Senior Information Systems Analyst



Orlando Gonzalez

20420 Peckham Street

Ashburn, Virginia 20147

C (703) 587-2248

Email ogonzo@



Objective: Seeking a challenging position in the Information Assurance arena.

Special Qualifications

* Active DOD TOP Secret Security Clearance SBI

* Qualified Spanish Military Linguist

Experience

01/09 - Present Senior Information Assurance Engineer – MBA Csi, Herndon, VA

Sentinel Project-FBI (Lockheed Martin) – Increment Lead – Responsible for taking the increment through the full NIST C&A Lifecycle. Assessed security requirements per 800-53 and assigned appropriate security controls. Reviewed Segment level System Security Plan and identified sections to be updated for current increment. Reviewed Component Design Package (CDP) and Requirements, Design and Test (RDT) to ensure appropriate security design/architecture is incorporated. Represented IA in weekly Project Engineering & Design (PED) and Technical Interchange (TIMS) meetings. Participated in Peer Reviews to ensure security controls were being me in the designs.

05/04- 12/08 Senior Information Assurance Analyst - Northrop Grumman, Washington, DC

Provided Information Assurance Support for various projects.

Biometric Identification System for Access (BISA)- Provided support/mentorship to the Independent Security Test & Evaluation Team Lead. Conducted vulnerability scans using DISA Gold Disks, SRRs and eEye Retina. Assisted in compiling detailed reports for out-brief.

Automated Biometric Identification System (ABIS)– Led an Independent Security Test & Evaluation Team consisting of 9 personnel prior to an ACA visit. Provided upper management with daily detailed reports on system vulnerabilities to ensure fixes were implemented in a timely manner.

Port Operations Management System (POMS) - Provided support for a DITSCAP to DIACAP re-accreditation. Acted as the Independent Certifier ensuring all 8500.2 controls were tested. Conducted vulnerability scans using DISA Gold Disks, SRRs and eEye Retina. Compiled the POA&M based on the test results.

United States Naval Observatory (USNO) – Led a team of 5-7 personnel in providing DIACAP system hardening support. Conducted vulnerability scans using DISA Gold Disks, SRRs and eEye Retina.

Battlefield Airborne Command Node (BACN) Spiral 2 - Provided DITSCAP support as the Certification & Accreditation Task Lead. Developed the Security Requirements Traceability Matrix (SRTM). Provided an assessment of the current SSAA for Spiral 1 and input for the Spiral 2 SSAA. Developed the Certification Test & Evaluation Plan to include all test procedures based on DISA guidance. Conducted a dry-run of the CT&E in preparation for the Formal CT&E. Conducted vulnerability scans using DISA Gold Disks, SRRs and eEye Retina.

Battlefield Airborne Command Node (BACN) Spiral 1 - Assisted the Certification & Accreditation lead with the Certification Test & Evaluation Plan. Developed all test procedures and assisted in the execution of the CT&E. Evaluated results and provided a vulnerability assessment.

United States Army Reserve - Provided support to the G3 (Provost Marshals) office by conducting Vulnerability Assessments at the Regional Readiness Commands.

Department of Justice - Senior PKI Systems Engineer - Assigned as a Sr. Systems Engineer and technical lead on the DOJ PKI Phase 2 Task Order. Responsible for the implementation of the PKI system and the preparation, quality control and delivery of major systems engineering deliverables to include the project Bill of Materials for 3 three-system environments, Preliminary Design Review, System Design Document, Critical Design Review, Test & Evaluation Master Plan and Test Procedures, Training Plan, Deployment Implementation Plan and O&M Manual.

Assigned as the O & M team lead providing 7am-7pm onsite coverage. Tasked with updating/revising the O & M manual to ensure the systems were properly maintained and provided 99.99% availability.

12/03-05/04 Certification & Accreditation Engineer American Systems Corp Chantilly, VA

C&A Engineer - Tasked with providing support to a C & A team working on JCON IIa for the DOJ. Created STE test procedures for 17 components and system level testing and acted as Test Director. Used Harris STAT, ISS Internet Scanner, Security Expressions and WEB Inspect to produce a Vulnerability Assessment for each component. Followed NIST 800 series guidance to provide support for the C & DR, SSG, SSP, STE, the Facilitated Risk Assessment and the Vulnerability Assessments.

Information Assurance Engineer - Tasked with providing IA support to SDDC (formerly known as MTMC). Conducted vulnerability scans on all network devices and clients using Harris STAT, ISS Internet Scanner and Nessus to ensure the command was compliant with all Army Cert IAVAs. Produced detailed reports on all scans and provided these to management. Responsible for scanning all new network and client devices to ensure they were also compliant prior to connecting to the network. Maintained the McAfee ePolicy Orchestrator Server to ensure all virus signatures were up to date and all clients were compliant.

10/00-12/03 Technical Architect III - Corporate Security, SPRINT Reston, VA

PKI/Strong Authentication Architect - Tasked with providing strong authentication solutions for internal and external customers. These include but were not limited to PKI using the Entrust platform, RSAs Ace server/SecurID platform, Managed Radius consisting of Funks Steel Belted Radius servers and standard LDAP Directories.

