Marion Williams's Email Addresses & Phone Numbers

Director, Information Assurance @ Nimbis Services, Inc. Bowie, MDDirector, Security Programs @ The Coleman Group, inc Managed the Company Information Security Program; Developed and Managed risk assessment of systems and technology infrastructure, documentation of the Information Security Program Framework, evaluation and testing of security controls, governance, and communication. Directed and manages the development of company’s information security...

Director, Information Assurance @ Nimbis Services, Inc. Bowie, MDDirector, Security Programs @ The Coleman Group, inc Managed the Company Information Security Program; Developed and Managed risk assessment of systems and technology infrastructure, documentation of the Information Security Program Framework, evaluation and testing of security controls, governance, and communication. Directed and manages the development of company’s information security policies, processes, standards and procedures across the Corporation. Ensure that corporate policies are in compliance with external requirements. Managed the existing customers’ relationship and in-charge of business development for the information systems, high technology, healthcare, HSPD-12, ICAM, consumer products and other industries requiring confidentiality, integrity, and availability. Coordinated the development of information security and privacy matters for employees, other authorized users and customers education and training program. Consultant customers on how to implement IT regulatory compliance polices. Prepared and submits required reports to external agencies. Developed and implemented an Incident Reporting and Response program to address security incidents (breaches), responds to alleged policy violations or complaints from external parties. Served as point of contact for information security, privacy and copyright infringement incidents, including relationships with law enforcement entities. From December 2010 to July 2011 (8 months) Security Engineer @ CalFed Identify network vulnerabilities and safeguards. Assist others in installation/configuration of security products. Working with a team of four in network security architecture design and operation, and World Wide Web functions. Provide weekly, monthly status reports to upper management. Configure and managed Cisco IDS and PIX firewall. Knowledgeable of current cyber threats and vulnerabilities. Use assessment tools to identify security configuration vulnerabilities of Windows 98, NT/2000 and Unix (Solaris, HPUX, LINUX) operating systems. Secured network protocols as they apply to e-commerce Web application services. From September 2001 to March 2003 (1 year 7 months) Cyber Security SME @ Robbins Gioia, LLC Support the development of enterprise security architecture, prepares Cyber Security Programs status reports. Review and assess emerging cyber security technologies for potential implementation. Develop enterprise cyber security strategies and associated implementation plans. Maintain project management documentation to support scope, schedule, and budget of specific cybersecurity projects. Sustain access database and automate processes to provide DNSSEC & IPv6 status. Provide written recommendations for aligning the Boundary Protection effort with emerging Federal or industry cybersecurity priorities. Review DHS’s DNSSEC and Cyber Hygiene reports and working with Stakeholders to address noncompliant or misassigned domains. Evaluate areas for performance or process improvement including analysis and reporting automation relevant cybersecurity priorities (i.e. IPv6/DNSSEC/DHS Cyber Hygiene/TIC reports). Support Stakeholder IPv6 transition manager, HSPD-12 POC, Continuous Diagnostics and Mitigation (CDM), enterprise cybersecurity monitoring and operations (ECMO), and Information Security Continuous Monitoring (ISCM) and serve as a secondary POC if required at the meeting. Participate in the Working Groups or related meetings, as required. Develop, support, consolidate, and analyze data call information collected for enterprise architecture and boundary protection related efforts (i.e., IPv6 status, HSPD-12 status). Support Technical Information Committee, CDM, HSPD-12 POCs as a back-up and provide managerial and technical assistance. Assist in the coordination of responses from outside agencies requirements or requested information in completing semi-annual POA&M.Provide architectural and technical guidance on consolidation of Stakeholders internet circuits and contracts. Assist in FISMA and Cyber security Cross Agency Priorities data collection as related to enterprise architecture and boundary protection initiatives. From March 2018 to October 2018 (8 months) Alexandria, VACyber Security SME @ Enterprise Services Group Support developing an enterprise security architecture, prepare status reports on the status of cybersecurity programs. Review and assess emerging cybersecurity technologies for potential implementation. Develop enterprise cybersecurity strategies and associated implementation plans. Track and status reporting of the Clients information technology portfolio, and administrative and programmatic support to assist the client in meeting cyber security objectives within and throughout the Organization. Maintains project management documentation to support scope, schedule, and budget for specific cyber security projects. Provides recommendations for aligning the Boundary Protection effort with emerging Federal or industry cybersecurity priorities. Reviews Domain Name System Security Extension (DNSSEC) and Cyber Hygiene reports and working with Stakeholders to address noncompliant or misassigned domains. Evaluate areas for performance or process improvement