Orlando Gonzalez

20420 Peckham Street

Ashburn, Virginia 20147

C (703) 587-2248

Email ogonzo@gmail.com

http://www.orlandogonzalez.com - Rich Text Format - Microsoft Word Format


Objective: Seeking challenging opportunities in the Certification & Accreditation (DIACAP & NIST) arena.

Special Qualifications

                     Active DOD TOP Secret Security Clearance (w/SBI)




10/12 Present Principal Analyst Belmont Technical Solutions, Ashburn, VA

Supporting Naval Research Lab Code 1220 IA Group (V-Tech Solutions) Senior Information Assurance Consultant Currently performing the duties of a Fully Qualified Navy Validator (FQNV). Perform the following activities in support of NRL C&A Packages in eMASS:

  • Obtain system or site information and use it to evaluate security features of the IT system or site being certified and accredited
  • Document C&A information in the Comprehensive DIACAP package ensuring internal consistency of the information
  • Optimize test plans and procedures to ensure the test plan addresses the correct level of effort and is sufficiently comprehensive to validate all IA requirements applicable to the IT system or site being certified and accredited
  • Execute test plans and validation procedures and evaluate all discrepancies to recommend mitigation measures for reducing or eliminating specific risk items
  • Optimize C&A test and validation procedure results to ensure the most accurate reporting in the appropriate format and that all IA requirements have been addressed.
  • Analyzes C&A test and validation procedure results findings/weaknesses for risk with respect to IA requirements. Work with ISSE to determine fixes or mitigations for weaknesses and to determine the level of revalidation testing that is necessary if immediate fixes are applied. Note unmitigated discrepancies, document countermeasures that are in place and update POA&M in eMASS for addressing open risk/residual risk items.
  • Upon completing of all Validation steps prepare Risk Assessment & Certification Determination (CD) Letter and submit to CA/ODAA.
  • Submit C&A Package in eMASS for review by higher Echelons.
  • Participate in Collaboration Meetings with CA/ODAA


03/10 09/12 Principal Analyst Belmont Technical Solutions, Ashburn, VA

Supporting DoN CNIC N61 Emergency Management Programs (Gupton & Associates) Senior Information Assurance Consultant Working on various projects to maintain or obtain DIACAP Accreditation. Updated and or developed various DIACAP artifacts (SIP, DIP, C&A Plans, Scorecards, Rules of Behavior, Incident Response Plans, CT&E Plans, POA&Ms).


Performed validation testing of DIACAP controls using DISA tools (Gold Disk, SRRs, Checklists, Retina) for the following projects: Public Safety Network (PSNet), Automated Metering Infrastructure (AMI), Emergency Land Mobile Radio (ELMR).


Conducted a site survey of the environmental and physical DIACAP controls for the Service Delivery Point West in San Diego.


01/09 04/10 Senior Information Assurance Engineer MBA CSi, Herndon, VA

Sentinel Project-FBI (Lockheed Martin) Increment Lead Responsible for taking multiple increments through the full NIST C&A Lifecycle. Assessed security requirements per 800-53 and assigned appropriate security controls. Reviewed Component Design Packages (CDP) and Requirements, Design and Test (RDT) documents to ensure appropriate security design/architecture were incorporated. Reviewed the Segment level System Security Plans and updated all identified sections. Represented the IA group in weekly Project Engineering & Design (PED) and Technical Interchange (TIMS) meetings. Participated in Peer Reviews to ensure security controls were being met in the designs.


Sentinel Project-FBI (Lockheed Martin) Alternate ISSO Performed ISSO related duties in the absence of the Primary ISSO. Ensured that security operations were in compliance with established policies and procedures. Performed security scans of files moving from high to low side. Reviewed all requests for privileged user access to systems. Maintained POAM and coordinated work-off of items.


05/04- 12/08 Senior Information Assurance Analyst - Northrop Grumman, Washington, DC

Provided Information Assurance Support for various projects.

