User:Gyrene Reynolds

MOSES REYNOLDS, CISSP		gyrene@me.com moses.s.reynolds@gmail.com Active US Top Secret/SCI Clearance CISSP (verification#50790) DOD 8570.1M Level III IAM SUMMARY: 27 years General IT 24 yrs Intelligence OPS Analyst 20 yrs cyber security vendor management 13 years Cyber-Network Security Engineering 11 years Ethical Hacking 10 years Cyber-Security Architecture 9 years Information Assurance & Forensics 8 yrs Technical Project Management 7 yrs of Certification & Accreditation (DITSCAP/DIACAP/NIACAP) 5 yrs Ethical Hacking/Penetration Tester QUALIFICATIONS: Expertise in a wide variety of cyber security frameworks, including: Department of Defense Risk Management Framework DITSCAP, DIACAP, NIACAP, NIST SP 800, ISO17799 DOD 8570 IAT/IAM Level III Certified (CISSP) SME on governmental security requirements, including: FISMA, DCID 6/3, DCID 6/9 and FBI CJIS CAPP Experience developing and supporting IA artifacts, including: SSAAs, SSPs, STIGs, RTMs, CTPROCs and other IA/POA&M Knowledge of a myriad of cyber security managements tools such as: Altiris TMS, Host Base Security Systems (HBSS), VMWare VSphere,eMASS, Developed and maintain test plans for Secured Compartmented Information Facility test environments in stand alone, enterprise, and joint architectures. Provided test setup, monitoring, data analysis, troubleshooting, and equipment tear down and after action reports. Coordinate with interfacing organizations. Work within existing processes to bring events to successful completion or propose new processes. Responsible for test platform equipment configuration within an integrated joint environment. Support writing Software Test Plans, Test Plan implementations. Investigate deep dive analysis, and provide resolutions for software integration issues. Performed integration of existing and new software in the Distributed Common Ground Systems(DCGS) baselines. Performed design and/or unit test as needed. Provided integration build procedure documentation. Successfully performed authorized penetration test of internal infrastructure in order to enhance security posture of the organization

PROFESSIONAL EXPERIENCE June 2013-Present Principal Cyber-Security Intel Analyst Senior Cyber security subject matter expert at Comanche Peak Nuclear Power Plant, Glen Rose, Tx Primary duties and responsibilities will include: - Perform cyber security assessments as pursuant to NEI/08-09 - Identify security requirements and drive Cyber Security Program implementation - Provide cyber security mitigation and problem solving techniques - Work closely with teams including plant operations, I&C, maintenance and engineering to assure compliance - Provide leadership in managing cyber security tasks execution on time and on budget - Track results and provide reporting to the team utilizing technical applications and tools - Maintain awareness of trends and issues in areas of cyber security and compliance -Expert software development and implementation of Cyber Wiz Pro Successfully performed nuclear regulatory commission sanctioned cyber security pilot assessment against critical digital assets within the protected and vital areas of a nuclear power plant.

Mar 2012- May 2013: Joint War Fighter Intelligence Community Systems (JWICS) Cyber Security Subject Matter Expert at Software Engineering Center, ISR, Aberdeen Proving Ground and  Technical Task Order Lead JITC/DISA in support of US Combatant Commands: IT Security Related Standard Operating Procedures (SOP’s)  System Security Plans (SSPs)  System Security Authorization Agreements (SSAAs)  Disaster Recovery (Contingency Plan) security Requirements Traceability Matrix (SRTM/RTMs)  Security Test and Evaluation (ST&E)  Vulnerability Assessments  Risk Analysis  System Security Planning

Technical Consultant on VMware related Intelligence Analysis applications; Provide IA Cyber Project Leadership and mitigation support for the DCGS-A JWICS Information Assurance/C&A baselines. Support DCGS-A PM Software Engineering Center Lab Certification and Accreditation processes and procedural documentation. Assumed technical lead for risk reduction program, network audit implementation plans, plans of action and milestones (POaM) for current and future DCGS-A baselines. Insured that all applicable IA DA and DOD information assurance regulations are incorporated into current and future DCGS-A baselines. Additionally, provide government guidance on the following C&A policies, policies, procedures, processes and requirements: Director of Central Intelligence Directive 6/3 (ICD 503)  DIACAP and DITSCAP; DoD Information Technology Security C&A Process  DoD Intelligence Information Systems Security C&A Guide (DoDIIS)  NIST 800 Series; National Institute of Standards and Technology (SP 800-37, SP 800-18)  NISCAP; NSA/CSS Information Security C&A Process  CC; Common Criteria  NIACAP; National Information Assurance (IA) C&A Process  DoD Directive, 8500.1; IA; DoD Instruction, 8500.2; IA Implementation  AR 25-2; Army Regulation 25-2, IA  FISMA; Federal Information Security Management Act  FIPS PUBS; Federal Information Processing Standards Publications  DCID 6/3 Protecting Compartmented Information w/in Information Systems  DCID 6/9 Physical Security  NISPOM; National Industrial Security Program

