Charles Young, CISSP
Home Resume Family Pictures Cohort 8 Students JMU Info Security MBA

Resume

Get PDF of Resume

CHARLES B. YOUNG II

1008 Chilmark Court, Crofton, MD 21114

(410) 721-4751

cbyii@verizon.net

 

SUMMARY

Certified Information Systems Security Professional (CISSP) with over five years experience in information security risk management and compliance in the Federal Government; risk, quality, and project management in a manufacturing environment; and a Masters in Information Security from a NSA Center of Academic Excellence in Information Assurance Education. Excellent leadership, organizational and communication skills with specific experience in:

·         Standards based information security program development and management

·         IT Security compliance program development and management

·         Information Security policy and standard development

·         Certification and Accreditation

·         Security Awareness Training

·         Risk assessments in IT and manufacturing environments

·         Leading Six Sigma Green Belt projects

 

 

WORK HISTORY

Board of Governors, Federal Reserve System, Washington DC

Senior Security Analyst 2006-Present

·         Leading implementation of new information security program

·         Managing information security compliance program

·         Performing information system certification and accreditations

·         Performing security awareness training for new employees

·         Participating in project to develop an authentication strategy for Federal Reserve Banks

·         Spearheading responses to Office of Budget and Management (OMB) circulars

·         Preparing for and responding to Inspector General audits

·         Advise system development life cycle design team on security issues

·         Member of Information Security Committee

 

Security Analyst 2004-2006

·         Lead project to re-engineer information security program based on National Institute of Standards and Technology (NIST) guidance stemming from the Federal Information Security Management Act (FISMA) of 2002

·         Developed and implemented information security policies, procedures, and standards based on NIST guidance covering system inventories, system security categorization, baseline security controls, risk assessments, security planning, certification and accreditation, and plan of actions and milestones (POA&M)

·         Migrated new Board security program to the Federal Reserve Banks

·         Developed and tracked compliance with annual security awareness quiz

·         Completed annual pre-C&A information system security reviews

 

Maximus, Inc Washington, DC

Senior Systems Analyst, 2001-2004

FDIC Application Security Management Support Contract

·         Provided application security management support to the FDIC Division of Resolutions and Receiverships (DRR) for 29 proprietary and COTS applications

·         Created access control policies, monitored security policy compliance, performed system security tests and evaluations, performed system risk assessments, developed security and awareness training websites

·         Managed access permissions for over 500 DRR employees and contractors in a distributed environment.

·         Developed application level business contingency planning process, including the creation of a Business Impact Analysis worksheet based on NIST SP 800-34 Contingency Planning Guide for Information Technology System

 

Bethlehem Steel Corporation, Baltimore, MD

Senior Quality Engineer, Cold Sheet Mill 1996-2001

·         Lead and participated in individual and team process improvement projects using Six Sigma methodologies

·         Managed a five-man mechanical properties test lab

·         Participated on teams to improve Bethlehem and customer relations, including customer site visits

·         Gave weekly and monthly quality performance presentations to senior management

·         Developed and tested compliance with ISO 9000 quality policies and standard operating procedures (SOP)

·         Prepared for and responded to ISO 9000 compliance audits

·         Chairman of the Quality Department safety team.

 

EDUCATION

MBA with a concentration in Information Security (August 2009)

James Madison University, Harrisonburg, VA

 

M.S. Applied Information Technology with a concentration in Information Security (2003)

Towson University, Towson, MD

 

B.S. Materials Science and Engineering (1994)

Virginia Tech, Blacksburg, VA

 

 

CERTIFICATIONS

SANS/GIAC Systems and Network Auditor (GSNA) – Silver (2005)

Certified Information System Security Professional (CISSP) (2004)

 

AFFILIATIONS

Computer Security Institute