Biometric Identification System for Access (BISA) - Provided support/mentorship to the Independent Security Test & Evaluation Team Lead. Conducted vulnerability scans using DISA Gold Disks, SRRs and eEye Retina. Assisted in compiling detailed reports for out-brief.

Automated Biometric Identification System (ABIS) - Led an Independent Security Test & Evaluation Team consisting of 9 personnel prior to an ACA visit. Provided upper management with daily detailed reports on system vulnerabilities to ensure fixes were implemented in a timely manner.

Port Operations Management System (POMS) - Provided support for a DITSCAP to DIACAP re-accreditation. Acted as the Independent Certifier ensuring all 8500.2 controls were tested. Conducted vulnerability scans using DISA Gold Disks, SRRs and eEye Retina. Compiled the POA&M based on the test results.

United States Naval Observatory (USNO) Led a team of 5-7 personnel in providing DIACAP system hardening support. Conducted vulnerability scans using DISA Gold Disks, SRRs and eEye Retina.

Battlefield Airborne Command Node (BACN) Spiral 2 - Provided DITSCAP support as the Certification & Accreditation Task Lead. Developed the Security Requirements Traceability Matrix (SRTM). Updated the initial SSAA for the Spiral 2 SSAA. Developed the Certification Test & Evaluation Plan to include all test procedures based on DISA guidance. Conducted a dry-run of the CT&E in preparation for the Formal CT&E. Conducted vulnerability scans using DISA Gold Disks, SRRs and eEye Retina.

Battlefield Airborne Command Node (BACN) Spiral 1 - Assisted the Certification & Accreditation lead with the Certification Test & Evaluation Plan. Developed all test procedures and assisted in the execution of the CT&E. Evaluated results and provided a vulnerability assessment.

United States Army Reserve - Provided support to the G3 (Provost Marshals) office by conducting Vulnerability Assessments at the Regional Readiness Commands.

Department of Justice - Senior PKI Systems Engineer - Assigned as a Sr. Systems Engineer and technical lead on the DOJ PKI Phase 2 Task Order. Responsible for the implementation of the PKI system and the preparation, quality control and delivery of major systems engineering deliverables to include the project Bill of Materials for 3 three-system environments, Preliminary Design Review, System Design Document, Critical Design Review, Test & Evaluation Master Plan and Test Procedures, Training Plan, Deployment Implementation Plan and O&M Manual.


12/03-05/04 Certification & Accreditation Engineer American Systems Corp Chantilly, VA

C&A Engineer - Tasked with providing support to a C & A team working on JCON IIa for the DOJ. Created STE test procedures for 17 components and system level testing and acted as Test Director. Used Harris STAT, ISS Internet Scanner, Security Expressions and WEB Inspect to produce a Vulnerability Assessment for each component. Followed NIST 800 series guidance to provide support for the C & DR, SSG, SSP, STE, the Facilitated Risk Assessment and the Vulnerability Assessments.


Information Assurance Engineer - Tasked with providing IA support to SDDC (formerly known as MTMC). Conducted vulnerability scans on all network devices and clients using Harris STAT, ISS Internet Scanner and Nessus to ensure the command was compliant with all Army Cert IAVAs. Produced detailed reports on all scans to management. Responsible for scanning all new network and client devices to ensure they were also compliant prior to connecting to the network. Maintained the McAfee ePolicy Orchestrator Server to ensure virus signatures were up to date and clients were compliant.

10/00-12/03 Technical Architect III - Corporate Security, SPRINT Reston, VA

PKI/Strong Authentication Architect - Tasked with providing strong authentication solutions for internal and external customers. These include but were not limited to PKI using the Entrust platform, RSAs Ace server/SecurID platform, Managed Radius consisting of Funks Steel Belted Radius servers and standard LDAP Directories.


Provided testing and validation for various devices (Nortel Contivity, Netscreen, Cisco Pix, Cosine VPN3, Checkpoint and Raptor firewalls) to access and integrate with existing strong authentication infrastructure.


Responsible for Tier 3 application support for escalation of current authentication platforms and servers (Solaris 2.6/8). Maintained and upgraded all servers to ensure systems were current.


