SlideShare a Scribd company logo

SSBRadley Resume_June2015

Download as DOCX, PDF
S
Shelia S. Bradley
1 of 6
Shelia S. Bradley 116 Douglas Drive, Stafford, VA 22554 (C) 843.277.7953 shelia.bradley08@gmail.com shelia.bradley08@me.com Clearance: Active Secret Certifications: Security+ (studying for CISM, PMP, ITIL) 15 1/2 Year U.S. Army Veteran OBJECTIVE Obtain a leadership position where my skills and experience in information assurance can be effectively utilized for the protection of information and resources and to establish synergetic expertise visions, homegrown innovations, and customer loyalty in the face of both prosperous and adverse times. SUMMARY ● Over 16 years with extensive experience in project management and development of System Security Authorization Agreement (SSAA) development and review, DIACAP Implementation, Information Assurance documentation creation, vulnerability analysis and management, risk assessments, FISMA, NIST, and DISA STIG implementation. ● SME in developing, implementing, and maintaining strategic, technical, and operational security plans, diverse security architecture, risk management strategies, and security procedures. ● Proven ability to remain flexible, but task oriented in order to overcome scope creep challenges commonly associated with project development. ● SME is giving impromptu and planned oral presentations to small, medium, and large sized audiences on the required Information Assurance Training, Policies, and Guidelines to include creating the required documentation for training. ● SME in the use and analysis of various vulnerability scanning tools (Retina, Nessus), Security Information and Event Management (SIEM) tools, ACAS and SCAP, HBSS and other anti-virus devices PROFESSIONAL EXPERIENCE Information Assurance Manager/ DIACAP Team Lead Nov 14-Present Sentar, INC (Walter Reed National Military Medical Center) Bethesda, MD Manages the progress and status of the DIACAP efforts for the Walter Reed National Military Medical Center (WRNMMC) DIACAP project. DIACAP Team Lead responsible for leading a technical team (10 engineers) containing a mix of senior and junior engineers, database administrators, and technical writers specializing in the development of the DIACAP packages for over 100 medical devices. Responsible for the initiation, planning, execution, and monitoring of the certification and accreditation process for these devices. Assisted with the development of Request for Proposal’s (RFP’s) resulting in Sentar being awarded multi-billion dollar 2 year w/ option contracts with the Department of Homeland
Security (DHS). Develops information assurance artifacts, performs vulnerability scans, and provides remediation and mitigation guidance to system administrators and engineers. Certification Authority Representative (CAR) CIO/G6 Aug 14-Nov 14 Meridian Technologies Fort Belvoir, VA Directly supported the Chief Information Officer (CIO/G6), and Senior Information Assurance Officer (SIAO)/ Certification Authority (CA) in the implementation of the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP). Conducted technical reviews of DIACAP packages to gauge the level of acceptable risk to networks or information Systems (classified and un-classified) within the Contiguous United States (CONUS) and Outside the Contiguous United States (OCONUS). Substantiated recommendations of accreditation's (e.g. ATO, IATO, IATT, Reciprocities, etc.) before they are sent to the Designated Approval Authorities (DAA) for approval. Subject matter expert on policies and requirements capable of providing input for changes, determinations of applications versus information systems, and designations of Tactical Platform Information Technology (PIT) and Platform Information Technology Interconnections (PITI). Information Assurance Manager Jul 13-Jul 14 Secure Mission Solutions, a Parsons Company Fort Belvoir, VA Managed multiple PEO P2E and I3MP DIACAP projects while providing guidance to the customers. Performed technical planning system integration, verification and validation, risk and supportability and effective analysis for over plethora of network devices and networks for all West Coast Army Military Posts and Bases. Completed Risk Assessment Report (RAR) for the US Army BOMGAR appliance (used for remote help desk solutions) to be placed onto AKO’s network, which was approved by the PEO deputy. IAM managing voice and data network device upgrades for the I3MP Network Modernization (NETMOD) and Installation Modernization (IMOD) efforts for all military installations on the West Coast. Review and validates network device configurations, network topologies, and POAMs for NETMOD and IMOD efforts providing assistance to the site NEC IAM’s. Coordinate and facilitate working groups and meetings with customers, site IAM’s, and engineers to determine requirements, individual responsibilities, and track project statuses. Senior Information Assurance Analyst Jun 12- Jun 13 GeoWireless, Inc. N. Charleston, SC Created and managed the implementation of counter-measure and/or mitigation controls. Provide guidance to customers by ensuring the integrity and protection of networks, systems, and applications by technical enforcement of organizational and DoD information security policies, through monitoring of vulnerability scanning devices and reports. Managed and performed periodic and on-demand systems audits and vulnerability assessments, including user accounts, application access, file system and external web integrity scans to determine compliancy requirements. Developed organizational and DoD required policies and procedures for C&A and DIACAP during Certification and Accreditation activities. Prepared and managed POAMS and vulnerability management reports from system audits and vulnerability assessments for risk management. Provided
technical and programmatic Information Assurance services to internal and external customers in support of network and information security systems. Designed, developed and implemented security requirements within an organization’s business processes. Network Analyst II Oct ’11- Apr ‘12 Globalpundits, Inc. Columbia, SC Developed and edited the Blue Cross Blue Shield of South Carolina (BCBSSC) Security Information Management Team (SIM) information systems security management scanning, vulnerability management, and IP360 desktop procedures for the Medicare, Tricare, and Commercial Lines of Businesses (LOB). Managed and maintained the Vulnerability Matrixes for the Medicare and Commercial LOB’s which includes over 20,000 devices. Conducted PGD and Retina new install scans and device management scans for all LOB’s providing engineers with device posture levels. Served as the liaison for BCBSSC consulting clients (SSO’s) with best security practices for the Medicare, Tricare, and Commercial LOB’s. Conferred with users to discuss issues such as computer data access needs, security violations, and programming changes. Documented computer security and emergency measures policies, procedures, and tests. Coordinated implementation of computer system plan with establishment personnel and outside vendors. Information Assurance Analyst May ‘11-Oct ‘11 Booz Allen Hamilton N. Charleston, SC Drafted Standard Operating Procedures (SOP) for the VA AIDE Master Test Plan Database used to generate test plans for various security control assessments which included test cases for all security controls addressed in SP 800-53a Rev 1. Mitigation and Remediation team member for Navy Medicine assisting with all vulnerability