![[Company Logo Image]](_borders/Coat15w72.gif)
|
|
|
Let us help you slay your dragons.
|
BRYAN SCOTT AUSTIN 9901 Boardwalk Dr. - Highlands Ranch, CO 80129-4628 - Cellular: 720-261-3175 PROFILE
·
Certified Information Systems Auditor (CISA)
·
Certified Information Systems Security Professional
(CISSP)
·
Certification and Accreditation Professional (CAP)
·
Certified Identity Theft Risk Management Specialist
(CITRMS)
·
Certified Project & Program Manager
·
Certified Acquisition Professional: Level III in Systems
Planning, Research Development and Engineering
·
Scientific Manager Certified: Level III
·
Develop Engineer Certified: Level III; Scientist
Certified: Level III Mr. Austin is an experienced Senior Security Specialist (auditor, consultant, and engineer) and Project Manager with expertise in business and government security Certification and Accreditation (C&A), auditing, testing, consulting, and evaluation (Security Assessment {SA}, formerly Security Testing & Evaluation {ST&E}), and Personally Identifiable Information (PII) protection. He has performed these duties for the Department of Interior (DOI), National Business Center (NBC) Bureau of Land Management (BLM), Minerals Management Services (MMS), Office of Surface Mining (OSM), National Institute of Health/National Institute of Allergy and Infectious Diseases (NIH/NIAID), Forest Service, and the Fish and Wildlife. C&A, SA efforts include the auditing, writing, and evaluation of General Security Systems (GSS), Major Applications (MA), System Security Plans (SSP), Risk Assessment, Asset Valuation (AV) discovery, Technical Vulnerability Assessments (TVA), Privacy Impact Analyses (PIA), Interconnection Security Agreements (ISA), and more. Mr. Austin performs audits, tests, evaluations, and develops documentation in compliance with industry standards and federal guidance such as: Federal Information Security Management Act (FISMA), Office of Management and Budget (OMB), National Institute of Standards and Technology (NIST) Special Publications, Federal Information Processing Standards (FIPS), Health Insurance and Portability and Accountability Act (HIPAA), Federal Trade Commission (FTC), Gramm-Leach-Bliley Act, and Federal Information Security Management Act (FISMA). Before becoming a Senior Security Specialist, Mr. Austin was
an aerospace/mechanical research engineer, Technical Director, Contracting
Officer’s Representative (COR), Contracting Officer Technical Representative
(COTR), Program Manager, Project Manager, and the USAF domestic and
international Quantity-Distance representative for projects ranging from $20k -
$28M, and was COR for the HPM (High Powered Microwave), Pulsed Power, Prime
Power contract and wrote the follow-on contract that was awarded at $49.3M,
which required negotiations through the Small Business Advocacy Office to the
Under Secretary of the Air Force. QUALIFICATIONS & SKILL SETS
PROFESSIONAL EXPERIENCE G&B SOLUTIONS INC. MAR 2002 - PRESENT Senior Security Specialist An experienced Senior Security
Specialist, Engineer, Security Project Manager, and Auditor with expertise in SA
auditing and evaluation, C&A and Risk Assessment of GSS and MA within regional,
national, and Bureau offices; he has developed, reviewed and evaluated SSP,
Asset Valuation Guides (AVG), documentation, network discovery; developed,
tracked and monitored ISAs. Performs evaluations and develops documentation in
compliance with industry standards, DOI Guidance (DOI
Certification and Accreditation (C&A) Guide;
DOI Information Technology Security Plan;
DOI System Security GSS Planning Guide and Template;
DOI System Security MA Planning Guide and
Template; DOI Risk Assessment Guide;
DOI IT System Contingency Planning Guide;
DOI IT Asset Valuation Guideline),
FIPS Publication 199 “Standards for
Security Categorization of Federal Information and Information Systems,”
FIPS PUB 200 “Minimum Security
Requirements for Federal Information and Information Systems,” OMB Circular
No. A-130 “Management of Federal
Information Resources;” OMB Circular No. A-130-Appendix III “Security of Federal Automated Information Resources;” FISMA H.R.
2458-63, and NIST Special Publications (SP), specifically the 800 series: -18 “Guide
for Developing Security Plans for Federal Information Systems;’ -26 “Assessment
guide for Information Systems and Security Programs;” -30 “Risk
Management Guide for Information Technology systems;” -34 “Contingency
Planning Guide for IT Systems;” -37 “Guide
for Security Certification and Accreditation of Federal Information systems;”
-41 “Guidelines on Firewalls and Firewall
Policy,” -42 “Guideline on Network
Security Testing;” -47 “Security Guide
for Interconnecting Information Technology Systems,” -53 “Recommended
Security Controls for Federal Information systems;” -53A “Guide
for Assessing the Security Controls in Federal Information Systems;” -59 “Guideline
for Identifying an Information System as a National Security System;” -60 “Guide for Mapping Types of Information and Information Systems to
Security Categories;” -66 “…Health
Insurance Portability and Accountability Acts (HIPAA) Security Rule.”
Requirements Testing Matrix (RTM) for multiple operating systems and applications. Performed comprehensive assessments and written reviews of management, operational and technical security controls for audited applications and information systems. Evaluated and assessed RA in accordance with FIPS and NIST guidance. Reviewed and updated client agencies’ SSP, GSS SSP, MA SSP, Security Assessment Reports (SAR), ISA, C&A transmittal packages; compiled data to complete Residual Risk Reports (RRR) and to insert contents into Plans Of Actions and Milestones (POA&M), and conducted Asset Valuation (AV) discovery, evaluation and development.
