Sample Template Example of Beautiful Excellent Professional Curriculum Vitae / Resume / CV Format with Career Objective, Job Description, Skills & Work Experience for Freshers & Experienced in Word / Doc / Pdf Free Download
Download Resume Format
Miston Hicks
CISSP-ISSMP, PMP
4021
Downing Street, Washigton, MN 30214
(520)
325-3051, miston.hicks44@gmail.com
_________________________________________________________________________________
EDUCATION MA, Information Resources Management, Webster University
Graduate, Naval Staff and Command
College , U.S.
Naval War College
BA, Political Science & History, Marquette University
Congressional Internship, Staff of U.S.
Senator Robert Kasten, 1987
CURRENT CISSP since October 2005, ISSMP since April 2007
CERTIFICATIONS PMP since September 2008
SECURITY Active TOP SECRET/SCI (Based on a SSBI
completed in July 2007)
CLEARANCE
_________________________________________________________________________________________________
Experienced Professional in the
Information Assurance, Information Security and Risk Management fields.
High-caliber,
senior information security professional with a strong background developing
enterprise strategies, policies and practices for information security and risk
management. Demonstrated ability to manage multiple projects and geographically
dispersed teams. Exceptional experience implementing controls and assessing
information security risk in businesses. Extremely talented communicator,
skilled at motivating employees and establishing strong relationships with
customers, partners and executives. Highly adept at setting the information
security strategic vision to satisfy business objectives.
·
Policy/Program
Development
·
Compliance and
Oversight
·
Network Operations
(NetOps)
·
Computer Network
Defense (CND)
·
Business Continuity
Planning (BCP)
·
COMSEC/PKI
·
Certification &
Accreditation (C&A)
·
Wireless Security
·
Physical Security
·
Regulatory Commitments
___________________________________________________________________________________
PROFESSIONAL EXPERIENCE
April 2009 – Present: ASSOCIATE/Job Manager (Booz Allen Hamilton, McLean, VA)
- Serving
as the DISA Command Center (DCC) Commander’s representative in maintaining,
coordinating, and sustaining Mission Assurance capabilities in day-to-day
operations of the DCC. He will provides
top management continuity to the long-range operations, plans and policies for
DCC Mission Assurance mission; provide conceptual and technical guidance and
leadership to the command center staff of unusually complex Mission Assurance
matters; and advise the DCC Commander and represent the DCC in high-level
meetings, briefings, conferences and working groups with senior representatives
of DISA and other DOD Agencies, as well as other Government agencies and
industry.
- Supported
the DEP DoD CIO in developing a series of information papers and other
documents which will advance the working relationship between the DoD CIO and USCYBERCOM
in the course of cyberspace operations.
In the process, reviewed and provided feedback to the DEP DoD CIO on the
draft USCYBERCOM C2 CONOPS.
- Provided
program management support for the Department of Defense (DoD) CND Architect on
developments regarding technical developments for Computer Network Defense and
NetOps. Manage the administration,
logistics and facilitation of the DoD CND Architecture Working Group.
- Lead a
project team as Asst Project Manager supporting USCYBERCOM and DISA in
developing the IAVM System in developing the Information Assurance
Vulnerability Management (IAVM) System which automated the IAVM process and
reduced the time to issue an IAVM from two weeks to four hours. This enabled DoD IA personnel to respond to
zero-day threats.
- Drafted
the DoD SHA-256 Migration Roadmap for the DoD CIO. The SHA-256 Migration Roadmap provides
guidance on the transition of all of DoD IT infrastructure from using the SHA-1
to the SHA-256 hash algorithm for digital signatures and PKI-based
authentication to networks, applications and systems.
- Assisted
in the development and maintenance of the DoD IA Policy Chart for the
DIAP. Used social media and wrote
articles in professional publications for public outreach to make the IA Policy
Chart a commonly used reference in the IA field.
- Assisted
in the drafting of the 2009 CND Assessment Report from the Defense-wide
Information Assurance Program (DIAP) which reported on the performance and
capabilities of the CND Service Providers throughout DoD.
- Assisted
in the drafting of the Concept of Operations (CONOPS) for the DoD Compliance
and Verification Program. The CONOPS provides
the DoD community with a CVP framework and raise awareness of IA and Computer
Network Defense (CND) laws, policies and regulations to enable improved
conformity with the same, and provide for accountability for nonconformance.