including analysis and reporting automation relevant cybersecurity priorities. Supports Stakeholder transition manager for compliance of regulatory polices and programs. Develop, support, consolidate, and analyze data call information collected for enterprise architecture and boundary protection related efforts. Assist in the coordination of responses from outside agencies requirements or requested information in completing semi-annual POA&M. Provide architectural and technical guidance on consolidation of Stakeholders internet circuits and contracts. Assist in FISMA and Cybersecurity Cross Agency Priorities data collection as related to enterprise architecture and boundary protection initiatives. From July 2017 to March 2018 (9 months) United StatesIMS Information Assurance Manager @ C2 Solutions Group, Inc. Led Information Assurance and Security Engineering team using the Software Development Lifecycle Methodology, as part of and within a software engineering process team. Performed systems engineer and systems engineering process, scheduling, and technical task supporting software lifecycle management. Developed an IA strategy for certification and self assessment of software applications. Applied configuration management and change control principles and articulate the relationship between IA. Managed and provided security reviews and self assessment support during the development, integration, testing, and release phases for developed system components. Provided security engineering and assurance principles in a heterogeneous environment supporting UNIX, networking, and Windows, and for real-time OSs and cross domain services/systems. Developed security test plans and procedures and use DoD Information Assurance Security Environment provided IA and security tools including security technical implementation guidance, security readiness review checklists, and network scanning tools such as Retina. Applied Organization security policy and IA control into an IA configuration implementation that considers the operational environment, mission criticality, and application requirements. Executed DoD Information Assurance Certification and Accreditation Process and develops DIACAP Implementation Plan (DIP), Scorecard and POA&M. Supported customers with the security/IA-related task with network and computer communications software, and operating system, database, web server, and application security. From September 2011 to September 2012 (1 year 1 month) Falls Church VASr. Security Engineer/Information Assurance Analyst @ C2 Solutions Group, Inc. Provided information assurance and security engineering support as part of and within a software engineering process team. Performed systems engineer and systems engineering process, scheduling, and technical task supporting software lifecycle management. Developed an IA strategy for certification and self assessment of software applications. Applied configuration management and change control principles and articulate the relationship between IA. Managed and provided security reviews and self assessment support during the development, integration, testing, and release phases for developed system components. Provided security engineering and assurance principles in a heterogeneous environment supporting UNIX, networking, and Windows, and for real-time OSs and cross domain services/systems. Developed security test plans and procedures and use DoD Information Assurance Security Environment provided IA and security tools including security technical implementation guidance, security readiness review checklists, and network scanning tools such as Retina. Applied Organization security policy and IA control into an IA configuration implementation that considers the operational environment, mission criticality, and application requirements. Executed DoD Information Assurance Certification and Accreditation Process and develops DIACAP Implementation Plan (DIP), Scorecard and POA&M. Supported customers with the security/IA-related task with network and computer communications software, and operating system, database, web server, and application security. From February 2010 to December 2010 (11 months) Senior Principal Investigator @ Davidson Technologies, Inc. Tracked Information Assurance (IA) activities for the mission test; responable for maintaining the administrative documentation for computing network and systems. Provided systems reports for risk assessments, recommending cost-effective risk-mitigating countermeasures and coordinating security ATO recommendations with Government customers and Designated Approval Authorities following DIACAP accreditation requirements. Scheduled Certification & Accreditation (C&A) pre-test, test execution and post-test analysis and mitigation planning. Developed and executed network connection approval to operate (ATO) proedess documents to support integration, test, and operational events. Presented requirements IT Architecture design and implementations plan in working groups and other technical meetings. Maintain and socialize a centralized project tracking repository; includes direct communications with the Program Manager or designee, product team managers, product team responsible engineers, IA C&A and Component Network Defense (CND) personnel. Tracks compliance traceability, Types-to-PMs list, DIACAP accreditation cycles and deliverables, POA&M requirements, exceptions documents, Mission, and Non-Mission test schedules, and internal improvement processes. From May 2008 to September 2009 (1 year 5 months) Senior System Security Engineer @ Perot Government Solutions Served as the lead Information Systems Security Engineer (ISSE) responsible for research, design, development, deployment, configuration, administration, and