Accomplishments
DLA Defense Logistics Agency 2016 – present
For over a decade Next Level Solutions has demonstrated expertise in performing preventative and analytical information assurance and cybersecurity activities for DoD and civilian information systems of every scale and sensitivity including recently providing support to the DLA Enterprise Certification and Accreditation Branch. This contract enabled Next Level Solutions to become thoroughly familiar with TFS systems as we conducted an end-to-end assessment of the DAAS and IOE D systems for the first RMF authorization at DLA. The Next Level Solutions Team supported this contract (SP4701-15-C-0051) with the DLA J64 Enterprise Certification and Accreditation Branch to provide comprehensive information assurance/cybersecurity services. This includes IA Certification and Accreditation (C&A) Services, IA Policy Services, IA Plan of Action and Milestones (POA&M) Services, IA Workforce Management, Federal Information Security Management Act (FISMA) Tracking and Reporting, Enterprise Architecture Support and Compliance Support, and IA Engineering Support. To that end, Next Level Solutions provided expert support to senior-level leaders as they establish direction, organizational structure with well-defined accountability for decisions that impact on the successful achievement of strategic objectives, and the institutionalization of best practices through organizing activities in processes with clearly defined process outcomes that can be linked to the DLA cybersecurity strategic objectives. DLA and all other DoD organizations are currently undergoing a transition in the manner in which certification and accreditation is performed and Next Level Solutions has significant experience with the implementation of the Defense Information Assurance Certification and Accreditation Process (DIACAP) as well as the newly adopted Risk Management Framework (RMF). Next Level Solutions distinguished itself by providing support to the DLA J64 AAA with Cybersecurity/Information Assurance (IA) subject matter expertise in support of various projects and daily tasks. Our team supported the Enterprise Discipline of Certification and Accreditation (C&A) with security log review and expertise for the transition from DIACAP to RMF, as the standard for information system authorization to operate (ATO). A concentrated effort was made to continue the RMF Pilot Assessment and Authorization Effort support, which included developing the strategy for re-alignment of ISSO to J64 Security Integration Operations. This support will assist the Enterprise Development Program Manager (PM) with IA/Cybersecurity Governance and Security Integration within that Program’s development lifecycle. The Next Level Solutions PM conducted a DCS lecture session for J64 leadership (Brad Lantz and team), the RMF Cyber Leadership Training, which took place on February 5, 2016. Particularly notable was our continued success in maintaining the DSS, VSM, EAGLE, FMD and Privileged User audit log monitoring compliance. The audit log teams’ support is enhancing the standardized approach to audit log monitoring across the DLA enterprise. Next Level Solutions was busy refining how the anomaly information is extracted from the audit logs. This is due to the Next Level Solutions Team research efforts to compile a list of event IDs to be used during log reviews. This information will be added to the Quick Reference Guide as a job aide reference tool for the ISSOs to use during audit log monitoring tasks. The event IDs will help the ISSOs search for a broader range of information to capture log anomalies for escalation. This will be of critical use in the optimization of TFS databases as well as securing the systems. Next Level Solutions is uniquely poised to effectively manage the continuous development and improvement of information assurance/cybersecurity to enhance the overall IA posture of DLA networks (both unclassified and classified), information systems, and applications in accordance with the DLA direction, DoD 8500.01, DoDI 8510.01, RMF, any other applicable policy and procedures, and emerging standards. DoDI 8510.01 defines the DoD requirements for security assessment authorization policy and procedures. In addition, Next Level Solutions is experienced with implementation of the National Institute of Standards and Technology (NIST) guidance for Federal information systems. Our team will continue to provide DLA Information Assurance (IA)/ Cybersecurity (CS) SMEs that fully meet DoD 8570.01 and any specific IA certification identified by an individual TO PWS. The Next Level Solutions Team has dedicated personnel to track and manage DoD 8570.01 certification requirements. We developed the first RMF cybersecurity strategy and security plan for a high integrity national security information system widely used by the intelligence community (IC). This includes IA workforce management support in accordance with DoD Directive 8570.1 and the corresponding manual 8570.01-M. The IA workforce consist of personnel with Information System privilege access (admin or root) and/or working IA functions in technical, management, Computer Network Defense Service Provider (CNDSP) and Architect and Engineer positions. IA functions are described in DoDD 8570.01-M. The DoDD 8570.1 establishes baseline technical and management IA skills among personnel performing IA functions across the DoD enterprise and our team has provided support to various DoD entities since this directive was first issued. This experience qualifies Next Level Solutions with practical knowledge of the DLA Transaction Services mission, the technical specifications of existing TFS databases and applications supported, database anomaly detection, and the ability to give technical support to application developers and stakeholders.