mitigation and remediation’s using DoD authorized scanning tools Retina, Gold Disk, SRR’s, WSUS, REM, HBSS in support of Navy Medical C&A processes. Provided mitigations and remediation’s for Microsoft Server technologies to include Windows Server 2K3, Microsoft Office, IE, and Windows XP. Information Assurance Officer (C&A) Dec ’09- May ‘11 Secure Mission Solutions- SPAWAR N. Charleston, SC Ensured the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools. Conducted risk assessments to identify possible security violations and to ensure system, hardware, and software compliancy with DoD regulations and policies. Managed and generated POAMs from self-assessment scans using DoD authorized vulnerability scanning tools (retina, gold disk, SRR’s). Assisted engineers by analyzing risks and providing best practice remediation’s and mitigations based on NIST, FIPS, and STIG’s. Organized and conducted tabletop COOP’s for the C2 LAN ATO to maintain and ensure compliancy. In charge of the certification and accreditation of the Navy Fleet NOC resulting in an ATO. Implemented the SOM for the Navy Fleet NOC resulting in the elimination of hundreds of risks ensuring backup and auditing procedures were documented and implemented.
Information Assurance Manager Mar 09 –Aug ‘09 Glotel- Verizon Business Ashburn, VA Developed Standard Operating Procedures (SOP’s) and related documentation for clients, i.e. Contingency Plans (CP), Configuration Management Plans (CMP), Risk Acceptance Reports (RAR), System Security Plan (SSP), and Rules of Engagements (ROE).Prepared and delivered oral IA- focused presentations to technical and non-technical groups. Acted as a liaison for clients, auditors, system administrators, and developers to complete an annual assessment in a timely, professional, and organized manner. Included, but were not limited to, performed Nessus scans after hours to prevent network interruption during work hours, drafted and updated policies and procedures, and produced POAM’s and lifecycle milestone schedules. Gave valuable insight and on-the-spot IA expertise to the Federal Security Management (FSM) team and manager. Successfully completed the Department of Labor’s (DOL) 2009 annual assessment on time and provided the customer with a thorough Annual Assessment Report which assisted in having the reported risks mitigated in a timely manner; thus resulting in the clients renewing their contract with Verizon Business. Assisted system owners with overviews of artifacts such as C&A contractual boundaries, diagrams, and ports and protocols as part of the continuous monitoring process. Instructor for annual Information Assurance Training. Senior C&A Analyst/ Information Assurance Officer Nov ’08- Jan ‘09 The Fountain Group- CACI Chantilly, VA Evaluated ST&E plans, traceability matrices, and residual risk assessments that were constructed based on the instructions presented in DoDI 8500.2 (DITSCAP), DoDI 8510.01 (DIACAP) and NIST 800-series publications. These duties included, but were not limited to assisting clients with system security hardening and baseline development, analysis, and auditing as well as analyzing detailed system design documents, network topologies, operational procedures and other security centric documentation in order to obtain an ATO for the Air Force IDECS Legacy and Modernization software. Information System Security Officer Sept ’05- Nov ‘08 US Army Pentagon (E-6) Washington, DC Conducted support to Pentagon organizations on matters relating to the vulnerabilities and threats as they pertain to Computer Network Defense Service Provider (CNDSP) responsibilities. As the Vulnerability Assessment Branch Team Lead, lead inspections and assessments of Information Systems at the Pentagon, analyzed and evaluated Pentagon secured networks, and recommended/evaluated procedures and products to improve the overall security of those networks. Advised personnel on applicable network security policies and procedures and coordinated and maintained liaison with appropriate DoD personnel and staff from other government agencies in order to provide guidance on network security matters, best practices, and assessment/audits. Served as the Non Commissioned Officer in charge of the Network Security Services- Pentagon Certification and Accreditation Branch and provided direct support to HQDA customers in the area IA of C&A. Maintained and developed System Security Authorizations Agreements (SSAA’s) for HQDA customers. Conducted monthly IAVM scans using Found stone and Retina scanning software to ensure accredited computer systems of multiple Department of Defense
systems complied with DITSCAP. Non Commissioned Officer in charge of conducting and tracking annual information assurance awareness training for all Soldiers and DA Civilian. Information System Manager Dec ’03- Aug ‘05 1st CAV DIV- US Army (E-5) Fort Hood, TX Responsible for the success of the deployment of the first tactical Voice over Internet Protocol (VOIP) telephone network in a combat environment for OEF/OIF. Trained a team of five personnel on the first use of the Command Post of the Future (CPOF) in an operational theater (IRAQ). Help Desk Manager for the G-6 help desk for the 1st Cavalry Division while deployed. Operated, maintained, and performed unit level maintenance on the Multi Processing Unit Server in the 1st Cavalry Division Command Assault Vehicle that provided remote secure and unsecure internet and VOIP communications. Accountable for more than $2 million dollars’ worth of equipment to include: laptops, computers, monitors, servers, scanners, printers, STE’s, Black Berries, cellular phones, and software as the CAV Team project manager. Managed backup, security, and user help systems. Help Desk Team Lead/System Administrator Nov ’02-Oct ‘03 501st Military Intelligence- US Army (E-5) Pyangtaek, Korea Provided system and network administration support in the Install and maintenance of network hardware and software. Analyzed problems, and monitored networks to ensure their availability to the users. Gathered data to evaluate the systems performance, identified user’s needs, and determined system and network requirements. Managed the units exchange server, user accounts, and workstations. Assisted and instructed users on system and application operations and security procedures. Information Technology Specialist Mar ’00- Oct ‘02 I Corps- US Army (E-4) Fort Lewis, WA Configured and managed Cisco routers, switches and firewalls. Installed, configured, and monitored local and wide area networks, hardware, and software. Designed, Installed, and maintained data communications between mainframe terminals, printers, LAN’s, and remote site hardware. Installed, terminated, and managed Fiber and CAT-5 for LAN’s. Installed and managed operating systems using Windows 2000, XP, NT, Server 2000/2003, and Microsoft Office. Provided customer and network administration services such as passwords, e-mail accounts, security, and troubleshooting. Constructed, edited, and tested computer system programs.
EDUCATION/CERTIFICATIONS  Bachelors of Science Computer Science Computer Security Capella University Expected Graduation Date: March 2016  Security + CE Certified -COMP001020306548  Certified Information Systems Security Professional (CISSP) Training Information System Security Officer (ISSO) Certification  CISCO CCNA Certification Training  Information Assurance Security Officer (IASO) Certification  GCCS UNIX & GCCS Basic Administrator Training  Information System Operator Analyst Certification

