WORK EXPERIENCE

Executive leader with a record of success in Information Technology and client services management. Responsible for corporate IT leadership, with a focus on performance turnaround addressing both cost and services with staff and budget spanning technical services, system administration, application development, helpdesk, cyber security and facility services. The adept ability to merge management, technical and customer service has resulted in successful business initiatives that improved efficiency and productivity. Developed effective IT organizations and implemented best practices strategies. A proven track record of utilizing efficient methods to reduce ongoing expense through team synergies cost saving programs. Experience includes all aspects of Information Technology implementations including large scale, global process and technology rollouts such as WAN, corporate infrastructure, enterprise software, cyber and physical security safeguards programs.

ICF International,  Fairfax, VA
May 2009- present

Chief Information Security Officer (CISO)
Successfully implemnet and maintain a wide variety of global security objectives and initiatives.

Corporate Information Security Oversight

  • Align organization operations with industry standards and regulatory requirements to achieve both compliance and best-practices for ISO 27001, FISMA, SOX and NIST.

  • Provide oversight to the enterprise environment including corporate systems that support corporate functions and client facing systems with specific regulatory requirements.

  • Recommend and ensure standard security tools used to conduct functions such as vulnerability scanning, application assessments, and compliance validation tools.

  • Conduct overall information security risk assessments and provide the results to senior management and audit committee.

  • Recommend policy changes pertaining to the security safeguards and identify potential security risk within the company.

Security policies, guidelines, standards and compliance

  • Develop and maintain security policies, procedures, guidelines, and standards.
  • Review security documentation to assist in meeting regulatory compliance, US federal government and global office data protection requirements.
  • Review specific project related security requirements, assist with risk assessments, and recommend necessary safeguards.
  • Provide and communicate critical updates on data privacy and regulatory requirements.
  • Implement information security frameworks based on industry standards. Domestic US security standards are based on the National Institute of Standards and Technology (NIST) and the majority of offices outside of the US are based on International Organization for Standardization ISO 27000.

Cyber Security Assessments

  • Prepare assessments, security plans, risk assessment, testing, configuration plans, and system mitigation reports.
  • Assist divisions/business units with security assessments by identifying, quantifying, and prioritizing the vulnerabilities in a system by scanning with enterprise level tools.
  • Perform routine network security vulnerabilities to identify threats to the confidentiality, integrity, and availability of information and services.
  • Assist global offices with local information security assessments and remediation plans.

Intrusion Detection and Prevention

  • Monitor and implement measures to minimize malicious attacks before they infect the network.
  • Provide notification of critical security events and incidents.
  • Log and maintain access logs to provide visibility of network events.
  • Implement security controls to enhance the company security posture to meet security requirements.
  • Continuous tuning of security tools and policies to ensure appropriate security monitoring and alerting.

Computer Forensics and Incident Reponses


  • Investigate security incidents to aid in securing systems, recovering data, discovering evidence of misuse or enforcing policy.
  • Maintain and collect digital evidence according to industry guidelines and practices when acquisition, analysis and reporting. Evidence/Artifact/Exhibit Chain-of-Custody and secure storage, Malware Analysis, Data Recovery
  • Contain security incidents that could harm the company information assets by events such as malicious network traffic, computer virus, and system misuse.

Threat communication and awareness

  • Stay abreast of the latest security threats and vulnerabilities and inform employees of major issues or concerns.
  • Communicate information security techniques to aid in the protection of company and personal confidential and sensitive information.
  • Provide employees with instruction on how best to operate towards common security practices.
Macro Int'l   Calverton, MD 
May 2002 - 2009

Aquired by ICF International
Vice President, Information Technology, Information Security Officer & Facility Services
Successfully managed the Information Technology, Cyber Secuirty, and Facility Services across domestic and international locations. Served as Chairperson of the Corporate Technical Committee and an active member of the Technology Policy Committee, Leadership Committee, and Business Continuality Committee. 