Leonie Industries	Aug 2010-Jan 2012 Global Multi-Disciplined Intelligence / All-Source Intelligence-Operations Integrator Analyst •Provided actionable intelligence, research products, indications and warning quick looks, collection management, targeting, imagery, network analysis, counter-terrorism, counterintelligence, information operations, foreign disclosure, international engagements and threat analysis. •Initiated and conducted deep dive terrorist research efforts; planned, coordinated and synthesized research to produce all source intelligence products/responses. •Served in collateral duties including: Operations Research Analyst Subject Matter Expert as Primary advisor to the deployed Brigade Commander and staff on all intelligence activities with regards to planning, and synchronization of effort of JIEDDO and JIEDDO COIC support to deployed combat elements. •Direct link between JIEDDO COIC and deployed combat units on all current and future initiatives. •Ensured all requests for support from war fighters are fully coordinated with downrange JIEDDO COIC deployed assets and the JIEDDO COIC CLT in CONUS. •Ensured combat assets are kept abreast of all current and emerging JIEDDO COIC processes, methodologies, and Tactics, Techniques & Procedures (TTP) for attacking threat networks that utilize IEDs/IRAMS. •Provided advice to Combatant Commanders and their staff on how to best integrate JIEDDO COIC reach back capabilities into their ongoing operations and analytical efforts in support of actionable intelligence against hostile forces. •Provided operations research and critical thinking analysis support products upon return from deployment.

System One	 Mar 2010-Aug 2010 Cyber Security Intelligence SME •Leadership responsibilities include providing overall direction, statistical analysis, design, implementation and management of the global information technology cyber security implementation relevant to Federal cyber-security requirements. •Advised Instrumentation and Controls Team research analysis of DOE, NRC, FERC, NERC critical information protection regulations, internal and external cyber security threats. •Thorough familiarity with Smart Grid technologies as well as providing subject matter expertise on SCADA(Supervisory Control and Data Acquisition). •Strategic role requiring critical cyber asset identification, troubleshooting, tools evaluation, intrusion prevention and cyber security training implementation for the AP1000 Project organization. •Primary responsibilities to assess technical information security posture, analyze and recommend changes to mission critical networks, cluster servers and workstation environments. •Design security-based solutions to address cyber security vulnerabilities. Implement approved changes that address the security posture. Manage security risks within acceptable limits while in compliance with established regulatory requirements.

Trace Systems	Dec 2009-Mar 2010 All Source Cyber-Intel Analyst •Prepped for Afghan deployment under Trace Systems Inc. •Participated in DOD NIPRnet, SIPRnet, and JWICS online HBSS CBT. •Honed critical thinking research skills utilizing Information Assurance (IA) monitoring tools (e.g., Gold, Sniffer, Ethereal, Wireshark Dameware, SolarWinds, Protector Series, ObjectFinder, etc.) •Trained junior colleagues in the field of cyber security research, vulnerability assessments, scanning and penetration testing. •Mentored junior colleagues on FISMA/Clinger Cohen Act compliance requirements. DH Associates	Aug 2009-Nov 2009 Criminal Justice Information Service, Federal Bureau of Investigation Information Systems Security Officer / Task Order Leader Integrated Automated Fingerprint Identification System •Provided subject matter expertise in the secure design of enterprise network solutions and services including DMZ, firewall technology, encryption methodologies, secure networking, intrusion detection, virtual private networking, routing and switching, enterprise identity and access management solutions (to include federated identity), enterprise e-mail gateway implementations, •Domain Naming Services (to include secure DNS), wide and local area networks, enterprise logging and auditing, Web & FTP proxy, SOA and storage solutions. •As Project Management lead for the FBI task order, perform project planning, strategy services and execution, budget, scheduling and monthly status reports for multiple ISSO roles. •Daily interaction with ISSM and ISSR for POA&M oversight using NIST C&A processes. •FBI CJIS CAPP Cyber-Security SME experience. Provided training in automated VA, scanning, and penetration tools such as, but not limited to: Nmap, Nessus, Qualys, AppDetective, Webinspect, AppScan, Nikto, nCircle, BackTrack, Social Engineering Toolkit, Burp, Metasploit Framework, Core Impact Pro, Wireshark, Retina.