Recommended

Gregory C. Witcher Full CV
Gregory C. Witcher Full CV Gregory C. Witcher Full CV
Gregory C. Witcher Full CV Gregory Charles Witcher
 
Thomas reinheimer resume 04152016
Thomas reinheimer resume 04152016Thomas reinheimer resume 04152016
Thomas reinheimer resume 04152016Tom Reinheimer
 
Misha Resume Nov 2016
Misha Resume Nov 2016Misha Resume Nov 2016
Misha Resume Nov 2016Misha Carlisle
 
08252016 John D Resume ITIL PMP CISSP CSM CISA1
08252016 John D Resume ITIL PMP CISSP CSM CISA108252016 John D Resume ITIL PMP CISSP CSM CISA1
08252016 John D Resume ITIL PMP CISSP CSM CISA1jjdoylecomcast
 
1 info sec+risk-mgmt
1 info sec+risk-mgmt1 info sec+risk-mgmt
1 info sec+risk-mgmtmadunix
 
CLR Resume'
CLR Resume'CLR Resume'
CLR Resume'Clay Ramsey
 
Guy-Crumpley-Resume-June-29-2015
Guy-Crumpley-Resume-June-29-2015Guy-Crumpley-Resume-June-29-2015
Guy-Crumpley-Resume-June-29-2015Guy Crumpley
 
Joshua_Pruitt_Revised (003)
Joshua_Pruitt_Revised (003)Joshua_Pruitt_Revised (003)
Joshua_Pruitt_Revised (003)Joshua Pruitt
 

Recommended

Gregory C. Witcher Full CV
Gregory C. Witcher Full CV Gregory C. Witcher Full CV
Gregory C. Witcher Full CV Gregory Charles Witcher
 
Thomas reinheimer resume 04152016
Thomas reinheimer resume 04152016Thomas reinheimer resume 04152016
Thomas reinheimer resume 04152016Tom Reinheimer
 
Misha Resume Nov 2016
Misha Resume Nov 2016Misha Resume Nov 2016
Misha Resume Nov 2016Misha Carlisle
 
08252016 John D Resume ITIL PMP CISSP CSM CISA1
08252016 John D Resume ITIL PMP CISSP CSM CISA108252016 John D Resume ITIL PMP CISSP CSM CISA1
08252016 John D Resume ITIL PMP CISSP CSM CISA1jjdoylecomcast
 
1 info sec+risk-mgmt
1 info sec+risk-mgmt1 info sec+risk-mgmt
1 info sec+risk-mgmtmadunix
 
CLR Resume'
CLR Resume'CLR Resume'
CLR Resume'Clay Ramsey
 
Guy-Crumpley-Resume-June-29-2015
Guy-Crumpley-Resume-June-29-2015Guy-Crumpley-Resume-June-29-2015
Guy-Crumpley-Resume-June-29-2015Guy Crumpley
 
Joshua_Pruitt_Revised (003)
Joshua_Pruitt_Revised (003)Joshua_Pruitt_Revised (003)
Joshua_Pruitt_Revised (003)Joshua Pruitt
 
Recentresume_Dec2016
Recentresume_Dec2016Recentresume_Dec2016
Recentresume_Dec2016Carolyn Clarke
 
Christina Carson Resume 2016
Christina Carson Resume 2016Christina Carson Resume 2016
Christina Carson Resume 2016Christina Carson
 
Davila Bryan resume
Davila Bryan resumeDavila Bryan resume
Davila Bryan resumeBryan Davila
 
Joshua_Pruitt
Joshua_PruittJoshua_Pruitt
Joshua_PruittJoshua Pruitt
 
Eidws 111 opsec
Eidws 111 opsecEidws 111 opsec
Eidws 111 opsecIT2Alcorn
 
New Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationNew Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationShritam Bhowmick
 
Latest_Resume
Latest_ResumeLatest_Resume
Latest_ResumeKenneth Cooper
 
Hayat Resume-1
Hayat Resume-1Hayat Resume-1
Hayat Resume-1Hayat Azizi
 
A Case Study of the Capital One Data Breach
A Case Study of the Capital One Data BreachA Case Study of the Capital One Data Breach
A Case Study of the Capital One Data BreachAnchises Moraes
 
