Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Brian Farley

Suffolk,VA

Summary

Experienced Lead Cyber Security Analyst, Senior Cyber Security Engineer, Information Systems Security Officer (ISSO), Information Systems Security Engineer (ISSE), and Information Assurance Manager (IAM) who works efficiently under pressure and makes sound decisions. Information Systems Security Engineer with over 23 years of experience in information security, compliance, risk management, and penetration testing. Thorough knowledge of Risk Management Framework (RMF) and all documentation processes for Assessments and Authorizations (A&A). Detail-oriented Computer Technician with over 23 years of high-quality technical service experience in mobile communications and network environments. A self-starter possessing the ability to work independently with excellent time management skills and team leadership ability.

Overview

18
18
years of professional experience
1
1
Certification

Work History

President

Evolution Technologies, LLC
Suffolk, VA
09.2021 - Current
  • Developed and implemented new strategies and policies to establish long-term business objectives and provide strong and sustainable organizational leadership.
  • Conducted research on emerging trends within industry and capitalized on finds to develop new products, services and strategies.
  • Fostered new business through participation in trade shows and initiating communications with prospective clients via phone and email .
  • Oversaw business-wide changes to modernize procedures and organization.

Senior Cyber Security RMF Specialist

Tyto Athene
Virginia Beach, VA
07.2021 - Current
  • Conduct analysis and system engineering to ensure IA compliance and the cyber posture with respect to availability, integrity, authentication, confidentiality, and non-repudiation of critical system information.
  • Generate and maintain IA controls across all packages to ensure they are kept up to date and can be defined and validated.
  • Perform IA management functions in compliance with all applicable DOD, DON, SECNAV and OPNAV directives and instructions.
  • Create RMF packages and artifacts for the NAVSEA program. Develop them from the initial scope, IISI, PIA, ISCM, Categorization and Registration through the development of the RAR, POA&M, STIG implementation, and to the final ATO.
  • Comply with all applicable Cyber Security, certification, and accreditation guidance in accordance with DOD, DON, SECNAV and OPNAV.
  • Align with RMF mapping of security controls overlay based on the applicable directives, policy, and instructions.
  • Ensure that IA/CE attributes are achieved through the cost-effective, risk-balanced application of controls in a manner that promotes confidentiality, integrity, availability, non-repudiation, and authentication of information.
  • Ensure CE rigor has been conducted in the development and operation life cycle of the system.
  • Provide oversight of the accreditation process.
  • Identify, report, and resolve security violations and ensure that all information systems are functional and secure; recommend information assurance/security solutions to support requirements.

Lead Cyber Security Analyst

Nexagen Networks
Suffolk, VA
02.2021 - 07.2021
  • Head of the Information Assurance Department leading efforts in achieving Authority To Operate (ATO) for two unclassified and classified cloud based enterprise networks.
  • Conduct research and analysis and provide recommendations in support of network security, risk, and compliance policy and implementation guidance.
  • Integrating and migrating existing systems and infrastructure into cloud based hosting environment.
  • Developing RMF packages and artifacts for U-CASHE & S-CASHE (Collaboration at Sea Hosting Environment)
  • Information Systems Security Manager (ISSM), Information Security Officer (ISO), and Risk Management Framework (RMF) subject matter expert (SME) for cloud, application, enterprise, and mission networks.
  • Support integration of all CAS SIPR, NIPR, cloud, and standalone networks with Information Assurance Vulnerability Alerts (IAVA), EXORDs, FRAGORDs, and other Cyber Safe compliance's.
  • Provide network security services including research, evaluation, design, implementation, administration, monitoring, operations support, DevSecOps support, and maintenance of CAS network hardware, software, application, and cloud-base systems.

Senior Cyber Security ISSE Lead

Capstone Corporation
Portsmouth, VA
09.2020 - 02.2021
  • Manage a team of 3 personnel that are performing tasks related to RMF and the authorization of 5 Norfolk Naval Shipyard Networks (NNSY)
  • Proficient with both eMASS and Archer programs for both the US Navy and the Department of Energy (DOE) system authorizations
  • Make recommendations to improve security procedures using the 8500.2/800-53 r4 Information Assurance Controls
  • Responsible for creating and overseeing the Risk Framework Management (RMF) Assessment and Authorization (A&A) packages for the NAVSEA Project relating to all NNSY Networks & Systems
  • Develop the RMF packages from the initial scope, IISI, PIA, ISCM, Categorization and Registration through the development of the RAR, POA&M, STIG implementation, and to the final ATO
  • Create the Concept of Operations (CONOPS), Disaster Recovery Plan (DRP), Security Action Plan (SAP), Security Plan (SP), and Business Continuity Plan if necessary
  • Work with ACAS administrators using full vulnerability and SCAP scans to determine current threats in order to get them patched and corrected
  • Work directly with the customer to get the scope of work determined and the most efficient way of completing the package
  • Perform threat analysis on every aspect of the Network
  • Continually stay up to date on the latest DISA STIGS (Security and Technical Implementation Guides), eMASS, HBSS and ACAS practices
  • Audit networks and security systems to identify vulnerabilities by analyzing network scans
  • Analyze system risk to identify and implement appropriate security countermeasures