maintenance of enterprise-based Security Systems Engineering. Specific responsibilities include: incident response, system / server hardening practices, virtualization security practices and procedures, solution design/deployment; analysis/monitoring and generating technical and executive summary reports; incident response and executive briefingsEngineer with a focus on Certification and Accreditation (C&A) Analyst applies and oversees a large and complex portfolio of (C&A) processes for a federal client. Responsibilities include: Performs risk assessments, Security Test and Evaluation (ST&E), DoD 8500 and regulated OMB and Army guidance. Develops system and program-level analysis reports and briefings for federal client management and senior executive personnel. Operates and serves as the system manager for a web-based risk management system for the client enterprise. From January 2008 to May 2008 (5 months) Information Assurance Program Manager, PEO CS & CSS @ U.S. Army, TACOM Manages the Customer Service & Support team or the Access Management team, both of which provide production support in a multi-platform environment. Establishes processes to identify, track, escalate, resolve and report customer problems. Develops and implements troubleshooting procedures for identifying, diagnosing, testing and resolving computer access issues. Coordinates and supervises the daily activities of staff. Provides assistance for process design and implementation projects. Influences the adoption of Information Security best practices throughout the organization. Ensures that staffing and resource needs are met in assigned area.Ensures training and development of staff, including cross training.Develops and improves processes and procedures using a risk-based focus in support of functional strategies. Sets priorities for the team to ensure task completion; coordinates work activities with other managers.Assists in the development of Information Security strategy and strategy implementation plans.Interprets business issues and adapts work priorities in area.Anticipates and interprets customer needs to identify solutions.Career development, coaching and performance management for their team, including annual performance reviews.Actively manage staff member performance and development.Mentor and provide positive and effective leadership.Address personnel issues in an effective manner.Foster and support a positive working environment. From May 2006 to January 2008 (1 year 9 months) Cheif, Network Assurance Division @ U.S. Army Developed objectives and evaluate the effectiveness of ITA information assurance and network security programs. Secure the Pentagon networks using defense in-depth principles. Presented reports to Organization Leaders on the modification of the Pentagon Computer Information Technology backbone.Aligned organizational business goals to design and execute test plan to support Network and Security Operations Center (NOC/SOC) and network infrastructure. Formulated a policy and strategic vision develops strategic plans. Review, develop, recommend and execute directives and guidance for implementing Pentagon-wide backbone network security. Developed guidelines for interaction with Senior Executives, General Officers, and working directly with Directors. Ensured functional network security plans; directives and projects are in compliance with government agency security programs. Provided technical assistance and security guidelines for Information Technology architecture design; data integrity, intrusion detection, forensic, legal issues, INFOSEC and administrative security for all Pentagon customers. From March 2003 to March 2006 (3 years 1 month) System Network Support Technician @ Keesler AFB Identify network vulnerabilities and safeguards. Assist others in installation/configuration of security products. Working with a team of four in network security architecture design and operation, and World Wide Web functions. Provide weekly, monthly status reports to upper management. Configure and managed Cisco IDS and PIX firewall. Knowledgeable of current cyber threats and vulnerabilities. Use assessment tools to identify security configuration vulnerabilities of Windows 98, NT/2000 and Unix (Solaris, HPUX, LINUX) operating systems. Secured network protocols as they apply to e-commerce Web application services. Overseen, the management of Travis AFB Enterprise Networks, which includes Operation and Maintenance and security policy compliance. Lead a team in infrastructure design and operation, Help Desk, Network Security, and World Wide Web functions. Provide weekly, monthly status reports to upper management. Manage over 1000 internetwork devices with 100% accountability. Installed and configured cisco routers and switches. Ensure TAFB enterprise network devices met all IAVA patches. Installed and configured HP OpenView and CiscoWorks 2000 (NT and Unix). Technical Trainer for over 23 personnel. Developed network-training curriculum for the Air Force Community CollegeTaught computer basic, OSI reference model, HP OpenView, Cisco routers to over 1000 military personnel. Established troubleshooting scenarios to enhance learningPreformed monthly briefing to upper management on feedback given by the studentsMaintained Air Force training center 1st active and troubleshooting training Lab equipment valued over 1 Million dollars. Supervised over 30 students during lecture and practical lab exercises. Performed additional Information Technologies task as requested. From August 1981 to September 2001 (20 years 2 months) Information Security Engineer @ Zari Technolgies, LLC Develop and manage Information Security processes and procedures. Implement and Maintain Application Security, frameworks