4 Operations Security
4 Operations Security4 Operations Security
4 Operations SecurityAlfred Ouyang
 
Strategy considerations for building a security operations center
Strategy considerations for building a security operations centerStrategy considerations for building a security operations center
Strategy considerations for building a security operations centerCMR WORLD TECH
 
Resume Weber Elijah
Resume Weber ElijahResume Weber Elijah
Resume Weber ElijahElijah Weber
 
8. operations security
8. operations security8. operations security
8. operations security7wounders
 
Item46763
Item46763Item46763
Item46763madunix
 
Database development and security certification and accreditation plan pitwg
Database development and security certification and accreditation plan pitwgDatabase development and security certification and accreditation plan pitwg
Database development and security certification and accreditation plan pitwgJohn M. Kennedy
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodologyPiyush Jain
 
Siek 2016v3 (003)
Siek 2016v3 (003)Siek 2016v3 (003)
Siek 2016v3 (003)Michael Siek
 
PACE-IT, Security+3.7: Overview of Security Assessment Tools
PACE-IT, Security+3.7: Overview of Security Assessment ToolsPACE-IT, Security+3.7: Overview of Security Assessment Tools
PACE-IT, Security+3.7: Overview of Security Assessment ToolsPace IT at Edmonds Community College
 
7 Software Development Security
7 Software Development Security7 Software Development Security
7 Software Development SecurityAlfred Ouyang
 
Infosec Workshop - PacINET 2007
Infosec Workshop - PacINET 2007Infosec Workshop - PacINET 2007
Infosec Workshop - PacINET 2007Chris Hammond-Thrasher
 
9-20-2016OklahomaCityPresentationMBL
9-20-2016OklahomaCityPresentationMBL9-20-2016OklahomaCityPresentationMBL
9-20-2016OklahomaCityPresentationMBLMary Beth Levin
 
Newcommunityposter2005
Newcommunityposter2005Newcommunityposter2005
Newcommunityposter2005Mary Beth Levin
 

More Related Content

What's hot

Christina Carson Resume 2016
Christina Carson Resume 2016Christina Carson Resume 2016
Christina Carson Resume 2016Christina Carson
 
Davila Bryan resume
Davila Bryan resumeDavila Bryan resume
Davila Bryan resumeBryan Davila
 
Eidws 111 opsec
Eidws 111 opsecEidws 111 opsec
Eidws 111 opsecIT2Alcorn
 
New Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationNew Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationShritam Bhowmick
 
A Case Study of the Capital One Data Breach
A Case Study of the Capital One Data BreachA Case Study of the Capital One Data Breach
A Case Study of the Capital One Data BreachAnchises Moraes
 
4 Operations Security
4 Operations Security4 Operations Security
4 Operations SecurityAlfred Ouyang
 
Strategy considerations for building a security operations center
Strategy considerations for building a security operations centerStrategy considerations for building a security operations center
Strategy considerations for building a security operations centerCMR WORLD TECH
 
Resume Weber Elijah
Resume Weber ElijahResume Weber Elijah
Resume Weber ElijahElijah Weber
 
8. operations security
8. operations security8. operations security
8. operations security7wounders
 
Item46763
Item46763Item46763
Item46763madunix
 
Database development and security certification and accreditation plan pitwg
Database development and security certification and accreditation plan pitwgDatabase development and security certification and accreditation plan pitwg
Database development and security certification and accreditation plan pitwgJohn M. Kennedy
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodologyPiyush Jain
 
7 Software Development Security
7 Software Development Security7 Software Development Security
7 Software Development SecurityAlfred Ouyang
 

What's hot (20)

Recentresume_Dec2016
Recentresume_Dec2016Recentresume_Dec2016
Recentresume_Dec2016
 
Christina Carson Resume 2016
Christina Carson Resume 2016Christina Carson Resume 2016
Christina Carson Resume 2016
 
Davila Bryan resume
Davila Bryan resumeDavila Bryan resume
Davila Bryan resume
 
Joshua_Pruitt
Joshua_PruittJoshua_Pruitt
Joshua_Pruitt
 
Eidws 111 opsec
Eidws 111 opsecEidws 111 opsec
Eidws 111 opsec
 
New Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationNew Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise Infilteration
 
Latest_Resume
Latest_ResumeLatest_Resume
Latest_Resume
 
Hayat Resume-1
Hayat Resume-1Hayat Resume-1
Hayat Resume-1
 
A Case Study of the Capital One Data Breach
A Case Study of the Capital One Data BreachA Case Study of the Capital One Data Breach
A Case Study of the Capital One Data Breach
 
4 Operations Security
4 Operations Security4 Operations Security
4 Operations Security
 
Strategy considerations for building a security operations center
Strategy considerations for building a security operations centerStrategy considerations for building a security operations center
Strategy considerations for building a security operations center
 
Resume Weber Elijah
Resume Weber ElijahResume Weber Elijah
Resume Weber Elijah
 
8. operations security
8. operations security8. operations security
8. operations security
 
Item46763
Item46763Item46763
Item46763
 
Database development and security certification and accreditation plan pitwg
Database development and security certification and accreditation plan pitwgDatabase development and security certification and accreditation plan pitwg
Database development and security certification and accreditation plan pitwg
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodology
 
Siek 2016v3 (003)
Siek 2016v3 (003)Siek 2016v3 (003)
Siek 2016v3 (003)
 
PACE-IT, Security+3.7: Overview of Security Assessment Tools
PACE-IT, Security+3.7: Overview of Security Assessment ToolsPACE-IT, Security+3.7: Overview of Security Assessment Tools
PACE-IT, Security+3.7: Overview of Security Assessment Tools
 
