Marcus J.

Norman, CISSP, CISM, CAP, ITIL

4303 Stone Mountain Court
Dumfries, VA 22025
marcusjnorman@gmail.com
Cell: 703.295.2672

Summary:
 Cyber Security Program Manager delivering cybersecurity capabilities including Secure Configuration
Management (SCM), Vulnerability Analysis and Assessment (VA&A), Security Engineering, Assessment and
Authorization (A&A), Cyber Inspection Program, and Cyber Incident Handling and Response within the
Department of Defense. Over 18 years of experience providing cybersecurity services enabling organizations to
exceed its established strategic strategy supporting decision makes in the DoD.

Security Clearance:
 Top Secret - SCI

Education:
 M.S. Cybersecurity, Strayer University – Cyber Forensic - Ongoing
 M.S. Information Systems, Strayer University – Cybersecurity Program Management
 B.S. Information Systems, Strayer University – Cybersecurity Administration
 A.G.S Columbia College of Missouri – General Studies

Certifications:
 ISC2 Certified Information System Security Professional (CISSP), Awarded 12/31/2009, Expires 12/31/2018
 ISACA Certified Information Security Manager (CISM), Awarded 02/17/2017, Expires 12/31/2020
 ISACA Certified in Risk and Information System Control (CRISC), Awarded 12/31/2012, Expires 12/31/2019
 ISC2 Certified Authorization Professional (CAP), Awarded 06/10/2010, Expires 06/30/2019
 ISC2 Systems Security Certified Practitioner (SSCP), Awarded 10/30/2008, Expires 10/31/2020
 ECCOUNCIL Certified Ethical Hacker (CEH), Awarded 05/28/2011, Expires 12/31/2018
 ECCOUNCIL Certified Network Defense Architect (CNDA), Awarded 05/28/2011, Expires 12/31/2018
 ECCOUNCIL Certified Security Analyst (ECSA), Awarded 03/23/2012, Expires 12/31/2018
 EXIN Information Technology Infrastructure Library V3 (ITIL-F), Awarded 05/20/2012, Expires Never
 COMPTIA Security+, Awarded 06/30/2008, Expires Never
 COMPTIA Network+, Awarded 09/30/2008, Expires Never
 Microsoft Certified System Admin (MCSA), Awarded 02/09/2007, Lifetime
 Microsoft Certified System Admin + Messaging (MCSA + Messaging), Awarded 02/09/2007, Lifetime
 Microsoft Certified Practitioner (MCP), Awarded 02/08/2005, Lifetime
 Lean Six Sigma Yellow Belt, Awarded 12/30/2008, Lifetime
 Lean Six Sigma Green Belt, Awarded 12/30/2008, Lifetime

Training:
 TANIUM – 2016
 FEDRAMP – 2016
 ACAS – June 2012
 Nessus – March 2012
 SCAP – March 2012
 DIACAP – December 2011

Marcus J. Norman Resume

  BMC BladeLogic – April 2011
 BMC ADDM – February 2011
 NIST RMF – February 2011
 FISMA – February 2011
 eMASS – December 2010
 ePO – March 2010
 Retina – February 2009
 IPV6 – March 2006
 Windows Operating Systems: Server (NT, 2000, 2003, 2008, 2012), Workstation (NT, 2000, XP, VISTA, 7, 8, 10) -
Various
 Solaris – March 2006
 Linux – March 2006
 Oracle – March 2006

Technical Summary:
 Program Languages – None
 Tools: ACAS, HBSS, TANIUM, Splunk, Encase, BCWipe, Nessus, Proxy Solutions (Blue Coat, McAfee, Microsoft
(TMG,UAG)), WireShark, SCCM, SCOM, ArcSight, BMC ADDM, Exchange, Citrix, SCAP tools, Remedy, and more.
 Methodology: DISA FSO CCRI/CCORI, RMF, DIACAP, SCCVI, and others

Experience Summary:

Cyber Security Program Manager, SHR Consulting Group, LLC

Oct 2017 – Present
 Provide technical oversight of the Chief Technology Officer roadmap
 Design and implement cyber security and automation prototype to support the strategic strategy for the agency
 Manages 4 personnel
 Manage A&A, vulnerability management, security hardening, Incident Handling, and CSP activities for all
prototypes developed by the CTO office
 Provide technical briefings and whitepapers supporting initiatives developed by CTO
 Participate in vendor workshops ensuring technical team is abreast of industry trends in technology.
 Responsible for the implementation of the SCCA requirements for agency cloud initiative.

