SUMMARY:

M.S. with 17 years of IT experience to include Information Assurance and SDLC, particularly requirements and information gathering, IV&V, testing and quality assurance. Skilled in the development and execution of security documentation based on RMF guidance; Confidential and . Deliverables include System Security Plans, SRTMs. POA&Ms. Test and Audit Plans, Risk Assessments and Corrective Action Plans.

TECHNICAL SKILLS:

SAP R/3 (FI, AM, GL, MDM, SCM), Oracle (AR, AP, GL, SCM), PeopleSoft HCM, UPK 11.0, Siebel, Rational Suite Enterprise, HP ALM, CA Identity Manager 12.5 Confidential v1.0, Retina, Security Technical Implementation Guidelines Overview (STIG), Siebel 6.0 (2000), PeopleSoft HRMS 7.5, PeopleSoft Financials 7.5, PeopleTools

WORK EXPERIENCE:

Senior Information System Security Officer

Confidential, Lanham, MD

Responsibilities:

• Work closely with the System Owner (SO) and Technical POCs for assigned systems to develop and/or maintain the following artifacts: FIPS 199, Privacy Impact Analysis (PIA), Business Impact Analysis (BIA), Contingency Plan and Test, After Action Reports (AAR), System Security Plans (SSPs) and POA&Ms.
• Also, complete monthly administrator access reviews, inventory reviews, vulnerability scan analysis and POA&M management.
• Complete annual user account reviews. Responsible for the upload and maintenance of security documentation in Xacta.

Lead Cyber Security Analyst / Deputy Program Manager

Confidential, Washington, DC

Responsibilities:

• Responsible for the coordination of Cybersecurity/SA& Confidential task order activities to support the Confidential with the assessment of Confidential packages for Cloud Service Offerings (CSOs).
• Assist in the completion of RMF Security Assessment &Authorization packages to include System Security Plans, Security Requirements Traceability Matrices, Security Assessment Reports, execution of Security Control Assessment activities, development of POA&Ms and Risk acceptance memos.
• Assist with the tracking of FISMA audit remediation findings. All duties are performed per Confidential guidelines and .

IT Assessment Lead

Confidential, Maryland

Responsibilities:

• Performed security controls assessments specific to Security Management, Access Management, Contingency Planning, Segregation of Duties and Configuration Management. Review security documentation in accordance to RMF guidelines; specifically, Confidential and .
• Reviewed client provided artifacts to identify and document weaknesses and potential findings.
• Worked with project teams to develop assessment reports, assertion packages and corrective action plans (CAPs).

Information Assurance Specialist

Confidential, Maryland

Responsibilities:

• Led Confidential team of IA professionals responsible for the development of multiple Confidential & Confidential packages to include the development of system security plans (SSPs) according to Confidential, the selection of security controls according to Confidential, Incident Response Plans, COoPs and other policies and procedures following the overall FISMA and Confidential & Confidential /Risk Management Framework (RMF) process according to Confidential .
• Worked with development and infrastructure teams to ensure implementation of security controls.
• Worked with system administrators to ensure timely Retina scans and patching are performed.
• Coordinated with IAM to update Xacta with accurate security package information in an effort to achieve ATOs as determined by AO.

Information Assurance Security Officer

Confidential, Alexandria, VA

Responsibilities:

• Monitored IAVAs, Retina scans, assigned Confidential, and applicable security updates, fixes, vendor released patches and bundles to ensure that their installation will not negatively impact the operations of the target environments.
• Provided IA support for the implementation of PeopleSoft HCM and CA Identity Manager 12.5.
• Also, provided required support to ensure that all IPPS - Confidential enclaves are fully compliant with IA standards and requirements as identified in Confidential 8510.01 ( Confidential Information Assurance and Accreditation Process ( Confidential ) resulting in approved and accreditation packages and an ATO.

Senior Process/Security Engineer

Confidential, Suitland, MD

Responsibilities:

• As Confidential Project Manager for Office of Naval Intelligence ( Confidential ), developed, documented and delivered new business requirements and policies for security, integration, and operations activities in accordance with RMF ( Confidential ) and Confidential policies.
• Develop and document related process and programmatic artifacts, including plans, procedures, work instructions, tools, templates, etc.
• Assist System Integration and Security process owners in effectively rolling out new or modified processes for Confidential compliance, SSPs and sessions.
• Observe actual work activities in comparison to established processes.
• Recommend process improvements, clarifications, or modification to drive consistently outstanding customer performance.
• Participate in IV&V and ST&E activities. Conduct FISMA security evaluations and security inspections.
• Document findings, develop CAPs (Corrective Action Plans) and follow to completion. Act as an internal auditor to maintain ISO 9000 compliance.

Senior Consultant

Confidential, Washington, DC

Responsibilities:

• Performed Requirements Analysis oversight and PMO support for the implementation of PeopleSoft HRMS at multiple government agencies.
• Reviewed and grouped high level requirements and process flows into core PeopleSoft HR functions.
• Reviewed OPM HR Guides and SOPs to gather information and decompose high level requirements into testable requirements.
• Developed mock designs and materials to illustrate new functionality and processes during client presentations.
• Prepared functional specifications, system level requirements, test plans and materials using UPK. Responsible for maintaining environment and schedule.
• Worked with client to convert instructor led to web-based online courses.