Profiles search
Chris Hewitt
Cybersecurity Architect at SAIC
Alachua, FL, United States
Details
Experience:
• Responsible for management of Cyber and DevSecOps engineers providing security risk analysis and strategic/tactical recommendations for maturing the security posture of SAIC systems and networks including on-premise datacenters, cloud SaaS/IaaS/PaaS services and DevOps CI/CD build pipelines.
• Develop Cybersecurity roadmap for implementation of new initiatives, solutions and security procedures for multiple teams within SAIC including Cloud Operations, SASE/CASB, Ransomware backups, DAST/SAST code scans, API security scanning.
• Implement and support Azure Defender for Cloud including services for all cloud features such as VMs, SQL, AKS, Container Registry, Resource Manager, DNS, Storage, JIT, Adaptive Application Control, Adaptive Network Hardening. Expanded the default security controls used in Azure Defender for Cloud to include NIST 800-171, NIST 800-53, CMMC, and FedRAMP policies and controls and remediate findings and working to include controls in Infrastructure as Code solutions.
• Provide compliance department with quarterly reports for Azure Defender for Cloud security recommendations and auditing of SAST and OWASP Zap scans within DevOps teams.
2020 : Present
SAIC
Cybersecurity Architect
• Responsible for the creation, maintenance and management of architecture models and their lower level components within the Veterans Affairs Identity and Access Management division (VA IAM). Interpret, use and apply information contained within IT architecture to inform a range of business improvement activities, particularly those involved in the design, development, enhancement and maintenance of VA IAM systems that provide internal and external single sign-on, electronic signatures, legal and medical access delegation, user provisioning, identity verification and management.
• Responsible for planning and implementation of working solutions and policies covering disaster recovery, commercial product lifecycle planning, and the complete migration of all IAM systems and services to Microsoft Azure Government cloud services including Windows/Linux, CA SiteMinder, IBM Security Access Manager, IBM DataPower XML Gateway, Oracle Database, InfoSphere Master Data Management, DocuSign (SaaS), and many custom service solutions.
• Responsible for design, development, and support of Identity Verification service enhancements of the Veterans Affairs Master Veteran Index (MVI), including batch and real-time interfaces to an external consumer identity verification vendor, Experian, for the purpose of system and user inquiry, veteran identity verification, demographic updates, and fraud alerting. Assisted MVI development team with unit, functional, and security remediation testing.
2014 : 2020
Hybrid Enterprises LLC
Enterprise Architect
Designed and implemented new infrastructure and IT service groups for new company, including but not limited to 4 IT teams, private cloud infrastructure, LAN, security policies and solutions, all corporate IT services, data warehouse, cube and SSRS reporting. Management of a staff of 25 engineers and administrators across four teams covering Corporate Infrastructure, Networking & Security, R&D Infrastructure, and Data Informatics. Responsible for global infrastructure architecture & administration across four datacenters in the US, Philippines, and the UK housing over 2000 physical/virtual servers. Responsible for all corporate IT services including Networks, Security, Servers, Applications, Desktops, Business Intelligence, R&D Lab Infrastructure, VoIP, Data/Voice Circuits, Remote Offices, and Facilities. Managed multi-million dollar budget, strategic and tactical planning, acquisition operational integration, systems documentation, change & configuration management, vendor & contract management, policies and procedures, service level agreements, and internal/external audits.
Responsible for implementing and managing public and private cloud infrastructure, high-availability VMware and Hyper-V virtual server farms, Windows Servers (2003-2012), Exchange (2007-2013), SQL (2005-2012), SharePoint (2007-2013), Great Plains 10, Windows clusters, SQL clusters, Exchange clusters/DAGs, Windows Desktops (XP-8.1), FTP servers, multiple Active Directory domains, multiple App servers, EMC Celerra/Clariion NAS, EqualLogic SAN, Kemp load balancers, Cisco core/edge switches/ASAs, Palo Alto UTM Firewalls, multiple segregated networks and circuits, VPNs, MPLS, and global Content Delivery Network services. Managed cloud services including Salesforce.com, Marketo, Amazon Web Services, etc. Managed an extensive R&D infrastructure dedicated to the product antivirus definition pipeline for discovering, mitigating, and publishing virus and malware remediation updates.
