- A highly motivated, energetic and seasoned professional with a Master of Science in Cybersecurity, CompTIA Security+ certified and a ForeScout Certified Administrator (FSCA). Over 20 years of experience supporting the private and government sectors in a variety of roles. Analytical and detail - oriented, with an ability to identify and implement process improvements that increase accuracy, consistency, and operational efficiencies. Able to analyze, identify, and solve problems and effectively communicate findings to stakeholders. A team player with excellent attitude towards work and new challenges and experienced in working in fast-paced environments and dealing with various levels of management.
Sr. Cybersecurity Analyst
Confidential, Lanham, MD
- Operational lead responsible for the development, implementation, coordination, and execution of training related activities, including security awareness, contingency planning, business continuity, disaster recovery, and incident response. Responsibilities include training executive leadership, the Damage Assessment and Response Team (DART) and individuals within the 5 organizations within the ITCD division. Develop core documentation for training and exercise activities, which includes but is not limited to, detailed training materials, PowerPoint presentations, exercise plans, and After-Action Reports.
- Continuously work with NASA leadership within the ITCD division to ensure the accuracy of the contingency and business continuity plans. Develop all core documentation for training and exercise activities; including annual training objectives, detailed training materials, PowerPoint presentations, exercise plans, and After-Action Reports (AAR).
- Conduct system security evaluations and assessments, document and report security findings using NIST A guidance per the continuous monitoring requirements. Collaborate with system owners, senior management (CIO, CISO etc.,) and executive leadership to determine remediation strategies.
- Manage client-specific POA&Ms, support remediation activities within the organization including: NASA TV, System Engineering Facility (SEF), Enterprise Physical Access Control Systems (EPACS), NASA HQ Computer Center (NHCC), Managed Cloud Environment (MCE), End-User Devices (EUD) and Conference Room Audiovisual System (CRAS).
- Conduct above-core software reviews to ensure applications requested by users comply with NASA requirements, guidelines, and standards before installed on NASA systems.
- Promote awareness of information security issues among system owners and executive leadership to ensure they understand and adhere to systems security policies and procedures.
- Working knowledge of the Federal Information Security Management Act of 2002 (FISMA), the NIST Risk Management Framework (RMF), FIPS 199|200|201, OMB A-123|A-130, and NIST 800 series standards and guidelines including |30|34|37|39|53A|137.
Sr. Cybersecurity Analyst |Splunk Lead
Confidential, Leesburg, VA
- Technical lead responsible for the coordination and completion of various tasks and activities associated with the deployment of Splunk Enterprise in support of the DHS Continuous Diagnostics and Mitigation (CDM) risk management program. Worked with a suite of cybersecurity tools including; ForeScout CounterAct and Splunk, to facilitate the adoption of the Information System Continuous Monitoring (ISCM) approach and support the remediation of identified cybersecurity threats and vulnerabilities.
- Developed Enterprise Life Cycle (ELC) documentation and artifacts in support of CDM for the IRS enterprise. Example artifacts included, Service Level Agreements (SLA), Project Management Plan (PMP), Project Tailoring Plan (PTP), System Security Plan (SSP), Concept of Operation (CONOPs), Project Communications Plan (PCP) and Risk Management Plan (RMP). Developed security briefings for division directors and senior management.
- Collaborated with external contractors and internal stakeholders to ensure the accuracy of project scope, project schedule, solution architecture and design, bill of materials and site-preparation.
- Communicated and engaged with senior management (ACIO, CISO, and ISSO) and system owners to assure information sharing and timely incident response and risk reporting.
- Participated in various classified and unclassified meetings and conference calls on a wide range of cybersecurity topics.
- Coordinated and led the IRS tool strategy and gap analysis initiative to assess existing tools and capabilities across the enterprise with the goal of reducing redundancy and cost.
- Led the SharePoint design and implementation effort and supported activities and processes to track action items and project risk to support the CDM initiative.
- Worked with internal stakeholders to create a matrix that mapped CDM ( Phase 1) project requirements to National Institute of Standards and Technology (NIST) security controls.
Principal Program Analyst/Change Management
Confidential, Washington, DC
- Facilitated weekly Change Management Division (CMD) and Program Configuration Control Board (PCCB) meetings that focused on the status of change requests and assessments under development, for ongoing enhancements to systems within Federal Student Aid.
- Communicated the status of all change requests and assessments to FEBI program stakeholders including product managers, project managers and directors.
- Managed the coordination efforts across the multiple FEBI projects occurs as well as maintained, updated, and monitored the progress of submitted change requests in SharePoint.
- Maintain the Monthly High-level Report, which tracked the progress of individual projects and enhancement releases against Key Performance Indicators (KPIs) for Federal Student Aid.
- Conducted the annual review and maintenance of GDIT's Business Continuity and Disaster Recovery Plan.
- Participated in the annual A-123 internal controls audit that typically focuses on financial reporting, but also applies to some FSA transactional systems.
Senior Reporting Analyst
Confidential, Washington, DC
- Supported the U.S. Department of Education, Office of Federal Student Aid programs by analyzing and trending complex Federal Student Aid (FSA) data in an effort to help strategic and policy decision makers better understand behavior and trends of various demographic and economically segmented populations.
- Provided ad-hoc data by developing reports, including charts and graphs via Business Objects and Excel, to help the U.S. Department of Education answer questions regarding FAFSA applicants and other program related questions.
- Participated in requirements discussions for the IRS Data Share and Free Application for Federal Student Aid (FAFSA) and conducted data analysis to determine project- reporting needs.