Decisive Analytics CorporationDirector of IT
Feb. 2007 - Aug. 2020Arlington, VA• Lead effort to establish compliance with NIST 800-171 including implementation and documentation of all controls, including MFA, MDM, encryption, configuration management, application control
• Implemented SIEM/unified threat management solution to aggregate, centralize, and correlate events, more quickly identify risks and threat response. Used tools to monitor events, develop incident response plan, and remediate threats and vulnerabilities. • Utilized Nessus, Ivanti, and OpenVas vulnerability scanners to scan corporate network for vulnerabilities, produced reports via Vulnerator for executive review and assisted in remediation of operating system, hardware, and application vulnerabilities.
• ISSM for 4 classified processing systems, accredited via RMF/NIST 800-53. Installed, configured, and documented systems (Windows 10, 2016, and Redhat Enterprise), scanned and remediated systems with SCAP tools (SCAP-workbench/SCC), produced supporting artifacts, submitted and received accreditation for systems under RMF. Previously managed classified systems under C&A. • Rolled out enterprise wife multifactor authentication solutions including smart card logon and RSA hybrid cloud/premise authentication identity router. Provided VPN and remote application support through MFA and reverse proxy.
• Redesigned and architected physical and logical network (multi-site Active Directory) from poorly functioning to 99.97% uptime