Resume
Jeremiah Stevens
Active Security Clearance: SECRET
Expires: September 2013
OBJECTIVE
Jeremiah Stevens always seeks to provide a broad spectrum of senior-level technical, managerial and security expertise to organizations in order to establish synergetic enterprise visions, homegrown innovations and customer loyalty.
SUMMARY
* Jeremiah is a certified career security professional with a proven record for stepping up to new challenges and getting the job done. With over 10 years of hands-on technical and security experience, he has always ensured projects of high complexity and visibility achieve their objectives and forecasts. His calling is to ensure all milestones are accomplished under budget throughout a project’s System Development Life Cycle (SDLC) while still meeting and exceeding the stakeholder’s expectations. Furthermore, his record of accomplishment has improved security operations at various Commands within the Department of Defense (DoD), the Maryland State Department and other Federal-based agencies.
* Extensive background in developing, implementing and managing strategic, technical and operational security plans that are aligned with business goals and objectives, diverse security architectures (e.g., people, processes, technology), systematic and structured risk management strategies, as well as properly aligning security programs that meet not only the demands of an entire organization, but are perfectly postured to withstand even the most rigorous of rule, regulation or guideline inspections (i.e., ISO, Command Post Inspection (CPI), Enhanced Compliance Validation (ECV), Inspector General, etc.).
* Information Assurance (IA) DoD expertise, with emphasis on Federal Information Security Management Act (FISMA) processes to include, but not limited to: DoD Information Technology Security Certification and Accreditation Process (DITSCAP – 8500 series) DoD Information Assurance Certification and Accreditation Process (DIACAP – 8510.01) and National Institute for Standards and Technology (NIST) 800-series special publications.
TECHNICAL PROFICIENCIES
* Proven ability to remain flexible, but task oriented in order to overcome scope creep challenges commonly associated with project development.
* Successfully lead and obtained Certification and Accreditation (C&A) system and application Authorities to Operate (ATO), through both DITSCAP and DIACAP, on legacy, Research Development Test and Evaluation (RDT&E) and Navy/Marine Corps Intranet (NMCI) networks.
* Hands-on security experience with the following FISMA C&A processes: System Security Authorization Agreement (SSAA) development, Concept of Operations (CONOPS) development, System Rules of Behavior development, Security Test and Evaluation (ST&E) from both a documentation (i.e., Security Requirements Traceability Matrix (SRTM) and overall risk assessment plan construction) and a technical (vulnerability scanning and analysis) standpoint, Incident Response planning, SDLC planning, DIACAP transition planning, Contingency, Disaster Recovery, and Continuity of Operations (CP/DRP/COOP) planning, Project of Action and Milestones (POA&M) development and execution as well as conducting Privacy Impact Assessments.
* Familiar with the following security-centric products: McAfee and Norton Anti-virus/Ad-aware, Retina, Nessus, Snort, Host-Based Security System (HBSS), Defense Information Systems Agency (DISA) Field Security Operations (FSO) Gold Disk and Security Readiness Scripts (SRRs).
* Experienced in implementing, monitoring and troubleshooting the following operating systems and devices: Microsoft XP Workstation, Microsoft NT Workstation / Server, Windows 95/98, Windows 2000 Workstation / Server, UNIX (Hewlett-Packard, Red Hat and SuSE Linux), CISCO firewalls, switches, and routers.
* Comfortable giving impromptu and planned oral presentations to small, medium and large sized audiences.