Cyber Security Program Manager, NetCentrics

Apr 2017 – Oct 2017
 Provide program management for JSP C&R program, SECDEF, NIEITS, and CASB
 Manage 36 cybersecurity personnel
 SME for Vulnerability Management, Compliance, Cyber Security Inspection Program, and CND architecture
 Oversee TASKORD, OPORD, DoD Cyber scorecard, and other governance actions
 Develop and present enterprise metrics and reports to provide CIO and executive committees to articulate the
performance of employed operational, technical, and administrative security controls. The developed reports
support the implementation of Federal, DoD, and organization directives to minimize exposure to JSP
information systems (IS) and provides continuous monitoring of system risk through the SDLC of the IS.
 Conduct Security, Test, and Evaluation on employed infrastructure to ensure STIG’s, vendor patches,
configuration, and Global Policy Objects are implemented according to DoD and/or Federal guidelines.

Cyber Security Program Manager, NetCentrics

Aug 2016 – Apr 2017

Marcus J. Norman Resume

  Provides management and administration oversight for JSP end point security technologies.
 Responsible for the execution of the End Point Security and Incident Handling program providing JSP with near
real-time cyber metrics to support decision makers abilities supporting our information systems.
 Responsible for 26 IT/Cyber professional performing Patch Management, End Point Security, Incident Response,
and ISSO support for JSP/
 Responsible for the integration of cyber capabilities ensuring proper cyber planning for new and existing
information technologies preventing compromise to JSP systems.
 Provide RMF and DIACAP support for all JSP systems
 Led integrator Tanium of capabilities delivering real-time cyber and information capabilities supporting JSP.
 Develop and present enterprise metrics and reports to provide CIO and executive committees to articulate the
performance of employed operational, technical, and administrative security controls. The developed reports
support the implementation of Federal, DoD, and organization directives to minimize exposure to JSP
information systems (IS) and provides continuous monitoring of system risk through the SDLC of the IS.
 Conduct Security, Test, and Evaluation on employed infrastructure to ensure STIG’s, vendor patches,
configuration, and Global Policy Objects are implemented according to DoD and/or Federal guidelines.

C&A Program Manager, NetCentrics

Jul 2015 –Jul 2016
 Manage the delivery of a Certification and Accreditation (C&A) task order and a team of 16 C&A analysts
 Onsite Subject Matter Expert (SME) on all facets for C&A frameworks providing expertise in DIACAP and Risk
Management Framework (RMF) principles, concepts, and practices
 Demonstrated ability to review and edit draft security artifacts as assigned to ensure
 compliance with C&A and FISMA
 Provide management oversight for updates to SNAP, GIAP and PPSM 
 Informs USCG on changes to applicable policies, regulations, and laws impacting the
 accreditation of Coast Guard systems and networks
 Leads the development and/or revision of C&A processes and procedures to reflect evolving information
security requirements
 Effectively communicate program status, requirements and objectives to senior leaders within the company and
the Government

Network Security Operation Manager, NetCentrics

Oct 2013 – Jul 2015
 Provides expert level Security Engineering management and technical support services for infrastructure
services in the support the successful implementation and execution of DoD security policies, procedures, and
other EITSD guidelines. Provides IT security advice and recommendation on all enterprise services for the
organization.
 Manages 18 IA analysts in support of EITSD Vulnerability Management Program, Department of Defense
Certification and Accreditation Process (DIACAP), Computer Incident Response Team (CIRT), and Border
Protection Team. Provide CLIN management; develop training plan, evaluation, and workforce improvement for
Network Security Operations Branch.
 Leads C&A activities and prepare documents/artifacts in accordance DoD 8500.01 DIACAP. This includes, but is
not limited to: Analyze and define security requirements, develop System Security Authorization Agreements
(SSAA)/System Security Plans (SSP), Contingency Plans, Risk Assessment Reports, Security Assessment Reports
and Plan of Action and Milestones (POA&Ms).

Marcus J. Norman Resume

  Develop and present enterprise metrics and reports to provide CIO and executive committees to articulate the
performance of employed operational, technical, and administrative security controls. The developed reports
support the implementation of Federal, DoD, and organization directives to minimize exposure to EITSD
information systems (IS) and provides continuous monitoring of system risk through the SDLC of the IS.
 Conduct Security, Test, and Evaluation on employed infrastructure to ensure STIG’s, vendor patches,
configuration, and Global Policy Objects are implemented according to DoD and/or Federal guidelines.
 Manages division Vulnerability Management, Information Assurance Workforce Improvement Program (IA WIP)
and Communication Task Order Program to ensure compliance with USCC suspense/mandates.

