1. John A Kenny
10200 DaylilyCt, Manassas, VA 20110| (H) 703-330-3983| (C) 703-403-0503| kennyja@gmail.com
Professional Summary
My experience in the electronic/computer industry spans more than twenty years in both secure and non-secure situations
to include the EOP Whitehouse complex. I have a strong background in customer service oriented environments,
requiring a judicious mixture of creativity, administrative, and managerial skills. I have in served many positions during
the course of my career to include team member, team lead management roles. I am known for my ability to deal
effectively in high stress,time sensitive areas,and am eager to apply this knowledge and skills. I am a highly motivated
individual with an exceptional track record for handling diverse and special projects. Both on-the-job and at home, I have
developed an thorough understanding of enterprise security and layered security architectures. I am intimately familiar
with NIST, DOD DITSCAP/DIACAP,CNS1253, ITIL security standards ,In prior work experiences I have been a key
participant in the design, installation and service of Microsoft NT, NOVELL NetWare,Ethernet,Token Ring and other
Local Area Networks,as well as various modem communications systems. I have also been involved with the
implementation of network and computer security items such as SIEM tools, PKI,TACACS,Radius and other Single
Sign-on solutions.
Skills
Certifications: CISSP,CFCP,MCSE, Novell CNE
McAfee EPO training
Spector 360 training
Nessus Security Center training
Tripwire training
Splunk training
Apache Solr (ELK stack)
PKI and Single Sign-on Solutions
Remote access technology
Excellent diagnostic skills
NIST, DOD DITSCAP/DIACAP,CNS1253, ITIL
Clearances: DOD Top Secret NACI with Presidential Access DoS Top Secret
Education
Bachelor of Science: Information Systems Security American Public University
Work History
Senior Cyber Information Assurance Analyst June 2007 - Current Northrop Grumman (Multiple NGC
Customers)
(DHS)-current Implemented an information security continuous monitoring (ISCM) platform using Splunk and Solr
(ELK) analytics tools to create security reports for DHS classified HSDN network. Integrated new data source inputs into
Splunk including data feeds from Remedy, Tripwire, MS Exchange, Spectre360, Tenable, BigFix, Active Directory, and
Cisco SourceFire. Created Splunk dashboards and correlated report outputs across multiple data feeds. Created metrics
and reports to use different data source inputs to validate each other increase integrity level of management level security
reporting. Configured Splunk to meet Whitehouse mandated ICS 500-27 Insider Threat monitoring requirements.
AirForce(AOC)-9/2014-8/2015 Documented and streamlined all C&A Security processes at AOC,and created a decision
based flowchart to diagram them. This action directly resulted in over a million dollar cost savings and 35% reduction in
man hours to the program with regard to applying STIG settings to environment. Created a process to track, triage and
prioritize security findings within the AOC WS system. Instrumental in developing and maintaining metrics used for
progress reporting to management. Key contributor to the selection of software that provided a database solution to
storing, analyzing and reporting vulnerability data and was the only technician experienced in installing, configuring and
2. maintaining the software after purchase. Participated in the conversion of the Information Assurance data from the old
manual process to the new database. NATO-6/2014-9/2014 Operated an information security continuous monitoring
(ISCM) platform using Northrop custom written analytics tool NCCCS to provide near real time statistics and reporting
on the NATO CIS networks at SHAPE HQ Mons Belgium. Reconfigured NCCCS software to use Active Directory
authentication. Integrated new data source inputs into NCCCS and created NCCCS dashboards and created correlated
report outputs across multiple data feeds. Created metrics to and reports to use different data source inputs to validate each
other increase integrity level of management level security reporting. BEP-9/2014-11/2012- Served as a supervisor and
Subject Matter Expert for Information Assurance Engineers on the Bureau of Engraving and Printing project.
Coordinates with Systems Developers, Administrators, and Program, and Project Managers to compile and document all
required FISMA C&A documents required for system authorization (ATO). Provides security expertise on customized
BEP business systems, to include customized printing and manufacturing systems and associated SCADA devices.
