Mr. Terry D. Lehman
- Master of Business Administration, Technology Management, University of Phoenix
- Bachelor of Individualized Study, Networking Technology, George Mason University
- Associate of General Studies in Science (Biology)
Additional Technical/Specialty Training and Certifications
CMMC-AB Registered RP # 6909
CompTIA Secure Cloud Professional (CSCP) ID# #COMP10669683
ITIL v3 Certified ID # 5136143.20309951
CompTIA A+ CE Certified ID #COMP10669683
CompTIA Security + CE Certified ID #COMP10669683
CEH (Certified Ethical Hacker) Certified ID #ECC967728
CNDA (Certified Network Defense Architect) ID #ECC967728
MCP (Microsoft Certified Professional) ID #A122-6947
Web Site Design – Methods and Technology
CASP+ Expected to obtain 2020
CISSP (in progress). Expected to obtain in 2021
eMASS v5.6.2, Xacta 360 v. 2.3, Splunk 7.x Fundamentals Part 1, Microsoft Office Suite 2013, Metadata Assistant 4, JIRA, Lotus Sametime, dtSearch Desktop, Microsoft One Note 2010, Nessus, Virtual Box
MS Windows 2000, MS Windows 7, MS Windows 10, MS Exchange Server 2000, MS Windows XP,
Kali Linux, Workstation VMware
Java for the Absolute Beginner 24 hours CEU
Introduction to Perl Programming 24 hours CEU
SUMMARY OF QUALIFICATIONS
Mr. Lehman is a FedRAMP Cyber-security information assurance professional providing an innovative and efficient way to perform Certification and Accreditation activities across the National Security community. He specializes in system accreditations, risk management, and the Unified Cybersecurity standards for future DoD acquisitions. Planned the critical integration and delivery utilizing NIST MEP Cybersecurity Self-Assessment Handbook For Assessing NIST SP 800-171 Security Requirements in Response to DFARS Cybersecurity requirements into the CMMC Model v1.0 encompassing 17 capability domains; 5 processes across five levels to measure process maturity and 171 practices across five levels to measure technical capabilities. His experience spans a wide range of highly technological Low Earth Orbit Satellite, Transport Security Administration and Enterprise Computing Security initiatives. These include high priority programs whose progress is being monitored at the Congressional level. His dedication, expertise, and professionalism reflect his work style and personal traits enabling his ability to achieve project completion on time and meet high-level program milestones.
Data Intelligence Technology
Security Control Assessor (SCA)
Responsibilities as The Security Control Assessor (SCA) included assessing the management, operational, assurance, and technical security and privacy controls implemented on an information system (s) by utilizing Security Testing and Evaluation (ST&E) methods. Managed responsibilities unified cybersecurity standards for future DoD acquisitions. Designed our organizational CMMC Model v1.0 MS Excel Spreadsheets encompassing 17 capability domains; 5 processes across five levels to measure process maturity and 171 practices across five levels to measure technical capabilities Comfortable with 48 CFR 52.204-21, NIST SP 800-171r1, and Draft SP 800-171B.
- Successfully championed the design of our Cybersecurity Maturity Model Certification CMMC Model v1.0, practices and processes introducing CMMC Level 1, 17 practices, Level 2, 55 practices, Level 3, 58 practices, Level 4, 26 practices and Level 5, 15 practices encompassing NIST-800- 171 CUI implementation.
- Reviewed the XACTA automated database information, including the SSP, SCTM, Project’s self-test results, additional artifacts, NIST 800-53A Potential Assessment Methods & Objectives, and Certification and Accreditation Department (CAD) developed Test Examples to perform the assessments as prescribed by the CAD.
- Ensured assessments combine project personnel interviews, automated security tools, and manual-human review/ inspection of control implementations documented within the SCTM. The output of the assessment is the Security Assessment Report (SAR) and Security Finding(s) or Risk Elements(s), which identifies vulnerabilities found by the SCA and quantifies the risk of operating the system within the Agency. The SAR is sent to the ISO who must address all identified vulnerabilities.
- Managed the notifications if vulnerabilities are not immediately fixed; a mitigation statement of risk acceptance request is provided in the projects Plan of Actions and Milestones (POAM). After this step, the SCA updates the SAR and POAM to address all resolved vulnerabilities and promotes the project to Senior Officials to determine Authorization.