7 Software Development Security
7 Software Development Security7 Software Development Security
7 Software Development Security
 
Infosec Workshop - PacINET 2007
Infosec Workshop - PacINET 2007Infosec Workshop - PacINET 2007
Infosec Workshop - PacINET 2007
 

Viewers also liked

9-20-2016OklahomaCityPresentationMBL
9-20-2016OklahomaCityPresentationMBL9-20-2016OklahomaCityPresentationMBL
9-20-2016OklahomaCityPresentationMBLMary Beth Levin
 
HRC-Conference-Abstracts-2014
HRC-Conference-Abstracts-2014HRC-Conference-Abstracts-2014
HRC-Conference-Abstracts-2014Mary Beth Levin
 
HIV prevention conference
HIV prevention conferenceHIV prevention conference
HIV prevention conferenceMary Beth Levin
 
AppleTree_2007Early_Learning_Public_Charter_School_-_condensed
AppleTree_2007Early_Learning_Public_Charter_School_-_condensedAppleTree_2007Early_Learning_Public_Charter_School_-_condensed
AppleTree_2007Early_Learning_Public_Charter_School_-_condensedMary Beth Levin
 
PHIGClinical Skills Workshop
PHIGClinical Skills WorkshopPHIGClinical Skills Workshop
PHIGClinical Skills WorkshopMary Beth Levin
 
2 5 16 Syringe Exchange Webinar
2 5 16 Syringe Exchange Webinar2 5 16 Syringe Exchange Webinar
2 5 16 Syringe Exchange WebinarMary Beth Levin
 
Prevention_Works!2007-08[1]
Prevention_Works!2007-08[1]Prevention_Works!2007-08[1]
Prevention_Works!2007-08[1]Mary Beth Levin
 
a heroin epidemic and changing attitudes toward marijuana
a heroin epidemic and changing attitudes toward marijuanaa heroin epidemic and changing attitudes toward marijuana
a heroin epidemic and changing attitudes toward marijuanaMary Beth Levin
 
PresentationForUpload[1]
PresentationForUpload[1]PresentationForUpload[1]
PresentationForUpload[1]Mary Beth Levin
 
Clinical Skills Workshop
Clinical Skills WorkshopClinical Skills Workshop
Clinical Skills WorkshopMary Beth Levin
 
Appletree Presentation[1]
Appletree Presentation[1]Appletree Presentation[1]
Appletree Presentation[1]Mary Beth Levin
 

Viewers also liked (19)

9-20-2016OklahomaCityPresentationMBL
9-20-2016OklahomaCityPresentationMBL9-20-2016OklahomaCityPresentationMBL
9-20-2016OklahomaCityPresentationMBL
 
Newcommunityposter2005
Newcommunityposter2005Newcommunityposter2005
Newcommunityposter2005
 
HRC-Conference-Abstracts-2014
HRC-Conference-Abstracts-2014HRC-Conference-Abstracts-2014
HRC-Conference-Abstracts-2014
 
NewCommunictyposter2004
NewCommunictyposter2004NewCommunictyposter2004
NewCommunictyposter2004
 
HIV prevention conference
HIV prevention conferenceHIV prevention conference
HIV prevention conference
 
hesp
hesphesp
hesp
 
AppleTree_2007Early_Learning_Public_Charter_School_-_condensed
AppleTree_2007Early_Learning_Public_Charter_School_-_condensedAppleTree_2007Early_Learning_Public_Charter_School_-_condensed
AppleTree_2007Early_Learning_Public_Charter_School_-_condensed
 
PHIGClinical Skills Workshop
PHIGClinical Skills WorkshopPHIGClinical Skills Workshop
PHIGClinical Skills Workshop
 
2 5 16 Syringe Exchange Webinar
2 5 16 Syringe Exchange Webinar2 5 16 Syringe Exchange Webinar
2 5 16 Syringe Exchange Webinar
 
Prevention_Works!2007-08[1]
Prevention_Works!2007-08[1]Prevention_Works!2007-08[1]
Prevention_Works!2007-08[1]
 
a heroin epidemic and changing attitudes toward marijuana
a heroin epidemic and changing attitudes toward marijuanaa heroin epidemic and changing attitudes toward marijuana
a heroin epidemic and changing attitudes toward marijuana
 
pwposter2006-7
pwposter2006-7pwposter2006-7
pwposter2006-7
 
PresentationForUpload[1]
PresentationForUpload[1]PresentationForUpload[1]
PresentationForUpload[1]
 
PreventionWorks![2008]
PreventionWorks![2008]PreventionWorks![2008]
PreventionWorks![2008]
 
aan
aanaan
aan
 
appletreeposter2006
appletreeposter2006appletreeposter2006
appletreeposter2006
 
Clinical Skills Workshop
Clinical Skills WorkshopClinical Skills Workshop
Clinical Skills Workshop
 
Appletree Presentation[1]
Appletree Presentation[1]Appletree Presentation[1]
Appletree Presentation[1]
 
IB SSPs 031413
IB SSPs 031413IB SSPs 031413
IB SSPs 031413
 

Similar to SSBRadley Resume_June2015

Michael L Sawall INFOSEC
Michael L Sawall INFOSECMichael L Sawall INFOSEC
Michael L Sawall INFOSECMike Sawall
 
Joe Green Resume_2017 v5
Joe Green Resume_2017 v5Joe Green Resume_2017 v5
Joe Green Resume_2017 v5Joseph Green
 
rafael_pabon_20160524
rafael_pabon_20160524rafael_pabon_20160524
rafael_pabon_20160524Rafael Pabon
 
Lancy-Curriculum Vitae
Lancy-Curriculum VitaeLancy-Curriculum Vitae
Lancy-Curriculum VitaeLancy Menezes
 