Provides security related subject matter input to System Administrators to correct or mitigate vulnerability findings.
Provides SME guidance and advice on UNIXand Windows hosts in order to improve security posture. Implemented
company policies, technical procedures and standards for preserving the integrity and security of data, reports and access.
Architected, designed and implemented CAESARS based Security Continuous Monitoring solution in order to meet NIST
FISMA requirements. Recommended network security standards to management. Implemented the ComplyVision,
automated C&A tool for the BEP. The ComplyVision tool is a core element of the BEP Continuous Monitoring solution
mandated by OMB. Configured security application platforms such as QRadar,SolarWinds, Nessus,Micrsoft SCCM to
feed data into ComplyVison in order to create security dashboard, and holistic security reporting foundation to support
migration from client-server product lines to enterprise architectures and services and Continuous Monitoring. Managed
severalprojects from concept to completion while managing outside vendors. Developed work-flow charts and diagrams
to ensure production team compliance with client security deadlines. Supervised and provided direction for six technical
direct reports regarding network activities. Dept ofState(Consular Affairs) 2009 - Nov 2012 Served as a supervisor
for Information Assurance Engineers on the Dept of State Bureau of Consular Affairs project. Coordinated with Systems
Developers, Administrators, and Program, and Project Managers to compile and document all required FISMA C&A
documents required for system authorization (ATO). Provided security expertise on customized CA business systems, to
include customized systems associated with productions and maintenance of passport and VISA information. Provided
security related subject matter input to System Administrators to correct or mitigate vulnerability findings. Provided SME
guidance and advice on UNIXand Windows hosts in order to improve security posture. Implemented company policies,
technical procedures and standards for preserving the integrity and security of data, reports and access. Recommended
network security standards to management. Implemented the ComplyVision, automated C&A tool for Consular Affairs
Bureau. The ComplyVision tool is a core element of the Consular Affairs Continuous Monitoring solution mandated by
OMB. Configured security application platforms such as IPost,SolarWinds, Nessus,Micrsoft SCCM to feed data into
ComplyVison in order to create security dashboard, and holistic security reporting foundation.to foundation to support
migration from client-server product lines to enterprise architectures and services. Managed severalprojects from concept
to completion while managing outside vendors. Developed work-flow charts and diagrams to ensure production team
compliance with client security deadlines. Supervised and provided direction for six technical direct reports regarding
network activities. VITA 2008 - Jan 2009 Performed initial C&A activities including security related deliverable
documents for Virginia Information Technologies Agency (VITA) Enterprise Security Operations Center (ESOC).
These duties included the creation of System Security Plan (SSP), Plan of Action and Milestones (POA&Ms),Process and
Procedure documents. Assisted VITA in implementing industry best practices such as SANS, ITIL, and vendor guidance,
as well as federalstandards such as NIST in the newly formed Virginia Enterprise IT Infrastructure. Assisted with the the
Mcafee ePolicy Orchestrator project, and wrote the process guides and operation procedure documents, and assisted with
the installation and configuration of Mcafee EPO at VITA. TechnicalLead for a Security Dashboard project to provide
situational security awareness for VITA Security Directorate and enterprise-level agencies. FEMA Nov 2007 - Apr 2008
Assisted in the security assessment and FISMA compliance of multiple systems at the FEMA Mt Weather facility.
Created security related C&A documents using the requirements specified in the National Institute of Standards and
Technology (NIST) guidelines and FEMA / DHS Policies and Procedures. Assisted with an effort to update and
standardize SSP information using an automated security tool (RSA). Established and documented a baseline of security
controls shared by all elements of FEMA. Dept ofState (Diplomatic Security) Jun 2007 - Nov 2007 Assisted in the
security assessment and compliance of the Messaging Center Officers (MSO) portion of the Department of State (DoS)
OpenNet Plus and DoS classified network (ClassNet).These duties included the creation of General Support Systems
(GSS) documents, System Security Plan (SSP), Plan of Action and Milestones (POA&Ms),Compliance and Vulnerability
Scan Reports, and Certification and Accreditation Recommendations for the (DoS) using the requirements specified in
3. the NIST Special Publications DoS Policies and Procedures Foreign Affairs Manual (FAM). Assisted with an effort to
update and combine severalsystem SSPs into one OpenNet GSS SSP.
