Rob Madden

Certified Information Systems Security Professional (CISSP)

Titusville, FL, United States

Details

Experience: Provide local and remote IT and Cybersecurity services, including :

- Systems Design and Engineering

- Federal Information Assurance / Cybersecurity (NIST, DIACAP, RMF, CSWF, etc.)

- Consulting and Support Solutions

- Assistance with NIST 800-171 Compliance Requirements (DFAR, etc.)

- Technical Refresh and Help Desk Services

- Information Access and Control Solutions (CUI, FOIA, Sect. 508, etc.)

2015 : Present

Self-Employed

Independent IT and Cybersecurity Consultant

Duties and responsibilities :

- Manage multiple Department of Defense contracts in the area of Cybersecurity

- Provide accreditation services in accordance with the Defense Information Assurance Certification

and Accreditation Process (DIACAP) and NIST Risk Management Framework (RMF) process

- Develop System Security Plans (SSP) and sub-plans (e.g. access control, training, audits,

configuration management, incidents, disaster recovery, physical security, POAM, etc.)

- Develop and maintain organizational information security policy and procedures

2012 : 2015

Optimal Technology International (OTi)

Information Systems Security Officer (ISSO)

Duties and Responsibilities :

- Track and manage IT network infrastructure security compliance

- Track and manage information system access, identification, & authentication controls

- Track and manage IT Workforce training and certification (DOD 8570.1M)

- Develop and maintain organizational information security policy and procedures

- Maintain multiple IT system Certification & Accreditation (C&A) Packages

2009 : 2013

United States Department of Defense

Information Systems Security Officer (ISSO)

Duties and responsibilities :

- Technical liaison between submarine force commander, shipyard offices, and submarine personnel

- Provide computer and electronic systems technical guidance and mentoring to submarine crews during submarine overhaul and pre-operational periods

- Foster key relationships with internal and external computer systems support and maintenance teams

- Act as Regional ISSO, providing technical guidance and managerial oversight to multiple IT and information security projects, ensuring adherence to operational security standards

- Senior member to several Navy-wide IT security program and policy working groups

2007 : 2009

US Navy

Technical Rep / Information Systems Security Officer (ISSO)

Duties and responsibilities :

- Lead adviser to the communications director concerning all submarine IT matters, including system designs, funding, installations, upgrades, incidents, and operational doctrine

- Provide IT direction and oversight to 51 operational units, 23 support activities, and approximately 11,000 assigned personnel within the regional area of responsibility

- Develop, implement, and manage the information assurance management and advisory program

- Develop, implement, and manage enterprise-level IT doctrine, policy, and procedures

- Liaison with several agencies in accomplishing IT maintenance, repair, and upgrade

- Conduct continuous monitoring and audit of subordinate IT security postures and practice

- Key member to several Navy-wide Information Assurance program and policy working groups

2004 : 2007

US Navy

IT Program Manager and Security Officer

Company: Self-Employed

About

I have 30 years of experience in the electronics and computer fields, mainly supporting federal defense programs and projects. My current strengths are in Information Technology and Cybersecurity. I consider myself organized, detail-oriented, professional, and courteous, with a mature sense of urgency and prioritization. A summary of core skills and experience includes:

- Management of Cybersecurity, Information Assurance, and Information Security programs

- Successful application of Department of Defense IT security frameworks (e.g. DIACAP, RMF)

- Development, implementation, and management of IT Policy, procedure, and technical doctrine

- Use and application of security configuration standards, including STIGs, SRGs, NIST 800-53, etc.

- Monitoring and validation of IT security controls, configurations, and processes

- Use of vulnerability scanning tools (e.g. NESSUS, ACAS, SCC-SCAP, RETINA, etc.)

- IT system design, testing, deployment, maintenance, and technical refresh

- Network Ports, Protocols, and Services Management (PPSM)

- Management of IT workforce training and certification