BONNY J SYKES
Vail,AZ
Summary
Experienced Information System Security Engineer with a proven record that eagerly accepts new challenges/responsibilities and demonstrates strong problem-solving skills to ensure mission accomplishment. Experience with Federal Information Security Management Act (FISMA), ISO 27001, NIST 800-53 cyber security support, Risk Management Framework (RMF), Assured Compliance Assessment Solution (ACAS), eMass, Security Technical Implementation Guides (STIG) and Security Testing and Engineering (ST&E) “Providing safe, secure equipment for our clients; follow to a successful completion any directives, instructions or projects given and to have my employer appear in the best possible posture” TS/SCI Clearance, Security+ CE, Information Technology Certification Level III, references available upon request Thorough quality assurance professional highly skilled in manual and automated application testing. Partners successfully with project management and development team members to put out high-quality software for customers. Decisive in identifying problems at any stage of production.
Overview
21
21
years of professional experience
Work History
Information System Security Officer
Raytheon Missiles and Defense
Tucson, AZ
07.2022 - 04.2023
- ISSO) with responsibility:
- To support classified computing environments 100% onsite at the RMD Facility
- Interface and collaborate with Information System Security Managers
- Ensure system security measures comply with multiple regulatory requirements (e.g
- NISPOM, JAFAN, DCID/ICD 503, DoD RMF)
- Accurately assess the impact of modifications, changes, and vulnerabilities for each system
- Conduct reviews and technical inspections to identify and mitigate potential security weaknesses
- Create and maintain all information assurance documentation (e.g
- SSPs, Security Profiles, approvals, etc.)
- Launched and defined the objectives for the Software Change Request (SCR), progress forward and structured
- Participates in interdepartmental projects
Information System Security Officer
Exeter Government Services, Davis-Monthan AFB
Tucson, AZ
01.2021 - 07.2022
- Analyzed system risk to identify and implement appropriate security countermeasures.
- Made recommendations to improve security procedures and systems.
- Investigated information security breaches to identify vulnerabilities and evaluate damage.
- Audited networks and security systems to identify vulnerabilities.
- Promoted security awareness among employees and clients to alleviate risks and breaches.
- Worked closely with fellow security personnel to remedy and alleviate technology issues.
- Updated computer security policies and procedures upon learning of new risks.
- Designed, implemented and maintained security systems and controls.
- Collaborated with stakeholders to implement and update disaster recovery plans.
- Educated individuals on complex computer terms using easy-to-understand wording.
- Conducted record searches and coordinated with other units on procedural problems involving complex cases.
- Mentored junior employees in departmental activities and procedures.
- Coordinated security updates to avoid outages and downtime.
Information Assurance Analyst
Chenega Information Services
Ft. Huachuca, AZ
04.2019 - 10.2020
- Analyzed system risk to identify and implement appropriate security countermeasures.
- Managed user authentication and authorization of data access.
- Supported users with in-person and remote technical assistance.
- Protected secure data files and regulated access.
- Provided training and support to users for both hardware and software needs.
- Generated reports using statistical software in response to user requests.
- Worked closely with fellow security personnel to remedy and alleviate technology issues.
- Educated individuals on complex computer terms using easy-to-understand wording.
- Monitored server event logs to identify and resolve performance and security issues.
- Audited networks and security systems to identify vulnerabilities.
- Installed system updates, patched programs and optimized functionality.
- Updated virus protection systems based on computer virus reports.
- Duplicated and backed up data to preserve availability and security in event of data breach.
Information Assurance Analyst
IPSecure Inc, Davis-Monthan AFB
Tucson, AZ
01.2019 - 04.2019
- Conducting individual unit security posture assessments as an Information System Security Manager (ISSM)
- Issued JWICS users PKI certificates, enabling them to perform their duties.
- Analyzed system risk to identify and implement appropriate security countermeasures.
- Supported users with in-person and remote technical assistance.
- Audited networks and security systems to identify vulnerabilities.
- Provided training and support to users for both hardware and software needs.
- Generated reports using statistical software in response to user requests.
- Made recommendations to improve security procedures and systems.