  • Increased customer satisfaction from 72 % to over 90% by implementing a helpdesk structure and IT organization that fostered customer focus, teamwork, workflows, formalizing processes, and building service management tools.
  • Overhauled the enterprise architecture and achieved a substantial reduction in unplanned downtime which improved system uptime to over 99% for all production systems.
  • Aligned IT operations with industry standards and regulatory requirements to achieve compliance and best-practices for ISO, SOX and NIST, which was instrumental in passing secuirty and compliance audits. The success contributed towards several  contractual wins.
  • Successfully standardized email, network platforms, telecommunication, PC and software throughout the organization.
  • Help Desk staff and a performance objective in responding to all incidents within the same day as reported, reducing turnaround from multiple days to a few hours.

  • Provide executive leadership to facility services and operations including physical security, mailroom services, building up keep, and environmental controls. 

Acterna Germantown, MD 
May 1998 - May 2002

Director, IT Client Services & Operations

Responsible for management of client services, desktop support, helpdesk, and system administration.  Developed effective IT support services and implemented best practices strategies. Maintained a proven track record of utilizing efficient methods to reduce ongoing expenses. Provided expense and capital budget input based on IT and business objectives.  Provided project management for infrastructure deployment and resources for a Global implementation of SAP ERP and CRM.  Maintained vendor relations and alliances with external companies ranging from hosting services to sub-contractors.  Defined and documented technology and system design specifications to meet business requirements.  Directly managed and maintain day-to-day operations for Information Technology support and services. Maintained and provided daily system administration to project based infrastructure systems.

  • Provided project management for the infrastructure deployment and resources for a Global implementation of SAP ERP and CRM.

  • Maintained vendor relations and alliances with external companies ranging from hosting services to sub-contractors.

  • Defined and document technology design specifications to meet the business requirements

  • Directly managed and maintain the day-to-day operations for Information Technology support and services.

  • Maintained and provided daily administration to the project infrastructure systems.   

  • Prepared service level reports, forecast projections, and presentations.

  • Defined and implemented best practices, policies, and procedures for support services.

  • Created RFPs and negotiate local and global contracts.

  • Delivered technology training to technical staff and user communities.

Computer Sciences Corp.
Jun 1994 - May 1998

Manager, LAN/Desktop Services

Managed the technical staff that provided desktop and network support. Prepared and delivered oral and written presentations, which included standardization of PC hardware, automation software, and LAN methodologies. Interfaced with functional departments to establish technical and operational requirements. Maintained a high level of technical expertise to stay abreast of technology trends to provide solid technical and business solutions. Conducted follow-up to enhance the effectiveness and responsiveness of support. Assisted executive staff and divisional managers in defining, implementing, and enforcing standards, policies, and procedures. Provided budgetary input of department operational costs and predictions of growth pertaining to staffing and technical issues. Implemented strategic plans required to meet the goals and objectives of CSC’s IT support requirements.

  • Evaluated and deigned LAN rooms to ensure logical and physical safeguards.

  • Created baseline for systems and standardization of PC and software products.

  • Researched and conducted a risk assessment for the deployment of Windows 95 on the network.

  • Implemented network systems standards and baselines

  • Conducted Year 2000 readiness analysis and infrastructure preparedness to assist in determining associated risks.

  • Defined policies and procedures for LAN and Desktop Services for access to network resources.

  • Implemented network monitoring to measure systems availability and trap system messages

  • Coordinated and managed resources to complete a 1500 person move.

     

 

Technical Specialties, Inc
Aug 1985 - July 1994

Regional Desktop/Network Service Manager
Managed and provided technology support for major accounts in the private sector and government agencies. Responsible for deploying and supporting an array of technology solutions. Designed and implemented local and wide area networks to include the configurations of routers, DSU/CSU's and modems. Installed and terminated cable infrusture using, coax, twin axial, unshielded twisted pair, and fiber.  Managed heterogeneous networks and setup and maintained user access and system controls.  Configured fault tolerance capabilities on systems where applicable.  Implemented network management and software delivery tools.  Maintained a constant interface with Fortune 1000 customers and major governmental agencies to evaluate telecommunication requirements for desktop and network integration. Provided technical support to customers and support staff for Desktop, LAN/WAN design, and implementation. Developed and provided training classes for customers and technicians on various network platforms, including Novell Netware, Lantastic, Unix, and Microsoft.  Assisted field technicians with software and hardware problems, which included troubleshooting networks and other major office automation issues.

