- A multifaceted information security professional whose qualifications, knowledge of security policies, FedRAMP insider knowledge/experience, tools, technologies, best practices, background in the technical IT/IS/cloud implementations, application security, aspirational servant - leadership of teams, and management of information security solutions tor diverse organizations seeks a fitting role.
Security Technologies: Azure security components, AWS security components, Office/Microsoft 365/Intune Mobile Device Management (MDM)/Mobile Application Management (MAM)/Security/compliance components, Backtrack/Kali Linux, Tenable Nessus/SecurityCenter; NMAP; OpenVAS; SSH; SSL; Digital Certificates; Host Based Security System (HBSS) (ePolicy Orchestrator (ePO), Symantec Endpoint Protection Enterprise, Kaspersky Enterprise Space Security, System Center Endpoint Protection (SCEP), etc.); Symantec Ghost, Windows Deployment Services (WDS), MS Solution Accelerators (Security Compliance Manager (SCM), Microsoft Assessment and Planning (MAP) Toolkit, Microsoft Deployment Toolkit (MDT), Microsoft Baseline Security Analyzer, Enhanced Mitigation Experience Toolkit (EMET), Office 365, Active Directory, Group Policy, Windows Server Update Services (WSUS), C#.NET, BASH/CLI, PowerShell.
Operating Systems/Environments: Debian Linux; Windows (all).
Networking: LANs, WANs, VPNs, Routers, Firewalls, TCP/IP, WiFi, VoIP.
Software: MS Office (Word, Excel, Outlook, Access, Visio, PowerPoint).
Senior Information Security Consultant/Cloud Security Advisor
- Operate in the capacity and performing the duties of an ISSO/ISSM for the Department of Education (DoED).
- Provide support to the HHS OIG SD-WAN implementation and deployment.
- Provide support to the NSA/Air Force network infrastructure security requirements assessment.
- Provide critical cloud security subject matter expertise for global clients.
- Support Assessment and Authorization (A&A) efforts of new and existing systems.
- Review and adjudicate risk acceptance/deviation requests/waivers, security impact analysis (SIAs), SSPs, and other IA artifacts.
- Use data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
- Identify, analyze, and report events that occur or might occur within the network to protect information, information systems, and networks from threats.
- Conduct independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37 Revision 2).
- Provide support for a systems’ and information assurance program through security authorization activities in compliance with Risk Management Framework (RMF).
- Manage changes to information systems and assess the security impact of those changes.
- Assist in the preparation and review of documentation to include System Security Plans (SSPs), Risk Assessment Reports, A&A packages, and Security Controls Traceability Matrix (SCTM).
- Allocate security controls as common, hybrid, or system specific consistent with the enterprise architecture and information security architecture in CSAM.
- Demonstrate the use of sound information system and security engineering methodologies in integrating information technology products into the information system and in implementing the security controls contained in the system security plan.
- Document controls implementation within the information system taking into account specific technologies and platform dependencies.
- Update controls information during system migration and updating implementation statements for new security services and security controls as part of new AWS cloud environments.
- Complete and execute requirements necessary for change management, configuration management, change controls boards, assessment and authorization, risk acceptance/deviation requests, and Enterprise Architecture Review Board (EARB).
- Apply full range of Information Assurance (IA) policies, principals and techniques to maintain security integrity of information systems processing sensitive information.
- Maintain records on workstations, servers, routers, firewalls, intelligent hubs, network switches, etc, to include system upgrades.
- Maintain operational security posture for an information systems and program.
- Develop and maintain artifacts for A&A in accordance with applicable policies, procedures, and operating instructions.
- Provide cloud security subject matter expertise to enterprise customers in both Azure and AWS environments in the fulfillment of pertinent requirements for framework such as CMMC, FedRAMP, etc.
- Provide guidance to AWS cloud migration and other cloud adoption and implementations in alignment with FedRAMP compliance requirements.
- Develop and update System Security Plans and other IA documentation.
- Provide CM for security-relevant information system software, hardware, and firmware.
- Assist with the management of security aspects of the information system and perform day-to-day security operations of the system.
- Provide support for the program, organization, system, or enclave's information assurance program.
