1. Key Skills and Knowledge
Domain Expertise & Solutions
Information Assurance
Privacy Impact Assessment (PIA)
Feasibility Study
Financial Accounting
Assets Accounting
Human Resources Management
Inventory Control & Materials
Management
Computer Networking
Telecommunications
Market Survey & Analysis
SCADA systems
Management Information Systems
(MIS)
Supply Chain Management (SCM)
Project Conceptualization
Technical Presentations
Price & Contract Negotiations
Proposal Writing
Management Consulting Services
Application Design and Development
Systems Integration
Vulnerability Testing
Certification & Accreditation (C&A)
Independent Verification & Validation
(IV&V)
Systems Test & Evaluation (ST&E)
Physical Security
Systems Migration
Program Management
FISMA Trusted Agent (TA) & Risk
Management Systems (RMS)
Program Planning & Execution
Information Systems Security Officer
(ISSO)
NIACAP/DITSCAP
Earned Value Management Systems
(EVMS)
Telecommunication Billing Systems
Local Area Networks (LANs)
Systems Implementation
Quality Assurance (QA)
Systems Documentation
Training
Skills Summary
A Telecommunications engineer with diversified experience in Information Technology (IT) Program
Management to include Supply Chain Management (SCM), Capital Planning, Market Survey and
Analysis, Project Coordination with stakeholders, Application Systems Design, Development &
Implementation, Defense Information Technology Systems Certification & Accreditation Process
(DITSCAP) and Telecommunications. Mr. Kumar has a comprehensive knowledge of the Systems
Development Life Cycle (SDLC) using both Waterfall and Agile Project Management methodologies,
Management Information Systems (MIS) integrated with Security Assessments, Risk Management,
Vulnerability Testing, Certification and Accreditation (C&A) based on IEEE/ISO/DITSCAP/NIST
standards, conceptualizing and implementation of software development projects, computer network
design and development, Systems Information Assurance (IA) using Defense Information Systems
Agency (DISA) Security Technical Implementation Guides(STIGs) and FIPS 199/200 and NIST 800
Special Publications (30, 37, 53/53A,137 etc.) supporting clients with Business Continuity & Disaster
Recovery. Mr. Kumar has updated Federal clients Policies and Procedures, Access control mechanisms,
documented PKI baseline processes, and assessed security statuses for both Physical security and Major
Applications and General Support Systems based on OMB 130. Mr. Kumar has expertise in integrated
applications systems development and integration, for Federal agencies. He conducted Independent
Verification & Validation (IV&V) on Federal mission critical systems and computer networks. He has
extensive knowledge in the design, development, and implementation of Supervisory Control and Data
Acquisition (SCADA) for Oil & Gas applications, integrated Financial software development including
Financial and Assets Accounting, Human Resources and Inventory Control. Mr. Kumar has
excellent skills related to project management, technical presentations, price and contract negotiations,
and written communications. Being customer focused and a problem solver he has re-engineered
Computer Divisions/Projects for optimal utilization of resources with “On budget” and “On time”
completion of major projects both in the USA and India. As a FEMA ISSO, he assisted FEMA in
developing and updating FISMA related Risk Assessments, Security Systems Plans (SSP), SAR and
other C&A documentation. From June 2008 onwards, he is providing assistance to the US Coast Guard
(USCG) HQs at Washington DC, Financial Center (FINCEN) at Chesapeake VA and Operations Service
Center (OSC) at Martinsburg, WV in the completion of Annual Assessments and resolution of weaknesses
(POA&Ms) to attain a “Green” status (97%) on the DHS Scorecard. In FY 2009 he participated in the
development and review of a new USCG IA Practice Manual, ISSM Validation SOP, TA User Access
Policy and assisted the USCG towards maintaining their “Green” status with an “A+” grade (99%) on
the FY2009 DHS Scorecard. During FY 2010, he delivered a presentation on POA&Ms at the Annual
USCG conference at Orlando FL, that was applauded by the worldwide USCG ISSOs, and was also
congratulated both by CAPT David Dermanelian Chief Information Security Officer (CISO) CG-651
and his then deputy CDR James Koermer. Based on his overall performance at USCG HQ he also
received an appreciation letter from the CISO.
