SUMMARY:

• I am a dependable professional seeking employment in the field of cyber security with any organization that can use my analysis, technology, and innovation talents to help protect organizations from security breaches while maintaining their FISMAs compliance. My military experience taught me how to interact effectively.
• I am always willing to collaborate with a team of analysts, security control assessors, the ISSO, and other stakeholders to secure the IT infrastructure of companies, organizations, and government agencies by implementing proactive security measures, assessing risks, and responding to security breaches.

TECHNICAL SKILLS:

DISA: Enterprise Mission Assurance Support Service (eMASS), Risk Management, Authentication and Access Control, Vulnerability Assessment, System Monitoring, Regulatory Compliance, Network Security, Nessus, Remedy, Apache web servers, Mail servers, FTP, DHCP, DNS, Red - Hat, SSH, VMware, Virtual box, Excel, Word, PowerPoint. cyber defense architectures, Linux.

PROFESSIONAL EXPERIENCE:

Information Systems Security Engineer

Confidential - Fort Meade, MD

Responsibilities:

• Assist with any security testing required as part of A&A or annual reviews
• Make data entries into the eMASS record and POA&M consistent with implementation results
• Develop and update Risk Management Framework Assessment and Authorization packages to support ATO submittal
• Assess a DISA STIGs implemented by the ISSE as directed by ISSM
• Conducting security control assessments and implementation using NIST SP and NIST SP A Rev 4.
• Implement and validate Security Technical Implementation Guide (STIG) requirements for all development and implementation projects
• Experience with ACAS, SCAP Scanners, and installation of the security tool sets including Nessus, SCAP etc.

Cyber Security Analyst

Confidential - Aberdeen, MD

Responsibilities:

• Experience with ACAS, SCAP Scanners, and installation of the security tool sets including Nessus.
• Ensures overall management and cyber compliance of information systems
• Manages assessment and authorization activities for DoD information systems
• Provide expert advice to developers, administrators, and others during system development life cycle
• Oversees the development of RMF-related artifacts specific to NIST security control families. Knowledge of RMF, eMASS, ACAS, and STIGs.
• Conduct and review vulnerability scans (ACAS,) and make recommendations to senior leadership
• Updated virus protection systems based on computer virus reports.
• Manages the integration of electronic processes or methodologies to resolve total system problems or technology problems as they relate to cyber security requirements
• Day-to-day management of production Linux systems, including both public and private cloud

Cyber Information Systems Security Analyst

Confidential - Linthicum, MD

Responsibilities:

• Develop and update Risk Management Framework Assessment and Authorization packages to support ATO submittal
• Assist in developing and submitting Risk Management Framework (RMF) accreditation documentation.
• Support the ISSM in the continuous monitoring of networked and stand-alone systems for security relevant changes - assess and report on their impact.
• Review weekly information systems security audits.
• Develop Plans of Action and Milestones (POAMs) and perform close out activities.
• Work with client and team developers and architects, System owners and ISSOs (Information Systems Security Officers) to accurately complete an SSP (System Security Plan)

Security Control Assessor Representative (SCA-R)

Confidential - Reston, VA

Responsibilities:

• Create new, and edit existing documentation that forms the Authority to Operate (ATO) package to include the System Security plan (SSP) and IS contingency plan
• Holds Kick-off meeting with Information System Owner (ISO) and all supporting personnel for systems re-accreditation
• Support the Systems Architect and Systems Integrator in creating architectural alternatives for a new system that will meet current security requirements
• Escalates client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue
• Maintain a comprehensive understanding of NIST SP, NIST SP /53A, etc.
• Draft comprehensive security assessment reports outlining status, key findings, observations, impact, etc., as noted during an assessment.
• Functions as a technical expert across multiple project assignments. May supervise others.
• Determines enterprise information assurance and security standards.

Cybersecurity Analyst

Confidential

Responsibilities:

• Provide continuous monitoring support for control systems following FISMA guidelines and conduct FISMA-based security risk assessments.
• Perform ongoing Assessment and Authorization projects in support of client security systems and ensure quality control of A&A documents
• Supporting client with creating SOP as evidence in ongoing POA&M remediation process.
• Conduct risk assessments and collaborate with clients to provide recommendations regarding critical Performing daily ongoing (A&A) Assessment and Authorization projects in support of client infrastructure, network security operations and Continuous Monitoring processes.
• Working knowledge of Categorizing Information Systems (using FIPS 199 as a guide), NIST Risk Management Framework, FIPS and FISMA Act.
• Assist System Owners and ISSO in preparing Assessment and Authorization Package for IT systems, ensuring management, operational and technical security controls adhere to a formal and well-established security requirement authorized by NIST SP .

Direct Line Software

Confidential

Responsibilities:

• Prepared and installed switches on racks. Patched and dressed cables accordingly.
• Perform, or coordinate, the installation and configuration of the designed networks equipment (wireless, core, IDF and Stratix switches) at the customer sites.
• Assist in the provisioning of the onsite MDF infrastructure at the customer sites.
• Ensure the timely installation of cabling (copper and fiber) by our cabling vendors at the customer sites.