- Lead and manage a diverse team of Information Security professionals in the assessments of systems and networks within the networking environment or enclave to identify vulnerabilities, misconfigurations, and deviations from enclave or local policies.
- Coordinate with the customer, external organizations and security professionals to identify and implement security solutions designed to monitor, detect, respond and report to security-relevant changes in operational systems.
- Review new and existing systems for technical compliance with IA directives and protection of data Confidential all classification levels. Advise on in-depth security design review and threat/risk assessments.
- Provide inputs to RMF artifacts, including Plans of Action and Milestones (POA&Ms), Security Control Traceability Matrices (SCTM), and Risk Assessment Reports (RARs).
- Conduct site visits and assessments to inspect IA plans and security control implementations and support Incident Response Team (IRT) activities.
- Work as part of a team reviewing and assessing Risk Management Framework (RMF) authorization body of evidence for information systems, to include: System Security Plan (SSP), Security Control Traceability Matrix (SCTM), Continuous Monitoring Plan, Incident Response Plan, Access Control Plan, Security Assessment Plan, etc.
- RMF expert for cyber security in the government program management office, providing risk assessments to the Authorization Official (AO) for information systems and responsible for maintain ATOs for systems.
- Provide mentorship and guidance to subordinates and junior staff.
Cloud Security Advisor & Subject Matter Expert (SME)
- Operate within the FedRAMP program as a FedRAMP Joint Authorization Board (JAB) ISSO/ISSM representing DHS alongside other stakeholders including the DoD and GSA (JAB agencies) in working with Cloud Service Providers (CSPs) to manage the compliance of Cloud Service Offerings (CSOs) with FedRAMP requirements on behalf of federal agency customers within the FedRAMP program.
- Identify legal, regulatory, organizational and other applicable requirements to manage the risk to acceptable levels.
- Operate in the capacity of Authorizing Official Designated Representative (AODR) in new CSP/CSO onboarding assessments and annual assessments and providing assessment authorization recommendations to AO en-route to Agency CIO.
- Manage CSP/CSO continuous monitoring and ongoing compliance requirements.
- Facilitate meetings and coordinate with FedRAMP JAB PMO, partner agencies, CSPs, and Third-Party Authorizing Organization (3PAO) stakeholders in assessing CSP/CSO FedRAMP compliance packages and in making authorization recommendations.
- Work with CSPs, 3PAOs and other FedRAMP stakeholders to ensure all monthly continuous monitoring (ConMon) deliverables are received, reviewed, adjudicated, and reported on for CSP and federal agency consumption.
- Monitor for internal and external factors that may prompt re-assessment of risk to ensure that changes to existing, or new, risk scenarios are identified and managed appropriately.
- Collaborate with stakeholders in making risk-based decisions in adjudicating monthly deliverables including Significant Change Reviews (SCRs), Deviation Requests (DRs) or waivers, ensuring updates are reflected in POA&Ms, generate a compliance report and/or issue any pertinent violation.
- Adjudicate significant change requests (SCRs) and work with CSPs and 3PAOs to ensure impacted security controls are assessed and remediated as necessary.
- Adjudicate deviation requests (DRs) and work with CSPs and 3PAOs to ensure that vulnerabilities with justified and approved DRs are remediated within new timeline.
- Ensure that risk assessments, vulnerability assessments, and threat analyses are conducted consistently, Confidential scheduled intervals, analyzed and appropriately addressed.
- Work in partnership with Other FedRAMP JAB agencies/stakeholders as well as CSPs and 3PAOs during the assessment process to ensure all FedRAMP security controls are assessed and appropriately mitigated or otherwise addressed.
- Identify and recommend appropriate risk treatment/response options to manage risk to acceptable levels pursuant to FedRAMP requirements.
- Identify and highlight leveraged IaaS security controls and customer responsibility approaches and application of required cloud security controls to PaaS and SaaS CSPs and Managed Services Providers (MSPs).
- Assess security implementations by CSPs to support continuous improvements initiatives.
- Monitor and analyze program management and operational metrics to evaluate the effectiveness and efficiency of the information security program.
- Monitor, evaluate, and report key information security metrics to provide management with accurate and meaningful information regarding the effectiveness of the information security strategy.
- Technically review security documentation of FedRAMP packages, to understand the responsibilities of federal agency customers, and associated risks for the agencies.