Provided testing and validation for various devices (Nortel Contivity, Netscreen, Cisco Pix, Cosine VPN3, Checkpoint and Raptor firewalls) to access and integrate with our existing strong authentication infrastructure.

Responsible for Tier 3 application support for escalation of current authentication platforms and servers (Solaris 2.6/8). Maintain and upgrade all servers to ensure systems are current and meet all Corporate Security regulations.

Network Security Engineer III - Corporate Security, SPRINT Reston, VA

Authentication Group Supervisor - Promoted from Network Security Engineer II. Tasked with organizing and defining the responsibilities and procedures of the Strong Authentication Group. The group included 5 analysts who worked on a Remedy based ticketing system to provide Sprints internal and external clients with a PKI and token based solution. Products that were used included Entrust (PKI) to provide a managed PKI solution for our external customers and a corporate solution for encrypted e-mail between our Internet Security Operation Center (ISOC) and our clients. Entrust/RA was used to issue digital web certificates enabling clients to authenticate and view sensitive proprietary information.

Provided Tier 3/4 support for RSA SecureID and ACE servers are used to provide customers with token based authentication into their various networks. Provided Tier 3/4 support for Steel Belted Radius Servers and Nortel Contivity VPNs used in our Managed Radius offering for external customers to provide a central password based authentication scheme. X.500 LDAP directories were used to centralize all customers and provide a HA solution.

Network Security Engineer II – Assigned to the Internet Security Operation Center (ISOC) to provide Tier II support for Checkpoint and Raptor Firewall issues. Handled all firewall and Radius issues escalated to Tier II through the Remedy Ticketing System. Assisted clients in trouble shooting their firewalls for a wide variety of problems. Added and deleted rules on the firewalls to ensure traffic was passing efficiently. Added and deleted users and clients to the walls. Snooped user interfaces and reviewed logs in real time to resolve any problems users were encountering.

U.S. ARMY Experience

03/99-10/00 Defense Messaging System (DMS) Implementation Team Pentagon, Washington D.C.

Mail List Manager – Developed detailed install/maintenance procedures for the HP9000 Mail List Servers.

11/97-10/00 Single Agency Manager Pentagon Telecom Center Washington D.C.

Shift Supervisor - Responsible for overseeing and coordinating the operations of a telecommunications center with over 50 personnel.

05/91-11/97 NATO Headquarters Brussels, Belgium

Non-Commissioned Officer In Charge of the Special Handling and Evaluations Detachment - Maintained a secure (Top Secret) on-line communications facility consisting of a PC/Windows NT based fiber optic network and a PC/Unix network.

01/90-05/91 U. S. Army Information Systems Command Telecom Center Redstone Arsenal, AL

Shift Supervisor - Supervised 6 personnel.

11/88-01/90 U. S. Army Information Systems Command Telecom Center Quarry Heights, PM

Operator / Supervisor - Supervised 3 personnel.

Computer Equipment

x86 Servers & Clients, HP 9000 UNIX Servers, Sun Ultra 10s, Sun R220s, Sun E450s, SCM Card Readers, Axalto Cyberflex Smart Card 64K, RSA SecureID Key fobs and pin cards.

Civilian Education

2005 Bachelors of Science Information Systems Management, University of Maryland

1992 Associates in Liberal Arts, Central Texas College

IT Certifications

2005 ActivCard Certified Professional (ACP) on Enterprise Access Card and CMS 3.7.1.

2003 Harris Stat

IT Training

2006 CISSP Boot Camp (CISSP Test Scheduled for August 2009) Global Knowledge, Arlington, VA

2003 Harris STAT Scanner Course U.S. Army

2003 Entrust Authority Security Manager Comprehensive Entrust HQs, Ottawa, CA

2001 RSA SecurID Administration 5.0 Meridian Resources, Herndon, VA

2001 RSA SecurID Install & Configuration 5.0 Meridian Resources, Herndon, VA

2001 Injoin LiveContent Directory Installation & Administration Global Knowledge, Toronto, CA

2001 Entrust PKI Management Course Global Knowledge, Sterling, VA

2000 Complete MCSE Track NETCERT, Springfield, VA

1999 DMS Administrators Course Lockheed HQ, Manassas, VA

1999 HP-UNIX Administrators Course HP Headquarters, Rockville, MD

1998 MS Exchange 5.X and MS Outlook Administration Knowlodgy Inc, Washington, D.C.

Military Training

1997 Special Intelligence Training (1 WK) Oberammergau, Germany

1996 DIA Indications & Warning Training (1 WK) Oberammergau, Germany

1991 Basic Non-Commissioned Officers Course (8 Wks) Ft. Gordon, GA

1989 Primary Leadership Development Course (4 Wks) Ft. Sherman, Panama

1987 Automatic Data Telecommunications Center Operator (12 Wks) Ft. Gordon, GA

References

Professional references provided from employers and associates upon request.

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download