Information Assurance Manager, SRA International, Inc

Apr 2011 – Oct 2013

 Conducts program oversight, including on-going monitoring and periodic auditing of systems and systems
operations. Develops, recommends and implements incident response procedures and technologies to identify,
assess, and ensure the appropriate response to threats and vulnerabilities. 
 Lead, support, and/or facilitating security assessments of new or modified hardware, operating, systems, and
software applications ensuring integration with DoD IA security requirements.
 Manages 22 IA analysts in conducting Vulnerability Management, Security Engineering, Certification and
Accreditation, and Computer Network Defense activities. Provide CLIN management; develop training plan,
evaluation, and workforce improvement for Network Security Operations Branch.
 Leads certification and accreditation (C&A) activities and prepare documents/artifacts in accordance with the
Department of Defense (DoD) Certification and Accreditation Process (DIACAP). This includes, but is not limited
to: Analyze and define security requirements, develop System Security Authorization Agreements (SSAA)/System
Security Plans (SSP), Contingency Plans, Risk Assessment Reports, Security Assessment Reports and Plan of
Action and Milestones (POA&Ms).
 Manage the DoD Information Assurance Vulnerability Management (IAVM) program and security compliance
activities for the JS OCIO. Monitor and enforce the implementation of vulnerability notifications (i.e., alerts,
bulletins, and technical advisories/notifications) in accordance with United States Cyber Command and Defense
Information Systems Agency (DISA) requirements. Direct the corrective actions on affected system(s) within the
enclave, which were not in compliance with IAVM program directives and vulnerability response measures.
 Track, monitor and maintain assets in the Vulnerability Management System (VMS). Analyze technical reports
and sensitive data to identify deficiencies, trends, problem areas, and compliance with DISA Security Technical
Implementation Guides (STIGs) and Checklist. Generate vulnerability reports from VMS and distribute them to
various groups within Operations.
 Perform periodic vulnerability scans using Retina, Gold Disk, Nessus, SRR, and other SCCVI tools on network
infrastructures. Actively communicated with operational managers to collect remediation progress, monitored
status and provide weekly vulnerability remediation progress reporting to client leadership.
 Principle advisor to Joint Staff (JS) program managers, IA Manager (IAM), system administrators, user
representatives and developers Provide expert technical interpretation and implementation oversight of
applicable information security policies, processes, and practices to ensure operational availability and integrity
of enterprise applications, systems, networks, and data.
 Provide verbal and written client updates or briefings on vulnerability mitigation strategies, IAVA compliance
efforts, POA&M status, team's activities and project timelines.
 Responsible for the IAT Workforce Program for the program to ensure all contracting personnel meets the DoD
8570 requirement.
 Promotes awareness of security issues among management and ensuring sound security principles are followed.

Senior Information Assurance Security Engineer, Clovis Group, LLC

Apr 2010 – Sep 2010

Marcus J. Norman Resume

  Lead, support, and/or facilitating security assessments of new or modified hardware, operating, systems, and
software applications ensuring integration with DoD IA security requirements.
 Managed 3 IA analysts in conducting Vulnerability Management, Security Engineering, Certification and
Accreditation, and Computer Network Defense activities.
 Responsible for the certification and accreditation (C&A) activities and prepare documents/artifacts in
accordance with the Department of Defense (DoD) Certification and Accreditation Process (DIACAP). This
includes, but is not limited to: Analyze and define security requirements, develop System Security Authorization
Agreements (SSAA)/System Security Plans (SSP), Contingency Plans, Risk Assessment Reports, Security
Assessment Reports and Plan of Action and Milestones (POA&Ms) within the Enterprise Mission Assurance
Support Service (eMASS).
 Develop security assessment report (SAR) for all Joint Staff (JS) enclaves. Responsible for the adequate
assessment of all identified risk(s) and the generation of a mitigation plan for the JS Security Office (JSSO) to
receive an accreditation decision for all information systems.
 Perform periodic vulnerability scans using Retina, Gold Disk, Nessus, SRR, and other SCCVI tools on network
infrastructures. Actively communicated with operational managers to collect remediation progress, monitored
status and provide weekly vulnerability remediation progress reporting to client leadership.
 Develop and track Plan of Action and Milestones (POA&Ms) for the JS.
 Evaluate and implement all applicable Information Assurance Vulnerabilities, Bulletins and Technical
 Advisories IAW CYBERCOM directives and provided IA metrics to the JSIN IA program.
 Populate assets and maintain security vulnerability compliancy through the Vulnerability Management System
(VMS) for assets and Program of Record systems.
 Provide subject matter IA training expertise for JS personnel, programs, or IA training content.
 Develop written reports, project plans, schedules, meeting minutes, briefings and other documentation for the
OCIO project team.