Army PEO EIS PMO for DoD Biometrics 2015 – Present
Our proven success includes the development of the first RMF System Security Plan and authorization package for a U.S. Army major application supporting the enterprise information system Approval to Operate (ATO). Next Level Solutions supported the Army PEO EIS PMO for DoD Biometrics (W15QKN-13-C0063) to integrate cybersecurity into the full software development life cycle (SDLC) of the information system that includes the authoritative biometric repository of known and suspected terrorists used by the entire Intelligence Community, both military and civilian. Next Level Solutions supported PM Biometrics (PM BIO) by providing Cybersecurity/Information Assurance subject matter expertise and support to both of its product divisions PdM JPI and PdM BEC, including the management of several projects and daily Information Assurance tasks. Key focus areas included the transition from DIACAP to DoD RMF and cybersecurity support for the final deployment decision (FDD) for DoD ABIS 1.2. This project included more than information assurance as Next Level Solutions advised the PM engineers on technical matters to modernize the DoD ABIS system, particularly with respect to Java, RHEL, and JBOSS. These priority projects included the tasks of establishing an Information Assurance Vulnerability Alert (IAVA) mitigation strategy for deployed JPI and BEC assets, developing comprehensive system security plans (SSPs) for DoD ABIS and BAT HH, and consulting PM leadership acquisition strategy and the draft Memorandum of Agreements between PdM BIO and external entities utilizing PM BIO assets. Next Level Solutions supported the DoD ABIS 1.2 FDD effort and was also involved in the planning for the transition from BAT-A-Base and DoD ABIS 1.0, which both were properly decommissioned with our support. The team supported the objective of PM BIO to deactivate these systems in within the Army Portfolio Management System (APMS) and the US Army Information Assurance Certification and Accreditation Tracking Database (C&A TdB). Next Level Solutions provided briefing materials, daily updates to leadership, and expert guidance on the many IA/cybersecurity implications of the DoD ABIS Operational Testing for deployment. After completing the C&A re-accreditation of the BAT-A 4.1 unclassified and classified systems, Next Level Solutions took a pilot role as early adopters in the enterprise-wide transition from DIACAP to Risk Management Framework (RMF) cybersecurity. Next Level Solutions worked with various stakeholders to develop comprehensive system security plans (SSP) for DoD ABIS and BAT Hand-Held systems. These documents cover all aspects of system engineering, development, and security. Next Level Solutions worked with other contractors serving as system integrators, including ManTech, Leidos and Northrop Grumman, to improve security engineering and Information Assurance compliance reporting and vulnerability mitigation efforts, ensuring that all program information systems were functional and secure and implementing information security standards and procedures through the certification and accreditation process. Next Level Solutions continued to refine and adapt the IAVM compliance reporting to meet all government requirements, particularly optimizing the new functional organizational structure. Additionally, our team implemented the local IA workforce management program to ensure compliance as prescribed in Defense Federal Acquisition Register 252.239-7001 Information Assurance Contractor Training and Certification, and in full accordance with DoD 8570.01-M, Information Assurance Workforce Improvement Program. We monitor the compliance status of all IAT and IAM personnel on a continuous basis. Next Level Solutions ensured IAT Levels I – III, IAM Levels I and II, and anyone with privileged access performing IA functions receive the necessary initial and sustaining IA training and certification(s) to carry out their IA duties.