Senior Security Engineer

Reliant Technologies
Norfolk, Virginia
01.2017 - 09.2020
  • Responsible for creating Risk Framework Management (RMF) Assessment and Authorization (A&A) packages on wide range of computer networks and systems
  • Develop the RMF package from the initial scope, IISI, PIA, ISCM, Categorization and Registration through the development of the RAR, POA&M, STIG implementation, and the combined DVL
  • Create the Concept of Operations (CONOPS), Disaster Recovery Plan (DRP), Security Action Plan (SAP), Security Plan (SP), and Business Continuity Plan
  • Work with ACAS full vulnerability and SCAP scans to determine current threats in order to get them patched and corrected
  • Work directly with the customer to get the scope of work determined and the most efficient way of completing the package
  • Perform threat analysis on a wide range of enterprise networks, the assessment of 8500.2/800-53 r4 Information Assurance Controls, and ensure the POA&M is being executed
  • Continually stay up to date on the latest DISA STIGS (Security and Technical Implementation Guides), eMASS, HBSS and ACAS practices
  • Made recommendations to improve security procedures and systems
  • Audited networks and security systems to identify vulnerabilities by analyzing network scans
  • Analyzed system risk to identify and implement appropriate security countermeasures

Chief Radio Electronics Technician / Network Administrator

Military Sealift Command
Norfolk, VA
06.2016 - 12.2016
  • Identified and corrected performance issues on a wide range of computer networks; Server 2003, 2008, and 2012. Make suggestions and provide a plan of action on ways to implement needed changes in order to increase reliability and function of IP services on and off the ships
  • EKMS Manager while onboard the ship. Responsible for 47 line items of crypto along with all accountability and destruction logs
  • Worked with MSC N6 and Cisco representatives to develop quality of service rules for the routers when the network became saturated and exceeded 80% bandwidth usage. The ensured that essential services were allocated proper bandwidth in order to maintain continuity of operations
  • Implemented the new Emprise suite of software on board the USNS Arctic that provide a wide range of programs that are essential to the ships maintenance and log keeping abilities. Conducted testing on all aspects of the software once installed to ensure proper operation and no conflicts
  • Local Area Network (LAN) Manager for 7 servers, 121 client computers on two separate networks, and 13 stand alone computers. Responsible for the overall reliability, accessibility, and security of all computer networks and computer related equipment
  • Coordinated with INMARSAT Government solutions in order to allocate more bandwidth to all MSC ships operating in the 5th Fleet AOR so that communications systems reliability would improve for the fleet

Information Assurance Manager / Network Administrator

United States Navy - Coastal Riverine Squadron Four
Virginia Beach, VA
01.2013 - 01.2016
  • Responsible for the overall operational security for eight mobile satellite computer networks, video telecommunications equipment, and voice circuits for a deployable and scalable command. Each network consisted of 2 Windows Server 2008 DC's, 1 dedicated Exchange Server, 1 File Server, 30 client workstations, and 4 multi-function printers
  • Supervised 14 communications technicians on both RF and IP Services. Designated 3 Information Assurance Officers, 8 Information Assurance Technician II's and 4 Information Assurance Technician III's to be in charge of each network
  • As the Information Assurance Manager, ensured compliance with the Navy's Cyber Security Work Force (CSWF) program as well as keeping command compliance on all IAVA's, IAVB's, and CTO's. Worked with Cyber Forces Command to ensure that all DoD, CJCS, and Navy instructions were met and in compliance at all times
  • Supervised and performed network scans with Retina and uploaded scan results to VRAM website. When ACAS was implemented, network scans were done remotely and automatically uploaded to VRAM

Instructor

United States Navy - Center for Information Dominance
Virginia Beach, VA
01.2010 - 01.2013
  • Developed the Security+ 301 course curriculum, lead a team of 7 instructors in writing the course material, and achieved a 99% pass rate for the Security+ 301 certification test.
  • Used simulations, team exercises, group discussions, videos, and lectures to instruct participants and students in multiple topics of instruction
  • Qualified to teach Security+, Microsoft Exchange Server, Microsoft Server 2003, Cisco Routing Books 1 & 2
  • Master Training Specialist, NEC's 9502 Navy Instructor, 2791 - Information Systems Administrator, and 2720 - GCCS-M Administrator