- Successfully assessed over 110 IC assessments ensuring ATO status and applicable FISMA acceptance within Milestone deadline(s).
- Responsibilities including the remediation of over 75 POAM validations of highly visible Federal Systems impacting National Security at Congressional
Insight Global, LLC, San Antonio, TX
Cyber Security Analyst
Ensure the Government only Community Cloud Service Models are compliant with the eMass Risk Frame Management Tool. Ensure the Joint Authorization Board, DHA, GSA, and FedRAMP Information System Owners, Privacy Officials, Delegated Authorizing Officials, Security Control Assessors, and senior management are aware of any changes and modifications to meet Cloud services and infrastructure shared by several organizations/ agencies with same policy and compliance considerations.
- Assessed five DHRA eMASS RMF IS systems to successful ATO and IATT.
- Championed NIST policies and regulations to assess the first DHRA Federal Private Cloud system enabling ATO status with no conditions.
- Provided NIST 800-53r4 and NIST 800-171A federal and Non-Federal assessments for DHRA and DoD systems.
- Championed assessments supporting AWS GovCloud, Oracle Service Cloud and Azure DoD and Federal Private Cloud DoD systems.
- Conducted NIST SP 800-171A assessments for non-federal organizations and guided non-federal systems into DoD compliance to operate.
- Responsibilities included implementation planning and System-level Continuous Monitoring (SLCM) Strategies with the eMASS tool.
- Identified and published NIST 800-171A, rules of engagement/ SOP for the cyber assessment based on: Pre-assessment (documents/artifacts needed), 3 days on-site assessment (kick-off meeting the first day, summary meeting the last day, and daily report activity at the end of each day) and post-assessment (SAR/POAM) report to be presented to DoD compliance.
Digital Intelligence Systems LLC (DISYS) Chantilly, VA
Ensure Xacta 3.0 key elements and accountability of all Rev C assets are on the new template, and all projects are updated. Ensure Information System Owners, Privacy Officials, Delegated Authorizing Officials, Security Control Assessors, and senior management are aware of any changes and modifications to meet controls change and deliver on-time customer priorities.
- Ensure all systems utilizing Risk Evaluation Levels are compliant.
- Ensure security scans are completed to verify VM hardening using VMware Compliance checker or compatible tools.
- Provided US Government information assurance standards and international information technology supporting IC Standards 503-2 Categorizing and Selecting Security Controls, CNSSI 1253 v3 Security Categorization and Controls Selection for NSS, and NIST SP 800-53A rev4.
- Provide guidance and direction to developers, testers, and fellow engineers clear understanding or assessment requirements involving delivery and creation of System Security Plans (SSPs), Software/Hardware Inventory List, Cryptography Procedures, Security Control Traceability Matrix (SCTM), Risk Assessment Reports (RAR), Interconnectivity Agreements (ISA), Plan of Actions and Milestones (POAM), Vulnerability Scans, Nessus (Operating System), Nessus Compliance, WebInspect, AppDetective and Other Body of Evidence (BoE) artifacts.
Employer: TASC/Engility, Inc.
09/2014 – 7/2018
Prepare and accredit IT systems to the Intelligence community specifications (ICD 503, DCID 6/3). Provided customer BOE artifacts supporting Federal Information Security Management Act of 2002 (FISMA) reporting for cross-domain systems and enterprise systems and maintained effective information security procedures and mitigation responses.
- To ensure customer compliance with IC Directive, Cyber Security Group has implemented a standardized process for accessing reciprocity systems.
- Coordinate customer systems are satisfying the criterion for ICD 503 reciprocity are competed, and the LOA V Assessment documentation is accurate.
- Provide guidance and direction to developers, testers, and fellow engineers clear understanding or assessment requirements involving delivery and creation of System Security Plans, Software/Hardware Inventory List, Cryptography Procedures, Security Control Traceability Matrix (SCTM) Rev4, Risk Assessment Reports (RAR), Interconnectivity Agreements (ISA), Plan of Actions and Milestones (PoAM), Vulnerability Scans, Nessus (Operating System), Nessus Compliance, WebInspect, AppDetective and Other BoE Overlays as required for A&A.
- Define security milestones for the Cloud environment and identify dependencies for the project team.