Erwin (Chris) Carrow resume Brief 10-23-2015
Erwin (Chris) Carrow resume Brief 10-23-2015Erwin (Chris) Carrow resume Brief 10-23-2015
Erwin (Chris) Carrow resume Brief 10-23-2015Erwin Carrow
 
Resume -Resume -continous monitoring
Resume -Resume -continous monitoringResume -Resume -continous monitoring
Resume -Resume -continous monitoringTony Kenny
 
Resume -Resume -continous monitoring
Resume -Resume -continous monitoringResume -Resume -continous monitoring
Resume -Resume -continous monitoringTony Kenny
 
William H Cooke resume 1
William H Cooke resume 1William H Cooke resume 1
William H Cooke resume 1William Cooke
 
Devasis Kumar Mahato - Resume
Devasis Kumar Mahato - ResumeDevasis Kumar Mahato - Resume
Devasis Kumar Mahato - ResumeDevasis Kumar
 
Kevin Farmer Chronological
Kevin Farmer ChronologicalKevin Farmer Chronological
Kevin Farmer ChronologicalKevin Farmer
 
TEBO NDAGHA cyber resume
TEBO NDAGHA cyber resumeTEBO NDAGHA cyber resume
TEBO NDAGHA cyber resumeFRANKLINE TEBO
 

Similar to SSBRadley Resume_June2015 (20)

Jenkins_ Carlasha 2016 v1
Jenkins_ Carlasha 2016 v1Jenkins_ Carlasha 2016 v1
Jenkins_ Carlasha 2016 v1
 
Michael L Sawall INFOSEC
Michael L Sawall INFOSECMichael L Sawall INFOSEC
Michael L Sawall INFOSEC
 
Resume-Ckelley1
Resume-Ckelley1Resume-Ckelley1
Resume-Ckelley1
 
Joe Green Resume_2017 v5
Joe Green Resume_2017 v5Joe Green Resume_2017 v5
Joe Green Resume_2017 v5
 
rafael_pabon_20160524
rafael_pabon_20160524rafael_pabon_20160524
rafael_pabon_20160524
 
Jason Allred Resume
Jason Allred ResumeJason Allred Resume
Jason Allred Resume
 
Lancy-Curriculum Vitae
Lancy-Curriculum VitaeLancy-Curriculum Vitae
Lancy-Curriculum Vitae
 
Hayat resume 1
Hayat resume 1Hayat resume 1
Hayat resume 1
 
IT WORK SAMPLES
IT WORK SAMPLESIT WORK SAMPLES
IT WORK SAMPLES
 
Erwin (Chris) Carrow resume Brief 10-23-2015
Erwin (Chris) Carrow resume Brief 10-23-2015Erwin (Chris) Carrow resume Brief 10-23-2015
Erwin (Chris) Carrow resume Brief 10-23-2015
 
Resume -Resume -continous monitoring
Resume -Resume -continous monitoringResume -Resume -continous monitoring
Resume -Resume -continous monitoring
 
Resume -Resume -continous monitoring
Resume -Resume -continous monitoringResume -Resume -continous monitoring
Resume -Resume -continous monitoring
 
Terrance A. 10.20.15
Terrance A. 10.20.15Terrance A. 10.20.15
Terrance A. 10.20.15
 
Corporate Cyber Program
Corporate Cyber ProgramCorporate Cyber Program
Corporate Cyber Program
 
William H Cooke resume 1
William H Cooke resume 1William H Cooke resume 1
William H Cooke resume 1
 
Devasis Kumar Mahato - Resume
Devasis Kumar Mahato - ResumeDevasis Kumar Mahato - Resume
Devasis Kumar Mahato - Resume
 
Kevin Farmer Chronological
Kevin Farmer ChronologicalKevin Farmer Chronological
Kevin Farmer Chronological
 
628577
628577628577
628577
 
TEBO NDAGHA cyber resume
TEBO NDAGHA cyber resumeTEBO NDAGHA cyber resume
TEBO NDAGHA cyber resume
 
RMWILLIAMS IT Resume
RMWILLIAMS IT ResumeRMWILLIAMS IT Resume
RMWILLIAMS IT Resume
 

