• Elyria OH
  • john_w_ferguson_jr@msn.com

John Ferguson

IT Security Analyst

Summary

19 years of experience in the IT field as a developer, system administrator, database administrator, and user support. Experience in major programming languages, Windows operating systems, and software.

I am now seeking a new and challenging opportunity that will continue to allow me to grow in my professional career.

Work History

Work History

Senior IT Security Analyst

Jun 2013 - Present
WYLE / Peerless Technologies                                                             Supporting the PACE III / PACE IV Contract at the NASA Glenn Research Center at Lewis Field  
  • Perform annual IT Security audits for various systems at NASA Glenn Research Center to insure that systems are compliant with the Federal Information Security Act (FISMA) of 2002 IT security standard.
  • Stay up to date on National Institute of Standards and Technology (NIST) security controls and other Federal and NASA IT standards in order to support system owners and their IT security needs.
  • Act as Team Lead for the other FISMA Team members.
  • Responsible for providing monthly reporting metrics based on security assessments
  • Responsible for providing NASA Glenn Research Center (GRC) risk posture based on GRC System Security Plans (SSP)
  • Provide consulting to GRC managers, supervisors, and workforce relating to IT Security, Privacy Controls, policies, processes, and standards based on NIST guidance
  • Responsible for continuous improvement of the IT Security metrics by identifying new metrics, methodologies, and methods of reporting
  • Provide security presentation periodically
  • Develop, lead, and conduct security workflow
  • Responsible for leading reviews of Agency and Center policies and standards
  • Responsible for performing risk assessments on systems managing NASA data
  • Responsible for conducting Contingency Plan reviews and Business Impact assessments
  • Perform other duties as assigned that the support the IT Security Office

IT Engineer

Jan 2006 - Jun 2013
Stringer Gaffarian Technologies (SGT) Inc.                            Supporting the TIALS Contract at the NASA Glenn Research Center at Lewis Field
  • Provide IT support to the Educational Programs Office and Technology Transfer Partnership Office while providing Network and Computer Systems Administration, User Support, Computer Programming & System Analysis, Database Administration, and work in support of NASA HQ & Glenn initiatives.
  • Be responsible as database administrator and developer for the development of the database systems that support the programs and operations of the Educational Programs Office
  • Provide IT services in the area of system design, development, implementation, and maintenance
  • Provide daily system administration, including user support, for every system the Contractor maintains
  • Provide robust server architecture and infrastructure that EPO can utilize for custom off the shelf software applications, file storage, web hosting, and database engine.
  • Stay abreast of current information technology products and pursue training appropriate to the tasks required as approved by the TR
  • Act as the Organizational Computer Security Official (OCSO). These responsibilities include:
    • Serve as the organization's representative to the Center IT Security Manager (ITSM), representing the organization's director or office chief on all IT security matters and advising the Center Network Configuration Control Board (NCCB) on the possible impact from modifications in the IT network infrastructure.
    • Periodically report the status of the organization's IT security posture and concerns to the Center ITSM and the organization's senior manager.
    • Ensure the organization complies with NASA and Center IT security requirements, and notify the Center ITSM if there is an obstacle to meeting requirements, deadlines, or metrics.
    • Review annually the IT System Security Plans (SSPs) for the organization's systems identifying any changes that would require an update, such as changes in personnel, software and hardware, function, categories of information, information ownership, or risk, and verify the viability and the date of the last test of the contingency plan.
    • Report suspected and actual IT security incidents to the Center ITSM and line management, in accordance with Center-established incident response procedures.
    • Ensure compliance with Office of Security and Program Protection (OSPP) requirements for media sanitization by the establishment of a process to ensure that storage media is purged of any data or information that has not been approved for public release prior to releasing the media outside the Center's control.
  • Act as the One Stop Shopping System (OSSI) Center Administrator
    • Determine the approval levels and approval sequence required for opportunities.
    • Modify the offer letter template to contain specific Center text.
    • Modify the content of the email to be sent to mentors inviting them to submit an opportunity and determine the date the email should be sent.
    • Specify general announcements that are to be posted for a Center’s mentors and duration of announcement.
  • Act as the Educational Programs Office Point of Contact to the Office of the Chief Information Officer
  • Non-essential Job Functions
    • Various administrative tasks as they relate to specific project or programs
    • Support the project managers by helping at various events on and off site

Education

Education

Bachelor of Science

Aug 1991 - Dec 1995
Bowling Green State University

Computer Science

Skills

Skills

Information Technology Security

Program Management

Leadership / Team Building

Documentation / Process Improvement