DISA Defense Information System Agency 2011 – present
NEXT LEVEL SOLUTIONS recently contracted with Defense Information Systems Agency (DISA) to develop and implement the GIG engineers Technical Workforce Development Program that included extensive systems engineering, modeling and simulation, and information assurance. NEXT LEVEL SOLUTIONS am recognized internationally as an expert on the full range of IT disciplines because NEXT LEVEL SOLUTIONS am the rare combination of programmer, data architect, network engineer, systems analyst, and teacher. Because NEXT LEVEL SOLUTIONS have spent a substantial percentage of my career teaching and consulting others NEXT LEVEL SOLUTIONS have had to develop a broader comprehension of the integration of technologies than most IT specialists and my certifications attest to this. NEXT LEVEL SOLUTIONS have CISSP, CEH, MCITP, CIW CI, MCSE, CCNA+V, CompTIA A+, Network+, Security+, PMP, CTT certifications. Also, in the interest of pursuing certain opportunities NEXT LEVEL SOLUTIONS two new degrees to my education focused on the Cybersecurity issues of the 21st century-BS Computer Networking and Security from Maryland University.
PTO Patent and Trade Mark 2015 – present
NEXT LEVEL SOLUTIONS have served as a senior expert conducting vulnerability assessments for a high-risk organization, which included all of the processes noted above. This organization had complex, interrelated networks with links to external or dispersed organizations. Examples include conducting analysis of IT systems to determine current Information Assurance (IA) posture, providing in-depth technical support on analysis and evaluation of security requirements, leading system security Certification and Accreditation (C&A) activities to include threat assessments, vulnerability assessments, security plan development, security assessments, risk analyses, and certification reports, experience with OMB, FISMA and NIST information security policies and procedures or experience implementing continuous monitoring of required security controls.
Navy 2015 – present
NEXT LEVEL SOLUTIONS served as an subject matter expert (SME) for the cryptographic key material management command for a executive directed cybersecurity improvement project. NEXT LEVEL SOLUTIONS directed the analysis of processes including applications and data architecture, access control, telecommunications/network engineering and security, information security governance and risk management, security architecture and design, operations security, business continuity and disaster recovery planning, legal, regulations, investigations and compliance, and physical (environmental) security. NEXT LEVEL SOLUTIONS also trained all key IT officers to meet the information assurance certification standards required by the Pentagon.
Department of Education We developed the technical training for the Horace Mann Learning Center, performing all mission-critical duties, project management, client contact, technical and user training, course development, web development, technical writing, staff management, and procurement. Assisted with analysis, systems engineering and documentation of IT capabilities (technology, data, security, etc.) relevant existing state, maturity, and capability of information systems. Collaborated with in-house enterprise architecture teams to develop and implement architectural roadmaps providing architectural direction, design and implementation of a high availability solutions for continuity of operations for complete IT infrastructure implementations including mainframe, multiple server platforms, software middleware, storage, and services.
Fannie Mae- Training and Development Center Contracted to teach MS Office, DOS/LAN/Windows for power users.
1993 – Present U.S.D.A. Graduate School Contracted to conduct technical and end-user training internationally, including programming, data management development, network engineering and security, and a variety of certification prep courses. This includes MCSE, CNE prep courses and A+ equivalent training. Lead member of Webmaster Certification Council. Taught CISSP Common Body of Knowledge to the Navy Cryptographic Material Command.
2011 – Network Plus Prep
2011 – PMP Prep
2011 – Security Plus
2010 – Security Certification Program
2010 – Engineering Green Solutions LGM
2009 – Telepresence Audio Video Solutions
2009 – Microsoft Certification Prep Series
2009 – Desktop Publishing Certification Program
2005 – Webmaster Program
2003 – Help Desk Training Program
2002 – A+ Program