Rick DeGraffenreid

• Maintained confidentiality when addressing sensitive information with tact and diplomacy.
• Communicated clearly and listened attentively throughout interview process to facilitate exchange of information.
• Remained composed and poised even in most demanding of situations and physically stressful environments.
• Worked closely with team members to deliver project requirements, develop solutions and meet deadlines.
• Prioritized and organized tasks to efficiently accomplish service goals.
• Juggled multiple projects and tasks to ensure high quality and timely delivery.
• Demonstrated self-reliance by meeting and exceeding workflow needs.
• Demonstrated leadership by making improvements to work processes and helping to train others.
• Provided excellent service and attention to customers when face-to-face or through phone conversations.
• Improved operations by working with team members and customers to find workable solutions.
• Motivated and encouraged team members to communicate more openly and constructively with each other.

• Monitored team progress and enforced deadlines.
• Delegated daily tasks to team members to optimize group productivity.
• Fostered positive employee relationships through communication, training and development coaching.
• Counted inventory, resolved discrepancies and completed paperwork to keep system accurate and current.
• Integrated process improvements to increase overall workflow.
• Organized and prioritized incoming work orders and optimized team workflows and resources to handle dynamic demands.
• Documented production levels, materials used and special incidents to keep management informed of daily activities.
• Developed and monitored weekly staff schedules.
• Developed and implemented policies, procedures and process improvement initiatives to improve retention rates and increase customer satisfaction.
• Kept work flowing smoothly in and out of department by working closely with shipping, warehouse and other personnel to coordinate movements.

· Commonwealth of Virginia Pinnacle/Unisys Team Customer Facing Information Security Officer (ISO) managing cyber security compliance, developing SSP and Federal Audit remediation plans, resolving server as well as other asset / network security issues and resolving the confusion generated between audit processes using multiple (differing) standards to manage risk to an acceptable level. This involved analyzing Tenable NESSUS Security Center raw findings and informing the appropriate stakeholders if compliance deviations or vulnerabilities were associated with the hosting asset operating system, the hosted application, or architectural compliance for defense-in-depth security of protected data. These tasks included SEIM tracking via RSA Archer GRC toolset.

· Commonwealth of Virginia ADITI-SAIC Governance Requirements Compliance Lead (ISO) for Virginia IT Agency (VITA Assist) Governance Risk and Compliance (GRC) Transition Assistance / reinvention, supporting 84 State Agencies as well as VITA CSRM within the Commonwealth of Virginia while assisting several agencies in resolution of overdue Federal FTI and PHI Audits. This included regular and privileged account processing; Tenable/Nessus account management and scanning; Vendor Service account transition; and documentation of system compliance status. As GRC Team lead, supported COV Agencies under Virginia IT Agency Transition Assistance Program including COV Department of Taxation, VDOT, DSS, VDH, VEC, DMV, VITA Core Services. Other Cyber Security tasks included scanning, CVE/CWE reporting, SIEM/Incident documentation, and NIST RMF/SEC501 compliance. VITA ISO training completed. Member of CAB (Change Advisory Board).

· GRC Routine ISO tasks included account lookups in ARS, approval of creation and modification of role based access (RBA) within the COV Virginia.Gov domain(s); Assisting customers with account issues prior to submission to the VCCC or after rejection by the VCCC; Reviewing accounts and requests for Role-Based and Least Privilege access insuring adherence to agency security requirements; troubleshooting account issues with Active Directory and other account workflows; Process exception requests, wavers, firewall rule changes, etc. Maintain agency security operations documentation; assist with agency security operations including Topology, Configuration, and Vulnerability compliance scanning while populating risk mitigation documentation and POA&Ms as required.

