Creating user page for new user.
New page
MOSES REYNOLDS, CISSP gyrene@me.com
moses.s.reynolds@gmail.com
Active US Top Secret/SCI Clearance
CISSP (verification#50790) DOD 8570.1M Level III IAM
SUMMARY:
27 years General IT
24 yrs Intelligence OPS Analyst
20 yrs cyber security vendor management
13 years Cyber-Network Security Engineering
11 years Ethical Hacking
10 years Cyber-Security Architecture
9 years Information Assurance & Forensics
8 yrs Technical Project Management
7 yrs of Certification & Accreditation (DITSCAP/DIACAP/NIACAP)
5 yrs Ethical Hacking/Penetration Tester
QUALIFICATIONS:
Expertise in a wide variety of cyber security frameworks, including:
Department of Defense Risk Management Framework
DITSCAP, DIACAP, NIACAP, NIST SP 800, ISO17799
DOD 8570 IAT/IAM Level III Certified (CISSP)
SME on governmental security requirements, including:
FISMA, DCID 6/3, DCID 6/9 and FBI CJIS CAPP
Experience developing and supporting IA artifacts, including:
SSAAs, SSPs, STIGs, RTMs, CTPROCs and other IA/POA&M
Knowledge of a myriad of cyber security managements tools such as:
Altiris TMS, Host Base Security Systems (HBSS), VMWare VSphere,eMASS,
Developed and maintain test plans for Secured Compartmented Information Facility test environments in stand alone, enterprise, and joint architectures.
Provided test setup, monitoring, data analysis, troubleshooting, and equipment tear down and after action reports. Coordinate with interfacing organizations.
Work within existing processes to bring events to successful completion or propose new processes.
Responsible for test platform equipment configuration within an integrated joint environment.
Support writing Software Test Plans, Test Plan implementations.
Investigate deep dive analysis, and provide resolutions for software integration issues.
Performed integration of existing and new software in the Distributed Common Ground Systems(DCGS) baselines.
Performed design and/or unit test as needed. Provided integration build procedure documentation.
Successfully performed authorized penetration test of internal infrastructure in order to enhance security posture of the organization
PROFESSIONAL EXPERIENCE
June 2013-Present
Principal Cyber-Security Intel Analyst
Senior Cyber security subject matter expert at Comanche Peak Nuclear Power Plant, Glen Rose, Tx
Primary duties and responsibilities will include:
- Perform cyber security assessments as pursuant to NEI/08-09
- Identify security requirements and drive Cyber Security Program implementation
- Provide cyber security mitigation and problem solving techniques
- Work closely with teams including plant operations, I&C, maintenance and engineering to assure compliance
- Provide leadership in managing cyber security tasks execution on time and on budget
- Track results and provide reporting to the team utilizing technical applications and tools
- Maintain awareness of trends and issues in areas of cyber security and compliance
-Expert software development and implementation of Cyber Wiz Pro
Successfully performed nuclear regulatory commission sanctioned cyber security pilot assessment against critical digital assets within the protected and vital areas of a nuclear power plant.
Mar 2012- May 2013:
Joint War Fighter Intelligence Community Systems (JWICS) Cyber Security Subject Matter Expert at Software Engineering Center, ISR, Aberdeen Proving Ground and Technical Task Order Lead JITC/DISA in support of US Combatant Commands:
IT Security Related Standard Operating Procedures (SOP’s)
System Security Plans (SSPs)
System Security Authorization Agreements (SSAAs)
Disaster Recovery (Contingency Plan)
security Requirements Traceability Matrix (SRTM/RTMs)
Security Test and Evaluation (ST&E)
Vulnerability Assessments
Risk Analysis
System Security Planning
Technical Consultant on VMware related Intelligence Analysis applications;
Provide IA Cyber Project Leadership and mitigation support for the DCGS-A JWICS Information Assurance/C&A baselines.
Support DCGS-A PM Software Engineering Center Lab Certification and Accreditation processes and procedural documentation.
Assumed technical lead for risk reduction program, network audit implementation plans, plans of action and milestones (POaM) for current and future DCGS-A baselines.
Insured that all applicable IA DA and DOD information assurance regulations are incorporated into current and future DCGS-A baselines.