Mr. Kumar has been repeatedly commended on his imaginative and innovative approach towards
problem resolution and timely project completion by various Federal Government clients and is a
recipient of many client appreciation letters and performance based awards as a testimonial to his
accomplishments. Earlier he had a DoD Top Secret/SSBI clearance that is currently inactive. He has
an excellent credit record and his profile is available on the Linkedin website.
Work Experience
Enterprise Information Services Inc. (EIS), Independent IT Security Consultant, 11/12 – 12/14
As IT Security SME, Mr. Kumar provides EIS IT Security, Cyber and SA&A consulting support. His
professional expertise includes evaluation, analysis, design, and methodology solutions supporting EIS
delivery and business development of its IT Security Practice and proposal pipeline. Specifically involved
Citizenship status:US
Citizen
Clearance status: Earlier
Top Secret/SSBI
Kamlesh Kumar
kam_kumar@hotmail.com
Phone:(703)961-1991(H)
2. in Cyber and SA&A solutions approach development as response to PWS/SOW requirements based on
personal, specialized, and professional experience. His services included both written and oral
presentation deliverables according to format, schedule, and agreed quality standards.
Independent IT Consultant
Worked as an independent IT consultant Mentored and discussed and provided recommendations to
technical proposal developers and writers, multiple IT system analysts and project managers on IT
projects both in the US and abroad, of how to plan, negotiate and tackle various problems encountered
with stakeholders and clients during the stages of IT Supply Chain Management (SCM), proposal
development, project design, development and execution to ensure seamless implementation and full
client satisfaction and regular release of payments per contract specifications.
US Coast Guard (USCG), FISMA Lead SBU systems, National Information Assurance Certification
and Accreditation Process (NIACAP) 06/08 – 08/11
While working in the FISMA Team on the joint Booz Allen Hamilton – URS Apptis contract, Mr. Kumar
is participating in DHS meetings, assisting the USCG ISSM in managing, reviewing policies and
procedures, and reporting on the Risk Management System (RMS) cum Trusted Agent (TA) FISMA
statuses by Coast Guard (CG) components, based on DHS 4300A Security Systems Handbook (SSH )and
NIST 53 Rev 3, towards the maintenance of a “Green” status on the DHS Scorecard. Mr. Kumar has been
instrumental in providing guidance and reviewing quality of work performed by the CG ISSOs in conducting
C&A, SSPs, ST&E, CM plans, CP and Testing, SAR, PTA/PIA etc. and documenting them in TA. He has
also participated in the development and review of the new FY 2009 TA User Access Policy, ISSM
Validation SOP, and the CG IA Practice manuals.
In recognition of his FY 2009 DHS Performance Plan knowledge, FISMA expertise, and problem solving
skills, he was specifically tasked to manage and report on the POA&M Remediation of CG components.
This effort culminated with the accomplishment of a “Green” status and a final “A+” grade (99%) on
the FY 2009 DHS Scorecard, and for which he was personally commended by the USCG ISSM and
also recognized by URS Apptis with another award.
During FY 2008, he provided onsite assistance to the USCG Financial Center (FINCEN) at Chesapeake
VA in conducting ST&E, reviewing and updating their C&A documentation, completing their FY 2008
Annual Assessments in Trusted Agent (TA) FISMA on their major Financial Applications and General
Support Systems well ahead of time to the generation of the FY 2008 DHS Scorecard report. Thereafter,
he proceeded to the USCG Operations Service Center (OSC) systems at Martinsburg WV, and provided
onsite expert guidance and assistance on their Financial, Mixed Financial, Major Applications and General
Support Systems in resolving their long pending 78 Waivers & Exceptions that were unacceptable by
clarifying doubts and suggesting alternative solutions for compliance during a series of meetings with
different teams, and reviewing and documenting their SSP, RA, CP and CP tests etc. in TA. This effort
enabled the US Coast Guard accomplish a “Green” status (97%) on the DHS Scorecard. This
performance was then commended by the USCG ISSM Michael Massino, and also recognized by
URS Apptis with an award.