Information Assurance Engineer/AnalystAug 2005 - Jun 2007 SAIC Falls Church, VA
Served as a member of the System Security Engineering team to provide life-cycle information assurance (IA)
engineering support for DOD's C2 system GCCS-J. Aided the customer in applying IT and security engineering expertise
into the software development phase of the project, rather than at the C&A phase.
This effort gave the developers a chance to recognize and correct security flaws before seeking a certification. Assisted
customer with security guidance, including the Common Criteria, DITSCAP,as well as DOD and NSA technical
configuration guides. Helped integrate security practices into the early stages of the Systems Design Lifecycle (SDLC)
process. Developed security test plans and assisted in the integration of security testing software to evaluate system assets.
Senior Security Analyst Feb 2005 - Aug 2005 Aquent Reston, VA
Performed Certification and Accreditation activities (C&A) for multiple VHA hospitals to include both generic (type) and
site accreditations in accordance with the (NIST), (HIPPA),and (SOX) standards along with VHA policy and procedures.
Wrote critical project security documents at both the site level, as well as the enterprise level.
Provided mentoring and guidance to junior INFOSEC personnel to relay knowledge of INFOSEC, LAN,WAN, and
operating system security principles, as well as lessons learned during site surveys.
Provided security and OS hardening expertise to VHA personnel.
Senior Security Engineer Oct 2002 - Feb 2005 Northrop Grumman (Multiple Customers)
DHS(HSDN) July2004-Feb2005 Served as Senior Security Engineer for multiple DHS clients while on the HSDN
(Homeland Security Data Network) project. THis effort included both generic (type) and site accreditations in accordance
with the DoD Information Technology Security Certification and Accreditation Process (DITSCAP). Deliverable
documents included SSAs (Site Specific Addendums), RRAs (Residual Risk Assessments),STEs (Site Technical
Evaluations) and CTE (Compliance Test Evaluation) for the Datacenter,NOC and SOC environment. Provided mentoring
and guidance to junior INFOSEC personnel to relay knowledge of INFOSEC,LAN, WAN,and operating system security
principles, as well as lessons learned during site surveys. Assisted in the development of security policies, plans and
architecture, and provided expertise and knowledge of DCID 6/3 as well as practical experience with Intelligence
Community (IC) customers. Dept ofState(Diplomatic Security)May 2003 - July 2004 Served as a Senior Security
Engineer while tasked to the Department of State (DoS) Diplomatic Security Services Bureau (DSS). Provided security
engineering and integration services to customers at foreign embassies worldwide in a team lead capacity. Instrumental to
the department in meeting FISMA, and HIPA certification at the embassies. Resolved security issues including
architectures,electronic data traffic, and network access. Coordinated with vendors in the design and evaluation of secure
operating systems, network tools, and database products. Used Encase forensic tools, and other tools to gather information
for the enforcement of computer policy violations. Performed penetration and vulnerability analysis and information
technology security research. Configured and maintained the customer's operational and lab equipment in compliance
with established DoS security standards. Reviewed customer's audit checklists and processes for relevance and
applicability. Served on review boards and panels to ensure procedures and equipment met the evolving federal
government security requirements. Prepared formalsecurity reports for submission to government CIO. PSRCP Oct
2002 - May 2003 Served as System Administrator supporting the PSRCP Network Management Component (NMC)
development effort. Responsibilities included the daily monitoring, performance and maintenance of the NMC release
systems under a strict configuration control environment. Responsible for systems backup and recovery, security,
installation and upgrade, disaster recovery,vendor coordination and project personnel support. Designed and implemented
a Veritas Netbackup Data recovery system to incorporate 25 Unix servers with a SAN attached robotic tape library.
Wrote extensive scripts and utilities for this backup and recovery system to enhance the performance, and security of the
system.Troubleshot all maintenance problems and recommended courses of action.