___________________________________________________________________________________________________
October 2007 – April 2009: MANAGER (BearingPoint, Inc, McLean , VA
- From
February 2009 until April 2009, served as an Information Assurance Officer
(IAO) at the Tricare Management Activity, helping to incorporate Information
Assurance in the development of the Armed Forces Health Longitudinal Technology
Application SIGMA (AHLTA SIGMA), an electronic medical records system for all
active duty military personnel, dependents, reservists, and retirees. AHLTA SIGMA will be the convergence of the
Garrison and Theater Versions of AHLTA.
Also served as the IAO for the
new Traumatic Brain Injury/Behavioral
Health (TBI/BH) system. In addition, I am still assisting the annual
review of security controls for AHLTA Garrison, as required by DIACAP.
- From
July 2008 until February 2009, served as an Information Assurance Officer (IAO)
at the Tricare Management Activity, helping to incorporate Information
Assurance in the development of the Garrison Version of the Armed Forces Health
Longitudinal Technology Application (AHLTA), an electronic medical records system
for all active duty military personnel, dependents, reservists, and retirees. Oversaw
the annual review of security controls as required by DIACAP.
- From
October 2007 until July 2008, served as a DHS Information Systems Security
Officer (ISSO) at the Office of Security.
Revised and updated two Certification & Accreditation (C & A)
packages for DHS personnel security applications in support of their mitigation
to a new data center. The accreditations
are based on standards set in NIST SP 800-53A while using the Trusted Agent
FISMA (TAF) tool to monitor status and report deficiencies in required
Certification and Accreditation artifacts while maintaining consistency across
systems. Developed C & A
documentation for a new physical access control system at DHS Headquarters at
the Nebraska Avenue
- Serves
as a Performance Manager for four IT Security Consultants.
-
Became Certified as a Project Management Professional (PMP).
___________________________________________________________________________________________________
June 2005 – October 2007: TASK LEAD/INFORMATION SECURITY ANALYST (Superlative
Technologies, Inc., Ashburn , VA ,
working as a sub-contractor to SAIC office in McLean , VA.
-
Won the 2006 Superlative Technologies Team of the Year as Task Lead.
-
Conducted evaluations of six DoD Computer Network Defense Service Providers
(CNDSPs) in support of the CNDSP Certification & Accreditation process
sponsored by DISA. Reported findings via
the Vulnerability Management System (VMS).
-
Assisted the Defense Information Systems Agency (DISA) develop the Computer
Network Defense Service (CNDS) program verification process which will ensure
that all DoD Components will have valid CNDS management programs. Conducted CND Service Designation Visits for
the National Defense
University , Defense Technical
Information Center
-
Participated in a working group which provided inputs for revising the DISA
Evaluators Scoring Matrix which is used to evaluate DoD Computer Network
Defense Service Providers
-
Performed wireless discovery scans at over 100 DoD commands in order to find
rogue wireless access points connected to DoD Networks as part of SIPRNET
Compliance Visits. Agencies included US
Forces Korea, Air Mobility Command and the National Capital Region – Director
of Information Management (NCR – DOIM, a US Army command supporting tenants at
Forts Belvoir, McNair, Myer, and A.P.
Hill)
-
Assisted in the Certification & Accreditation of five agencies during the
validation phase of the DoD Information Technology Security Certification and
Accreditation Process (DITSCAP). Also,
provided advice and assistance to the DISA Field Security Office (FSO) during
the implementation of new
-
Became certified as a Certified Information Systems Security Professional -
Information Systems Security Management Professional (CISSP-ISSMP) and
completed the DISA Wireless Discovery Course.
In addition, I completed the following courses from the Defense Security
Service: Basic Information Security Independent Study,
Personnel Security Management, and Marking Classified Information.
___________________________________________________________________________________________________
January 2005 – May 2005: SECURITY ANALYST (GTSI, Chantilly , VA
- Drafted enterprise-wide
Information Security policies covering the areas of password protection,
acceptable use, wireless & laptop security, data classification, incident
response for GTSI in preparation for an incoming Sarbanes-Oxley (SOX) audit. Developed information security program plans
for a network supporting 900 users.
Advised the Chief Information Officer on planning to prepare for the
upcoming SOX-based audit.
