Summary
Overview
Work History
Education
Skills
Administrative Training
Technical Training
Certification
Timeline
Intern

Bonny Sykes

Vail,AZ

Summary

Senior Information System Security Engineer with a proven record that eagerly accepts new challenges/responsibilities and demonstrates strong problem-solving skills to ensure mission accomplishment. 14 successful years of knowledge and experience, as a GS-2210-12 Information Technology Specialist (INFOSEC). Efficiently working with the Federal Information Security Management Act (FISMA), ISO 27001, NIST 800-53, Cyber Security support, and Risk Management Framework (RMF), Assured Compliance Assessment Solution (ACAS), Enterprise Mission Assurance Support Service (eMass), Security Technical Implementation Guides (STIG) and Security Testing and Engineering (ST&E). "Providing safe, secure equipment for our clients; follow to a successful completion any directives, instructions or projects given and to have my employer appear in the best possible posture".


TS/SCI Clearance, Security+ CE, Information Technology Certification Level III,


references available upon request.

Overview

17
17
years of professional experience
1
1
Certification

Work History

Systems Engineer

Interactive Process Technology Associates
06.2023 - Current
  • Assist the ISSO with DISA Certification paperwork and understanding the requirement issued by eMASS for the Migration to the Cloud
  • Verify compliance with applicable performance metrics and compatibility expectations.
  • Designed tailored disaster recovery solutions to maintain uptime.
  • Assess the current systems and make a determination of status and problems
  • Design system changes in conjunction with the System Administrator and Owner
  • Accurately assess the impact of modifications, changes, and vulnerabilities for each system
  • Conduct reviews and technical inspections to identify and mitigate potential security weaknesses
  • Brainstorm possible improvements that can be made to the system in the future and present to the Change Control Board (CCB)
  • Document system configurations, mappings and processes.
  • Suggested system updates or changes after conduct in-depth technical reviews.
  • Propose technical feasibility solutions for new system designs and suggested options for performance improvement of technical components.
  • Conducted end-user reviews for modified and new systems.

Information System Security Officer

Raytheon Missiles and Defense
07.2022 - 04.2023
  • Interfaced and collaborated with Information System Security Managers.
  • Recommended improvements in security systems and procedures.
  • Ensured system security measures complied with multiple regulatory requirements.
  • Conducted security audits to identify vulnerabilities.
  • Accurately assessed the impact of modifications, changes, and vulnerabilities for each system.
  • Conducted reviews and technical inspections to identify and mitigate potential security weaknesses.
  • Launch and define the objectives for the Software Change Request (SCR) Program.
  • Performed risk analyses to identify appropriate security countermeasures.
  • Participated in team projects, demonstrating an ability to work collaboratively and effectively.
  • Identified issues, analyzed information and provided solutions to problems.

355th Wing Information System Security Officer

Exeter Government Services
01.2021 - 07.2022
  • Was responsible for the security posture of six air craft SCIFs
  • Managed the Information and System Technology Team that aced the Wing ACC Inspection in Jan 2022
  • Used tools, including DISS, to ensure only read-in personnel are allowed access to the SCIFs
  • Recommend improvements in security systems and procedures.
  • Ensure each SCIF kept the following documentation up to date and ready for any Inspection
  • Performed risk analyses to identify appropriate security countermeasures.
  • Coordinate with the ISSM and System Administrator concerning any incoming/outgoing equipment, software updates or configuration changes being introduced to the SCIF
  • Reviewed violations of computer security procedures and developed mitigation plans.
  • Reviewed training documentation to ensure all personnel were up to date, or removed their access from the given systems.
  • Issued/revoked Access Badges for entrance to the individual SCIFs and controlled destruction of obsolete badges after updating the status of the personnel.
  • Developed plans to safeguard computer files against modification, destruction, or disclosure.
  • Maintained the varied ISSO required manuals for all SCIFs.

Information Assurance Analyst

Chenega Information Services
05.2019 - 09.2020
  • Project Director for the Army Distributed Defense Test and Evaluation (DDTE).
  • Created a Standard Operating Procedure for the record and initiated communication with remote Army sites.
  • Was the Information Assurance Analyst for Cyber Security Support, coordinating and recording regarding the current security requirements to aid decision-making processes and better secure the systems.
  • Used Risk Management Framework (RMF) to create packages by accumulating information to be inserted into the eMASS report system for certifying Army facilities.
  • Monitored use of data files and regulated access to protect secure information.
  • Employed DISA's Assured Compliance Assessment Solution (ACAS), the suite of tools containing the Security Center, Nessus Scanner and the Nessus Network Monitor.
  • Was a backup System Administrator for the Lab, creating accounts, performing backups, log file dumps and shutdown/startup procedures.
  • Drafted security reports and metrics to track security performance and strategize improvements.
  • Introduced the VMWare VEAM One Backup and Recovery systems.
  • Performed risk analyses to identify appropriate security countermeasures.