Navigator / Assistant EKMS Manager

United States Navy - Boat Detachment 211
Virginia Beach, VA
01.2006 - 01.2009
  • Responsible for the management of over 1300 line items of Controlled Cryptographic Items (CCI)
  • Supervised 5 personnel and implemented 9 new programs for the communications department.
  • Drafted security operating procedures and training materials for all water born security team members
  • Supervised a team of 12 security personnel during each underway period while deployed in Iraqi territorial waters

Red Team / Blue Team Member - Computer Network Defense

United States Navy - Fleet Information Warfare Center
Virginia Beach, VA
01.2003 - 01.2006
  • Conducted over 35 security audits of U.S. Navy ships computer networks to identify potential problems related to network security, staff training and awareness, and asset protection
  • Computer Network Defense (CND) deployer for the USS Kearsarge strike group for the 2005 deployment. I was able to monitor and analyze each of the 6 ships network traffic and prevent any computer incidents.
  • Part of the initial PENTEST team for the U.S Navy. Conducted PENTESTs on over 75 ships and shore sites to determine the full vulnerabilities associated with each network. Provided each network owner with a detailed report of all security issues
  • Hand selected to test the physical security of NCTMS LANT and COMSECONDFLT. Was able to penetrate both facilities with little effort and get into several classified and controlled spaces

Education

Associate of Applied Science - Technical Studies - Computer Technologies

Excelsior College
Albany, NY
2014

Skills

  • TS/SCI Clearance - Current
  • System & Network Assessment & Authorization
  • Data privacy applications
  • Excellent communication skills
  • Department Level Supervisor Experience
  • Experience with instructional design
  • Expertise in Physical and Network Security
  • Experienced in administering large computer networks
  • Mac OSX and iOS experience
  • Highly motivated and Extremely fast learner
  • Team Management Experience
  • Developing security plans
  • Implementing security programs

Certification

CISSP Certification - 2022 (Current through 2025)

Security+ce Certification - 2016 (Current through 2022)

Project+ Certification - 2019 (Current through 2022)

EC-Council Certified Encryption Specialist v2 - 2019

CIW Web Security Associate - 2018

A+ Certification - 2018 (Current through 2022)

Network+ Certification - 2018 (Current through 2022)

Linux+ Certification - 2010 (Current through 2022)

Timeline

President

Evolution Technologies, LLC
09.2021 - Current

Senior Cyber Security RMF Specialist

Tyto Athene
07.2021 - Current

Lead Cyber Security Analyst

Nexagen Networks
02.2021 - 07.2021

Senior Cyber Security ISSE Lead

Capstone Corporation
09.2020 - 02.2021

Senior Security Engineer

Reliant Technologies
01.2017 - 09.2020

Chief Radio Electronics Technician / Network Administrator

Military Sealift Command
06.2016 - 12.2016

Information Assurance Manager / Network Administrator

United States Navy - Coastal Riverine Squadron Four
01.2013 - 01.2016

Instructor

United States Navy - Center for Information Dominance
01.2010 - 01.2013

Navigator / Assistant EKMS Manager

United States Navy - Boat Detachment 211
01.2006 - 01.2009

Red Team / Blue Team Member - Computer Network Defense

United States Navy - Fleet Information Warfare Center
01.2003 - 01.2006

Associate of Applied Science - Technical Studies - Computer Technologies

Excelsior College

CISSP Certification - 2022 (Current through 2025)

Security+ce Certification - 2016 (Current through 2022)

Project+ Certification - 2019 (Current through 2022)

EC-Council Certified Encryption Specialist v2 - 2019

CIW Web Security Associate - 2018

A+ Certification - 2018 (Current through 2022)

Network+ Certification - 2018 (Current through 2022)

Linux+ Certification - 2010 (Current through 2022)

Similar Profiles

  • Paola Camargo Leguizamon

    Paola Camargo LeguizamonPaola Camargo Leguizamon

    Senior Functional Analyst at Evolution Technologies GroupSenior Functional Analyst at Evolution Technologies Group

    View Profile
  • Sokphirun Tith

    Sokphirun TithSokphirun Tith

    Intern at HELLO EVOLUTION TECHNOLOGIES CAMBODIA CO LTDIntern at HELLO EVOLUTION TECHNOLOGIES CAMBODIA CO LTD

    View Profile
  • Zacarias Chiliandombe

    Zacarias ChiliandombeZacarias Chiliandombe

    CEO at Evolution Technologies LdaCEO at Evolution Technologies Lda

    View Profile
Brian Farley