Jorge Scientific Corporation 	Dec 2008 - Jul 2009 Department of Defense Information Assurance Officer / Information Systems Security Officer •Responsibilities include: OPS research, development, writing and maintaining formal Information Systems Security Program including all applicable security documentation in addition to system security plans (SSPs), System Security Authorization Agreements (SSAAs), network and system diagrams, Security Requirement Traceability Matrices (SRTMs), and other applicable Information System (IS) documentation. •Assigned to Task Force ODIN / Constant Hawk / C-IED •Provided critical reviews of System Security Packages and Accreditation Status •Provided critical reviews on approve or deny entry / exit of AIS equipment. •Responsible for the certification and accreditation (CA) of medium to highly complex DOD systems. •Participated in managing portfolios of DOD systems both CONUS and OCONUS. Leadership initiatives include working with system program managers, systems administrators, and information systems security representatives to facilitate the production of C&A packages in a cooperative manner. •Packages consisted of systems certification and accreditation artifacts due to expire in a combat zone. •Participated in acquiring ATO while providing IATO POAMs for new systems being deployed pursuant to DIACAP/FISMA requirements.

Recalled to Active Duty Military 	Mar 2008 - Dec 2008 All Source Intelligence Analyst •Planned, organized, managed, and performed intelligence operations research and technical information assurance functions for 106th Rescue Wing, Air National Guard Unit daily operations, training and readiness missions. •Provided knowledge transfer of the operational procedures of the USAF Air and Space Operations Center (AOC) Intelligence, Surveillance, and Reconnaissance (ISR) Division. •Prepared detailed training requirements of the ISR duty positions in Analysis-Correlation-and-Fusion, ISR-Operations-Processing-Exploitation-Dissemination; and Targeting functions at the operational level of war within an AOC •Working knowledge of Distributed Common Ground Station (DCGS) operations.

Altria Group / Electronic Data Service	Dec 2003 - Mar 2008 Senior Cyber Security Compliance Architect •Provided effective Information Security, Cyber-defense and Enterprise Risk Reduction Programs for all of Altria family of companies across multiple data centers and geographic regions. •Supported Security System Engineering: Phillip Morris USA, Phillip Morris International & Kraft Global •Provided consistent interpretation of Enterprise Information Security Policy, Standards and Governance. •Promoted security awareness and understanding of Information Security Compliance & Privacy to all levels of the business (executive management, directors, technical, support staff, consultants and vendors, etc.) •Managed Information Security Risks through coordinating internal Security Risk Assessments and the creation of the Corporate Information Security risk acceptance process. •Ensured appropriate Information Assurance Compliance requirements are addressed in all application development initiatives.

Semper Fi Global Communications, Inc. 	Jun 2001 - Dec 2003 Information Security Architect •Spearheaded and conducted confidential forensic analysis of more than 300 seized computer systems for organizations in military, law enforcement, healthcare, retail & financial industry. •Implemented disaster recovery planning, pen-testing, auditing, risk analysis, business resumption planning, contingency planning, as well as contract and vendor negotiations of third party security firms. •Provided technical application security lead for engineering and business units in development of wired and wireless (802.11x) solutions in line with enterprise business enabling goals. •Designed Windows XP enterprise hands-on cyber-security architecture, concepts, and infrastructure for managed desktop support to enhance client's security posture. •Technical Advisory Board member, Alliance America, Inc. (Homeland Security Initiative). •Developed host based defense methodologies while conducting research and analysis for next generation web based attacks against critical infrastructures. •Performed IS audits for a myriad of large Fortune companies in accordance with COBIT standards. •Established Security compliance analysis, audit and remediation for Fortune 11 firms towards achievement of industry recognized enterprise-wide security certification from TruSecure ICSA labs.