Federal Emergency Management Agency (FEMA) Team Lead SBU & Unclassified Systems,
National Information Assurance Certification and Accreditation Process (NIACAP) 06/06 – 05/08
As a FEMA ISSO, Mr. Kumar conducted Certification and Accreditation (C&A) including Physical Security
assessments on FEMA’s Map Service Center (MSC) locations and IT systems at Glen Burnie MD and
Vienna VA, using the DHS Risk Management System (RMS) and TA FISMA tools, based on OMB 130,
FIPS 199/200, and NIST SPs -37, 53/53A Rev 2, and DHS 4300A Security Systems Policy and DHS
4300A Security Systems Handbook. He interacted with the FEMA Information Security System Manager
(ISSM) team and Certification Authority (CA) and helped the MSC accomplish an Authority To Operate
(ATO). He provided guidance on updating the System Security Plan (SSP) and Risk Management Plan,
and System Test & Evaluation (ST&E) results on the Map Modernization (Map Mod) Program, and also
developed the FEMA Next Gen SSP.
He also performed ongoing Program Management and Independent Validation and Verification (IV&V) on
the Map Mod Program by monitoring and evaluating progress accomplished via the Balanced Score Card
(BSC). He developed a questionnaire and conducted a Survey and Analysis of data with FEMA’s ten
Regions to apprise the FEMA senior management and highlight the difference in perception between
3. FEMA HQ senior managers and its Regional Directors towards achieving success on the Map Mod
program. He participated in Process Council and Joint Process Review (JPR) meetings, reviewed and
conducted Quality Assurance (QA) on documented reports prepared by FEMA’s National Service Provider
(NSP) Michael Baker Jr. Corporation, and reported on FEMA’s BSC metrics on Key Performance
Indicators (KPIs) via quarterly Program Effectiveness Reports (PER) and the Quality Assurance Systems
Plan (QASP) to determine the quantitative and qualitative progress achieved by the NSP and FEMA’s 10
Regions on updating the Digital Flood Insurance Rate Maps (DFIRMs) database based on revised targets
set by Congressional Mid-course Adjustment directives. On an ongoing basis he also reviewed and
conducted IV&V, on digitized flood maps and associated data.
He reviewed progressive performance on the Regional Status of Studies: Flood Study projects for accurate
digital map production using Earned Value Management Systems (EVMS), to evaluate the Cost
Performance Index (CPI) and Schedule Performance Index (SPI) for determination of the ‘On Cost’ and
‘On Schedule’ in the different FEMA Regions.
DoD TRICARE Management Activity (TMA) Project Manager Multiple Projects
Public Sector, Defense Information Technology Systems Certification & Accreditation Process
(DITSCAP) 01/03-12/05
Mr. Kumar was the Project Manager cum Team Lead in the Unisys DITSCAP Group for carrying out
Security Assessments on behalf of TMA on multiple healthcare contractors providing services to military
families and veterans. Job involved leading multiple teams of security analysts and engineers to Air Force
bases such as England Air Force base at Alexandria LA, and contractors sites at Martinspoint Health Care
Portland ME, Johns Hopkins Health Care Baltimore MD, Health Net Federal Systems Rancho Cordova CA
etc. conducting Physical Security Assessments, Risk & Vulnerabilities Assessments, and analysis of data
and reporting as part of the DITSCAP process in assessing the security posture of application systems and
networks based on Federal Department of Defense DoD 8500.1 standard and DODI 8500.2 guidelines,
and testing using DISA STIGs, and documented NIST Special Publications 800 series. The reports
submitted helped TMA determine whether an Interim Approval To Operate (IATO) or an Approval To
Operate (ATO) award could be bestowed upon the particular contractor’s application and/or network.
Mr. Kumar conducted Quality Assurance on Security Systems Authorization Agreements (SSAA), Risk
Assessments and Physical Security Assessment documentation on various projects prior to their
submission to TMA. He has also participated in proposal development and Red Team reviews, interviewed
personnel for positions of team leads, engineers and analysts for induction in the DITSCAP Group,
assisted in the preparation of documentation for presentations to Federal Agencies, mentored team leads,
engineers, and analysts etc.