 

Some major accounts included:

Department of Justice

National Academy of Sciences

National Sciences Foundation

Old & New Executive Offices / West & East Wing

Department of Defense - Pentagon

International Monetary Fund

Chemical Manufacturers Association

Deloitte and Touche

 

Positions Held - Technical Specialties, Inc.

Fields Services Supervisor (1991 to 1992)

Senior Network Engineer (1990 to 1991)

System Support and Training Supervisor (1988 to 1990)

Senior Field Technician (1985 to 1988)   

 

                                   

QUALIFICATIONS
Summary of Qualification
25+ years of Business & Technology

Information Technology Senior Manager with 25+ years of in-depth experience in System Architecture, WAN/LAN Implementation and Management, Service Desk Operations, Software Delivery Automation, Information Security, Disaster Recovery, Project Management, and Customer Relationship Management. Possess strong abilities to lead technical teams and demonstrate solid communication, team building and motivation skills.


EDUCATION

Strayer University

Bachelor of Science, Information Systems

Emphases in Computer Networking

Graduated with Honors

Summa Cum Laude

Member Alpha Chi

AWARDS & CERTIFICATIONS

 

  •  CISSP, Certified  Information System Security Professional  

  • C|CISO, Certified Chief Information Security Officer

  •  GIAC, Global Information Assurance Certification

  •  CHFI, Certified Hacking Forensic Investigator

  • CCFE, Certified Computer Fonensic Examinor

  •  MCSE, Microsoft Certified System Engineer Certification

  •  MCIP, Microsoft Certified Internet Professional Certification

  •  CompTia Security + Certification, IT Security Professional

  •  A + Certification, PC Hardware and Operating Systems

  •  Network Plus Certification, Network Technologies

  • Cyber Security Law and Investigations

  •  Emergency Response and Disaster Recover Certificate

  •  FrontLine Leadership -Zenger Miller

  •  Strategic Staffing and Employment Practices

MANAGEMENT EXPERIENCE

 

  • Provided leadership, guidance, and supervision to diverse technical staff members.

  • Developed and delivered technology assessments and
     recommendations.

  • Prepared and presented both oral and written presentations.

  • Implemented methods to foster continuous improvements in customer support and satisfaction.

  • Implemented corporate initiatives such as disaster recovery,cyber security programs, and business systems.

  • Simultaneously managed multiple technical and resource oriented projects.

  • Performed financial and requirements analyses and provided budget input.

  • Defined and implemented best practices, policies, and procedures for IT operations.

  • Successful track record in solving business problems through various technologies.

TECHNICAL SKILLS
Software, System, & Networking
  • COTS - MS-Office, Word Perfect, MS-Project  Lotus Notes, MS Exchange, Crystal Reports 8.0/8.5
  • Nessus, HP WebInspect, Rapid 7 Nexposed, GWI LanGuard, Paraben, Wireshark, NMAP, Encase Forensics
  • LAN/WAN configuration and deployment
  • Web technologies, HTTP, Web 2.0, Word Press, Joomla, .Net
  • Windows NT- Server 2012, Active Directory,  Novell 2.x-5.x, Unix/Linux (Red Hat)
  • Firewalls, Cisco Routers, VLANS
  • PC/Laptop installation and configuration, MS Windows 95/98/2000/XP/Vista/Windows7/Windows8
  • Software delivery and asset management deployments
  • Protocols,TCP/IP, IPX/SPX, NetBios/NetBeui, SMTP, FTP, PPP, SLIP, DNS, WINS, DHCP
  • Ethernet 802.3 & 802.2, 802.11, Token Ring 802.5, FDDI, x.400, x.500, x.25, VPN, ISDN
  • MS SQL Server, IIS, HTTP, C++, Basic, MS Access

Newsletters & BLOGS