2009 : 2013
ThreatTrack Security / GFI Software / Sunbelt Software
Director of Information Technology
Managed all aspects of the network infrastructure and information systems management for Golf Channel consisting of 15 IS staff plus contractors, over 100 physical/virtual servers and 500 users in 5 offices. Managed operating expense and capital expense budgets, provided strategic and tactical short-term and long-term planning, and participated in global Change Management and Policies/Procedures Teams. Infrastructure included VMware farms running clustered and non-clustered Windows 2003/2008 servers, clustered Exchange 2007 servers, and clustered SQL 2005 servers utilizing an iSCSI SAN for centralized storage of data and operating systems; WSUS, System Center Configuration Management Server, System Center Operations Manager 2007, SharePoint 2007, WS_FTP server, Live Communications Server 2005, Citrix, Windows 2000/XP/Vista, Symantec AV and Backup Exec, Extreme Networks switches, VLANs, Proventia firewalls, Cisco routers, phone/data circuits, VPN.
Managed development of custom desktop and web applications, SQL Server databases, and SharePoint custom content development. Implemented and managed custom development environment and change/version management systems and procedures. Implemented SharePoint and Office Communicator to facilitate user and IT staff education and training, workflow automation, reduce duplicate efforts and streamline access to consolidated and accurate data and information. Responsible for systems documentation, change/configuration management, vendor/contract management, policies and procedures, service level agreements, and internal/external audits.
2004 : 2009
Golf Channel
Director of Information Technology
Implemented and managed network serving 125 users across 4 offices. Staff included five employees plus external contractors. LAN included Windows 2000 Servers, Exchange Server 2000, SQL Server 2000, Windows 2000/XP PCs, 3Com switches, Sonicwall firewalls, Cisco routers, data/phone circuits, VPNs. Implemented and managed Active Directory, DNS, DHCP, Exchange 2000 including Outlook Web Access for remote users, Systems Update Servers, corporate website, FTP server, Symantec Antivirus Corporate Edition for all servers and PCs, Symantec Mail Security for Exchange 2000, MAILSweeper spam/content filter, Backup Exec backups of all servers, Disaster Recovery plan, hardware/software inventory and license audits.
Coordinated vendor system selection, connectivity, implementation and system support for ECI Healthware, a UNIX-based claims payment system and Healthx Online Services website linking corporate website to live claims system information such as Claims Status, Eligibility, Explanation Of Benefits, Plan Documents, Provider Search, Reports, Online Customer Service and Online Enrollment. Implemented Fax Recall, a healthcare provider fax-back service detailing Medical, Dental and Vision benefits as well as co-pay, deductible and claims status information; established department and user network file shares for efficient, centralized file storage and collaboration, disk quotas, operational procedures, policies and user training programs.
2000 : 2004
HPS Paradigm Administrators
Director of Information Technology
• Develop Cybersecurity roadmap for implementation of new initiatives, solutions and security procedures for multiple teams within SAIC including Cloud Operations, SASE/CASB, Ransomware backups, DAST/SAST code scans, API security scanning.
• Implement and support Azure Defender for Cloud including services for all cloud features such as VMs, SQL, AKS, Container Registry, Resource Manager, DNS, Storage, JIT, Adaptive Application Control, Adaptive Network Hardening. Expanded the default security controls used in Azure Defender for Cloud to include NIST 800-171, NIST 800-53, CMMC, and FedRAMP policies and controls and remediate findings and working to include controls in Infrastructure as Code solutions.
• Provide compliance department with quarterly reports for Azure Defender for Cloud security recommendations and auditing of SAST and OWASP Zap scans within DevOps teams.
2020 : Present
SAIC
Cybersecurity Architect
• Responsible for the creation, maintenance and management of architecture models and their lower level components within the Veterans Affairs Identity and Access Management division (VA IAM). Interpret, use and apply information contained within IT architecture to inform a range of business improvement activities, particularly those involved in the design, development, enhancement and maintenance of VA IAM systems that provide internal and external single sign-on, electronic signatures, legal and medical access delegation, user provisioning, identity verification and management.
• Responsible for planning and implementation of working solutions and policies covering disaster recovery, commercial product lifecycle planning, and the complete migration of all IAM systems and services to Microsoft Azure Government cloud services including Windows/Linux, CA SiteMinder, IBM Security Access Manager, IBM DataPower XML Gateway, Oracle Database, InfoSphere Master Data Management, DocuSign (SaaS), and many custom service solutions.
• Responsible for design, development, and support of Identity Verification service enhancements of the Veterans Affairs Master Veteran Index (MVI), including batch and real-time interfaces to an external consumer identity verification vendor, Experian, for the purpose of system and user inquiry, veteran identity verification, demographic updates, and fraud alerting. Assisted MVI development team with unit, functional, and security remediation testing.