Information Systems Security Officer
Improved the oversight and accountability of day-to-day security operations regarding information systems and coordinated the Certification & Accreditation (C&A) life cycle processes for all proprietary and classified information systems.
- Ensured System Owners and Administrators were compliant with On-going security maintenance, applying security patches and malware updates.
- Implemented and executed ICD 503 and DCID 6/3 Risk Management Framework and the fundamental paradigm shift, and conduct assessments on all Information Technology (IT) systems to ensure that they were using the NIST-based formula.
- Implemented 100% accountability of program laptop CONOPS audits with Program Office.
- Prepared and presented several NIST 800-53 Contingency and Document Destruction Plans.
- Reduced laptop compliant response time from 180 days to 5.
- Enabled a common process that incorporated security within the “lifecycle” processes and eliminated unwanted security-specific processes, increasing 100% asset accountability.
- Introduced an event monitoring tool called Solar Winds, ensuring automated event management monitoring, increasing security reliability from 10% to 100%.
09/2011 – 09/2013
Employer: Sotera Defense Solutions
Provided the Federal Information Security Management Act of 2002(FISMA) reporting for enterprise systems and maintained effective information security procedures and mitigation responses.
- Coordinated, mitigated over 150 enterprise network programs.
- Researched and determined three major baseline changes to meet FISMA compliance.
- Conducted periodic review of secure system procedures to ensure compliance with SSP.
- Developed strategies for performing INFOSEC vulnerability and risk assessments.
- Maintained and ensured report documents, artifacts, scan results, and manual procedures were documented for all category I, II, and III operating system vulnerabilities.
- Defined system requirements designed system security architectures and planning technical efforts assigned to senior-level personnel created for the IC customer to ensure that security requirements are identified early and include an intricate part of the development process.
02/2011 – 09/2011
Employer: Agilex Technologies
Ensured executives, senior management, and mission owners were informed of potential risks and recommend controls to mitigate risk to protect the organization and enterprise network systems and personnel.
- Verified that the security components were evaluated against the selected evaluation criteria (CCEP, NIAP, FIPS, or other IC and NIST evaluation criteria).
- Ensured IS operations were maintained and disposed of as specified internal security policies outlined in the approved SSP.
- Ensured configuration management of security-relevant IS software, firmware, and hardware are maintained and documented as requested by ISSM.
- Ensured system security features were addressed during the entire system life cycle processes.
05/2010 - 02/2011
Employer: Dell Perot Systems
System Engineering duties included support and maintaining 24 projects with documents and artifacts to support the C&A Process and Program Office.
- Ensured all security-related documentation is kept current and accessible for all authorized personnel.
- Ensured system recovery processes are monitored, ensuring security features and procedures are restored properly.
- Attended the DNI SSC DCID 6/3 training, supporting upcoming transition from C&A under DCID 6/3 to ICD 503, to include applicable CNSSI and NIST policies and guidelines.
01/2001 – 05/ 2010
Provided US Government information assurance standards and international information technology supporting NIST-SP800-series, CNSSI, and ICD_503 Interconnection Security Agreements.
- Prepare and accredit IT systems to the Intelligence community specifications (ICD 503, DCID 6/3).
- Provided and participated in developing various access controls, training, and awareness material related to information security and data protection.
- Performed host-based and network vulnerability scans and ensuring antivirus and OS patches are up to date.
- Co-Authored the proprietary Iridium Master Facility Program Manual enabling the World’s first successful low earth orbit satellite launch.
- Performed and delivered 24/7 Executive engineering support to the Washington DC metro area.
10/1996 – 01/2001
Employer: Motorola SATCOM
Business Systems Manager
As Business Systems Manager and Technical Writer, duties included drafting and co-authored the Iridium Satellite Master Control Facility Maintenance document supporting Network and Security Architectures.
- Delivered Business Operations Specialist Management support.
- Drafted Human Safety documentation for Motorola SATCOM Facility and personnel operations.
- Provided desktop installation, configuration, and upgrading of Windows NT Workstations and Exchange Server.
- Performed Active Directory system administration security and group policy audits.
- Managed all data retention functions, including full, incremental, and differential backups, tape rotations.
- Drafted the facility's proprietary maintenance manual, including testing and documenting the fire suppression systems, emergency procedures, and disaster recovery.