Security Management

Richard Doty

Email: abqgri@r.postjobfree.com

Address: ** ********* ****

City: Shenandoah Junction

State: WV

Zip: 25442

Country: USA

Phone: 703-***-****

Skill Level: Director

Salary Range: $160,000

Willing to Relocate

Primary Skills/Experience:

See Resume

Educational Background:

See Resume

Job History / Details:

RICHARD LEE DOTY

16 Horseshoe Lane, Shenandoah Junction, West Virginia 25442

Phone: 703-***-**** E-Mail: abqgri@r.postjobfree.com

HIGHLIGHTS OF QUALIFICATIONS:

* Effective manager, leader, and mentor.

* Documented experience in establishing or rebuilding technical support organizations in complex and politically sensitive environments, domestically and abroad.

* Significant experience in managerial and hands-on technical positions encompassing a wide range of responsibility. Solid background in physical, technical, personnel, computer, and operations security. Highly effective integrating these disparate disciplines into a cohesive security program.

* Strong speaking, writing, and presentation skills. Knowledgeable and effective trainer/teacher.

PROFESSIONAL EXPERIENCE:

April 2012 to December 2012, Project Performance Corporation, Part of the AEA Group - Global Chief Information Security Officer (CISO) (Position eliminated due to sale of company)

* Restructured the role of the AEA Group Global CISO, integrating security activity and processes into the fabric of the organizations under the Group.

* Implemented durable and coherent policies and procedures within the AEA Group. Implemented and managed an Information Security Training Program. Provided baseline assessment performance measures to evaluate the security of delivered IT initiatives. Provided internal consulting services for information security throughout the enterprise; works with practice leads to validate security requirements for proposed efforts.

* Chaired the Change Management Group within AEA. Updated and restructured the CM process within AEA, to include the patch management process.

* Led security incident investigations and manages resolution in accordance with policy and procedure.

* Continuous monitoring activities included the following:

Conducted annual security control assessments; works with operational units to close outstanding findings

Supported operational units in the analysis and remediation of automated and manual system assessment results

In collaboration with operational Directors, prepared for annual Incident Response and Contingency Plan/Continuity of Operations testing

Facilitated the identification and distribution of security alerts, advisories, updates, and patches within the organization

December 2000 to April 2012, Vertex Technology Management - President and Principal Consultant

* Founded Vertex Technology Management. Provided consulting services in the Information Security and Management arena. Responsible for all facets of a small company, with a focus on performance for clients.

* In an Information Security Officer role for this client, provided ongoing, dedicated consulting support to the PKI and Biometric Program Offices in multiple information management and security arenas at the Department of State, including:

Lead for the information assurance effort for this program, with a focus on Certification and Accreditation (C&A) processes for multiple, major applications, developing application System Security Plans (SSP) and Contingency Plans. Coordinates certifications with the responsible agency, and ultimately coordinates and validates remediation of any identified system weaknesses.

Developed and implemented operational polices for the implementation and use of PKI and biometric technologies within the Department of State.

Developed and implemented the auditing processes for multiple systems; serves as lead for the auditing effort for multiple systems.

Developed and implemented the Configuration Management Plan for multiple applications operating under the PKI Program, providing a process which is tightly integrated with the Department`s Office of Information Assurance. This process both reduces the overhead requirements, and provides more accurate tracking of change.

Contingency Planning Coordinator for the Department`s multiple PKI systems, ensuring the contingency actions are managed effectively. Currently developing a Continuity of Operations Plan (COOP) for the Division.

Identified a gap in knowledge for Special Agents concerning encrypted systems on the Department`s networks. Subsequently developed and continues to present an ongoing training program for Special Agents in the Department`s Bureau of Diplomatic Security.

* Researcher for the Bureau of Diplomatic Security, Department of State, on a classified program. Researched and finalized an in-depth report highlighting a known weakness, resulting in a change of department-wide policy.

* Provided dedicated program and consulting support to the Mine Safety and Health Administration (MSHA), U.S. Department of Labor, in the information security arena. Participated in the growth and management of an IT security program for MSHA. Provided support to MSHA on a range of issues including network security; configuration and password management; and secure communications.