- Prepare assessment summary reports for FedRAMP authorizing officials, summarizing cloud solutions' security profile and authorization recommendations.
- Oversee and manage CSP/CSO onboarding and subsequent continuous monitoring.
- Report non-compliance and other changes in information risk to facilitate the risk management decision-making process.
- Identify, acquire and manage requirements for internal and external resources to execute the information security program.
- Hold, attend, and participate in meetings with pertinent FedRAMP JAB, CSP, and 3PAO stakeholders with key inquiries and discussions to address continuous monitoring compliance matters.
- Support CSP audit remediation efforts during initial and annual assessments.
- Compile and present reports to key stakeholders on the activities, trends and overall effectiveness of the information security program and the underlying business processes in order to communicate security performance.
- Assess and provide insights, reviews, and recommendations across a wide variety of CSPs/CSOs for the Department of Homeland Security pursuant to FedRAMP requirements based on NIST publications.
- Conduct post-incident reviews in collaboration with CSPs and other stakeholders to determine the root cause, develop corrective actions, reassess risk, evaluate response effectiveness and recommend appropriate remedial actions.
- Support CSO categorization, controls selection, implementation activities, assessment/audit, authorization, and continuous monitoring activities.
- Ensure security principles and practices are implemented in IaaS, PaaS, & SaaS.
Sr. Information Systems Security Officer (ISSO)/Project Manager (PM)
- Managed a team of ten (10) Information Systems Security Officers (ISSOs) in ensuring all pertinent duties are accomplished and continuous ongoing delivery of relevant metrics and reports to the CISO.
- Coordinate with the Chief Information Security Officer (CISO), Deputy CISO/Compliance Manager, CISO Support team, Security Testing & Evaluation (ST&E) team, Security Engineering team, Network Security Operations Center (NSOC), System Owners & System teams, and other stakeholders to assure information protection, insider threat detection, awareness, and compliance with ATO package requirements.
- Collaborate closely with all pertinent stakeholders to identify appropriate security control baselines and ensure they are documented in an SSP and other artifacts with successful acquisition of ATOs prior to becoming operational.
- Collaborate with stakeholders in meeting FedRAMP requirements for agency use.
- Maintain an information security strategy in alignment with organizational goals and objectives to guide the establishment and/or ongoing management of the information security program.
- Work with stakeholders to develop education, training, and awareness program, and manage and coordinate information security monitoring, inspections and spill or data loss incident response.
- Provide guidance on cloud security best practices for Azure and AWS environments.
- Ensure secure development practices are implemented in IaaS, PaaS, & SaaS.
- Develop, review, maintain and oversee all Authorization to Operate (ATO) packages for the Assessment & Authorization, and subsequent Continuous Monitoring in accordance with the RMF requirements and organizational business objectives.
- Ensures Information Systems Security Officers (ISSO) under my purview, IT staff, and users follow established information security policies and procedures to protect, operate, maintain, and dispose of systems and data in accordance with security policies and practices as outlined in the assessment and authorization procedures.
- Advise IT on required security configurations and eliciting implementation details as well as assist with the development of technical security enhancements.
- Performs technical assessments of information systems security configuration to ensure compliance before the system moves to a production environment; conducts reviews and technical inspections to ensure compliance with the federal customer and US Government policies, and to identify vulnerabilities or security weaknesses. Recommends corrective actions and ensures proper vulnerability reporting.
- Facilitate meetings with pertinent stakeholders in leading efforts to manage audits of federal customer’s information systems by US Government agencies.
- Lead periodic assessments to assess systems security posture validation and remediation.
- Ensure a Plan of Action and Milestone (POA&M) is maintained for all security related vulnerabilities and continually update SCAs and AOs on system security posture.
- Work with pertinent stakeholders to develop a comprehensive Risk Management Framework (RMF) package including System Security Plans (SSPs), Information Continuous Security Monitoring Plans, and pertinent evidence to support system authorization.
- Support secure application development efforts using Secure Development Lifecycle (SDL + Agile) principles throughout the SDLC phases.
- Lead and perform system categorization, controls selection, and implementation activities.
- Support assessment/audit, authorization, and continuous monitoring activities.