Lead Information Assurance Security Engineer, Nova Datacom, LLC

Nov 2009 – Sep 2010

 Conducts program oversight, including on-going monitoring and periodic auditing of systems and systems
operations. Develops, recommends and implements incident response procedures and technologies to identify,
assess, and ensure the appropriate response to threats and vulnerabilities.
 Managed 6 IA analysts in conducting Vulnerability Management, Security Engineering, Certification and
Accreditation, and Computer Network Defense activities.
 Provided advice and guidance on the implementation of network/system security in accordance with mandates
through the application of information assurance vulnerability alerts (IAVAs), Security Technical Implementation
Guides, Command Tasking Orders (CTOs), FRAGOs, INFOCON, Coordinated Alert Messages (CAMs), and other
directives.
 Conducted risk assessments, security evaluations, and reviews of information systems and technologies
throughout the system life cycle. Using Retina, Disk Gold Disk, DISA STIG's, HBSS, and Patchlink.
 Conducted DoD Information Assurance Certification and Accreditation Process (DIACAP) mission assurance
planning and implementation that follow DoDI 8500.2 and DODI 8510. Develop and review of certification plans
and accreditation documentation (i.e., system security plans, risk mitigation plans, contingency plans, and
disaster recovery plans, etc.)
 Developed and updated Plan of Action Milestones (POA&M's) for all enclaves.
 Experience with FISMA, NIST, FIPS, OMB, and other applicable Federal requirements, policies, methodologies,
tools, standards, and procedures.
 Served as a liaison between the organizational staff, Information Assurance Officer (IAO), Information Assurance
Manager (IAM) and the IT support personnel. Provide expert technical interpretation and implementation

Marcus J. Norman Resume

 oversight of applicable information security policies, processes, and practices to ensure operational availability
and integrity of enterprise applications, systems, networks, and data.
 Develop written reports, project plans, schedules, meeting minutes, briefings and other documentation for
OCIO.
 Promotes awareness of security issues among management and ensuring sound security principles are followed.

Senior Security Engineer, Experts IT, LCC

Jun 2009 – Nov 2009

 Manages 528 classified and unclassified servers for the Department of the Air Force National Capital Region.
 Coordinates and integrates technical aspects of enclave boundary protection with administrative matters such
as standards management, acquisition and configuration management, IT security, and risk management
ensuring the confidentiality, integrity and availability of systems through the planning, analysis and maintenance
of information systems security programs, policies, procedures and tools.
 Conducts risk assessments, security evaluations, and reviews of information systems and technologies
throughout the system life cycle. Using Retina and Disk Gold Disk.
 Knowledge of certification and accreditation processes. Experience reviewing System Security Plans, policies,
and guidance. Experience in performing vulnerability assessments including development of risk mitigation
strategies
 Provide advice and guidance on the implementation of network security in accordance with mandates through
the application of information assurance vulnerability alerts (IAVAs), patches, hot-fixes and Security Technical
Implementation Guides
 Provide guidance in implementing IT security policies, development of standard operating procedures, and the
physical/logical placement of all network assets.
 Promotes awareness of security issues among management and ensuring sound security principles are reflected
in organizations, visions and goals.
 Monitors/Troubleshoots network systems for network degradation, system hardware faults, VPN checks, SMTP
issues, and replication issues with the use of SMS and MOM 2007.
 Performs network account administration and manages rights/permissions for all network objects throughout
the agency using NETIQ and Active Directory.
 Ensure organization internal/external mail is flowing properly; troubleshoot all existing mail backlogs issues.
 Manages 2003/2007 email storage groups, mailbox quotas, and create group distribution lists.
 Resolves all incidents on a timely manner using Remedy.

Senior NOC Analyst (Part Time), Wyle Information System

Apr 2006 – Nov 2010

 Monitor 115 network systems for attempted penetration and network degradation.
 Perform network installation and maintenance throughout the agency.
 Observes computer systems, peripheral equipment, and network monitors to detect error conditions; Conduct
 periodic and scheduled testing to ensure that network operations are performing to normal standards; Corrects
minor problems on network systems and notifies the correct personnel of the problem, and initiates proper
recovery procedures.
 Perform network account administration and reporting for the SecureID remote access subsystem; monitor
virtual private network session ensure proper authentication methods are being upheld.
 Monitor all network support facilities including Power Distribution Unit; Uninterruptible Power Supply; and air
conditioning, fire protection, and access control equipment, and correction of minor problems and notification
of venders and expert staff when necessary.
 Analyze and release quarantine traffic from unauthorized or unknown hosts.
 Conduct data back-up/restoration services on 115 servers totaling to 16 terabytes using VERITAS 6.5 and

Marcus J. Norman Resume

  Dell Data Protection Manager.
 Perform exchange mailbox, files, and system-data restores using VERITAS and DPM.
 Classifies, catalogs, and maintain tape library. Ensure data can be retrieved from offsite storage.
 Escalate security related events to program managers for proper handling and instruction.
 Resolved all incidents on a timely manner using Remedy.