Information Assurance Analyst

IPSecure Inc.
03.2019 - 04.2019
  • Conducted individual unit security posture assessments as an Information System Security Manager (ISSM)
  • Issued JWICS users PKI certificates, enabling them to perform their duties.
  • Worked with other teams to enforce security of applications and systems.
  • Conducted security audits to identify vulnerabilities.
  • Drafted security reports and metrics to track security performance and strategize improvements.
  • Recommended improvements in security systems and procedures.

Information Technology Specialist (GS-2210-12)

Department Of Defense - Army
10.2008 - 01.2018
  • Visited Army installations around the world provided Cyber Security Support.
  • Coordinated and informed customers regarding current security requirements to aid decision-making processes and better secure their systems
  • Facilitated best user experience through continuous support and communication of system changes.
  • Used Risk Management Framework (RMF) to create packages that was inserted into the eMASS report system for certifying Army facilities
  • Accumulated site information by interviewing site personnel, observing and/or assisting the personnel in using the different automated tools run to assess the security posture of the facility
  • Employed tools such as DISA's Assured Compliance Assessment Solution (ACAS), the suite of tools containing the Security Center, Nessus Scanner and the Nessus Network Monitor
  • Conducted research and provided security recommendations to Integrators regarding technical data equipment and implementation of Security Technical Implementation Guides (STIG).
  • Led teams working directly with various installations performing Security Testing and Engineering (ST&E)
  • Worked closely with management teams to plan, develop and execute technical strategies aligned to client's vision.
  • Participated in weekly/bi-weekly telephone conferences with higher-level personnel, advising the installation Information Assurance Managers (IAM), Program Managers (PM) and Integrators (contractors) of changes, upgrades, and status regulations concerning cyber security requirements from Federal, DoD (Department of Defense) and DA (Designating Authority) regulatory guidance
  • Led Technical Working Groups (TWG) for assigned installations, recommending solutions/mitigations to issues.
  • Provided security training at sites, for both higher-level technical and non-technical personnel.
  • Assisted with updating technical support best practices for use by team.
  • Explained security measures in simple terminology to help users understand malware and phishing threats.
  • Facilitated over 30 installations, globally as Government Point of Contact for the Installation Information Infrastructure Modernization Program (I3MP) installation upgrades.
  • Responsible for Software Testing using the DISA tools to find vulnerabilities or weaknesses, which resulted in approval or denial of software.
  • Provided I3MP Site Scorecards which analyzed the system's vulnerabilities to determine risks to the system and the Global Information Grid (GIG)
  • Researched product and issue resolution tactics to address customer concerns.
  • Ensured that scorecards contained complete system information to include; system mission, name, hardware descriptions, compliance or non-compliance of over 2,200 controls, findings, security solutions and recommendations are presented for non-compliant controls.
  • Also created a Plan of Action and Milestones (POA&M) for each scorecard explaining the installation's required actions to mitigate vulnerabilities.
  • Provided In-Briefings at the beginning of a site visit to introduce the installation Commanders, PMs, IAMs, Integrators and involved personnel to the I3MP process, timeline, expectations, and procedures.
  • Provided Out-Briefings at the conclusion of the ST&E visits to site personnel, PMs and IAMs, that discuss a summary of activities and concerns found by the Evaluator.
  • Led a team of Avaya contractors for three months during a system test event.
  • Supervised and monitored delivery of contractual services according to SLA agreements.
  • Configured and tested the functionality of installations.
  • Created a system deployment guide for Army-wide use that ensured the new system owners were able to implement the system to achieve appropriate functionality and security configurations.
  • Resolved diverse range of technical issues across multiple systems and applications for customers and end-users across various time zones.
  • Assisted customers in identifying issues and explained solutions to restore service and functionality.
  • Collaborated with supervisors to escalate and address customer inquiries or technical issues.
  • Documented support interactions for future reference.
  • Liaised effectively with others to promote ongoing network design, reevaluation and optimization, scaling with company growth.
  • Participated as validator on other security assessment teams to aid Accreditation Certification Assessments at Army installations, globally.