SSBRadley Resume_June2015

  • 1. Shelia S. Bradley 116 Douglas Drive, Stafford, VA 22554 (C) 843.277.7953 shelia.bradley08@gmail.com shelia.bradley08@me.com Clearance: Active Secret Certifications: Security+ (studying for CISM, PMP, ITIL) 15 1/2 Year U.S. Army Veteran OBJECTIVE Obtain a leadership position where my skills and experience in information assurance can be effectively utilized for the protection of information and resources and to establish synergetic expertise visions, homegrown innovations, and customer loyalty in the face of both prosperous and adverse times. SUMMARY ● Over 16 years with extensive experience in project management and development of System Security Authorization Agreement (SSAA) development and review, DIACAP Implementation, Information Assurance documentation creation, vulnerability analysis and management, risk assessments, FISMA, NIST, and DISA STIG implementation. ● SME in developing, implementing, and maintaining strategic, technical, and operational security plans, diverse security architecture, risk management strategies, and security procedures. ● Proven ability to remain flexible, but task oriented in order to overcome scope creep challenges commonly associated with project development. ● SME is giving impromptu and planned oral presentations to small, medium, and large sized audiences on the required Information Assurance Training, Policies, and Guidelines to include creating the required documentation for training. ● SME in the use and analysis of various vulnerability scanning tools (Retina, Nessus), Security Information and Event Management (SIEM) tools, ACAS and SCAP, HBSS and other anti-virus devices PROFESSIONAL EXPERIENCE Information Assurance Manager/ DIACAP Team Lead Nov 14-Present Sentar, INC (Walter Reed National Military Medical Center) Bethesda, MD Manages the progress and status of the DIACAP efforts for the Walter Reed National Military Medical Center (WRNMMC) DIACAP project. DIACAP Team Lead responsible for leading a technical team (10 engineers) containing a mix of senior and junior engineers, database administrators, and technical writers specializing in the development of the DIACAP packages for over 100 medical devices. Responsible for the initiation, planning, execution, and monitoring of the certification and accreditation process for these devices. Assisted with the development of Request for Proposal’s (RFP’s) resulting in Sentar being awarded multi-billion dollar 2 year w/ option contracts with the Department of Homeland
  • 2. Security (DHS). Develops information assurance artifacts, performs vulnerability scans, and provides remediation and mitigation guidance to system administrators and engineers. Certification Authority Representative (CAR) CIO/G6 Aug 14-Nov 14 Meridian Technologies Fort Belvoir, VA Directly supported the Chief Information Officer (CIO/G6), and Senior Information Assurance Officer (SIAO)/ Certification Authority (CA) in the implementation of the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP). Conducted technical reviews of DIACAP packages to gauge the level of acceptable risk to networks or information Systems (classified and un-classified) within the Contiguous United States (CONUS) and Outside the Contiguous United States (OCONUS). Substantiated recommendations of accreditation's (e.g. ATO, IATO, IATT, Reciprocities, etc.) before they are sent to the Designated Approval Authorities (DAA) for approval. Subject matter expert on policies and requirements capable of providing input for changes, determinations of applications versus information systems, and designations of Tactical Platform Information Technology (PIT) and Platform Information Technology Interconnections (PITI). Information Assurance Manager Jul 13-Jul 14 Secure Mission Solutions, a Parsons Company Fort Belvoir, VA Managed multiple PEO P2E and I3MP DIACAP projects while providing guidance to the customers. Performed technical planning system integration, verification and validation, risk and supportability and effective analysis for over plethora of network devices and networks for all West Coast Army Military Posts and Bases. Completed Risk Assessment Report (RAR) for the US Army BOMGAR appliance (used for remote help desk solutions) to be placed onto AKO’s network, which was approved by the PEO deputy. IAM managing voice and data network device upgrades for the I3MP Network Modernization (NETMOD) and Installation Modernization (IMOD) efforts for all military installations on the West Coast. Review and validates network device configurations, network topologies, and POAMs for NETMOD and IMOD efforts providing assistance to the site NEC IAM’s. Coordinate and facilitate working groups and meetings with customers, site IAM’s, and engineers to determine requirements, individual responsibilities, and track project statuses. Senior Information Assurance Analyst Jun 12- Jun 13 GeoWireless, Inc. N. Charleston, SC Created and managed the implementation of counter-measure and/or mitigation controls. Provide guidance to customers by ensuring the integrity and protection of networks, systems, and applications by technical enforcement of organizational and DoD information security policies, through monitoring of vulnerability scanning devices and reports. Managed and performed periodic and on-demand systems audits and vulnerability assessments, including user accounts, application access, file system and external web integrity scans to determine compliancy requirements. Developed organizational and DoD required policies and procedures for C&A and DIACAP during Certification and Accreditation activities. Prepared and managed POAMS and vulnerability management reports from system audits and vulnerability assessments for risk management. Provided
  • 3. technical and programmatic Information Assurance services to internal and external customers in support of network and information security systems. Designed, developed and implemented security requirements within an organization’s business processes. Network Analyst II Oct ’11- Apr ‘12 Globalpundits, Inc. Columbia, SC Developed and edited the Blue Cross Blue Shield of South Carolina (BCBSSC) Security Information Management Team (SIM) information systems security management scanning, vulnerability management, and IP360 desktop procedures for the Medicare, Tricare, and Commercial Lines of Businesses (LOB). Managed and maintained the Vulnerability Matrixes for the Medicare and Commercial LOB’s which includes over 20,000 devices. Conducted PGD and Retina new install scans and device management scans for all LOB’s providing engineers with device posture levels. Served as the liaison for BCBSSC consulting clients (SSO’s) with best security practices for the Medicare, Tricare, and Commercial LOB’s. Conferred with users to discuss issues such as computer data access needs, security violations, and programming changes. Documented computer security and emergency measures policies, procedures, and tests. Coordinated implementation of computer system plan with establishment personnel and outside vendors. Information Assurance Analyst May ‘11-Oct ‘11 Booz Allen Hamilton N. Charleston, SC Drafted Standard Operating Procedures (SOP) for the VA AIDE Master Test Plan Database used to generate test plans for various security control assessments which included test cases for all security controls addressed in SP 800-53a Rev 1. Mitigation and Remediation team member for Navy Medicine assisting with all vulnerability mitigation and remediation’s using