Merrill Lynch & Co., New York, NY	Mar 1999 - Jun 2001 Senior Enterprise Network Security Project Manager •Project lead of Merrill Lynch Corporate and Institutional Client Group's enterprise network security team. •Gathered business requirements from international and domestic business groups. •Oversaw new client requests, maintained firewall rule base design and architecture for all business units within ML's Corporate and Institutional Client Group. •Investigated and identified security issues, mitigate potential risks and implement controls in accordance with corporate security policy, standards and governance. •Evaluated and selected enterprise tools for implementation of electronic evidence gathering at targeted infrastructures. •Prepared detailed specifications for encryption technology, digital signing, PKI, VPN, IPSec, SSL, and Kerberos technology and Limited Sign-On approaches. •Senior E-commerce Service Delivery Manager, Merrill Lynch Direct Market Group Planned and executed E-commerce business unit expansion proposal and initiative for presentation to CFO and executive management of the firm. •Participated in vendor selection process for Gig-E connectivity. •Participated in selection of onsite technical candidates for project lead, engineering and administration. •Reviewed architectural designs with Cisco technical engineers. •Designed strategy for connectivity while mitigating security risks of the firm's portal •Wrote technical requirements and specs for co-location of web hosting environment. •Lead teams of highly skilled technical engineers to deploy the network infrastructure at the Merrill Lynch London location. •Resolved infrastructure and networking security issues. •Performed architecture, design/application reviews. •Conducted intrusion tests, fail-over/high availability tests. •Produced technical/process recommendations. •Analyzed industry available tools with respect to multiple business client requirements •Participated in change management and design review boards.

Semper Fi Global Comm. Inc., New York, NY 	Dec 1997 - Mar 1999 Chief Technology Officer (Outsourced Consultant) •Security Intelligence services consulting for Fortune 100 including Dept. of Defense; Department of Justice, Morgan Stanley, Dean Witter & Co., Merrill Lynch & Co, Johnson & Johnson, SOCGEN (French Bank), Columbia Artists Management, CompUSA, AT&T Solutions. •Responsibilities included leadership advisement for more than 650 LAN/WAN engineers, vendors, programmers and IT trainers, with additional oversight for the daily and continued operations of multiple clients' global networking environment, WAN infrastructure (Servers, hubs, switches, cabling, connectivity hardware), desktop PCs/peripherals.

Recalled to Active Military Duty	Apr 1996 - Dec 1997 U.S. Justice Department, El Centro, CA & Puerto Rico Sr. Intelligence Analyst/Sr. Project Leader •Project Lead for upgrade of systems hardware and intelligence software providing IT vendor management leadership for integration and implementation of various dissimilar US Gov't networks, proprietary applications and hardware; Network; Migration included Novell 3.x to Windows NT 4.0; Provided leadership training and field support of multiple projects on; Remote communications and Internet open source enterprise solutions utilizing MS Project; Provided timely automated intelligence reports through the use of multi-platform Internet open sources. Provided DITSCAP Standards while performing Systems Integration. •Lead Tiger Team member for Joint Task Forces Counter-Drug initiatives. •Member of U. S. Narcotics and International Drug Interdiction effort code-named Valley Project in the U. S. Southwest Border. Supported more than 25,000 nodes. Combined $140 million dollar budget. Provided executive summaries & briefs for high-level prosecution.

United States Marine Corps	1975 -1998 Gunnery Sergeant of Marines United States Marine Corps Active Reserves	1986 -1998 Active Duty Service	1975 -1986 •Progressively rose to the ranks from Private to Gunnery Sergeant •Global peace-keeping assignments include Asia-Pacific, Middle East, Europe, South and Central Americas •Duties include: •small unit combat infantry leader •photojournalist •counter-intelligence specialist / analyst •intelligence specialist / analyst. •Trained in counter-terrorism and advanced counter-intelligence/counter-insurgency operations. Advanced special operations, low intensity conflict, asymmetric warfare, nuclear, biological and chemical warfare. •Assigned to lead a myriad of international joint task forces including counter-drug missions with the US Justice Dept. under the auspices of DoD and the White House Drug Control initiatives.

EDUCATION Fairfax University, Distance Learning MBA Executive Program, Global Technology Management Degree Expected Dec 2014 S.U.N.Y, Empire State College, Saratoga Springs, NY 	1988 Bachelor of Science, Interdisciplinary Studies & Communications REFERENCES Available upon request and mutual interest Mailing Address: 9509 Potomac Dr Ft. Washington, MD 20744 email: gyrene@me.com, Mobile: 304-641-6545, Office: 202-241-2613