GORDON P BROWN813 Ardmore Highway, Taft, TN 38488 : 256-468-2075 : gordon.p.brown@gmail.com

CYBERSECURITY PROFESSIONAL

CISSP & CEH Certified, M.S. Information Systems, 15 years’ experience, Cyber Security Manager & Analyst for Military, Department of Defense (DOD) and Commercial, Integrated Project Team Lead, Risk Management Frame

Work, Certification and Accreditation (C&A), Compliance and Engineering, Systems Life Cycle, Software Assurance, Defense in Depth, Industry Best business practices, Vulnerability Assessor & Validator

TECHNICAL SKILLS

Security Tools: Wireshark, Nmap, Nessus, Snort & Security Onion IDS, Assured Compliance Assessment Solution,(ACAS) Nessus, Syslog, eEye Retina Scanner (SCCIV), Network Access Control (NAC), Burp Suite, Flying Squirrel Wireless Discovery, McAfee ePO server (HBSS), Group Policy Object Management (GPO), Security Content Automation Protocol (SCAP) Compliance Checker, Windows Server Update Services (WSUS), System Center Configuration Manager (SCCM), Forensic Toolkit FTK, Active Directory, Continuous Monitoring and Risk Scoring (CRMS)Hardware: Server, Desktop, Routers, Switches, Firewall, IDS\IPS Operating Systems: Windows, Linux, UNIX, CiscoTechnical Guidance: NIST, DOD, CNSSI, CJCS, AR, Risk Management Framework, FIPS, Security Technical Implementation Guidance (STIG), NISPOM, Federal Information Security Management Act (FISMA), HIPPA

PROFESSIONAL EXPERIENCE

Missile Defense Agency (MDA), Redstone Arsenal, AL Oct 2015 – PresentInformation Security Manager • Provided Cyber Security management for over 90 Contractor Ballistic Missile Defense Systems (BMDS)

contractor Network Elements with over 56,000 Cyber Security controls.• Advised Program Manager and key staff on emerging Cyber Security Technology• Advanced Cyber Security enabling technology to support compliance with DOD non-centric goals• Completed computer security assessments against MDA systems worldwide• Ensured Cyber Security architecture, requirements, objectives and supporting DOD policies are integrated• Provided advice and information on emerging Information Assurance technology and doctrine issues• Supported projects ensuring implementation of Cyber Security controls implementation, corrective action in

response to Information Assurance Vulnerability Alerts (IAVAs)• Draft policy and guidance related to certification and accreditation • Began implementing the Special Access Program Risk Management Framework (RMF)• Developed necessary artifacts for key components of Special Access Program Central Office and BMDS

element systems

Department of the Army, Redstone Arsenal, AL May 2006 – Sep 2015Information Assurance Manager (IAM)• As a Cyber Security Professional supported Tactical Weapons and Aircraft Project Offices• Provided engineering, planning, coordinating, scheduling, implementing, and managing• Ensured support of local and joint programs that meet current and future requirements• Anticipated, assessed, and minimized system vulnerabilities• Ensured the confidentiality, integrity, and availability of automated and embedded weapon systems, networks,

and data for information systems • Administered and monitored compliance of programs which addresses Tactical Cyber Security operations and

readiness• Technically managed, directed, and controlled contractor's efforts in analytical studies of system Cyber security

requirements and integration.

• Managed all aspects of tactical Cyber Security development, implementation, interpretation, certification and accreditation, risk management, and maintenance of detailed Cyber policies, plans, programs, standards, and criteria ensuring a successful Tactical Cyber Security program via DOD and Army Cyber Security Directives.

• Prepared and managed the preparation of system accreditation documentation and reviews. • Prepares specifications and technical scopes of work and places requirements upon appropriate organizational

element of other government agency for contracting

US Air Force Reserve Jan 1981 – present Cyber Analyst and Lead • Manage vulnerability assessment team for unclassified and classified tactical networks both operational and

developmental. • Cyber Protection Team lead for monitoring and setup of IDS\IPS collection, monitoring, signature analysis,

forensics and incident response for malware and zero day events.

