- Top Secret/SCI cleared Information Assurance Engineer with recognized success in Department of Defense network security and Certification and Accreditation. Experienced in creation of security policies and procedures including both local and agency wide policy.
- Responsible for all Certification and Accreditation actions for classified, unclassified, and special access program systems per DOD 8500.2 IA Controls.
- Provide subject matter expertise on Certification and Accreditation to the CIO of a large US Confidential Testing center.
- Provide expertise concerning the transition from DIACAP to DIARMF for the client.
- Communication Security (COMSEC)
- Project Management
- Risk Assessment
- Security Policy Creation
- Physical Security
- Information Security
- Regulatory Adherence
- Risk Management Framework
- Cyber Threat Analysis
Lead IA Engineer
- Reporting directly to the CIO to provide technical direction and leadership to a team of over 15 contractors and government civilians concerning the Certification and Accreditation of a MAC - II classified and unclassified networks as well as standalone equipment and special access program systems.
- Took over the project facing a system expiring within less than 6 months. Communicated with and lead the local Subject Matter Experts (SMEs) for the system to determine where the accreditation work was at and then scheduled for both the test run and for record visits by the Confidential Certification Authority (ACA) team to make the onsite assessment.
- Worked with SMEs to establish processes, procedures, and numerous items of documentation required for the accreditation process. Tracked the status of the ACA package throughout the accreditation process and completed the POA&M for submission to the command Information Assurance Program Manager and ultimately to the Designated Approving Authority.
- Coordinated the Plan of Action and Milestone (POA&M) activities to upgrade Interim Authority to Operate to a full Authority to Operate. Prepared POA&M and updated as required. Assisted with the coordination of a large scale visit by the audit team for our connectivity to the SDREN. Provide daily updates to senior leadership as required and work with the SMEs to ensure open findings are being addressed and fixed within the proper timeframe.
- Work with various departments and outside agencies on a daily basis to provide guidance, oversight and direction to ensure that all C&A activities are accomplished correctly and on a timely basis. Directly supervise three other Information Assurance Contractors. Create policies, guidelines, and directives concerning security practices and requirements.
Cyber Security Engineer
- Provided C&A and information assurance services to the US Confidential Defense Common Ground System - Confidential Program Management Office,(DCGS-A PMO) including developing documentation, policies, certification testing procedures, and precertification assessment.
- Interpret DCID 6/3 requirements for a Top Secret SCI Basic level PL3 Network and ensure applicable guidelines have been followed. Work with certification authority personnel to ensure that unresolved issues from prior certification testing have been met.
- Provided Certification and Accreditation (C&A) as well as general information assurance support to a command level Department of Defense Client. Advise client personnel on all aspects of the certification and accreditation process including implementing Information Assurance Controls on a MAC II Sensitive Network according to DoDI 8500.2.
- Assisted various departments with the interpretation and implementation of the DoD Security Technical Implementation Guidelines (STIGs), including creating action documents with the ability to assign STIG tasks and track progress. Updated the acceptable use policy for the organization, established a program to allow the use of an additional certificate on the Common Access Card (CAC) for administrative network access to eliminate the use of a separate CAC which saved significant administrative overhead and money for the organization.