To provide the most current and effective Cyber security support by leveraging my experience as an Information Systems Security Officer, Project Management, and application of the Risk Management Framework (RMF) combined with security best practices.
Strong management and leadership ability Positive and motivationa lattitude Proven ability to adapt quickly to the culture of the organization Strong problem solving for expeditiousre solution Strong ability to work independently Excellent written and verbal communications kills Strong ability to translateand socialize objectives and goals.
Confidential, Falls Church, VA
Information Systems Security Officer
- Recommended remediation tasks and collected artifacts to facilitate the closure of findings in the POA&M and vulnerabilities resulting from DHS Hygiene, Nessus, confidential
- Reviewed and analyzed user activity data and conducted annual audits of Privileged User Access (PUA), regular user access request forms, and Rules of Behavior (ROB) forms to ensure compliance with User Audit requirements (NIST SP 800-92) and confidential AC control guidelines.
- Developed and updated the systems documentation according to technical writing requirements and in compliance with confidential , such as the confidentail, system categorization - FIPS 199 (FIPS 200 & NIST SP 800-60 Vol 1 & II, Rev.1), E-Authentication.
- Participated in the Change Management process by providing security recommendations during the Configuration Change Board (CCB) meetings and provided guidance in the production of the Change Implementation Questionnaire (CIQ) for major configuration change requests and Change Requests (CR) for minor changes/revision upgrades to systems.
- Provided risk assessments using the Risk Assessment Methodology (NIST SP 800-30) through an analysis of system data and its environment to determine the Confidentiality, Integrity, and Availability (CIA) impacts to the system confidential, E-Authentication confidential, whitelisting Non-Standard Desktop Software confidential, Service Requests, Deviation Memos, and Risk Assessment Report (RAR) confidential.
- Coordinated system-level and enterprise-level annual Contingency Plan (CP)confidential and Incident Response (IR) confidential Tabletop and Functional Exercises which involved reviewing and executing the Test Plan.
- Verified and validated evidence of security control implementation as part of an initial Authorization to Operate (ATO) and Continuous Monitoring/Ongoing Assessment confidential , and in response to external audits by the OIG and GAO.
- Developed the Risk Management Process confidential, Security Decommission Process and Memo, Cybersecurity Software Whitelisting Process, and provided input for the development of the Risk Assessment Methodology Process confidential, POA&M process confidential , SA&A (C&A) project schedule confidential , and the organization s SSP template for individual systems and child systems.
- Created and developed the agency s organizational SSP to include interviews and validation of evidence.
- Conducted the analysis and assessment of 3rd Party A&A packages (SSAE, SSP, POA&M, etc..) to determine risk acceptance.
- Provided consulting services to the client through a frequent gap analysis of the RMF and NIST guidelines which involved developing a Level of Effort (LoE) for proposed projects, project plans, task listings, etc.
Confidential, Elizabeth City, NC
Sales Consultant -
- Recommended products to customers based on their needs and interests.
- Performed 150+ cold calls per day using the CRM database and Dealer Track for customer leads
- Provided ongoing support to maintain a positive relationship with the client.
Confidential, Colonial Heights, VA
Data Entry Clerk
- Consistently met high service standards using Enterprise Sage Mas500 ERP to input the quantity, lot number, bin location, and expiration date for over 3,000 products daily.
- Eliminated discrepancies by manually recording all stock items received.
- Communicated via MS Outlook, Skype with management regarding defective items.