Computer Science Corporation (CSC), Redstone Arsenal, AL Jan 2006 – May 2006Information Assurance Manager• Provided management and support of the Information Assurance and C&A policy and procedures, Information

Assurance for the Threat Systems Management Office for Red/Blue penetration teams. • Identified vulnerabilities and risk mitigation strategies, validate security profile of software (COTS, GOTS and

custom code), network (connectivity, protocols, protection software & hardware) and document results.• Evaluated all phases and task of information systems security analysis to provide security and risk management

solutions, and secure software development tasks.• Provided network and systems administrator support for local Army area networks.

British Aerospace Engineering (BAE) Systems, Huntsville, AL Jan 2005 – Jan 2006Information Assurance Engineer• Developed and conduct Security Test and Evaluation assessments of network systems security engineering • Implemented security controls on UNIX and Windows-based Operating Systems and network systems for the

Missile Defense Agency and its active components, sensors, mission and non-mission systems. • Supported development of requirements, policies and procedures to support IA operations.• Identified vulnerabilities and risk mitigation strategies, validate security profile of software (COTS, GOTS and

custom code) and network (connectivity, protocols and protection software/hardware) and documented results. • Evaluated all phases and task of information systems security analysis to provide security and risk management

solutions, and secure software development tasks. • Provided management and support of Information Assurance for C&A, Information Assurance DOD &

NISPOM policies and procedures.

Colsa Corporation, Huntsville, AL Jul 2000 – Jan 2005 Information Assurance Systems Analyst - Systems Engineer

• Designed and engineered audio, visual and network systems for the Ground Midcourse Defense (GMD) for Boeing and the Missile Defense Agency.

• Evaluated all phases and task of information systems security analysis to provide security and risk management solutions, and secure software development tasks.

• Provided vulnerability training, testing, reporting, and analysis and risk assessment.• Provide management and support of Information Assurance and C&A policy and procedures. • Managed NSA STIG for network per DOD & NISPOM Information Assurance.• Managed, setup and design TCP/IP data network configurations for the routing of the International Space

Station’s critical support systems and payloads though satellite Ku and S Band Technologies. • Administered WAN, LAN, ATM and IP for network configurations and file servers. • Provided customer service interface to all NASA centers, European Space Agency, Russian Space Agency,

Universities and Engineering Centers. • Trained and assisted new engineers for Space Station support operations.

Jackson County Health Care Authority Scottsboro, AL May 1999 – July 2000Network Engineer/Project Manager

Scottsboro Electric Power Board, Scottsboro, AL Feb 1998 - May 1999 Communications and Network Systems Engineer

United Space Alliance, Kennedy Space Center, FL May 1989 – Aug 1997Communications Technical Controller

EDUCATION & CERTIFICATION

Masters of Science in Information Systems Management; University of Phoenix, Online, Graduation Date: March 26, 2007Bachelors of Science in Electronics Management, Southern Illinois University, Orlando Naval Air Station, Florida, Graduation Date: May 1992Associate of Science in Electronics Technology, Manatee Community College, Bradenton, Florida, Graduation Date: May 1990Associate of Science in Aircraft Weapon Systems, Community College of the Air Force, Graduation Date: May 1990Army Management Staff College Basic Leadership, Sep 2011Certified Information Systems Security Professional (CISSP), Cert # 114371, Sep 2013 Certified Ethical Hacker (CEH) Nov 2011Army DAU Training: Information Technology Level III Apr 2011Cisco Certified Network Associate (CCNA) Huntsville, Alabama, May 2004Microsoft Certified Professional (MCP) TCP/IP, Huntsville, Alabama, May 2000Army Certified Security Network Manager & Systems Administrator, Dec 2002Army Certified Computer Network Defense Course, Mar 2005DISA Certified Security Network Manager & Systems Administrator Level 1 & 2DISA Field Security Office Security, Test and Evaluation TeamRCERT certified Vulnerability Assessment Technician

PROFESSIONAL ORGANIZATIONS:

North Alabama Information System Security Association (ISSA)Information Systems Security Certification Consortium, Inc., (ISC)² FBI InfragardAir Force Association