On behalf of TMA, Mr. Kumar also updated and maintained the TMA database both on travel expenses
incurred by different Unisys teams and the Physical Security Assessment (PSA) status of different projects.
His expertise and knowledge not only contributed in vastly improving the quality of data stored and report
generation, but also resulted in an improved quality of database programming and reporting. His quality of
work was well recognized by Ms. Joan Luke of the TMA management where his expert advice was
often sought for problem resolution and implementation.
Veterans Benefit Administration (VBA), Sr. Subject Matter Expert
Public Sector, Security Information Program Office (SIPO) 03/01-10/02
Mr. Kumar worked at L-3 Titan Corporation on the Veterans Benefit Administration (VBA) SIPO contract
on secure and trusted VPN networks and applications security. He designed and developed an
implementation process for a Public Key Infrastructure (PKI) system for issue and revocation of certificates
for e-mail. The online-automated PKI system supports availability, authentication, data integrity, non
repudiation, and confidentiality over VBA’s vast network. He also designed and developed the forms and
flow diagrams for PKI, as well as documented the responsibility and roles of Users, Registration Authorities
etc. He reviewed and updated handbooks and manuals containing Security Policies and Procedures,
attended Information Services Working Group (ISWG) meetings, and presented integrated Exception
Reporting solutions to provide a speedy and secure information reporting turnaround. The PKI work done
and the Exception Reporting presentation were well received by VBA officials.
Mr. Kumar designed the VBA’s Warning Banner on the login user screen to serve as a legal warning to
users about the misuse of VBA computers and networks. He provided guidance and assistance in
developing Security Plans for major applications and general support systems in line with OMB-130. He
4. supported the planning and conducting of a comprehensive assessment of VBA’s technical infrastructure.
He was a member of the HIPAA and PKI steering committees and participated in planning for security
implementation. He also reviewed the BDN and CSUM system documents about security implementation
in operations.
General Services Administration, Sr. Subject Matter Expert
Public Sector, Independent Verification & Validation – PEGASYS 07/00-03/01
Mr. Kumar at L-3 Titan Corporation participated in the Independent Validation and Verification (IV&V) of
GSA’s Financial Integrated Software product named Pegasys. In this project, he interviewed Pegasys
stakeholders, reviewed project staffing and documentation to assess the contract strategy, management
and software development processes and benchmarked them against international standards such as
IEEE Standard 1012, SEI/CMM, OMB-11, and the Clinger Cohen Act 1996.
Department of Labor (DOL), Deputy Program Manager
Public Sector, Independent Verification & Validation Y2K project 03/98-06/00
Mr. Kumar at L-3 Titan Corporation was the Deputy Program Manager on the Department of Labor’s
(DOL) Independent Validation and Verification (IV&V) contract. He assisted the DOL in attaining Y2K
compliance on their 61 Mission Critical Systems and their secure network for access control,
transmission and data integrity. He conducted and performed risk management, site inspections,
and assisted the DOL agencies in prioritizing for Y2K testing and documentation. The quality of work
performed was appreciated both by Patricia Lattismore Assistant Secretary, and Ed Hugler, Deputy
Assistant Secretary, and for which he received letters of appreciation from the client and a cash
performance award from L-3 Titan Corporation.
Department of Health and Human Services (DHHS) & Department of Transportation (DOT), Program
Manager Public Sector, Systems Design, Development & Implementation 12/96-11/97
Mr. Kumar was the TYC’s Program Manager for management and design of the Department of Health and
Human Resources (DHHS) Grants and Contracts Management Systems, and the Federal Railroad
Administration projects. While supporting the Office of the Secretary, DHHS, he performed the migration of
the PHS Grants Management Information System (GMIS) from the mainframe to a GUI based client server
environment using PowerBuilder and Oracle RDBMS for tracking R&D annual grants amounting to billions
of dollars. He also managed the O&M and enhancement of the Departmental Contracts Information
System (DCIS). He supported the migration of the DCIS application from the IBM mainframe to the client
server environment and provided support to the various DHHS agencies e.g., National Institutes of Health
(NIH), Food & Drug Administration, Center for Disease Control (CDC), and Health Care Finance
Administration (HCFA).