1998 to December 2000, ManTech Systems Assurance Corporation, ManTech International - Assistant Executive Director

* Managed three contracts providing support to the Information Resources Management Bureau of the Department of State, to include managing personnel assigned overseas. Met client standards for performance, while responsible for corporate requirements. Participated in proposal and business development with existing clients.

* Provided support to the Department of State as a senior staff member to the Systems Integrity Division. Included consulting on Information Technology and related issues. Played a key role in the formation of the Department of State`s Public Key Infrastructure (PKI) Program Office. Established the first PKI technical working groups within the Department, catalyzing the implementation of PKI policy. Subsequently assigned on a full-time basis to the Department`s PKI Program Office. Served as the senior ManTech representative within the Systems Integrity Division, providing overall management of ManTech`s three contracts within this organization.

* Developer of the Information Technology (IT) Security Architecture for the Department of State. Participated in the development of a Security Architecture for the Department`s worldwide critical cyber infrastructure. Worked extensively with other Bureaus within the Department to assist in molding their components of the Architecture.

1996 to 1998, TRW, Incorporated - Program Manager and Senior Consultant

* Lead for the Sub-task in direct support to Department of Defense`s (DoD) Technical Infrastructure and Support staff, Defense Medical Information Management. Developed information security plans, policies, and procedures for communications infrastructure and data standardization for the Military Health Services System.

* Certification of the Naval Medical Information Management Center and the Navy`s Bureau of Medicine and Surgery. Participated in the evaluation and upgrade of security for both agencies` critical networks. Participated in the design and conduct of a risk assessment of the command`s global network. Developed policy and procedures to protect sensitive and classified systems. Developed detailed guidance for Local Area Networks and for computers connected to the Internet, and developed procedures and policies for the accreditation of classified and unclassified systems.

1993 to 1996, ManTech Strategic Associates, ManTech International - Staff Engineer

* Provided full-time support to the Department of State`s Bureau of Diplomatic Security on computer security issues. Researched and developed policy for embassies and bureaus on classified and unclassified computer security issues. Proposed and developed security policies for the Department of State for the transport and use of portable computers (i.e. laptops) abroad. Developed the Department`s technical policy on telecommuting.

1991 to 1993, Science Applications International Corporation - Security Analyst

* Participated in Department of Energy (DOE) Inspections and Evaluations and Operational Readiness Reviews at various Field and Area Offices of the Department`s weapons complex. Subject inspection areas included computer security, TEMPEST, red/black installation criteria, and physical security systems.

* Provided full-time support to the DOE`s Defense Programs` Headquarters Security Officer on computer security issues. Conducted security-software evaluation. Provided on-going training to Defense Programs` federal and contractor staff in various personal computer applications.

1976 to 1991, United States Army - Counterintelligence Special Agent

* A series of positions include Senior Special Agent, Team Chief, Operations Officer, and Commander, with assignments in Europe, the United States, and the Kingdom of Saudi Arabia. Operated in purely Human Intelligence (HUMINT) positions, and in Technical Surveillance Countermeasures (TSCM) organizations. Led the Army's TSCM effort in the Persian Gulf during Operation Desert Shield and Desert Storm. Designated as a Master TSCM Special Agent. Awarded the Legion of Merit for superior performance.

EDUCATION:

Nova Southeastern University - Ph.D. in Information Systems Anticipated 2014

University of Phoenix - MBA with a Concentration in Technology Management (GPA of 4.0) 2005

Excelsior College - Bachelor of Science, Sociology 1982

ADDITIONAL INFORMATION AND CREDENTIALS:

* Top Secret Clearance (Previously indoctrinated for SCI and held DOE Q)

* Certified Information Systems Security Professional (CISSP)(ISC2)

* Information Systems Security Management Professional (ISSMP)(ISC2)

* Certified Information Security Manager (CISM)(ISACA)

* Inducted into Upsilon Pi Epsilon, the Honor Society for Computing and Information Disciplines

* Information Technology Infrastructure Library v3 Foundation (ITIL v3)(OGC)

Contact this candidate