Information Technology Specialist
GS
Ft. Huachuca, AZ
10.2008 - 09.2018
- Visited Army installations around the world with cyber security support
- Coordinating and informing customers regarding current security requirements to aid decision-making processes and better secure their systems
- Used Risk Management Framework (RMF) to create packages by accumulating information that is inserted into the eMASS report system for certifying Army facilities
- Accumulated site information by interviewing site personnel, observing and/or assisting the personnel in using the different automated tools run to assess the security posture of the facility
- I employed tools, such as, DISA’s Assured Compliance Assessment Solution (ACAS), the suite of tools containing the Security Center, Nessus Scanner and the Nessus Network Monitor
- Conducted research and provided security recommendations to Integrators regarding technical data equipment and implementation of Security Technical Implementation Guides (STIG); provided explanations to technical and non-technical personnel, as requested
- Resolved STIG-related questions through research, testing, and previously gathered knowledge
- Led teams working directly with various installations performing Security Testing and Engineering (ST&E)
- Participated in weekly/bi-weekly telephone conferences with higher-level personnel involved, advising the installation Information Assurance Managers (IAM), Program Managers (PM) and Integrators (contractors) of changes, upgrades, and regulations concerning cyber security requirements from Federal, DoD (Department of Defense) and DA (Designating Authority) regulatory guidance
- Led Technical Working Groups (TWG) for assigned installations, recommending solutions/mitigations to issues
- Provided security training at sites, for both higher-level technical and non-technical personnel
- I was Government Point of Contact for the Installation Information Infrastructure Modernization Program (I3MP) installation upgrades, which modernized more than 30 installations, globally
- Provided I3MP Site Scorecards which analyzed the system’s vulnerabilities to determine risks to the system and the Global Information Grid (GIG)
- I ensured that scorecards contained complete system information to include; system mission, name, hardware descriptions, compliance or non-compliance of over 2,200 controls, findings, security solutions and recommendations are presented for non-compliant controls
- I also, created a Plan of Action and Milestones (POA&M) for each scorecard explaining the installation’s required actions to mitigate vulnerabilities
- Provided In-Briefings at the beginning of a site visit to introduce the installation Commanders, PMs, IAMs, Integrators and involved personnel to the I3MP process, timeline, expectations and procedures
- Provided Out-Briefings at the conclusion of the ST&E visits to site personnel, PMs and IAMs, that discuss a summary of activities and concerns found by the Evaluator
- Led a team of Avaya contractors for three months during a system test event
- Configured and tested the functional installation and created a system deployment guide for use Army-wide that ensured the new system owners were able to implement the system to achieve appropriate functional and security configuration
- Participated as validator on other security assessment teams to aid Accreditation Certification Assessments at Army installations, globally.
- Maintained records, logs and lifecycle documentation of work requests.
- Reviewed support cases for technical and troubleshooting accuracy and identified needed process improvements.
- Built and maintained successful relationships with service providers, vendors, dealers and consumers.
- Mentored other technologists and support professionals to provide professional development and skill enhancement.
- Developed online documentation for common processes for both support staff and end-users.
- Conducted technical reviews and trade-off studies to identify purpose, audience and scope.
- Performed continuous assessments of network structure, business content filters and security firewalls.
- Researched issues on various computer systems and databases to determine resolutions to problems and answer inquiries.
- Scheduled ongoing performance quality assurance checks for software applications and automated performance test scripts.
- Developed mitigation strategies and prepared standard operating procedures.
- Directed account management and customer training on company technical software and tools for new accounts and new users.
Information Assurance Engineer
Signal Solutions, General Dynamics Information Technology
Sierra Vista, AZ
02.2007 - 10.2008
- IA Support project to certify 12 Army Directorates of Information Management (DOIM) utilizing various security tools to prepare the installations for attaining an Authority to Operate (ATO), allowing them to connect to the Global Information Grid (GIG)
- Evaluated information systems and engineered Information Assurance (IA) solutions for the United States Army Information Systems Engineering Command (USA-ISEC)
- This assured the system being evaluated was in compliance with, and able to connect to the GIG
- Created a Microsoft XP baseline image, using Sysprep, to deploy XP images to multiple computers in the unattended mode, allowing multiple upgrades to be done during non-business hours
- Co-developed a master Requirements Traceability Matrix (RTM) and ST&E guide to standardize and expedite the development of Certification Test & Evaluation (CT&E) guides.
- Promoted high customer satisfaction by resolving problems with knowledgeable and friendly service.
- Worked successfully with diverse group of coworkers to accomplish goals and address issues related to our products and services.
- Prioritized and organized tasks to efficiently accomplish service goals.
- Assisted with customer requests and answered questions to improve satisfaction.
- Maintained updated knowledge through continuing education and advanced training.
- Provided excellent service and attention to customers when face-to-face or through phone conversations.