Information Assurance Engineer

Signal Solutions - General Dynamics Information Technology
02.2007 - 10.2008
  • IA Support Project to certify 12 Army Directorates of Information Management (DOIM).
  • Utilized various security tools to prepare the installations for attaining an Authority to Operate (ATO), allowing them to connect to the Global Information Grid (GIG).
  • Traveled to client sites to perform onsite testing.
  • Engaged business and technology stakeholders to gather goals and requirements.
  • Created policies and procedures for emerging security technologies and proposals.
  • Implemented necessary controls and procedures to protect information system assets from intentional or inadvertent modification, disclosure or destruction.
  • Created frameworks by designing and developing technical solutions.
  • Evaluated information systems and engineered Information Assurance (IA) solutions for the United States Army Information Systems Engineering Command (USA-ISEC).
  • Worked with teams to develop company-wide information assurance, security standards and procedures.
  • Translated strategy into solutions and operating models by leading or managing others,
  • Created a Microsoft XP baseline image, using Sysprep, to deploy XP images to multiple computers in the unattended mode, allowing multiple upgrades to be done during non-business hours.
  • Co-developed a master Requirements Traceability Matrix (RTM) and ST&E guide to standardize and expedite the development of Certification Test & Evaluation (CT&E) guides.
  • Developed and maintained company-wide endpoint security solutions.
  • Developed security metrics and technical analysis to give insight into performance and trends.

Education

Computer Information Systems (working on BS)

Pima Community College
Tucson, AZ
01.2003

Computer Programming (working on BS)

University of Maryland
Hahn, AFB
01.1998

Skills

  • Cloud Computing
  • Cybersecurity
  • Product Development and Improvement
  • Data Center Migrations
  • Data Analysis
  • Software Requirements Analysis
  • Project Management
  • Hardware and Software Installation
  • Web Security
  • Network Infrastructure Administration
  • Continuous Deployment
  • Network Hardware and Software Maintenance
  • Technical Support and Assistance

Administrative Training

  • 2016, Microsoft Windows 10
  • 2014, ACAS Training Certification
  • 2016, ACAS Training Certification
  • 2020, ACAS Training Certification

Technical Training

  • 11/01/22, Security+ CE renew
  • 01/01/22, Visio 2016
  • 01/01/23, Visio 2016
  • 2017, Civilian Leadership, Intermediate (CES)
  • 2014, eMASS and IQ Awareness Certification
  • 2017, eMASS and IQ Awareness Certification
  • 2023, eMASS and IQ Awareness Certification
  • 2014, Information Assurance Best Business Practice (IA BBP)
  • 2017, Information Assurance Best Business Practice (IA BBP)

Certification

  • Security+ CE, CompTia - 11/2017 to Present

Timeline

Systems Engineer

Interactive Process Technology Associates
06.2023 - Current

Information System Security Officer

Raytheon Missiles and Defense
07.2022 - 04.2023

355th Wing Information System Security Officer

Exeter Government Services
01.2021 - 07.2022

Information Assurance Analyst

Chenega Information Services
05.2019 - 09.2020

Information Assurance Analyst

IPSecure Inc.
03.2019 - 04.2019

Information Technology Specialist (GS-2210-12)

Department Of Defense - Army
10.2008 - 01.2018

Information Assurance Engineer

Signal Solutions - General Dynamics Information Technology
02.2007 - 10.2008

Computer Information Systems (working on BS)

Pima Community College

Computer Programming (working on BS)

University of Maryland

Similar Profiles

  • Chandra Surya Kode

    Chandra Surya KodeChandra Surya Kode

    ASSISTANT MANAGER - SALES & SERVICE at AGRI PROCESS INNOVATION TECHNOLOGY PVT LTDASSISTANT MANAGER - SALES & SERVICE at AGRI PROCESS INNOVATION TECHNOLOGY PVT LTD

  • Lubna Faisal

    Lubna FaisalLubna Faisal

    Buisness Development Executive at Craft Interactive TechnologyBuisness Development Executive at Craft Interactive Technology

  • Preet Mehta

    Preet MehtaPreet Mehta

    Mechanical Designer Intern at Bectochem Lödige Process Technology Pvt. Ltd.Mechanical Designer Intern at Bectochem Lödige Process Technology Pvt. Ltd.

  • Ashley Magyar

    Ashley MagyarAshley Magyar

    Executive Assistant at United States ArmyExecutive Assistant at United States Army

  • Chad Willie

    Chad WillieChad Willie

    Special Agent - Counterintelligence at Naval Criminal Investigative ServiceSpecial Agent - Counterintelligence at Naval Criminal Investigative Service

CREATE PROFILE
Bonny Sykes