SUMMARY

• A well detailed Information Technology Specialist with over 5 years’ experience in information Technology and over 2 years of experience and expertise in Cyber Security, conducting Risk Management Framework (RMF) Engineer, security engineering, vulnerability scans, security evaluations, risk analysis, and security controls assessments with systems ranging from small networks to Navy - wide enterprise systems. Also preparing and implementing Information Security policies,
• Privacy and Data Security, System Security Plan (SSP), Plan of Actions and Milestones (POA&M), Management and Operations, Certification and Accreditation (A&A), NIST 800-53 Rev4 and NIST SP 800-37 rev 2, 800-18, 800-53 Rev4, 800-34, FIPS, FISMA Security Content Automation Protocol, NIST Family of Security Control, POA&M, Incident Response and Contingency Planning.

TECHNICAL SKILLS

• Strategic PlanningProject ManagementPolicy and Planning
• Human Resource Management Statistical AnalysisEconomics Principles
• Budget AnalysisService ManagementFinancial Management Employee RelationsCustomer ServiceRisk Assessment
• Training and Staff LeadershipProductivity ImprovementRisk Management Framework

PROFESSIONAL EXPERIENCE

Confidential, Alexandria, Virginia

System Security/Risk Management Framework (RMF) Engineer

Responsibilities:

• Responsible for the Assessment and Authorization (A&A) documentation (FIPS 199, E-Autantication Worksheet, Security Assessment Plan (SAP), System Security Plan (SSP), POA&M, Risk Assessment and Assessment of Key Controls for assigned systems.
• Create comprehensive security assessment plans to include the Rules of Engagement (ROE)requirements for identified security controls based on NIST SP 800-53, FedRAMP, and agency-specific guidance.
• Work as a key team member of the RMF process for assigned systems to ensure that the controls are adequately categorized, selected, implemented, assessed, authorized and monitored.
• Perform Nessus ACAS scanning on classified and unclassified systems.
• Ensure risk assessments are completed to determine cost-effective and essential safeguards.
• me perform FedRAMP Government-wide program that provides a standardized approach for security assessment, authorization, and continuous monitoring for cloud products.
• Reviewed and assessed systems of different classification, scope, and mission and determined residual risk and mitigation methods to ensure the system was operating in its most secure state.
• Selected baseline security controls: applied tailoring guidance and supplemental controls as needed based on risk assessments.
• me performFedRAMPGovernment-wide program that provides a standardized approach for security assessment, authorization, and continuous monitoring for cloud products.

Confidential

Information Security Analyst

Responsibilities:

• Worked with Certification and Accreditation team; performed risk assessment; updated System Security Plan (SSP), contingency plan (CP), Privacy Impact Assessment (PIA), and Plan of Actions and Milestones (POA&M)
• Prepare and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification, and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).
• me perform FedRAMP Government-wide program that provides a standardized approach for security assessment, authorization, and continuous monitoring for cloud products.
• Performed data gathering techniques (e.g. questionnaires, interviews and document reviews) in preparation for assembling C&A/A&A packages and also ATO
• Develop and update the system security plan and other IA documentation.
• Selected baseline security controls applied tailoring guidance and supplemental controls as needed based on risk
• Assisted in completing pre-project checklists to gather employee information needed before going onsite
• Troubleshoot issues onsite as needed and maintained documentation database for each customer
• Verified network connectivity from server to client systems
• Maintain inventory taking inventory of the computers in all facets of the deployment lifecycle to include receiving, imaging, deployment, training, and disposal.
• Enters all user requests into the Siebel ticketing system
• Provides for the following software applications: MS Office Suite, Adobe Acrobat Pro, and client-specific proprietary software.
• Resolving problems, installing hardware and software solutions, and supporting the internal IT Helpdesk.
• Provide halpdesk support and resolve problems to the end user’s satisfaction
• Monitor Service Desk for tickets assigned to the queue and process first-in-first-out based on priority
• Manage PC setup and deployment for new employees using standard, hardware, images, and software.

Confidential

Unit Supply Specialist

Responsibilities:

• Responsible for supervising, installing, troubleshooting, and assisting fellow soldiers with battlefield signal support systems, satellite communications, and automated telecommunication computer systems.
• Required to perform maintenance on signal equipment and other electronic devices, as well as train and provide technical support to users of the equipment.
• Maintains automated supply system for accounting of organizational and installation supplies and equipment. Receive, store, and issue materials, equipment, and other items from stockroom, warehouse, or storage yard. Prepare items for shipment and prepare documents, such as work orders, bills of lading, or shipping orders, to route materials.
• Secures and controls weapons and ammunition in security areas. Schedules and performs preventive and organizational maintenance on weapons.