Network Support
Tucson Association of Realtors, TAR
Tucson, AZ
10.2006 - 02.2007
- Performed technical support for 7,000+ brokers and real estate agents listing properties and creating web sites
- Instructed classes for new agents, explaining the MLS service, how to maneuver through the web sites, uploading information and photographs
- Provided network administration for TAR, one-on-one technical and computer support for 25+ employees
- Provided audio and video support for employees and guest instructors.
Network Administrator/Resources Manager
International Dark-Sky Association
Tucson, AZ
01.2002 - 08.2005
- Performed network administration, security implementation, trouble shooting and hardware/software maintenance
- Provided employee training, determined hardware/software requirements and procured items to support the international non-profit
- Purchased, and installed a Dell Windows server to upgrade the office systems
- Installed, configured and managed a Raptor firewall for encrypted VPN communication sessions between board members
- Over saw $60,000 hardware and $30,000 software budget, providing proposals, information and final decisions on equipment and software (destruction, acquisition, procurement)
- Performed all security implementations, both pro-active and reactive, daily back-ups, offsite data storage and intrusion detection definitions
- Maintained all hardware/software licenses, web registrations, and permissions
- Maintained weekly backup images of all computers, re-imaged when necessary
- Maintained all equipment to include desktop/laptop computers, switches, routers, modems, printers, cameras, and audio/video equipment.
- Performed routine troubleshooting and network monitoring.
- Managed employee access, security roles and permissions.
- Installed and supported hardware and software for desktops, servers and printers.
- Supervised configuration of local area network, wide area network and corporate Internet system.
- Worked closely with end users to solve problems related to hardware and software.
- Monitored system upgrades, patches and new configurations.
- Worked independently while coordinating project work and support functions with other team members.
- Supported various operating systems and server technologies.
- Determined and alleviated hardware, software and network issues.
- Strengthened networks and infrastructure during outage windows to prevent downtime for essential services.
Education
Some College (No Degree) - Computer Information Systems
Pima Community College
Tucson, AZMicrosoft Certified Systems Engineer (MCSE) -
Souther Arizona Institute of Advanced Technology
Tucson, AZ06.2002
Some College (No Degree) - Computer Sciences
University of Maryland Global Campus
Hahn AFB, GermanySkills
- Protecting Networks
- Managing Security Breaches
- Supervision & Leadership
- Problem Resolution
- Microsoft Office
- Training & Development
- Maintenance & Repair
- Data Management
- Computer Skills
- Critical Thinking
- Team Management
- Planning & Organizing
- Team Building
- Customer Service
- Conflict Resolution
- Friendly, Positive Attitude
- Tenable Nessus
- Reporting and Documentation
- Resource Allocation
- Active Listening
- Flexible Schedule
- People Skills
- Organizational Skills
- Good Work Ethic
- Technical Troubleshooting
- Hardware Upgrades
- System Testing
- Security Needs Assessment
- Performance Monitoring and Optimization
- Disaster Recovery
- Network Security
- Document Management
- Security Oversight
- MCSE Certification
- CompTIA Security Certification
- Spam Elimination and Prevention
- Analytical and Methodical
- New Technology Integration
Timeline
Information System Security Officer
Raytheon Missiles and Defense
07.2022 - 04.2023
Information System Security Officer
Exeter Government Services, Davis-Monthan AFB
01.2021 - 07.2022
Information Assurance Analyst
Chenega Information Services
04.2019 - 10.2020
Information Assurance Analyst
IPSecure Inc, Davis-Monthan AFB
01.2019 - 04.2019
Information Technology Specialist
GS
10.2008 - 09.2018
Information Assurance Engineer
Signal Solutions, General Dynamics Information Technology
02.2007 - 10.2008
Network Support
Tucson Association of Realtors, TAR
10.2006 - 02.2007
Network Administrator/Resources Manager
International Dark-Sky Association
01.2002 - 08.2005
Some College (No Degree) - Computer Information Systems
Pima Community College
Microsoft Certified Systems Engineer (MCSE) -
Souther Arizona Institute of Advanced Technology
Some College (No Degree) - Computer Sciences
University of Maryland Global Campus
Similar Profiles
Brenten SpellbringBrenten Spellbring
Quality Engineer II at Raytheon Missiles and DefenseQuality Engineer II at Raytheon Missiles and Defense
Kelsee RosalesKelsee Rosales
Production Test Engineer II at Raytheon Missiles And DefenseProduction Test Engineer II at Raytheon Missiles And Defense
Rania Ben YahiaRania Ben Yahia
Sr. Admin Analyst –Housing & Morale Events Manager at Raytheon Missiles And DefenseSr. Admin Analyst –Housing & Morale Events Manager at Raytheon Missiles And Defense