DoD authorized scanning tools Retina, Gold Disk, SRR’s, WSUS, REM, HBSS in support of Navy Medical C&A processes. Provided mitigations and remediation’s for Microsoft Server technologies to include Windows Server 2K3, Microsoft Office, IE, and Windows XP. Information Assurance Officer (C&A) Dec ’09- May ‘11 Secure Mission Solutions- SPAWAR N. Charleston, SC Ensured the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools. Conducted risk assessments to identify possible security violations and to ensure system, hardware, and software compliancy with DoD regulations and policies. Managed and generated POAMs from self-assessment scans using DoD authorized vulnerability scanning tools (retina, gold disk, SRR’s). Assisted engineers by analyzing risks and providing best practice remediation’s and mitigations based on NIST, FIPS, and STIG’s. Organized and conducted tabletop COOP’s for the C2 LAN ATO to maintain and ensure compliancy. In charge of the certification and accreditation of the Navy Fleet NOC resulting in an ATO. Implemented the SOM for the Navy Fleet NOC resulting in the elimination of hundreds of risks ensuring backup and auditing procedures were documented and implemented.
  • 4. Information Assurance Manager Mar 09 –Aug ‘09 Glotel- Verizon Business Ashburn, VA Developed Standard Operating Procedures (SOP’s) and related documentation for clients, i.e. Contingency Plans (CP), Configuration Management Plans (CMP), Risk Acceptance Reports (RAR), System Security Plan (SSP), and Rules of Engagements (ROE).Prepared and delivered oral IA- focused presentations to technical and non-technical groups. Acted as a liaison for clients, auditors, system administrators, and developers to complete an annual assessment in a timely, professional, and organized manner. Included, but were not limited to, performed Nessus scans after hours to prevent network interruption during work hours, drafted and updated policies and procedures, and produced POAM’s and lifecycle milestone schedules. Gave valuable insight and on-the-spot IA expertise to the Federal Security Management (FSM) team and manager. Successfully completed the Department of Labor’s (DOL) 2009 annual assessment on time and provided the customer with a thorough Annual Assessment Report which assisted in having the reported risks mitigated in a timely manner; thus resulting in the clients renewing their contract with Verizon Business. Assisted system owners with overviews of artifacts such as C&A contractual boundaries, diagrams, and ports and protocols as part of the continuous monitoring process. Instructor for annual Information Assurance Training. Senior C&A Analyst/ Information Assurance Officer Nov ’08- Jan ‘09 The Fountain Group- CACI Chantilly, VA Evaluated ST&E plans, traceability matrices, and residual risk assessments that were constructed based on the instructions presented in DoDI 8500.2 (DITSCAP), DoDI 8510.01 (DIACAP) and NIST 800-series publications. These duties included, but were not limited to assisting clients with system security hardening and baseline development, analysis, and auditing as well as analyzing detailed system design documents, network topologies, operational procedures and other security centric documentation in order to obtain an ATO for the Air Force IDECS Legacy and Modernization software. Information System Security Officer Sept ’05- Nov ‘08 US Army Pentagon (E-6) Washington, DC Conducted support to Pentagon organizations on matters relating to the vulnerabilities and threats as they pertain to Computer Network Defense Service Provider (CNDSP) responsibilities. As the Vulnerability Assessment Branch Team Lead, lead inspections and assessments of Information Systems at the Pentagon, analyzed and evaluated Pentagon secured networks, and recommended/evaluated procedures and products to improve the overall security of those networks. Advised personnel on applicable network security policies and procedures and coordinated and maintained liaison with appropriate DoD personnel and staff from other government agencies in order to provide guidance on network security matters, best practices, and assessment/audits. Served as the Non Commissioned Officer in charge of the Network Security Services- Pentagon Certification and Accreditation Branch and provided direct support to HQDA customers in the area IA of C&A. Maintained and developed System Security Authorizations Agreements (SSAA’s) for HQDA customers. Conducted monthly IAVM scans using Found stone and Retina scanning software to ensure accredited computer systems of multiple Department of Defense
  • 5. systems complied with DITSCAP. Non Commissioned Officer in charge of conducting and tracking annual information assurance awareness training for all Soldiers and DA Civilian. Information System Manager Dec ’03- Aug ‘05 1st CAV DIV- US Army (E-5) Fort Hood, TX Responsible for the success of the deployment of the first tactical Voice over Internet Protocol (VOIP) telephone network in a combat environment for OEF/OIF. Trained a team of five personnel on the first use of the Command Post of the Future (CPOF) in an operational theater (IRAQ). Help Desk Manager for the G-6 help desk for the 1st Cavalry Division while deployed. Operated, maintained, and performed unit level maintenance on the Multi Processing Unit Server in the 1st Cavalry Division Command Assault Vehicle that provided remote secure and unsecure internet and VOIP communications. Accountable for more than $2 million dollars’ worth of equipment to include: laptops, computers, monitors, servers, scanners, printers, STE’s, Black Berries, cellular phones, and software as the CAV Team project manager. Managed backup, security, and user help systems. Help Desk Team Lead/System Administrator Nov ’02-Oct ‘03 501st Military Intelligence- US Army (E-5) Pyangtaek, Korea Provided system and network administration support in the Install and maintenance of network hardware and software. Analyzed problems, and monitored networks to ensure their availability to the users. Gathered data to evaluate the systems performance, identified user’s needs, and determined system and network requirements. Managed the units exchange server, user accounts, and workstations. Assisted and instructed users on system and application operations and security procedures. Information Technology Specialist Mar ’00- Oct ‘02 I Corps- US Army (E-4) Fort Lewis, WA Configured and managed Cisco routers, switches and firewalls. Installed, configured, and monitored local and wide area networks, hardware, and software. Designed, Installed, and maintained data communications between mainframe terminals, printers, LAN’s, and remote site hardware. Installed, terminated, and managed Fiber and CAT-5 for LAN’s. Installed and managed operating systems using Windows 2000, XP, NT, Server 2000/2003, and Microsoft Office. Provided customer and network administration services such as passwords, e-mail accounts, security, and troubleshooting. Constructed, edited, and tested computer system programs.
  • 6. EDUCATION/CERTIFICATIONS  Bachelors of Science Computer Science Computer Security Capella University Expected Graduation Date: March 2016  Security + CE Certified -COMP001020306548  Certified Information Systems Security Professional (CISSP) Training Information System Security Officer (ISSO) Certification  CISCO CCNA Certification Training  Information Assurance Security Officer (IASO) Certification  GCCS UNIX & GCCS Basic Administrator Training  Information System Operator Analyst Certification