SKILLS:

• Experience in the development of Assessment and Authorization ( Confidential & Confidential ) security packages and documents in accordance with IA Controls
• Experience with Confidential IA Control Compliance Checks
• Experience with SCAP, and ACAS scanning tools
• Experience with developing System Security Plans, Security Assessment Reports (SARs), Contingency Plans, Privacy Threshold Analysis, Privacy Impact Analysis, and Security Assessment Plans.
• Excellent written, communication, and organizational skills
• Microsoft SharePoint, Microsoft Visio, Microsoft Word, Microsoft Excel, Microsoft PowerPoint, Microsoft Access, and Microsoft Project

EXPERIENCE:

Confidential

Program Manager

Responsibilities:

• Design and implement compliant and appropriate Cyber Risk Management Framework (CRMF) Governance Practices
• Develop, implement and maintain RMF Communication and Knowledge Management Strategy that includes information dissemination processes, standards and mechanisms with the aid of SharePoint
• Develop, revise and maintain cybersecurity policies, processes, procedures, guidance, and templates
• Develop, review and assess Security Assessment and Authorization ( Confidential & Confidential ) security documentation
• Develop and refine Confidential Continuous Monitoring Program with ongoing security assessments and authorizations
• Shape customer programs' vision, strategic, and tactical plans
• Develop and refine technical capabilities in alignment with customer
• Assist customers with identifying, defining and implementing cybersecurity strategies, policies and tactics, techniques and procedures
• Create, maintain and close Plan of Actions and Milestones (POA&Ms)
• Research, publish and maintain continuous monitoring metrics and data relevant to customer cybersecurity risk posture and RMF implementation
• Coordinate with Security Operations Center (SOC) personnel to develop, publish, and maintain system security status and risk information
• Build excellent relationships with customers at the Chief Information Security Officer (CISO) level
• Perform Program Management activities supporting contract execution
• Oversee assigned projects and project personnel
• Develop and deliver weekly, monthly and quarterly project status reports in accordance with contract requirements
• Participate in quarterly program reviews with customer personnel
• Conduct customer satisfaction surveys from the Confidential & Confidential, Training, Forums, and Cyber Security Assessment Management (CSAM) Help Desk
• Render concise reports, summaries, training materials, and formal presentations
• Methodically and proactively analyze problems and identify solutions as required to identify and mitigate risk to the project, customer, and customer systems
• Participate in customer governance forums
• Support the planning and implementation of customer governance forums including coordination, meeting, and logistics support

Confidential

Program Executive

Responsibilities:

• Develop and maintain PM Confidential Cybersecurity staff call slide deck
• Develop and maintain IA PEO briefing slides
• Respond to all SACOs
• Develop and maintain the Cybersecurity Team’s monthly status report
• Track and report system IAVMs
• Travel to all FQT, SRT, SCA - V, PMR, PDR, and CDR events
• Develop and maintain Confidential formal information system (IS) security program
• Implement and enforce IS security policies
• Review and endorse all IS accreditation/certification support documentation packages
• Oversee the development of various subsystems to ensure that they follow established IA policies and procedures
• Ensure that developers review weekly bulletins and advisories that impact the security of site information systems to include, ARCERT, IAVA, and DISA ASSIST bulletins
• Ensure that quarterly testing is being conducted to evaluate the security posture of the ISs by employing various intrusion/attack detection and monitoring tools
• Assisting developers to ensure proper decisions are made concerning the levels of concern for confidentiality, integrity, and availability of the data, and the protection levels for confidentiality for the system
• Ensures that the approved procedures are in place for clearing, purging, declassifying, and releasing system memory, media, and output
• Maintains eMASS to track all system accreditation documentation and modifications
• Coordinates IS security inspections, tests, and reviews
• Ensures the development and implementation of procedures in accordance with configuration management (CM) policies and practices for authorizing the use of hardware/software on an IS. Any changes or modifications to hardware, software, or firmware of Confidential system must be coordinated with the appropriate approving authority prior to the change

Confidential

Program Manager

Responsibilities:

• Design and implement compliant and appropriate IT Governance Practices
• Directs and coordinates activities/performance objectives of project personnel to monitor project(s) so that they progress on schedule and within budget
• Provide education and guidance to stakeholders in order to achieve successful acceptance of initiatives
• Utilizes project management principles, practices, techniques and tools (e.g.: PMBOK)
• Delegates tasks and responsibilities to appropriate personnel
• Identify and resolve issues and conflicts
• Directs the work of project team, including other project managers on Confidential project by project basis
• Identifies and deploys resources required for projects
• Communicates complex technical and programmatic information, often in the form of verbal and visual operational updates, situation reports, and briefings
• Lead and mentor governance and FISMA team members
• Maintain enterprise wide information security policies, standards and procedures
• Analyze and Define Information Security Requirements
• Maintain Security architectures
• Analyze government and industry trends, laws and standards and recommend methods to meet requirements
• Research security concepts, tools and techniques
• Assist in testing information security products
• Analyze security risks, threats and vulnerabilities and recommend strategies to prevent security exposures and detect intruders
• Assist with Certification and Accreditation of systems and continuous monitoring

Confidential

Cyber Security Subject Team Lead

Responsibilities:

• Provided support to the ARL IAM office relative to maintaining and tracking the status of IAVAs and POA&Ms
• Active participant in the CVIPP working group supporting the ARL IA PMO, CIO-G6, and the Confidential in the development of policy to consolidate IA checklist and controls into Confidential single methodology to be used throughout the army
• Active participant in ARL CCB meetings providing risk management support relative to planning, risk identification, risk quantitative and qualitative analysis, response planning, monitoring, and control activities.
• Provided risk management support for the Confidential Research Laboratory (ARL) Agent of the Certifying Authority (ACA) clients throughout the United States, Japan, and Korea
• Conducted CCRI prep assessments for Confidential subscribers
• Utilized the vulnerator tool to assess findings and create reports
• Conducted client network assessments using various scan tools (SCAP, Gold Disk, Retina, CSA and manual checklists)
• Developed security plans and policies to protect organizations' infrastructure using Confidential SP800- Series, DIACAP DoDI 8510.01, 8500.2, AR 25-2, AR 380-5, and other DOD regulations, manuals, and instructions
• Performed detailed Physical Security Assessments (PSAs) and evaluations of Military installations

Confidential

Responsibilities:

• Maintained established accreditation baselines
• Conducted client network assessments using various scan tools (Gold Disk, Retina, and manual checklists)
• Assisted with the development of the style guide and quality assurance process to ensure that the documentation met DIACAP requirements
• Prepared security plans and policies to protect organizations' infrastructure using Confidential and DoD Directive (DoDD) 8500.1, DoD Instruction (DoDI) 8500.2, and other DOD regulations, manuals, and instructions
• Facility Security Officer (FSO) utilizing JPAS and EQIP/EPSQ for clearance processing
• Developed and administered security programs and procedures for classified or proprietary materials, documents, and equipment.
• Reviewed and implemented federal security regulations that applied to company operations.
• Processed and accurately tracked classified documents and classified hardware. Ensured that classified information entrusted to the company is properly safeguarded as outlined in federal controlling instructions.
• Prepared and interfaced with DSS during audits.
• Responsible for direction of the ISSM (Information System Security Manager) to ensure all classified IT systems comply with the National Industrial Security Program and all aspects of the Confidential
• Performed detailed Physical Security Assessments (PSAs) and evaluations of Military contractor facilities