Profiles search

Andre' Nelson - CISSP

Chief Information Security Officer (CISO) at Communications Resource Inc. (CRI)
Alexandria, VA, United States

Details

Education: MS

Information and Telecommunication Systems

The Johns Hopkins University - Carey Business School

2005 : 2010

BS

Information Science and Systems

Morgan State University

2000 : 2003

Washington Math Science and Technology Public Charter H.S.

1996 : 1999
Experience: Senior Information Security consultant functioning as a subject matter expert (SME) in information assurance and cyber security related subject matters. Primarily applied knowledge of Federal information security requirements (FISMA, NIST, DoD) to support the system development life cycle of programs operated by clients associated with The Department of Health and Human Services (HHS) and The United States Department of Agriculture (USDA). In addition, I provided support for the implementation of Security Assessment & Authorization (SA&A) standards, Risk Assessments, Disaster Recovery Plans, and IT Security Planning (analyzing and documenting security controls). Additional requirements included managing system continuity of operation (coop) exercises, continuously monitoring the configuration management of systems, and executing security testing and system evaluations.

2010 : Present

Communications Resource Inc. (CRI)

Senior Information Security Consultant

Principal Information Security Consultant for the Symantec Federal Consulting Team. Responsible for providing pre-planning and post-management technical insight and recommendations on the implementation, application, and management of products (Symantec Control Compliance Suite, Symantec Endpoint Protection) for Symantec client engagements. The sizes of the environments in which I supported were typically in the range of 20,000 – 50,000 assets. Duties include, deployment, establishing configuration management procedures/capabilities, troubleshooting architectural and performance issues, and utilizing industry best practices to develop strategies for compliance and configuration management. Provide technical threat assessments and actionable intelligence data regarding agency systems to identify potential threats and vulnerabilities, vulnerability remediation, patch management, and incident response.

2006 : 2010

Symantec

Principle Information Security Consultant

Supported a Defense In Depth initiative focusing on Anti-Virus and Anti-Spam principles. Using both Symantec and McAfee products maintained the virus definitions on approximately 20,000 assets (Windows servers and workstations). Distributed the virus definitions and signature updates using SMS (Systems Management Server), SSC (Symantec System Console), and ePO (McAfee ePolicy Orchestrator).

2004 : 2006

Booz Allen Hamilton

Senior Consultant

Supporting approximately 200 clients administered the daily operations of the classified, and Sensitive But Unclassified local area networks.Organized the orientation of new users to the network environment, and developed step-by-step training material in accordance with the Bureau supported software applications.

2000 : 2003

U.S. Department of State

Systems Specialist (Intern)
Company: Communications Resource Inc. (CRI)
Years of Experience: 23

Skills

Analysis, Business Continuity, CISM, CISSP, Cloud Computing, Communication, Computer Forensics, Computer Security, Defining Requirements, Disaster Recovery, DoD, Endpoint Security, Enterprise Architecture, FISMA, Governance, Governance, Risk Management, and Compliance (GRC), Incident Response, Information Assurance, Information Security, Information Security Management, Information Technology, Integration, IT Strategy, Malware Analysis, Management, McAfee, Network Security, NIST, Program Management, Risk Assessment, Risk Management, SDLC, Security, Security Architecture Design, Security Audits, Security Awareness, Security Clearance, Security Management, Security Policy, Solution Architecture, Strategy, System Administration, Systems Engineering, Troubleshooting, Vulnerability, Vulnerability Assessment, Vulnerability Management, Vulnerability Scanning

About

A Certified Information System Security Professional with 19 years experience in technology solutions focusing on compliance management, configuration management, threat and vulnerability analysis, and IT strategy. I possess substantial knowledge of risk and compliance management tools, host based security products, and security incident/vulnerability management tools. Over the years, I have developed an exceptional reputation in customer service, showing outstanding verbal and organizational skills. I am also effective in maximizing team performance through collaborative teamwork and working independently. Meets DoD 8570.01-M requirement IAM III



Specialties:

• Regulation Compliance (FISMA, NIST)

• Configuration Management Tools

• Policy Analysis and Development

• Endpoint Protection Systems

• Security Program Development

• Incident Response

• Risk Assessment

• Customer Relationship Management

• Strong Verbal and Communication Skills

• Maximize Team Performance

• Security Assessment & Authorization