Profiles search
Sergio Saenz
Senior Information Assurance Network Architect at Veris Group
Lusby, MD, United States
Details
Experience:
• Supervises staffing and effectiveness of team across enterprise programs in support of Risk Management activities to include
o Authorization & Accreditation
o Risk Analysis, Prioritization, and Mitigation
o Cybersecurity Architecture Design and Implementation
o Vulnerability Awareness and Remediation
• Authors enterprise and program policies, as well as program security plans, Standard Operating Procedures (SOP), as well as Tactics, Techniques, and Procedures (TTP)
o Enterprise Voice Services (EVS) Vulnerability Management Policy
o Enterprise Voice Services (EVS) Incident Response Policy
o EVOIP, ECVOIP, CIC, VISP, VOSIP, EAC Vulnerability Management Plans
o EVOIP, ECVOIP, CIC, VISP, VOSIP, EAC Incident Response Plans
o CIC Password Complexity and Multi-factor Authentication Policy
• Cybersecurity Change Advisory Board (CAB) Chair responsible for voting on all Enterprise Voice Services changes and providing security impact analyses to the Program Management Office (PMO)
• Provides executive cybersecurity briefs to PMO weekly
• Provides vulnerability management metrics to directorate Information System Security Manager (ISSM) and executive leadership
• Manages program level Ports, Protocols, Services Management (PPSM) requirements and authorization
2019 : Present
ITellect, LLC
Enterprise Cybersecurity Program Manager/Cybersecurity Architect
• Supervises staffing and effectiveness of team across directorates so support Information Assurance activities to include
o Authorization & Accreditation
o Risk Analysis, Prioritization, and Mitigation
o Cybersecurity Architecture Design and Implementation
o Vulnerability Awareness and Remediation
• Sole author of Cybersecurity Architecture requirements and implementation guidance on highly sensitive communication systems
• Primary communication interface with senior leadership across programs
• Developed/Published Information Security Vulnerability Remediation Policy
• Successfully created and implemented a project plan to test and document Risk Management Framework compliance across two major programs on an aggressive timeline
• Successfully transitioned two DISA programs from DIACAP to RMF
• Reviewed/Updated organizational legacy policies/procedures/templates and updated to meet RMF control requirements, to include
o Configuration/Change Management
o Incident Response
o Vulnerability Reporting and Remediation
• Provides on-going support to programs in regard to understanding the RMF control requirements/intent, and the necessary artifacts to show compliance
• Provides on-going status briefs/reports to senior leadership as well as contractual progress reports
• Received two System Authorization to Operate (ATO)s, under Risk Management Framework.
• Identified areas for efficiency at Agency policy level, and provided executive reports/briefs to affect change
• Assists in Business Development documentation and capability based decisions for strategic contract acquisition
2016 : 2019
Cambridge International
Cybersecurity Program Manager
Mobius Group allows businesses to grow their Information Technology infrastructure, regain the performance of aging systems, and measure/improve Network Security to keep up with the fast evolving threats of the modern age. We specialize in Windows and Unix systems, IT Security, and Network Infrastructure design.
2000 : 2018
Mobius Group Consulting
Chief Executive Officer
Cybersecurity Subject Matter Expert/Project Manager
• Managed contractual requirements/deliverables
• Supervised contract staffing, effectiveness, and implementation
• Developed/Published Information Security Continuous Monitoring Strategy
• Developed/Implemented Introduction to RMF Controls training for ISSMs.
• Developed/Implemented RMF Control Family training for ISSMs.
• Documented/Updated RMF categorization processes
• Developed/Published RMF System Categorization workbooks/templates
• Reviewed/Updated organizational legacy DIACAP policies/procedures/templates and updated to meet RMF control requirements
• Implemented a GAP analysis for the transition from DIACAP to RMF, and identified the need for specific organizational policies/procedures
• Provided on-going support to the ISSMs in regard to understanding the RMF control requirements/intent, and the necessary artifacts to show compliance
2012 : 2016
Veris Group, LLC
Senior Information Assurance Network Architect
• Security Incident Response manager for DMZ REL / Partner Countries on REL SIPR enclave
• Orchestrates Information Assurance Vulnerability Management (IAVM) across DoD / Multinational Coalition Partner Assets
• Insures Security compliance of REL partner assets through DoD Vulnerability Management System (VMS)
• Responsible for DoD STIG compliance across all DMZ REL SIPR assets (Windows / Redhat / Network Devices)
• Author of multiple unattended/silent Bash scripts created for deployment/configuration of efforts engineered offsite in support of real world missions across the globe
• Correlates Multinational efforts through collaborative working groups in order to meet mission specific goals
• Administers Split Horizon DNS via Bind across various classified Redhat servers
• Bluecoat/Websense Web Proxy configuration/management
• Cisco Ironport Mail Proxy configuration/management
• Provides Tier III support to DMZ REL Operations
• Engineers solutions to Plan Of Action and Milestones (POAM) requirements and provides structured Implementation Plans to be accomplished by on-site touch labor
2011 : 2012
General Dynamics Information Technology
SIPR FED DMZ Project Manager
o Authorization & Accreditation
o Risk Analysis, Prioritization, and Mitigation