Enterprise Network Implementation Engineer Jan 2002 - Oct 2002 Wheeler Network Design Washington, DC
4. Functioned as Technical Team Lead for group of technicians on the OpenNet Plus Enterprise Network implementation
project. Traveled to foreign and domestic embassies to perform security C&A and remediation tasks in preparation to
migrate to the new enterprise infrastructure. Oversaw and coordinated planning efforts of Embassies and Consulate
offices overseas and domestic posts. Resolved team issues as well as post issues during visits. Ensured that all systems at
posts visited conformed with security settings policy issued by DS Security Configuration Guidelines. Submission of
daily status reports to project management in Washington DC along with status reports to post management. Provided
documentation on problems found, resolutions applied, and recommendations for the future health of the network.
Provided operational guidance for current and proposed projects. Acted as a SME in initial pilot for the migration to Win
2K from NT 4.0 to include design of Active Directory, GPO, and Win 2K Security.
Defense Messaging System (DMS) Lead Product Tester Apr 2000 - Jan 2002 Geologics Manassas, VA
Worked onsite at Lockheed Martin on the Defense Messaging System project. DMS is a suite of products integrated by
Lockheed Martin, to provide secure E-mail and directory services for the Department of Defense. Served as lead tester
for Microsoft products within the DMS suite. Worked with Microsoft Exchange 5.5, Exchange 2000, and Outlook to
ensure secure encrypted E-mail message flow between Microsoft and Lotus Domino servers. Troubleshot X.400 message
flow between Microsoft Exchange, and Lotus Domino servers,as well as X.500 directory services. Instrumental in
troubleshooting Fortezza and PKI certificate problems within the DMS system in the lab environment. Worked with
severalDMS specialty products, including MFI Multifunction Gateway, MLA X.500 mail list agent, MWS management
station, and PUA Profile User Agent.
Network Manager Feb 1998 - Apr 2000 Logicon Syscon, Inc
Functioned as Helpdesk manager/Network manager on a project for DOJ. Project included the integration and migration
of an existing predominately UNIXsystems to a true enterprise network using Microsoft Windows NT as the NOS
platform. Responsibilities included managing resources in order to maintain proper phone coverage at the call center.
Acted as buffer between level 1 support group and the level 2 and 3 support groups. Responsible for scheduling all down
time for network and server outages, to include backups, and downtime needed for upgrades. Performed regular security
compliance tests of servers,and integrity checks of backup tapes Implemented Microsoft SMS and SMS remote control
tools at helpdesk, which resulted in a 25% reduction in call resolution time.
Senior Network Engineer Jun 1996 - Feb 1998 Raytheon Systems Lexington Park, MD
Functioned as a LAN Network Engineer for Hughes Aircraft,which later became Raytheon Systems. Responsible for
maintaining a 17 server LAN network which included a mix of Novell 3.x, 4.x, Windows NT,and SUN UNIX platforms.
Responsible for maintaining and troubleshooting all core LAN/WAN network equipment including Wellfleet router,
severalCisco routers and 3Com Ethernet switches. Implemented a NetWare Multiprotocol Router, to perform TCP/IP
tunneling to provide connectivity to remote servers across the Internet. Functioned as lead engineer on a project to convert
16MB Token Ring LAN environment to a switched Ethernet platform. This effort included the design implementation of
LAN/WAN assets to facilitate the migration project. Planned and implemented migration from cc:Mail to Exchange 5.5.
Implemented and configured DHCP and WINS on newly migrated network Designed and implemented a network wide
backup scheme.
Network Engineer Jan 1996 - Jun 1996 GE Capitol Fairfax, VA
Served as a Network Administrator while contracted to the National Rifle Association as lead engineer/ administrator, to
provide network and help desk support for an 18 server Novell PC/LAN. Responsible for general PC support and help
desk support. Implemented TCP/IP protocol at workstations and configured DNS server. Responsible for administering
cc:Mail E-mail system as well as ensure connectivity to the NRA's IBM mainframe and IBM AS400 via a Netware SAA
Gateway.
