|
|
Title: |
Information Assurance Analyst
|
Location: |
US-District of Columbia-Washington/Metro
|
Work History: |
Secure Info, Corp.
While with SecureInfo I served on a team of information security professionals that were hand-selected for the FISMA accreditation phase I initiative for the Microsoft cloud-computing offering, Business Productivity Online Suite-Federal (BPOS-F) email archiving product. The goal of the phase I team was to secure an Interim Authority To Operate (IATO) and manually produce a deliverable documents package that included: FIPS 199 Categorization, Privacy Impact Assessment (PII), Privacy Threshold Analysis (PTA), Contingency Plan (CP), Configuration Management Plan (CMP), a corporate Information Technology Security Plan (ITSP) and a system security plan (SSP). As a team we were able to produce the deliverable document set as well as gain an IATO from the USDA Authorizing Official (AO) in time and under budget. This was successfully accomplished under an extremely aggressive timeline. The email archiving solution was the first BPOS-F product to achieve this goal.
Documents I authored or co-authored while on the BPOS-F, Email Archiving Solution Phase I team
• System Security Plan
• Information Technology Security Plan
• Configuration Management Plan
• Privacy Impact Assessment
• Privacy Threshold Analysis
• FIPS 199 Categorization
Carson & Associates
The National Institutes of Health, Centers for Information Technology has 15 FISMA governed major applications and general support systems for which it is responsible. Of those I was responsible for 5 systems, which included the NIH infrastructure backbone as well as their Windows infrastructure system that manages 50,000 network users; the two largest, most technically complex systems in the CIT arena of responsibility. Managing 5 concurrent FISMA ATO’s (Authority to Operate) required that I oversee all information assurance activities. Those activities included but were not limited to privacy impact assessments, contingency plan development, contingency plan testing, plan of action & milestone management, system security plan development, annual assessments and recertification’s. The combination of my information assurance experience combined with my extensive technical background made me the ideal candidate for the teams’ technical liaison where I would often be called on to give technical assessments for systems not directly under my assigned responsibility.
Notable accomplishments while at the National Institutes of Health
• Selected to spearhead the most in-depth recertification the ISSO’s office had ever undertaken for any “high” risk system, the NIH infrastructure backbone.
• After observing the daily operations for about 8 weeks, I formalized a substantial proposal for realignment of the ISSO’s office personnel. This proposal was approved and changes are currently being implemented.
• Successfully managed three of the six “high” risk system accreditation packages.
Analytics, Inc.
As the I.T. Manager and Information Systems Security Officer I was responsible for the effective management of the company’s network services, data services, application services and security posture. In my role of I.T. Manager I excelled at communication between operations and executive staff and the technology staff. My philosophy of matching company goals and personnel goals cultivated a mutually satisfying culture for a results driven environment. I was also responsible for technical documentation, managing timelines and producing regular progress reports to executive staff. As the companies Information Systems Security Officer I was responsible for the overall technical security posture for the company’s FISMA Certification & Accreditation with the Federal Trades Commission. In December of 2007 I was commissioned by company executives to take point in achieving a FISMA C&A. In May of 2008 the company acquired its first FISMA Certification & Accreditation as a primary contractor of the U.S. Federal Trades Commission. The C&A documentation required manual development and creation. I was the primary author of this document set. The responsibilities of the ISSO included regular security posture reporting, vulnerability assessments, incident response planning, incident reporting, gap analysis FISMA C&A documentation management and more.
Notable accomplishments while at Analytics, Inc.
• Spearheaded FISMA C&A initiative for FTC contractual requirements
• Lead application group with the reengineering of a centralized, scalable and standardized of the class-action redress application
• Engineered data standards and protocols to ensure data integrity and accuracy of class-action and redress disbursements of over $500,000,000.
• Lead network group to ensure high-level security posture and successful annual FISMA audit.
The Analytics, Inc. technical and compliancy environment consists of the following technologies:
• ColdFusion 8
• Microsoft SQL 2005
• Microsoft Windows 2008 Servers
• EMC Data Storage System
• SharePoint
• Symantec Control Compliance Suite
|
Skills: |
• 4 years experience in information assurance and technical security analysis
• Intimate knowledge of the NIST Special Publication documentation set (I.E. SP800-53, SP800-37 etc)
• Expert with FISMA Security Authorization (SA), formally certification & accreditation, documentation.
• Versed with Trusted Agent, FISMA
• Excellent technical writing ability
• Experienced in the I.T. Management of application development, data services and network administration
• Experienced in information technology infrastructure planning, and system implementation
• Extensive experience in application development and data management
• Solid skills in database administration and network administration in large scale enterprise environment
• Experience in web application system integration and e-business solutions
• Detail oriented manager with excellent communication and interpersonal skills
• Veteran of a U.S. Army combat arms airborne unit, 82nd Airborne Division
|
Education: |
BS - Business Administration - Colorado Technical University Online
|
Endorsements
|
 |
Jonathan has received 0 endorsements.
|
Jonathan has endorsed 0 Members.
|
| |
Rank |
Title |
Location |
Status |
Actions |
|
Public Messages
|
|
| From |
Date |
Message |
No public messages. |
|
|
