Saved $44,000 annually in manpower cost by implementing a custom automated vulnerability management solution using eEye Retina, Desktop Central, WSUS, MSI packages, Orca and scripting.
Reduced hardware expenditure by 33% through hardware lifecycle planning that reallocated existing equipment and optimized new equipment.
Saved $216,000 annually in circuit costs by articulating service level agreements, designing local architecture, and transitioning from a commercial leased DS3 to a government owned SONET.
Identified and resolved an unmitigated high-priority risk involving rogue devices by designing and implemented network switch port security on Extreme Networks equipment with a Microsoft Radius server and Active Directory authentication.
Improved layered defense by implemented policy and procedures for utilizing Security Technical Implementation Guides (STIGs) during the workstation build-out process.
Developed and executed plans for installation of a new data-at-rest encryption security control using Guardian Edge software.
Developed an IT Continuity of Operations Plan focused on restoration of core services during disaster recovery as part of the Business Continuity Plan.
Primary incident responder investigating over 100 security alerts, identifying affected assets, mitigating or eliminating the threat, briefing the CIO, and creating written reports of findings.
Maintained regulatory compliance with Certification and Accreditation under the Department of Defense DITSCAP and DIACAP programs and developed Plan of Actions and Milestones (POAM) for non-compliant controls.
Represented Information Technology and cyber security priorities as a stakeholder in cross-functional project management teams and briefed senior-level officials on project status.
Enhanced business efficiency through specification, design and creation of 4 SharePoint custom applications and countless other technical solutions.
Developed Standard Operating Procedures for service desk personnel covering change and configuration management, configuration baselines for ghosting, and vulnerability management.
Ensured 100% accountability of over 1,000 information technology assets in an enterprise environment as part of the organization's Asset Management program.
Managed Information Assurance Awareness Training Program ensuring 100% compliance with security training requirements while also building a "pro-security" culture.
Conducted risk-based Information Assurance policy reviews and suggested recommendations to aligning organizational governance with cyber security threat intelligence and risk levels.
Doubled existing premise wiring by allocating funding and coordinating a wiring special project that aligned with the organization's 5 year growth plans.

What others had to say:

“Prior to his arrival, [the organization] was getting hit with multiple virus incidents a week which was time consuming for both the IT staff to cleanup and the downtime for the user while cleanup was being performed. Today [the organization] rarely gets hit and the incidents involving repeat offenders are almost nonexistent.”