Additionally, provide government guidance on the following C&A policies, policies, procedures, processes and requirements:
Director of Central Intelligence Directive 6/3 (ICD 503)
DIACAP and DITSCAP; DoD Information Technology Security C&A Process
DoD Intelligence Information Systems Security C&A Guide (DoDIIS)
NIST 800 Series; National Institute of Standards and Technology (SP 800-37, SP 800-18)
NISCAP; NSA/CSS Information Security C&A Process
CC; Common Criteria
NIACAP; National Information Assurance (IA) C&A Process
DoD Directive, 8500.1; IA; DoD Instruction, 8500.2; IA Implementation
AR 25-2; Army Regulation 25-2, IA
FISMA; Federal Information Security Management Act
FIPS PUBS; Federal Information Processing Standards Publications
DCID 6/3 Protecting Compartmented Information w/in Information Systems
DCID 6/9 Physical Security
NISPOM; National Industrial Security Program
Leonie Industries Aug 2010-Jan 2012
Global Multi-Disciplined Intelligence / All-Source Intelligence-Operations Integrator Analyst
•Provided actionable intelligence, research products, indications and warning quick looks, collection management, targeting, imagery, network analysis, counter-terrorism, counterintelligence, information operations, foreign disclosure, international engagements and threat analysis.
•Initiated and conducted deep dive terrorist research efforts; planned, coordinated and synthesized research to produce all source intelligence products/responses.
•Served in collateral duties including: Operations Research Analyst Subject Matter Expert as Primary advisor to the deployed Brigade Commander and staff on all intelligence activities with regards to planning, and synchronization of effort of JIEDDO and JIEDDO COIC support to deployed combat elements.
•Direct link between JIEDDO COIC and deployed combat units on all current and future initiatives.
•Ensured all requests for support from war fighters are fully coordinated with downrange JIEDDO COIC deployed assets and the JIEDDO COIC CLT in CONUS.
•Ensured combat assets are kept abreast of all current and emerging JIEDDO COIC processes, methodologies, and Tactics, Techniques & Procedures (TTP) for attacking threat networks that utilize IEDs/IRAMS.
•Provided advice to Combatant Commanders and their staff on how to best integrate JIEDDO COIC reach back capabilities into their ongoing operations and analytical efforts in support of actionable intelligence against hostile forces.
•Provided operations research and critical thinking analysis support products upon return from deployment.
System One Mar 2010-Aug 2010
Cyber Security Intelligence SME
•Leadership responsibilities include providing overall direction, statistical analysis, design, implementation and management of the global information technology cyber security implementation relevant to Federal cyber-security requirements.
•Advised Instrumentation and Controls Team research analysis of DOE, NRC, FERC, NERC critical information protection regulations, internal and external cyber security threats.
•Thorough familiarity with Smart Grid technologies as well as providing subject matter expertise on SCADA(Supervisory Control and Data Acquisition).
•Strategic role requiring critical cyber asset identification, troubleshooting, tools evaluation, intrusion prevention and cyber security training implementation for the AP1000 Project organization.
•Primary responsibilities to assess technical information security posture, analyze and recommend changes to mission critical networks, cluster servers and workstation environments.
•Design security-based solutions to address cyber security vulnerabilities. Implement approved changes that address the security posture. Manage security risks within acceptable limits while in compliance with established regulatory requirements.
Trace Systems Dec 2009-Mar 2010
All Source Cyber-Intel Analyst
•Prepped for Afghan deployment under Trace Systems Inc.
•Participated in DOD NIPRnet, SIPRnet, and JWICS online HBSS CBT.
•Honed critical thinking research skills utilizing Information Assurance (IA) monitoring tools (e.g., Gold, Sniffer, Ethereal, Wireshark Dameware, SolarWinds, Protector Series, ObjectFinder, etc.)
•Trained junior colleagues in the field of cyber security research, vulnerability assessments, scanning and penetration testing.
•Mentored junior colleagues on FISMA/Clinger Cohen Act compliance requirements.
DH Associates Aug 2009-Nov 2009
Criminal Justice Information Service, Federal Bureau of Investigation
Information Systems Security Officer / Task Order Leader
Integrated Automated Fingerprint Identification System
•Provided subject matter expertise in the secure design of enterprise network solutions and services including DMZ, firewall technology, encryption methodologies, secure networking, intrusion detection, virtual private networking, routing and switching, enterprise identity and access management solutions (to include federated identity), enterprise e-mail gateway implementations,
•Domain Naming Services (to include secure DNS), wide and local area networks, enterprise logging and auditing, Web & FTP proxy, SOA and storage solutions.
•As Project Management lead for the FBI task order, perform project planning, strategy services and execution, budget, scheduling and monthly status reports for multiple ISSO roles.