Information Technology Specialist, EKMS, United States Navy

Nov 2008 – Jul 2009

 Managed Electronic Key Manager System (EKMS). Responsible for the electronic key issuing and destruction for
400 cryptographic items
 Programmed and configured all CCI devices to ensure proper telecommunication transmissions are maintained.
 Managed CCI lifecycle replacement project and ensure CCI equipment are up-to-date to minimize coverage
lapses.
 Administered monthly communication security inspection to ensure proper electronic transmission, storage, and
documentation is conducted to strengthen our security posture.
 Performed security audits and provides accurate reporting data to senior management.
 Established electronic database to condense reporting of events, items, and resolutions.
 Responsible for managing complex physical data models that describe the structure for data storage, data
indexing, data manipulation, and data retrieval applications for the DoD.
 Ensures that databases meet the business requirements of client organizations, are accessible to authorized
customers, and being kept up-to-date.
 Reviews usage logs and determines the need for changes in access methods, storage media, or other elements
based on usage and performance trends.
 Responsible for oracle account administration, assigning database permission, views, and roles.
 Notify senior management of any service outages and the potential impact of the client organizations.
 Responsible for the proper destruction of classified media.
 Established Standard Operation Procedure to ensure database analyst were properly trained to complete all task
that were assigned.
 Provide 24-hour direct customer support to Department of Defense and the Joint Chief of Staff.
 Generate and resolved 1,500 trouble tickets using Remedy

Information Technology Specialist, Database Manager, United States Navy

Apr 2005 – Nov 2008

 Responsible for managing complex physical data models that describe the structure for data storage, data
indexing, data manipulation, and data retrieval applications for the DoD.
 Ensures that databases meet the business requirements of client organizations, are accessible to authorized
customers, and being kept up-to-date.
 Supervise 8 personnel.
 Reviews usage logs and determines the need for changes in access methods, storage media, or other elements
based on usage and performance trends.
 Responsible for oracle account administration, assigning database permission, views, and roles.
 Notify senior management of any service outages and the potential impact of the client organizations.
 Responsible for the proper destruction of classified media.
 Established Standard Operation Procedure to ensure database analyst was properly trained to complete all tasks
that were assigned.
 Provide 24-hour direct customer support to Department of Defense and the Joint Chief of Staff.
 Generate and resolved 1,500 trouble tickets using Remedy

Marcus J. Norman Resume

Information Technology Specialist, Network Security, United States Navy
Aug 1999 – Mar 2005

 Responsible for the daily maintenance and system analysis for multiple networks.
 Performs work that involves ensuring the confidentiality, integrity, and availability of systems, networks, and
data through the planning, analysis, development, implementation, maintenance, and enhancement of
information systems security programs, policies, procedures, and tools.
 Installed network media and operating system software components, primary storage devices, operating system
software, remote access servers, and intrusion detection systems.
 Implements, promotes, ensures, and monitors the rigorous application of approved information security
policies, procedures, principles, and controls in the delivery of all IT services.
 Scan, review, and implement security on systems.
 Provide status reports on system compliance and document deviations using standard forms.
 Performed network account administration and system administration of identified servers.
 Manages organizational mailboxes for user can archive, access, and share all departmental mail
 Established user accounts in Microsoft Exchange and Active Directory.
 Monitored exchange mail queues in Exchange 5.5 and 2000 to identify any potential backlogs on all outgoing
traffic.
 Coordinated and schedule systems/data backups for system recovery efforts.
 Migrated and Planned 3 network operating system changes. Developed operation system build.
 Maintained audit logs and document errors; ensure compliancy with Department of the Navy regulations.
 Responsible for the Norton Antivirus Server updates and ensure all patches were pushed via SMS to network
clients and servers.
 Deployed IAVA's using SMS packages; ensured updates were successfully applied.
 Supervised the Incident Management Team; which led to the closure of 10,000 trouble tickets.
 Provided customer support to over 350 users with the organization for 4 different networks.

Marcus J. Norman Resume