- Performed
preparations for network security scans and an internal security assessment to
meet the requirements of the Payment Card Industry’s (PCI) Certification
Program. This is a new set of
requirements the major credit card companies have mandated for businesses which
receive credit cards in order to protect their customers’ privacy and
identity.
- Created an
Information Security Awareness program which included new teaching employee
training sessions, developing web-based training for all employees, intranet
postings, and security awareness posters.
___________________________________________________________________________________________________
October 1998 – January 2005: INFORMATION SECURITY SPECIALIST III (CACI, Arlington , VA
- Developed the initial security performance metrics
for the Customs and Border Protection IT Modernization Project.
Performed eight Risk
Assessments, including network scans using Internet Security Scanner (ISS) at
Customs and Border
Protection government
and contractor sites using the checklists and guidelines of the National
Institute of Standards and
Technology’s Special
Publication 800-26 (NIST SP 800-26) to ensure they are in compliance with the
Federal Information
Security Management
Act (FISMA).
- Served as a COMSEC Auditor for the Department of Homeland
Security, Directorate of Border & Transportation Security
(BTSD). Conducted COMSEC
Audits and Assist Visits for about 20 accounts on an annual basis. Edited the BTSD
COMSEC Newsletter that is published quarterly and posted on the
Customs and Border Protection Intranet.
Provided
technical assistance to ten Department of Homeland Security sites
regarding the installation of Secure Telephone
Equipment (STE) and secure fax units. Completed NSA COMSEC Managers Course and STE
Training.
-
Served as Information Assurance Functional Analyst at the DoD Information
Assurance Support Environment (IASE) at
DISA. Provided
technical advice and assistance to hundreds of users on diverse issues such as
DITSCAP, PKI, Certification & Accreditation of information systems, Common
Criteria, trusted products, Secret and Below Interoperatibility. Interacted with all the services’ and the DOD
CIRTs to provide solutions for field users.
Kept track of hundreds of information/trouble tickets via Remedy and the
Action Request System. This assistance
provided answers that enabled IA personnel to get their systems accredited or
improved their security posture.
-
Performed technical research in support of
the development of CACI’s Computer Incident Response Team (CIRT) by gathering
data through interviews, cost-benefit analysis and technical and security
requirements to establish a Security Operations Center (SOC).
- Drafted the initial
System Security Plans for the FBINET WAN/LAN and several FBI application
software programs as
part the FBI's effort
to get their systems accredited by the Department of Justice. Assisted co-workers in performing Risk
Analyses of the FBINET
WAN/LAN and several FBI application software programs.
-
Drafted network security policies for the Naval
Surface Warfare
Center at Dahlgren , VA
-
Researched and wrote a technical white paper on the behalf of the Department of
the Navy Chief Information Officer on the trends and options affecting the
future of infrastructure assurance of the Navy as a whole. Gathered information and inputs from all the
services' Computer Incident Reaction Teams, the Chief of Naval Operation
Advisory Panel, the Naval Criminal Investigative Service, plus many
others. Observed and researched how the
CIRTs respond to incidents and technical problems.
___________________________________________________________________________________________________
August
1999 – December 1999: SPECIAL PROJECTS
OFFICER (On Navy Reserve Recall - Stabilization Force,
Allied Military Intelligence Battalion, Sarajevo , Bosnia
-
Prepared the Allied Military Intelligence Battalion (part of the Stabilization
Force in Bosnia) for its first ever NATO security inspection including ensuring
that all CRONOS and other system workstations and terminal areas met NATO
security requirements for working with classified information. Taught Computer Science for the University of
Maryland part time.
___________________________________________________________________________________________________
May
1999 – August 1999: HEAD, HEADQUARTERS
SUPPORT DIVISION (On Navy Reserve Recall - Joint Task
Force – Noble Anvil, Naples ,
Italy
-
During Operation Allied Force, managed the operations and support of the secure
Local Area Network and workstations for the Joint Task Force Noble Anvil, which
became the de facto command and control system.
These systems provided C4I support to over 330 users at four separate
sites. Oversaw the move and
installation of the JTF LAN and support equipment to a new headquarters site
while maintaining operational capability and security under wartime conditions
without any unscheduled downtime.