•Daily interaction with ISSM and ISSR for POA&M oversight using NIST C&A processes.
•FBI CJIS CAPP Cyber-Security SME experience. Provided training in automated VA, scanning, and penetration tools such as, but not limited to: Nmap, Nessus, Qualys, AppDetective, Webinspect, AppScan, Nikto, nCircle, BackTrack, Social Engineering Toolkit, Burp, Metasploit Framework, Core Impact Pro, Wireshark, Retina.
Jorge Scientific Corporation Dec 2008 - Jul 2009
Department of Defense
Information Assurance Officer / Information Systems Security Officer
•Responsibilities include: OPS research, development, writing and maintaining formal Information Systems Security Program including all applicable security documentation in addition to system security plans (SSPs), System Security Authorization Agreements (SSAAs), network and system diagrams, Security Requirement Traceability Matrices (SRTMs), and other applicable Information System (IS) documentation.
•Assigned to Task Force ODIN / Constant Hawk / C-IED
•Provided critical reviews of System Security Packages and Accreditation Status
•Provided critical reviews on approve or deny entry / exit of AIS equipment.
•Responsible for the certification and accreditation (CA) of medium to highly complex DOD systems.
•Participated in managing portfolios of DOD systems both CONUS and OCONUS. Leadership initiatives include working with system program managers, systems administrators, and information systems security representatives to facilitate the production of C&A packages in a cooperative manner.
•Packages consisted of systems certification and accreditation artifacts due to expire in a combat zone.
•Participated in acquiring ATO while providing IATO POAMs for new systems being deployed pursuant to DIACAP/FISMA requirements.
Recalled to Active Duty Military Mar 2008 - Dec 2008
All Source Intelligence Analyst
•Planned, organized, managed, and performed intelligence operations research and technical information assurance functions for 106th Rescue Wing, Air National Guard Unit daily operations, training and readiness missions.
•Provided knowledge transfer of the operational procedures of the USAF Air and Space Operations Center (AOC) Intelligence, Surveillance, and Reconnaissance (ISR) Division.
•Prepared detailed training requirements of the ISR duty positions in Analysis-Correlation-and-Fusion, ISR-Operations-Processing-Exploitation-Dissemination; and Targeting functions at the operational level of war within an AOC
•Working knowledge of Distributed Common Ground Station (DCGS) operations.
Altria Group / Electronic Data Service Dec 2003 - Mar 2008
Senior Cyber Security Compliance Architect
•Provided effective Information Security, Cyber-defense and Enterprise Risk Reduction Programs for all of Altria family of companies across multiple data centers and geographic regions.
•Supported Security System Engineering: Phillip Morris USA, Phillip Morris International & Kraft Global
•Provided consistent interpretation of Enterprise Information Security Policy, Standards and Governance.
•Promoted security awareness and understanding of Information Security Compliance & Privacy to all levels of the business (executive management, directors, technical, support staff, consultants and vendors, etc.)
•Managed Information Security Risks through coordinating internal Security Risk Assessments and the creation of the Corporate Information Security risk acceptance process.
•Ensured appropriate Information Assurance Compliance requirements are addressed in all application development initiatives.
Semper Fi Global Communications, Inc. Jun 2001 - Dec 2003
Information Security Architect
•Spearheaded and conducted confidential forensic analysis of more than 300 seized computer systems for organizations in military, law enforcement, healthcare, retail & financial industry.
•Implemented disaster recovery planning, pen-testing, auditing, risk analysis, business resumption planning, contingency planning, as well as contract and vendor negotiations of third party security firms.
•Provided technical application security lead for engineering and business units in development of wired and wireless (802.11x) solutions in line with enterprise business enabling goals.
•Designed Windows XP enterprise hands-on cyber-security architecture, concepts, and infrastructure for managed desktop support to enhance client's security posture.
•Technical Advisory Board member, Alliance America, Inc. (Homeland Security Initiative).
•Developed host based defense methodologies while conducting research and analysis for next generation web based attacks against critical infrastructures.
•Performed IS audits for a myriad of large Fortune companies in accordance with COBIT standards.
•Established Security compliance analysis, audit and remediation for Fortune 11 firms towards achievement of industry recognized enterprise-wide security certification from TruSecure ICSA labs.
Merrill Lynch & Co., New York, NY Mar 1999 - Jun 2001
Senior Enterprise Network Security Project Manager
•Project lead of Merrill Lynch Corporate and Institutional Client Group's enterprise network security team.