o Cybersecurity Architecture Design and Implementation
o Vulnerability Awareness and Remediation
• Authors enterprise and program policies, as well as program security plans, Standard Operating Procedures (SOP), as well as Tactics, Techniques, and Procedures (TTP)
o Enterprise Voice Services (EVS) Vulnerability Management Policy
o Enterprise Voice Services (EVS) Incident Response Policy
o EVOIP, ECVOIP, CIC, VISP, VOSIP, EAC Vulnerability Management Plans
o EVOIP, ECVOIP, CIC, VISP, VOSIP, EAC Incident Response Plans
o CIC Password Complexity and Multi-factor Authentication Policy
• Cybersecurity Change Advisory Board (CAB) Chair responsible for voting on all Enterprise Voice Services changes and providing security impact analyses to the Program Management Office (PMO)
• Provides executive cybersecurity briefs to PMO weekly
• Provides vulnerability management metrics to directorate Information System Security Manager (ISSM) and executive leadership
• Manages program level Ports, Protocols, Services Management (PPSM) requirements and authorization
2019 : Present
ITellect, LLC
Enterprise Cybersecurity Program Manager/Cybersecurity Architect
• Supervises staffing and effectiveness of team across directorates so support Information Assurance activities to include
o Authorization & Accreditation
o Risk Analysis, Prioritization, and Mitigation
o Cybersecurity Architecture Design and Implementation
o Vulnerability Awareness and Remediation
• Sole author of Cybersecurity Architecture requirements and implementation guidance on highly sensitive communication systems
• Primary communication interface with senior leadership across programs
• Developed/Published Information Security Vulnerability Remediation Policy
• Successfully created and implemented a project plan to test and document Risk Management Framework compliance across two major programs on an aggressive timeline
• Successfully transitioned two DISA programs from DIACAP to RMF
• Reviewed/Updated organizational legacy policies/procedures/templates and updated to meet RMF control requirements, to include
o Configuration/Change Management
o Incident Response
o Vulnerability Reporting and Remediation
• Provides on-going support to programs in regard to understanding the RMF control requirements/intent, and the necessary artifacts to show compliance
• Provides on-going status briefs/reports to senior leadership as well as contractual progress reports
• Received two System Authorization to Operate (ATO)s, under Risk Management Framework.
• Identified areas for efficiency at Agency policy level, and provided executive reports/briefs to affect change
• Assists in Business Development documentation and capability based decisions for strategic contract acquisition
2016 : 2019
Cambridge International
Cybersecurity Program Manager
Mobius Group allows businesses to grow their Information Technology infrastructure, regain the performance of aging systems, and measure/improve Network Security to keep up with the fast evolving threats of the modern age. We specialize in Windows and Unix systems, IT Security, and Network Infrastructure design.
2000 : 2018
Mobius Group Consulting
Chief Executive Officer
Cybersecurity Subject Matter Expert/Project Manager
• Managed contractual requirements/deliverables
• Supervised contract staffing, effectiveness, and implementation
• Developed/Published Information Security Continuous Monitoring Strategy
• Developed/Implemented Introduction to RMF Controls training for ISSMs.
• Developed/Implemented RMF Control Family training for ISSMs.
• Documented/Updated RMF categorization processes
• Developed/Published RMF System Categorization workbooks/templates
• Reviewed/Updated organizational legacy DIACAP policies/procedures/templates and updated to meet RMF control requirements
• Implemented a GAP analysis for the transition from DIACAP to RMF, and identified the need for specific organizational policies/procedures
• Provided on-going support to the ISSMs in regard to understanding the RMF control requirements/intent, and the necessary artifacts to show compliance
2012 : 2016
Veris Group, LLC
Senior Information Assurance Network Architect
• Security Incident Response manager for DMZ REL / Partner Countries on REL SIPR enclave
• Orchestrates Information Assurance Vulnerability Management (IAVM) across DoD / Multinational Coalition Partner Assets
• Insures Security compliance of REL partner assets through DoD Vulnerability Management System (VMS)
• Responsible for DoD STIG compliance across all DMZ REL SIPR assets (Windows / Redhat / Network Devices)
• Author of multiple unattended/silent Bash scripts created for deployment/configuration of efforts engineered offsite in support of real world missions across the globe
• Correlates Multinational efforts through collaborative working groups in order to meet mission specific goals
• Administers Split Horizon DNS via Bind across various classified Redhat servers
• Bluecoat/Websense Web Proxy configuration/management
• Cisco Ironport Mail Proxy configuration/management
• Provides Tier III support to DMZ REL Operations
• Engineers solutions to Plan Of Action and Milestones (POAM) requirements and provides structured Implementation Plans to be accomplished by on-site touch labor
2011 : 2012
General Dynamics Information Technology
SIPR FED DMZ Project Manager
Company:
ITellect, LLC
About
TS/SCI Clearance w/ CI Poly
CISSP
CNDA
CEH
CPT
DOD Information Systems Security Officer
HQ DOA Information Assurance Architecture
CompTia A+
CompTia Net+
CompTia Sec+
• Machine Learning/AI
o Large Language Models (LLM)
o Autonomous Agents
o Vector Databases
o Azure OpenAI/ChatGPT API
• Python
• Unix Shell Scripting (Bash, Dash, Ksh)
• Perl
• HTML
• CSS
Profile Photo