-
Developed security policies on the use of the JTF Noble Anvil's Local Area
Networks (both secure and unsecured) during Operation Allied Force
(Kosovo). Ensured the reliability of LAN
operations and the confidentiality of the classified information on a network
linked to the SIPRNET. Resolved many
technical obstacles such as connectivity and the amount of bandwidth between
the JTF Noble Anvil and other military commands such as the US European
Command, the US Sixth Fleet, and various Task Forces, supporting bases and
commands to ensure reliability of service.
-
Assisted in the development of the classified web site that contains the
archives of the Joint Task Force - Noble Anvil that was eventually delivered to
the Joint Staff so military planners could obtain lessons from the Kosovo
Campaign.
___________________________________________________________________________________________________
October
1996 – October 1998: PUBLICATIONS
MANAGEMENT OFFICER/SECURITY MANAGER (Director,
Communications
Security Material System, Washington ,
DC
- Performed duties as
Security Manager at the office of the Director of the Navy's Communication
Security Material
System (DCMS). Ensured no classified information or material
was lost or compromised. Completed U.S.
Manager’s Course.
-
Drafted the initial inspection manual and lesson training guides for the
Electronic Key Management System (EKMS 3) within the Department of Navy. This ensured the proper handling of
Communications Security Material throughout the Navy, Marine Corps, and Coast
Guard which ensured proper handling, storage, and accounting of encryption
hardware and software.
-
Graduated from the U.S. Navy’s first EKMS course.
-
Assisted in the preparation of a System Security Authorization Agreement (SSAA)
as part of the definition phase of the command’s network’s DITSCAP-based
accreditation.
-
Performed functional testing of 3 CD-ROMs that contained Navy instructions and
manuals on handling encryption hardware and software. Ensured the software’s ease of use by field
operators.
___________________________________________________________________________________________________
July 1995 – September 1996: BASE PHYSICAL SECURITY OFFICER (US Naval Base, Guantanamo Bay , Cuba
- Maintained Physical Security and
Law & Order for the U.S.
Naval Base, Guantanamo Bay ,
Cuba U.S.
___________________________________________________________________________________________________
October
1992 – July 1995: CORPORATE SYSTEM DIVISION OFFICER/DIRECTORATE
ADMINISTRATIVE
OFFICER/INFORMATION SECURITY OFFICER (Bureau of Naval Personnel, Arlington , VA
-
Developed information security policies and a Continuity of Operations Plan
(COOP) for the Information Management Directorate of the Bureau of Naval
Personnel.
-
Participated in a working group for the system/requirements analysis of the
Navy’s portion of the Defense Joint Military Pay System (DJMS), the Defense
Finance and Accounting Service’s automated/ pay system during the system
analysis phase. Identified over 100
problems in the original software plans and formulated solutions to resolve
these problems. As a result, the
personnel information of service members was protected when the system became
operational.
- Led the Corporate Data
Management Branch in reducing major backlogs in updating the Officer and
Enlisted Master Files (personnel information databases.)
- Temporarily served as
the Pers-12 Administrative Officer. Helped
to implement several Directorate-level policies.
___________________________________________________________________________________________________
November
1989 – September 1992: PROGRAMMER/ANALYST/INFORMATION SECURITY
OFFICER
(NATO- Headquarters,
Allied Forces Baltic Approaches, Karup ,
Denmark
-
Served as Information Security Officer at a NATO command and three Navy
commands. Served as a Network Security Officer for a NATO command and control
system. Ensured that computer operations
continued without loss of data or capability and composed several Information
Security instructions.
-
Assisted in the drafting of several command-level information security
policies.
-
Completed the Allied Command Europe’s Automated Data Processing (ADP) Security
Officer Course.
___________________________________________________________________________________________________
SEPTEMBER
1988 – November 1989: ASST DEPARTMENT
HEAD/INFORMATION SYSTEMS SECURITY OFFICER/TELECOMMUNICATIONS OFFICER (Naval Station, San Diego ,
CA
- Served as Departmental Information Systems
Security Officer and Command STU-III Key Account Custodian. Ensured proper implementation of command
information security policies and the handling of STU-III secure telephone
keys.
-
Coordinated the installation of the Consolidated Area Telephone System (CATS)
at Naval Station San Diego, which enhanced telephone, services for the base.
Also, coordinated the installation of secure telephone systems and cable
television services when 12 commands relocated around the base with the Public
Works Center.
Download Resume Format
.JPG)
0 comments:
Post a Comment