WANG GLOBAL I-NET/Client Networks & Facilities, Telecommunications Manager
Commercial and Public sector 10/92-11/96
Mr. Kumar managed WANG GLOBAL I-NET’s telecommunication network and facilities. He implemented
WANG GLOBAL I-NET’s computerized Telecommunications Billing System including a charge back
system to various projects and clients. His responsibilities involved Supply Chain Management
(SCM), participation in contract and price negotiations, liaison with Common carriers for procuring
and installing analog and digital voice/data/multimedia circuits like T3/T1/56 Kbps and ISDN/Frame
Relay to support various government and commercial clients. He performed circuit data analysis
and made innovative changes to optimize circuit utilization, resulting in substantial cost ,
Mr. Kumar at WANG GLOBAL I-NET used Supply Chain Management (SCM) to include designing,
deploying and managing the installation of Class C fiber LANs, using Cisco Routers and Synoptics (Bay
Networks) hubs, at the Census Bureau at Suitland (MD), and also at the American Embassy at Paris
(France). The quality of work performed was highly appreciated by Roy the Census Bureau Chief of
Telecom, COTR Chris Stuber, and Pamela Harriman the US Ambassador respectively. The projects
were completed months ahead of the scheduled timeframes thereby adding to large cost savings by
the company.
Telecommunication Consultants India Limited (TCIL), Ministry Of Communications
Public Sector, General Manager & Computer Division Chief 02/84-08/92
5. Mr. Kumar was the General Manager and chief of the TCIL Computer Division in New Delhi (India)
directed the working of over 125 software engineers on various projects in the USA, UK, Ireland,
Netherlands, Middle East, Saudi Arabia, and India. He conducted Supply Chain Management (SCM)
on many projects, participated in price and contract negotiations both with Foreign and Indian
clients, and has an eye for details. He met with clients and engineering teams on a regular basis,
and mutually thrashed out any kinks to ensure a seamless on budget on time completion of high
tech projects.
He planned, managed and integrated the SCM turnkey implementation of a real time Supervisory
Control and Data Acquisition System (SCADA) for on-shore monitoring of Oil and Gas production at
the Oil and Natural Gas Commission (ONGC) facility at Sibsagar in Assam (India), using Texas
Instruments S/3 System Software and Allen Bradley PLC 2/05 using MicroVAX II. Application systems
software for mimic displays, measuring and monitoring parameters such as Flow, Viscosity, Temperature,
Pressure, and computations for AGA-3, AGA-5, and AGA-7 were developed locally at Sibsagar in C
integrated with the Harvard Graphics package.
He designed and developed the Assets Accounting System, for the ONGC Headquarters at Dehradun
(India), based upon SDLC concepts using IBM 4048. This system estimated the depreciation of a large
inventory of costly items used for onshore and offshore drilling for crude oil and natural gas at various
production sites. The assets value was integrated with ONGC’s Annual Financial Statement.
Mr. Kumar participated and managed the software development for an online Integrated
Telecommunication Facilities Management System consisting of modules such as Billing, Commercial,
and Fault Records on VAX 11/750. This pilot development project was replicated and customized for
different computer systems (PDP 11, Burroughs 6700, ICL 1904, IBM 370/360, Honeywell Bull level 6,
Robotron R40) for implementation at other Telecommunication Circles/Districts and was also demonstrated
to BellSouth Atlanta GA as proof of our software capabilities.
He was also responsible for the turnkey implementation of online telephone Directory Assistance
Systems (197 Service) for major telecommunication districts at Lucknow, Bangalore, Ahmedabad,
Faridabad and Ghaziabad based on the System Development Life Cycle (SDLC), with Oracle DBMS on a
Honeywell DPS 64 computer system.
Mr. Kumar designed, developed and implemented an Integrated Financial Accounting System for
Telecommunication Consultants on supermini computers, to generate day books, monthly trial balance,
accounts payable and receivables, general ledger, and personal sub-ledgers. Later, the system was
enhanced for generating the Annual Financial Statements to include Assets and Liabilities, Profit and Loss
and various Schedules. The quality and speed of implementation were appreciated by the Chairman
Y L Agrawal and Director Finance A C Narang.