•Gathered business requirements from international and domestic business groups.
•Oversaw new client requests, maintained firewall rule base design and architecture for all business units within ML's Corporate and Institutional Client Group.
•Investigated and identified security issues, mitigate potential risks and implement controls in accordance with corporate security policy, standards and governance.
•Evaluated and selected enterprise tools for implementation of electronic evidence gathering at targeted infrastructures.
•Prepared detailed specifications for encryption technology, digital signing, PKI, VPN, IPSec, SSL, and Kerberos technology and Limited Sign-On approaches.
•Senior E-commerce Service Delivery Manager, Merrill Lynch Direct Market Group Planned and executed E-commerce business unit expansion proposal and initiative for presentation to CFO and executive management of the firm.
•Participated in vendor selection process for Gig-E connectivity.
•Participated in selection of onsite technical candidates for project lead, engineering and administration.
•Reviewed architectural designs with Cisco technical engineers.
•Designed strategy for connectivity while mitigating security risks of the firm's portal
•Wrote technical requirements and specs for co-location of web hosting environment.
•Lead teams of highly skilled technical engineers to deploy the network infrastructure at the Merrill Lynch London location.
•Resolved infrastructure and networking security issues.
•Performed architecture, design/application reviews.
•Conducted intrusion tests, fail-over/high availability tests.
•Produced technical/process recommendations.
•Analyzed industry available tools with respect to multiple business client requirements
•Participated in change management and design review boards.
Semper Fi Global Comm. Inc., New York, NY Dec 1997 - Mar 1999
Chief Technology Officer (Outsourced Consultant)
•Security Intelligence services consulting for Fortune 100 including Dept. of Defense; Department of Justice, Morgan Stanley, Dean Witter & Co., Merrill Lynch & Co, Johnson & Johnson, SOCGEN (French Bank), Columbia Artists Management, CompUSA, AT&T Solutions.
•Responsibilities included leadership advisement for more than 650 LAN/WAN engineers, vendors, programmers and IT trainers, with additional oversight for the daily and continued operations of multiple clients' global networking environment, WAN infrastructure (Servers, hubs, switches, cabling, connectivity hardware), desktop PCs/peripherals.
Recalled to Active Military Duty Apr 1996 - Dec 1997
U.S. Justice Department, El Centro, CA & Puerto Rico
Sr. Intelligence Analyst/Sr. Project Leader
•Project Lead for upgrade of systems hardware and intelligence software providing IT vendor management leadership for integration and implementation of various dissimilar US Gov't networks, proprietary applications and hardware; Network; Migration included Novell 3.x to Windows NT 4.0; Provided leadership training and field support of multiple projects on; Remote communications and Internet open source enterprise solutions utilizing MS Project; Provided timely automated intelligence reports through the use of multi-platform Internet open sources. Provided DITSCAP Standards while performing Systems Integration.
•Lead Tiger Team member for Joint Task Forces Counter-Drug initiatives.
•Member of U. S. Narcotics and International Drug Interdiction effort code-named Valley Project in the U. S. Southwest Border. Supported more than 25,000 nodes. Combined $140 million dollar budget. Provided executive summaries & briefs for high-level prosecution.
United States Marine Corps 1975 -1998
Gunnery Sergeant of Marines
United States Marine Corps Active Reserves 1986 -1998
Active Duty Service 1975 -1986
•Progressively rose to the ranks from Private to Gunnery Sergeant
•Global peace-keeping assignments include Asia-Pacific, Middle East, Europe, South and Central Americas
•Duties include:
•small unit combat infantry leader
•photojournalist
•counter-intelligence specialist / analyst
•intelligence specialist / analyst.
•Trained in counter-terrorism and advanced counter-intelligence/counter-insurgency operations. Advanced special operations, low intensity conflict, asymmetric warfare, nuclear, biological and chemical warfare.
•Assigned to lead a myriad of international joint task forces including counter-drug missions with the US Justice Dept. under the auspices of DoD and the White House Drug Control initiatives.
EDUCATION
Fairfax University, Distance Learning
MBA Executive Program, Global Technology Management
Degree Expected Dec 2014
S.U.N.Y, Empire State College, Saratoga Springs, NY 1988
Bachelor of Science, Interdisciplinary Studies & Communications
REFERENCES
Available upon request and mutual interest
Mailing Address:
9509 Potomac Dr
Ft. Washington, MD 20744
email: gyrene@me.com , Mobile: 304-641-6545, Office: 202-241-2613