· Details of special deliverables and project accomplishments as GRC Lead include:

o Refresh of Nessus Scanner and other tools / processes after many years of being forced into the canned reports from ePO (e Policy Orchestrator) and Tenable Security Center.

o Developed targeted environment Tenable NESSUS scans for Virginia Department of Elections in support of the Mid Term Elections; as well as Virginia Department of Taxation & Virginia Department of Social Services to resolve overdue IRS Federal Audit findings - identifying broken McAfee signature databases, certificate problems, configuration problems, patch non-compliance, and unauthorized software. This included in-depth pivot table analysis of raw SC data dumps..

· Discovered and analyzed urgent findings in support of State Agency workstations and servers (Previously un-ticketed, yet critical, high and moderate risk issues) in time to remediate/mitigate risk for Department of Elections, and Department of Taxation & VDSS prior to urgent event windows.

• Protected secure data files and regulated access.
• Made recommendations to improve security procedures and systems.
• Analyzed system risk to identify and implement appropriate security countermeasures.
• Audited networks and security systems to identify vulnerabilities.
• Analyzed security procedure violations and developed plans to prevent recurrence.
• Designed, implemented and maintained security systems and controls.
• Updated virus protection systems based on computer virus reports.
• Designed and implemented plans to secure computer files against breach, destruction or accidental modification.
• Built firewalls and encrypted data to secure confidential information.
• Conducted record searches and coordinated with other units on procedural problems involving complex cases.
• Managed [Software] information system accounts, facilitating transfer of data to users.
• Researched and designed advanced computer forensic tools.
• Worked closely with team members to deliver project requirements, develop solutions and meet deadlines.
• Prioritized and organized tasks to efficiently accomplish service goals.
• Juggled multiple projects and tasks to ensure high quality and timely delivery.
• Demonstrated self-reliance by meeting and exceeding workflow needs.
• Demonstrated leadership by making improvements to work processes and helping to train others.
• Provided excellent service and attention to customers when face-to-face or through phone conversations.
• Improved operations by working with team members and customers to find workable solutions.

• Evaluated and reviewed staff performance.
• Ordered supplies and managed inventory.
• Determined proper allocation of resources to maximize work coverage and team effectiveness.
• Resolved customer issues and provided creative solutions.
• Devised strategies for optimizing work procedures, technical training and standard processes.
• Generated reports outlining latest updates, results and proposed solutions.
• Conducted inventory counting [Number] times per year.
• Managed group of [Type] professionals accomplishing [Name], [Name] and [Name] objectives.
• Managed administrative office functions, including [Duty], [Duty] and [Duty].
• Troubleshot and resolved problems with programs and systems.
• Troubleshot malfunctions with systems and programs to pinpoint root cause of issues and restore.
• Executed and implemented solutions on time and within budget constraints.
• Trained end-users in best practices to minimize errors and protect key data.
• Offered technical helpdesk support to customers on printers, PCs and laptops and mobile devices.

• Assessed effectiveness of training program to identify and resolve deficiencies or issues.
• Utilized standard electrical components in analog and digital circuits.
• Observed safe work practices and conducted safety inspections to reduce workplace accidents.
• Enforced safety mandates and OSHA restrictions with good leadership skills.
• Encouraged student critical thinking and discussion using variety of teaching techniques.
• Optimized project completion time by troubleshooting after-hour emergencies for immediate repair.
• Evaluated students' performance and issued progress reports.
• Applied variety of instructional resources to meet needs of students with varying backgrounds and learning styles.
• Created appropriate learning environments for students.
• Planned and conducted activities for balanced program of instruction, demonstration and work time, providing students with opportunities to observe, question and investigate.
• Conducted on-the-job training classes and demonstrated principles, techniques, procedures and methods of diverse subjects.
• Crafted lesson plans to meet diverse learning modalities and ensure inclusive learning environment.
• Selected curriculum and instructional aids to increase students' understanding of core concepts.
• Supervised advanced student work, including both independent and group projects.
• Collaborated with other educators to address deficiencies in program offerings.
• Maintained student records detailing progress, attendance and program requirements.
• Gave constructive feedback to students to improve learning and progress against course objectives.