Network Security Engineer III - Corporate Security, SPRINT Reston, VA

Authentication Group Supervisor - Promoted from Network Security Engineer II. Tasked with organizing and defining the responsibilities and procedures of the Strong Authentication Group. The group included 5 analysts who worked on a Remedy based ticketing system to provide Sprints internal and external clients with a PKI and token based solution. Products that were used included Entrust (PKI) to provide a managed PKI solution for our external customers and a corporate solution for encrypted e-mail between our Internet Security Operation Center (ISOC) and our clients. Used Entrust/RA to issue digital web certificates enabling clients to authenticate and view sensitive proprietary information.


Provided Tier 3/4 support for RSA SecureID and ACE servers are used to provide customers with token based authentication into their various networks. Provided Tier 3/4 support for Steel Belted Radius Servers and Nortel Contivity VPNs used in our Managed Radius offering for external customers to provide a central password based authentication scheme. X.500 LDAP directories were used to centralize all customers and provide a HA solution.


Network Security Engineer II Assigned to the Internet Security Operation Center (ISOC) to provide Tier II support for Checkpoint and Raptor Firewall issues. Handled all firewall and Radius issues escalated to Tier II through the Remedy Ticketing System. Assisted clients in trouble shooting their firewalls for a wide variety of problems. Added and deleted rules on the firewalls to ensure traffic was passing efficiently. Snooped user interfaces and reviewed logs in real time to resolve issues.

U.S. ARMY Experience

03/99-10/00 Defense Messaging System (DMS) Implementation Team Pentagon, Washington D.C.

Mail List Manager Developed detailed install/maintenance procedures for the Mail List Servers.

11/97-10/00 Single Agency Manager Pentagon Telecom Center Washington D.C.

Shift Supervisor - Responsible for overseeing and coordinating the operations of a telecommunications center with over 50 personnel.

05/91-11/97 NATO Headquarters Brussels, Belgium

Non-Commissioned Officer In Charge of the Special Handling and Evaluations Detachment - Maintained a secure (Top Secret) on-line communications facility consisting of a PC/Windows NT based fiber optic network and a PC/Unix network.

01/90-05/91 U. S. Army Information Systems Command Telecom Center Redstone Arsenal, AL

Shift Supervisor - Supervised 6 personnel.

11/88-01/90 U. S. Army Information Systems Command Telecom Center Quarry Heights, PM

Operator / Supervisor - Supervised 3 personnel.


Civilian Education

2005 Bachelors of Science Information Systems Management, University of Maryland

1992 Associates in Liberal Arts, Central Texas College


IT Certifications

2010 Certified Information Systems Security Professional (CISSP)

2005 ActivCard Certified Professional (ACP) on Enterprise Access Card and CMS 3.7.1.

2003 Harris Stat


IT Training

2006 CISSP Boot Camp Global Knowledge, Arlington, VA

2003 Harris STAT Scanner Course U.S. Army

2003 Entrust Authority Security Manager Comprehensive Entrust HQs, Ottawa, CA

2001 RSA SecurID Administration 5.0 Meridian Resources, Herndon, VA

2001 Injoin LiveContent Directory Installation & Administration Global Knowledge, Toronto, CA

2001 Entrust PKI Management Course Global Knowledge, Sterling, VA

2000 Complete MCSE Track NETCERT, Springfield, VA

1999 DMS Administrators Course Lockheed HQ, Manassas, VA

1999 HP-UNIX Administrators Course HP Headquarters, Rockville, MD

Military Training

1997 Special Intelligence Training (1 WK) Oberammergau, Germany

1996 DIA Indications & Warning Training (1 WK) Oberammergau, Germany

1991 Basic Non-Commissioned Officers Course (8 Wks) Ft. Gordon, GA

1989 Primary Leadership Development Course (4 Wks) Ft. Sherman, Panama

1987 Automatic Data Telecommunications Center Operator (12 Wks) Ft. Gordon, GA



Professional references provided from employers and associates upon request.