CORE SKILLS

• Writing
• Experience with creating policy, guidance, reports, briefings, and many other types of documentation
• Analysis
• Experience with quality assurance, privacy and security risk assessments, risk management, facilitated risk assessment, gap analysis, document and policy analysis
• Training
• Experience with creating training materials and conducting classroom and on-line training
• Proficient in Microsoft Office Suite Word, Excel, Power Point, and Visio
• Able to work as a team member or independently
• 5 year Department of Homeland Security Clearance Top Secret last renewed 3/2013

EMPLOYMENT HISTORY

Confidential

Manager, Quality Assurance

was responsible for creating a quality assurance department for an e-liquid manufacturer. I started by conducting a gap analysis and created business process mapping and flow diagrams. I then developed policies, procedures and work instructions to support ISO 9001 and FDA cGMP compliant manufacturing processes. I developed specifications and testing programs for raw materials, work in progress and finished goods. I built a continuous improvement program using data from testing and inspection results, customer service complaints, and investigation results to develop corrective and preventive action plans. also created and maintained an online document management system on their SharePoint network and developed and conducted training on QA related processes and documentation.

Confidential

Manager, Information Security

I supported the Department of Homeland Security United States Citizenship and Immigration Services USCIS as the Secure Enterprise Technical Infrastructure SETI Security Manager. I assisted in writing the original SETI contract proposal and subsequent contract modifications and option year renewals. My responsibilities included hiring and supervising a mixture of 15 GDIT employees and sub-contractors for the Federal Information Security Management Act FISMA Compliance, Security Technical Support and Security Training contract areas, drafting periodic progress and management reports, and interfacing with various government personnel and managers on a weekly basis. I also acted as the primary trainer for the USCIS Significant Security Responsibility SSR Training Program, creating training materials, coordinating training classes, and conducting classes on a different security related topic each month. I directed the redesign of the USCIS Security Awareness Outreach and SSR Training programs to take advantage of recently available technologies that reduced the resources needed to run each of the programs and broaden their reach within the USCIS community.

Confidential

Senior Principal Analyst, Information Security

During this period I supported the Department of Homeland Security United States Citizenship and Immigration Services USCIS Federal Information Security Management Act FISMA compliance efforts. My responsibilities included analysis and creation of supporting documentation for the certification and accreditation of USCIS systems and applications, and FISMA compliance reporting. I acted as a resource for Information Systems Security Officers ISSO needing assistance in the completion of their assigned tasks, assessing security controls, identification of vulnerabilities, and tracking their mitigation. I managed the USCIS Significant Security Responsibility training program and New ISSO Orientation Program including overseeing the development of training materials, scheduling sessions, tracking attendance, creation of monthly reports to the client, and conducting training sessions.

Confidential

Principal Analyst, Information Security

During this period I supported the Department of Defense DoD Military Health System MHS Privacy Office implementation of the Health Insurance Portability and Accountability Act HIPAA Security Rule. I provided consultation and guidance to the TRICARE Management Activity TMA Privacy Officer on issues related to HIPAA implementation at TRICARE and MHS covered entities to ensure ongoing and timely compliance with provisions of the complex HIPAA rules. I coordinated and interfaced with all components of the TMA Privacy Office and the Service HIPAA Privacy and Security Representatives. I also coordinated and managed the Health Information Privacy and Security Compliance Committee. I developed policy, implementation guides and Standard Operating Procedures. I created information papers and briefings related to HIPAA and other Privacy Office areas of responsibility and provided coordination and support for TMA Privacy Office working groups and projects. I developed TMA Privacy Office and HIPAA related training materials and courses, conducted training courses, and delivered information briefings. I developed and implemented a HIPAA Oversight and Compliance methodology and assessed and tracked compliance with DoD HIPAA requirements.

Confidential

Principal Analyst, Information Security

During this period I supported the DoD MHS in their implementation of the HIPAA Privacy and Security Rules through the Defense Health Information Assurance Program research project at the Telemedicine and Advanced Technology Research Center. I analyzed DoD and Service level regulations for compliance with the HIPAA Privacy and Security Rules and wrote the Policy, Practices and Procedures Work Group reports with recommendations for future policy development based on that analysis. I led the Defense Information Technology Security Certification and Accreditation Process DITSCAP efforts for the Risk Information Management Resource RIMR and assisted in the development of the OCTAVESM risk assessment methodology. I developed seminar materials for training Medical Information Security Readiness Teams MISRT in HIPAA security, risk analysis and risk management and conducted training seminars for Military Treatment Facility MISRT worldwide on a regional basis. I also served as the DoD Health Affairs representative to the Dept. of Health and Human Services HIPAA security standards working group.