EDUCATION / CERTIFICATIONS
Bachelor of Information Technology in Computer Forensics
August 2010
American InterContinental University
Hoffman Estates, IL
GPA: 4.0 with Summa Cum Laude honors
______________________________________________________________
Associate of Science Computer Science
May 2000
Vincennes University Jasper
Jasper, IN
______________________________________________________________
Certified in Risk and Information Systems Control (CRISC)
July 2011
Certification Code: 1111258
ISACA
______________________________________________________________
Capturing Federal Business
June 2011
L-3 Communications – Shipley Associates
Reston, VA
______________________________________________________________
CNSS: 4012 – National Standards for Senior System Administrators &
CNSS: 4015 – National Standards for System Certifiers
April 2011 Norfolk, VA
IA2 – SPA
______________________________________________________________
Department of Navy Validator
March 2011
Navy Certification Authority
______________________________________________________________
Marine Corps Enterprise Network (MCEN) Validator
July 2010
Designated Accrediting Authority, Headquarters Marine Corps, Command, Control
Communications and Computers (C4)
______________________________________________________________
Linux+ CompTIA Certified
October 2010
Certification Code: LHYCXWLDLG11134T
Greenbelt, MD
Prometric Test Center
______________________________________________________________
Certified FISMA Compliance Practitioner (CFCP)
February 2010
Certification Code: 112998
Columbia, MD
FISMA Center
______________________________________________________________
Certified Information Systems Security Professional (CISSP) Training
December 2007
Anne Arundel Community College
Arnold, MD
______________________________________________________________
Security+ CompTIA Certified
September 2007
Certification Code: QNYJKVXBDCFE1YF4
Greenbelt, MD
Prometric Test Center
______________________________________________________________
Security+ Accreditation Course: Network Security Fundamentals
May 2007
Anne Arundel Community College
Arnold, MD
______________________________________________________________
Help Desk Training Course: “Pleasing Your Hard-To-Please Customers”
June 2002
Naval Surface Warfare Center
Crane, IN
______________________________________________________________
NMCI Customer Service Representative Training (Field Technician)
June 2002
Naval Surface Warfare Center
Crane, IN
______________________________________________________________
Interconnecting Cisco Network Devices
July 2001
New Horizons
Louisville, KY
______________________________________________________________
Impromptu 6.0 Report Building and Administration
May 2001
COGNOS Training Facility
Mason, OH
______________________________________________________________
A+ CompTIA Certified
February 2001
Certification Code: 4Q96H9ZDJPRQ196E
Evansville, IN
Automated Office Solutions
______________________________________________________________
HP-UX Systems and Networking Administration
June 1999
Hewlett Packard Training Facility
Atlanta, GA
______________________________________________________________
Fundamentals of UNIX
May 1998
Hewlett Packard
Washington, DC
______________________________________________________________
PROFESSIONAL EXPERIENCE
Technical Program Manager/Information Assurance Officer
May 06, 2006 – Present
L-3 Communications and Engility Corporation
Maryland
* Participated in the opportunity assessment and marketing positioning (capture), win strategy development, programming concept refinement, bid development (to include blue, pink, red and gold team reviews), post-submittal and post-award proposal processes for multi-million dollar contracts.
* Maintain and manage the National Institute for Literacy/Literacy Information and Communication System project from both a Project Manager (PM) and Information Assurance Officer (IAO) perspective.
* Prepare annual operating plans and forecasts as well as provide invoice reconciliation and approval for a Firm Fixed Price (FFP) contract.
* Successfully obtained, and continue to maintain, multiple three-year ATOs for the Department of Navy (DON).
* Function as a liaison for the program managers, system administrators, user representatives and developers to complete an entire C&A package in a timely, professional and organized manner. This includes, but is not limited to: Gathering and organizing technical information about an organization’s mission goals and needs, existing security products, and on-going programs in the security arena. Defining and analyzing security requirements. Designing, developing, engineering and implementing security solutions to achieve business objectives. Performing risk analyses to include, identifying and periodically evaluating information security controls and countermeasures to mitigate risk to acceptable levels as well as reporting significant changes in information risk to appropriate levels of management for acceptance on both a periodic and event-driven basis.
* Responsible for evaluating ST&E plans, traceability matrices, and residual risk assessments that were constructed based on the instructions presented in FISMA, DoDI 8500.2 (DITSCAP), DoDI 8510.01 (DIACAP) and NIST 800-series publications. These duties include, but are not limited to assisting clients with system security hardening and baseline development, analysis, and auditing as well as analyzing detailed system design documents, network topologies, operational procedures, and other security centric documentation in order to obtain and maintain an ATO in their industry.
* Develop Standard Operating Procedures (SOP) and related documentation for clients. Examples: Business Impact Assessments (BIA), Computer Incident Response Team (CIRT), Contingency Planning and Information Operations Condition (INFOCON) SOPs.
* Validate applications through the DON Application and Database Management System (DADMS) process.
* Prepare and deliver oral IA-focused presentations to technical and non-technical groups.