In addition to security expertise, he has served as a
Disaster Recovery (DR), and Business Continuity (BC) consultant, LAN/WAN
Administrator, Network Engineer, and Configuration Manager.
Developed for the C&A group an Integrated
Information System Life-Cycle Process Flows with related "touch-points"
between various national, state, and local organizations, which is being
reviewed by the BLM for possible inclusion into its Project Management
processes. The model maps, in some detail, the IS life-cycle process
(Pre-Select, Select, Control, Evaluate, Steady State, and Disposition) and
“touch points” between processes based on the: Capital Planning and Investment
Control (CPIC) model, C&A process, Configuration Management process, Systems
Engineering process, Engineering Architecture process, Test Engineering process
and other “secondary” processes.
AUSTINIT.NET
FEB 2000 - PRESENT Working as a DR and BC specialist, LAN/WAN/MAN consultant and Web presence developer, performing work as: IT, IS manager engineer, consultant, DR/BC consultant, WAN security, configuration management, design and administrator for hybrid NOS’ (Network Operating System), workstation OS’, applications and hardware architectures, all of varying complexity and providing desktop support and repair. Developed, designed and maintain a number of company web sites with eCommerce features, CSS, page layouts, ASP and more. Provide DR plan development, documentation (hardware, software, facility), implementation, uptime evaluation, DR team development and management, data backup protection (VERITAS, CA and others), power management and software administration including anti-virus software (servers, routers, switches) for small to large companies.
RUSH CREEK SOLUTIONS FEB 2000 - DEC 2002 Systems Engineer & Consultant MIS, IT/IS and DR/BC consultant, engineer and administrator for multiple clients with hybrid NOS’, workstation OS’, applications and hardware architectures all of varying complexity. Designed and created the current DR product sold by RCS. Provided DR plan development, documentation (hardware, software and facility), implementation, uptime evaluation, DR team development, data backup protection (VERITAS, CA and others) and software administration including anti-virus software (servers, routers, switches) for small to large companies. Managed engineering team in DR efforts; developed a network physical-health check product; wrote proposals and SOW; pre-sales engineering support; installed/configured/diagnosed: firewalls, routers, switches, servers, VPNs and other ancillary items. Managed and completed corporate moves: LAN/WAN equipment, telephone systems, facilities wiring and data protection. Programmed in VB (Visual Basic), VBA (VB for applications), Access and WinBatch; communication protocols and delivery methods: TCP/IP, IPX/SPX, NetBIOS, SNMP, Ethernet, Token Ring, optical fiber, CAT5, AUI, thin-net and wireless.
ROCKY MOUNTAIN SUMMIT GROUP, INC.
APR 1999 - FEB 2000
PHILLIPS LABORATORY - PL/WS (USAF) JUN 1987 - APR 1999 · MIS/IT for the Directorate, WWW Committee Chairman of a hybrid NOS/OS environment, member of the Division Computer Advisory Counsel evaluating, defining and procuring computer assets and was the Directorate and Section’s consultant and expert. Managed IT department of 15 people and a help desk that serviced over seven servers and 700+ nodes for a hybrid environment. Performed LAN designs, implementation, troubleshooting and fixing servers, workstations and network performance, configured print servers, ques, backup systems, email systems and trained users in all manner of office, desktop publishing and engineering software. The network serviced users of varied backgrounds (from interns to Ph.D.s, secretaries to super users), functions (finance, contracting, engineering) and geographical locations (other bases, states). Managed IT equipment account of several hundred items and held budgeting and purchasing authority. · Programming experience required analysis, design, development, simulation, code testing, systems integration and writing test plans and procedures. Developed a program (PASCAL) that optimized the design of a particular class of nuclear simulator, reducing the design effort from two weeks to two hours. Developed a data visualization tool (C++) to analyze and predict particle distributions and characteristics (see publications, reference no. 2).
DUKE CITY BUILDERS,
INC. JUL 1995 - DEC 1997
HONEYWELL (SPERRY DEFENSE
SYSTEMS) JAN 1984 - MAY 1987
WHITE SANDS MISSILE
RANGE JAN 1982 - JAN 1984 EDUCATION
Post Graduate Studies ·
Denver Univ. - Denver, CO, '01: Capital Resource Allocation ·
Univ. of
New Mexico - Albuquerque, NM, '92 - '96: Advanced Mechanics of Materials;
Advanced Thermodynamics I; Heat Conduction; Theoretical Fluid Mechanics I;
Partial Differential Equations; Studies in Computational Mechanics; Introduction
to Mechanical Vibrations Explosives Shock in Air - New Mexico State Univ. - Las
Cruces, NM, '83: Aerospace Engineering PUBLICATIONS
·
Degnan,
J. H., M. L. Alme, B. S. Austin, J. D. Beason, S. K. Coffey, D. G. Gale, J.D.
Graham, J. J. Havranek, T. W. Hussey, G. F. Kiuttu, B. B. Kreh, F. M. Lewis, D.
E. Lileikis, D. Morgan, C. A. Outten, R. E. Peterkin, Jr., D. Platts, N. F.
Roderick, E. L. Ruden, U. Shumlak, G. A. Smith, W. Sommars, and P. J. Turchi,
"Compression of Plasma to Megabar Range using Imploding Liner", 1999 The
American Physical Society, Physical Review Letters, Volume 82, Number 13, 29
March 1999. Air Force Research Laboratory, Directed Energy Directorate, Kirtland
AFB, NM 87117-5776. |
Send mail to
webmaster@austinit.net with
questions or comments about this web site.
|