5. Network Administrator Dec 1994 - Jan 1996 I-Net (Multiple Customers)
Dept ofJustice Mar 1995 - Jan 1996Network Administrator at the Department of Justice, Antitrust Division for the
management of a 37 server Novell PC/LAN. Responsible for administering the PC/LAN network,GroupWise E-mail
system, and Soft Solutions Document Management system. Assisted with revision of security policies with regards to Soft
Solutions security settings, and GroupWise shared mailboxes, as well as mailbox proxy rights. Served as an escalation
point, providing second level support to the Help Desk analysts. Daily duties included monitoring GroupWise message
servers as well as a X.400 link used to communicate with other Department of Justice agencies. Setup and administered 3
optical disk library servers so that users could access WORM disks via the network Provided tier 2 and 3 support for the
service center. DoD OUSD-PR Dec 1994 - Mar 1995 Functioned as the LAN / hardware technician on a contract with
the Department of Defense at the Pentagon. Duties included repair and installation of all PersonalComputer and LAN
hardware within the Office of the Under Secretary of Defense Personneland Readiness (OUSD-PR) group. Diagnosed
complex network problems on the OUSD-PR LAN,which consisted of 12 Windows NT servers,as well as a Microsoft
Mail E-mail server in three different buildings. Assisted in the administration of the network and E-Mail services,and
provided support at the (OUSD-PR) help desk. Worked with junior members of the network team to aid in diagnosing of
network problems as well as offered suggestions as to how network performance.
Computer Equipment Specialist Feb 1991 - Dec 1994 PRC Inc
Network technician in the PersonalComputer Support Group at the Executive Office of the President (EOP) and White
House Complex. Lead technician in troubleshooting and maintaining Novell, Ethernet and IBM Token-Ring LAN
networks as well as networked mainframe and fax connections. Performed regular reviews of security, and other audit
logs on networked fax server to look for suspicious user activity, and system related problems, and prepared routine
reports on same. Responsible for software installation and implementation in a variety of configurations.
Recommended standards for workstations and server configurations as well as assisted in the testing and evaluation of
hardware and software for integration into the EOP LAN / WAN environment. Assisted in the design and installation of a
remote login system for home use. Performed administrative duties on the White House Novell LAN network which
consisted of 4 domains and 36 NetWare servers.
Computer Equipment Specialist Apr 1989 - Feb 1991 EDS Inc
Lead technician in installing and troubleshooting cabling systems for Novell, Ethernet and IBM Token-Ring LAN
networks as well as networked mainframe and fax connections. Responsible for software installation and implementation
in a variety of configurations. Recommended standards for workstations and server configurations as well as assisted in
the testing and evaluation of hardware and software for integration into the Pentagon LAN / WAN environment.
Implemented a training program to teach other technicians how to terminate, splice, and certify fiber optic cables.
Computer Equipment Specialist Jan 1988 - Apr 1989 Federal Bureau ofPrisons Washington,DC
Served as a Lead Technician while at Federal Bureau of Prisons (BOP). Responsibilities included troubleshooting and
maintaining all desktop equipment at the Bureau of Prisons headquarters building.
Acted as Systems Administrator for Bureau of Prisons electronic BBS system. BOP BBS system was a Mustang/DOORS
dialup electronic bulletin board used to transmit prison population information, as well as other vital communications
between prison facilities.
Responsible for management, operation and maintenance of servers,as well as account management, and folder
permissions, also monitored chat room logs for suspicious activity, and possible BOP information being posted in public
forums.
Front Desk Manager Aug 1986 - Jan 1988 Sheraton Hotels Arlington, VA
Night Front Desk Manager at Sheraton Hotel in Arlington VA. Supervised other desk clerks on night shift, and performed
6. night auditing duties, and reviewed desk clerk console transactions reports on an as needed basis. Responsible for check-
in and checkout of guests, and resolving problems related to guest, and other convention related issues. This was a full
time night shift position that was concurrent with daytime school activities at Computer Learning Center.