and Network Security Methodologies. Responsible for planning and implementing security measures to protect computer systems, networks and data. Design and implement Incident Handling policies and improve incident analysis and management program. Track and utilized latest intelligence, including hackers’ methodologies to anticipate security breaches. Responsible for day to day operations, maintenance, configuration, monitoring, alerting and support of security tools to include but not limited to RSA, Tripwire, Sourcefire and Websense. Mentor junior staff in security practices and tool management. From June 2015 to May 2017 (2 years) Enterprise Systems Architect @ C2 Solutions Group, Inc. Systems Engineering team using the Agile Software Development Lifecycle Methodology, as part of and within an Information Technology engineering process team. Assist SCRUM to create User Stories, SPRINT Planning as part of Security Engineering Process. Manages a team of 20 System Architect. Performs systems engineer and systems engineering process, scheduling, and technical task supporting software lifecycle management. Develops Federal Enterprise Architecture Framework (FEAF) artifacts supporting Veteran Administration (VA) Business Requirement Documents. Apply systems engineering and DAU Milestones principles in a heterogeneous environment supporting VA As-is and To-be network infrastructure. Utilize CA Rational System Architect tools to validate IT Architecture business requirements. Identified and developed new business contract opportunities within assigned territory through networking and cold calling efforts. Define prospects, schedule appointments, and close teaming opportunities. From February 2015 to May 2015 (4 months) Information Assurance Officer @ C2 Solutions Group, Inc. Lead Information Assurance and Security Engineering team using the Agile Software Development Lifecycle Methodology, as part of and within a software engineering process team. Assist SCRUM to create User Stories, SPRINT Planning as part of Security Engineering Process. Performs systems engineer and systems engineering process, scheduling, and technical task supporting software lifecycle management. Develops a Cyber Security Strategy for certification and self assessment of software applications. Apply configuration management and change control principles and articulate the relationship between Cyber Security. Manages and provides security reviews and self assessment support during the development, integration, testing, and release phases for developed system components. Installs configures and maintains IMS Application’s operating systems. Detects, diagnoses and reports problems on all support Operating Systems for Windows Server and Windows desktop systems. Performs a wide variety of tasks in software/hardware maintenance and operational support of Unix and Windows Server systems. Provides security engineering and assurance principles in a heterogeneous environment supporting UNIX, networking, and Windows, and for real-time OSs and cross domain services/systems. Developes security test plans and procedures. Employ DoD Information Assurance Security Tools to analyaze Applications and System Infrastructure Cyber Security posture. Utilize a suite of security tools to validate IT Architecture Network and system security posture. Apply regulatory policies such as DoD Architecture Framework (DODAF), DoD 8500.2, and Common Criteria security policy to align Organization business goals with business risk tolerance. Supports customers with the security/Cyber Security related task with network and computer communications software, and operating system, database, web server, and application security. From August 2013 to February 2015 (1 year 7 months) Senior System Engineer Staff @ Lockheed Martin Information Assurance Lead for 23 sub-contractor team in aligning Organizations business goals with Cloud Application security capabilities. Served as the Project Management (PM) and System Engineering activities to enable operational enhancement projects. Conducted engineering/technical analysis to evaluate the configurations and resulting functionality and provide recommendations for increased capacity or functionality. Reviewed DODAF UML architecture model of the service, system, platform and segment levels views for completeness and compliance with DODAF v1.5. Ensured systems capabilities were developed and operated in accordance with Intelligence Community Directive 503 (ICD- 503) and Defense Information Assurance Certificate and Accreditation Process (DIACAP) security policies and procedures. Reviewed and modified accreditation/certification support documentation package for over 20 application. Provided guidance to assigned Application Developer of the Intelligence Community Directive 503 (ICD- 503) and DIACAP. Additionally, provided guidance on other security disciplines and how they impact and interact with IS security. Appied information technology security principles and configuration security settings for Red Hat SELINUX, Solaris, network management, and supported applications. Develop and implement government approved information security procedures and plans for the operation of multiple networked and standalone classified computers and coordinate government agency approvals. Provided life-cycle Information Assurance (IA) support and recommendations to Government, SETA, program managers (PM) and systems engineering staff. Assisted in the Certification artifact creation and review (e.g., SSP, CTP, SRTM, SCR, and CCB) for Certification and Accreditation (C&A) on incrementing system iterations. Generated IA assessments; developed actionable recommendations based on system analysis and findings. From 2013 to 2013 (less than a year)