Army Headquarters EDP Centre/Signals Corps, Sr. Systems Analyst/Telecom Engineer 12/62-01/84
Mr. Kumar designed, developed and installed Human Resource Information Systems, Inventory Control
Systems and Vehicle Management Systems on mainframe ICL 1904 & 2950 computers for the Indian
Armed Forces that comprised of over a million personnel and over 250,000 all type vehicles including jeeps
tanks, heavy duty MAN trucks etc. The systems designed were integrated and flexible for enhancement to
meet or exceed the varying requirements projected by Army Headquarters and different commands. The
quality of work accomplished was lauded by the top brass at Army Headquarters New Delhi (India).
Mr. Kumar was on the panel of instructors that conducted COBOL, FORTRAN, and Structured Systems
Analysis & Design (SSA&D) courses at the Computer Society of India, New Delhi.
Mr. Kumar was trained and commissioned in the Signals Corps from the Indian Military Academy at
Dehradun (India) in 1962. He commanded various Signals (Electronics &Telecommunications) units and
engineered voice and data communications over coaxial, fiber, wireless, radio relay, microwave, and
troposcatter TDM and FDM circuits.
Education
High School, University of Cambridge(UK)
Bachelor of Science (SODE), Military College of Telecommunication Engineering
Masters (PGDPM) Personnel Management, Delhi University
6. Certificate in Labor Law, Indian Law Institute, New Delhi
Data Base Management, Indian Institute of Management, Ahmedabad
Structured Systems Analysis & Design, Apple Education, U.K.
Computer Networking, Communication Systems Design Inc, U.K.
Local Area Networks, Indian Institute Of Technology, New Delhi
Computer Programming C/C++,Java,RDBMS,Unix Systems Administration, LAN
(Dean’s list), Northern Virginia Community College, Alexandria VA.
Professional Training
DoD Designated Accreditation Authority (DAA) Certificate
DHS Risk Management for the Security Professional Certificate
DHS C&A Document Review (DR) and Critical Controls Review (CCR) Certificates
ISSO Course at DHS/FEMA Emergency Management Institute Emmitsburg MD
URS Apptis Insight Program Management
Six Sigma Lean White Belt Course
Information Assurance Training
L-3 Titan Information Assurance Quick Look Course
USDA Security of Federal Information Systems
USCG Security Awareness
Basic Privacy Training
Records Management
Internet Security: An Overview
Internet Security: Secure Communications
Internet Security: Firewall Principles
IBM OS/390 Security-004412
2005 Ethics Awareness training
Computer programming in COBOL, FORTRAN, C/C++, Java
Unix Systems Administration
Local Area Networks
Communication Network design
Data Base Management design
SQL plus/PL SQL programming
Structured Systems Analysis & Design
7. Certificate in Labor Law, Indian Law Institute, New Delhi
Data Base Management, Indian Institute of Management, Ahmedabad
Structured Systems Analysis & Design, Apple Education, U.K.
Computer Networking, Communication Systems Design Inc, U.K.
Local Area Networks, Indian Institute Of Technology, New Delhi
Computer Programming C/C++,Java,RDBMS,Unix Systems Administration, LAN
(Dean’s list), Northern Virginia Community College, Alexandria VA.
Professional Training
DoD Designated Accreditation Authority (DAA) Certificate
DHS Risk Management for the Security Professional Certificate
DHS C&A Document Review (DR) and Critical Controls Review (CCR) Certificates
ISSO Course at DHS/FEMA Emergency Management Institute Emmitsburg MD
URS Apptis Insight Program Management
Six Sigma Lean White Belt Course
Information Assurance Training
L-3 Titan Information Assurance Quick Look Course
USDA Security of Federal Information Systems
USCG Security Awareness
Basic Privacy Training
Records Management
Internet Security: An Overview
Internet Security: Secure Communications
Internet Security: Firewall Principles
IBM OS/390 Security-004412
2005 Ethics Awareness training
Computer programming in COBOL, FORTRAN, C/C++, Java
Unix Systems Administration
Local Area Networks
Communication Network design
Data Base Management design
SQL plus/PL SQL programming
Structured Systems Analysis & Design