* Assist in writing proposals and Requests for Information (RFI) for a wide variety of security-centric projects.
* Completed an extensive FISMA security assessment for the State of Maryland.
* Appointed by the Marine Corps Designated Approving Authority (DAA) as a Marine Corps Enterprise Network (MCEN) Validator.
* Appointed by the Navy Operational Designated Approving Authority (ODAA) as a Navy Validator.
System Security Accreditation Lead
Apr 2003 – Nov 2005
Tri Star Engineering and SAIC
Crane, IN
* Developed SSAAs for all of Naval Surface Warfare Centers’ RDT&E applications and servers. This included, but was not limited to the construction of Security CONOPS, Certification Test Procedures, Incident Report Planning and Procedures, Maintenance Planning and Procedures, Risk Assessments, Data Flows, Security Procedures, Contingency Plans, Configuration Management Plans, Security Requirements Traceability Matrices and Security Test and Evaluation Plans.
* Ensured Command wide understanding of the high-level aspects of the DITSCAP (8510.1-M) through oral presentations and on-site visits.
* Conducted C&A briefings and presentations at beginner, intermediate, and advanced levels of expertise.
* Mentored a team in order to ensure C&A packages were completed in a prioritized manner.
* Performed extensive vulnerability scans and penetration tests against every system to ensure FISMA and DITSCAP compliancy.
* Worked with systems administrators to ensure new hardware that was placed on the RDT&E network was thoroughly scanned for vulnerabilities.
* Implemented new intrusion detection systems and rules in order to mitigate future risks to the RDT&E network.
* Investigated, quarantined and resolved intrusions detected on the RDT&E network.
Asset Management Lead / Tier III Technician
Feb 2002 – April 2003
Tri Star Engineering
Crane, IN
* Analyzed and tracked NMCI assets for billing / inventory purposes.
* Documented, researched and tested operating system images that were deployed to over 3000 personal computers. This involved extensive testing of applications on multiple platforms.
* Prepared new user accounts, machine associations and e-mail addresses in Active Directory / Remedy.
* Analyzed, solved and thoroughly documented complicated network and application errors between two separate networks. (NMCI and RDT&E networks)
* Provided Tier III Help Desk and Technical Support for a dynamic network with multiple platforms.
* Functioned as a liaison between end users, Tier I, Tier II and Tier III support.
* Worked in Tivoli (remote desktop) and Remedy (enterprise logistics management) on a daily basis.
* Organized and lead weekly team meetings while we transitioned managers.
Point of Sales Technician
August 2001 KFORCE.com
Indianapolis, IN
* Implemented a Point of Sale system (Windows 2000) for Advanced Auto Parts.
* Coordinated work instructions effectively with everyone on the project.
Systems Analyst
July 2000 – July 2001 JOFCO International
Jasper, IN
* Contributed to all aspects of decision, budget and project making within the IT department.
* Managed a four month, company wide, Internet Protocol renumbering project in order for the company to successfully connect to the Internet.
* Functioned as a liaison to establish several successful relationships with third party vendors in order to help the company implement major technical projects.
* Reviewed multiple computer systems capabilities, workflow and scheduling limitations in order to increase productivity.
* Wrote detailed descriptions of user needs, program functions and steps required to develop a computer program or project.
* Maintained security and the overall data integrity within the company’s computer systems.
* Setup Cisco routers, switches and firewalls.
* Oversaw the implementation of the following products for the entire company: Microsoft NT Workstation and Server, Track-IT!, Microsoft Office, Norton Antivirus, Mdaemon, Arcserve and Diskshare.
Night shift Computer Operator
Nov 1998 – July 2000 Kimball International
Jasper, IN
* Provided tier one help desk support for a global network. This included, but was not limited to: Assisting users with their password resets, troubleshooting problems on various applications and operating systems, escalating calls when necessary to the tier two support members, and documenting every call in Tivoli for reference purposes.
* Executed reports on a nightly basis and distributed them to the various departments.
* Monitored, executed and scripted batch jobs on MVS, Windows NT and UNIX based operating systems.
* Maintained, installed and tested different applications on Windows 95/98, UNIX, and Windows NT based operating systems.
* Wrote technical instructions and documents using Microsoft Word.