2014 : 2020
Hybrid Enterprises LLC
Enterprise Architect
Designed and implemented new infrastructure and IT service groups for new company, including but not limited to 4 IT teams, private cloud infrastructure, LAN, security policies and solutions, all corporate IT services, data warehouse, cube and SSRS reporting. Management of a staff of 25 engineers and administrators across four teams covering Corporate Infrastructure, Networking & Security, R&D Infrastructure, and Data Informatics. Responsible for global infrastructure architecture & administration across four datacenters in the US, Philippines, and the UK housing over 2000 physical/virtual servers. Responsible for all corporate IT services including Networks, Security, Servers, Applications, Desktops, Business Intelligence, R&D Lab Infrastructure, VoIP, Data/Voice Circuits, Remote Offices, and Facilities. Managed multi-million dollar budget, strategic and tactical planning, acquisition operational integration, systems documentation, change & configuration management, vendor & contract management, policies and procedures, service level agreements, and internal/external audits.
Responsible for implementing and managing public and private cloud infrastructure, high-availability VMware and Hyper-V virtual server farms, Windows Servers (2003-2012), Exchange (2007-2013), SQL (2005-2012), SharePoint (2007-2013), Great Plains 10, Windows clusters, SQL clusters, Exchange clusters/DAGs, Windows Desktops (XP-8.1), FTP servers, multiple Active Directory domains, multiple App servers, EMC Celerra/Clariion NAS, EqualLogic SAN, Kemp load balancers, Cisco core/edge switches/ASAs, Palo Alto UTM Firewalls, multiple segregated networks and circuits, VPNs, MPLS, and global Content Delivery Network services. Managed cloud services including Salesforce.com, Marketo, Amazon Web Services, etc. Managed an extensive R&D infrastructure dedicated to the product antivirus definition pipeline for discovering, mitigating, and publishing virus and malware remediation updates.
2009 : 2013
ThreatTrack Security / GFI Software / Sunbelt Software
Director of Information Technology
Managed all aspects of the network infrastructure and information systems management for Golf Channel consisting of 15 IS staff plus contractors, over 100 physical/virtual servers and 500 users in 5 offices. Managed operating expense and capital expense budgets, provided strategic and tactical short-term and long-term planning, and participated in global Change Management and Policies/Procedures Teams. Infrastructure included VMware farms running clustered and non-clustered Windows 2003/2008 servers, clustered Exchange 2007 servers, and clustered SQL 2005 servers utilizing an iSCSI SAN for centralized storage of data and operating systems; WSUS, System Center Configuration Management Server, System Center Operations Manager 2007, SharePoint 2007, WS_FTP server, Live Communications Server 2005, Citrix, Windows 2000/XP/Vista, Symantec AV and Backup Exec, Extreme Networks switches, VLANs, Proventia firewalls, Cisco routers, phone/data circuits, VPN.
Managed development of custom desktop and web applications, SQL Server databases, and SharePoint custom content development. Implemented and managed custom development environment and change/version management systems and procedures. Implemented SharePoint and Office Communicator to facilitate user and IT staff education and training, workflow automation, reduce duplicate efforts and streamline access to consolidated and accurate data and information. Responsible for systems documentation, change/configuration management, vendor/contract management, policies and procedures, service level agreements, and internal/external audits.
2004 : 2009
Golf Channel
Director of Information Technology
Implemented and managed network serving 125 users across 4 offices. Staff included five employees plus external contractors. LAN included Windows 2000 Servers, Exchange Server 2000, SQL Server 2000, Windows 2000/XP PCs, 3Com switches, Sonicwall firewalls, Cisco routers, data/phone circuits, VPNs. Implemented and managed Active Directory, DNS, DHCP, Exchange 2000 including Outlook Web Access for remote users, Systems Update Servers, corporate website, FTP server, Symantec Antivirus Corporate Edition for all servers and PCs, Symantec Mail Security for Exchange 2000, MAILSweeper spam/content filter, Backup Exec backups of all servers, Disaster Recovery plan, hardware/software inventory and license audits.
Coordinated vendor system selection, connectivity, implementation and system support for ECI Healthware, a UNIX-based claims payment system and Healthx Online Services website linking corporate website to live claims system information such as Claims Status, Eligibility, Explanation Of Benefits, Plan Documents, Provider Search, Reports, Online Customer Service and Online Enrollment. Implemented Fax Recall, a healthcare provider fax-back service detailing Medical, Dental and Vision benefits as well as co-pay, deductible and claims status information; established department and user network file shares for efficient, centralized file storage and collaboration, disk quotas, operational procedures, policies and user training programs.
2000 : 2004
HPS Paradigm Administrators
Director of Information Technology
Company:
SAIC
Spoken Language:
English
About
Information Technology Engineer, Architect, and Executive with 30 years’ experience across security, software, broadcast, healthcare, health insurance, and government industries. I bring expertise in the areas of designing, securing, developing, implementing, and managing information systems and services focused on delivering business value, operational efficiency, and exhaustive security.
Profile Photo
