Information Security Specialist with passion for aligning security architecture plans and processes with security standards and business goals. Extensive experience developing and testing security framework, policy development and staff management procedures.
· Active DOE Q/TS/SCI Security Clearance · Cl Polygraph (03/29/2017 ) · Information Assurance · Developing Security Plans · Implementing Security Plans · Designing Security Controls · Accreditation Coordination · Evidence Storage · Forensic Analysis | · Configuration Management · Classified information control · Reporting and Documentation · Training Manuals · Data Security · Symantec Endpoint Protection · Business and Technical Analysis · Investigative Research · Specifications reading |
· Researched requirements and initiated System Security Plan Certification & Accreditation for both local common controls and DarkStorm. Led team implementation, security testing, and validation of security requirements.
· Designed, developed and implemented continuous monitoring test and acceptance criteria for multiple upper level LANs. This included the architecture of the dashboards in Splunk and Security Center, artifact retention and reporting to enterprise oversight, and developed criteria for review and analysis of artifacts.
· Continue to maintain a working knowledge of applicable corporate and federal policies, executive orders and relevant federal requirements.
· Consistently applied CNSSI/NIST requirements to develop, design, test and implement training manuals, job aids and reference documents used as guides to answer common controls for all system security plans within the FIE.
· As part of the initial COOP team representing the FIE, applied appropriate federal and corporate guidelines to research, design, and develop security policies and establish the required documentation for the COOP program.
· Performed gap analysis on local configuration management process. Engineered, designed, developed, tested and led initial team to transition the ERA awarded SNL FIE C3MB team to transition the configuration management workflow and process to the enterprise level at DOE/IN.
· Working with key stakeholders, implemented a new security plan for the DarkStorm High Performance Computer network, and led the accreditation effort and integrated cyber security requirements and controls into the system, resulting in ATO.
· Represented FIE Cyber Security for Continuity of Operations efforts, in coordination with DOE, NNSA, and DOE/IN to develop, design, and implement COOP requirements and documentation at the enterprise level.
· Engineered tailored controls for specific NIST requirements on multiple FIE enterprise wide systems and networks, resulting in controls used in the local common controls inherited by all DOE/IN accredited systems within the FIE.
· Working with other DOE labs and OGA partners on accreditations and configuration management initiatives, resulting in the implementation of an enterprise configuration management process.
· Designed, developed, tested and implemented sanitization procedures for incident response to meet federal intelligence community requirements.
· Architected, tested and implemented periods processing procedures and processes at multiple classification levels to enable testing at multiple classification levels utilizing the same equipment.
· Perform gap analysis to develop and redesign the architecture of the electronic device process for devices entering SCIF locations, including prohibited technology mitigation analysis in coordination with technology engineers.
· Integrating new cyber security requirements and controls into existing upper level LAN networks and new standalone systems and LANs, to ensure continued compliance with CNSI/NIST controls, and as a remediation/mitigation of vulnerabilities.
· Conduct research and background investigations on software and hard ware manufacturers, including FOCI assessments.
· Maintain a working knowledge of applicable corporate and federal policies, executive orders and relevant federal requirements.
· Develop training manuals, job aids and reference documents.
· Develop security policies and procedures, and provide training.
· Responsible for the duties of Chair of the Configuration Change Control Management Board which include the maintenance of the board SharePoint sites, facilitating review meetings, and reviewing change request submissions and security reviews.
· Coordinate with other DOE labs and OGA partners on accreditations and configuration management initiatives.
· Act as liaison between Cyber Security and the assigned business Center.
· Help members of the workforce (MOWs) implement unclassified and classified cyber security program requirements.
· Responsible for ensuring MOWs follow established Cyber Security policies and procedures.
· Act as the Center's liaison for Corporate Unclassified Information and PII requirements and be able to direct Center personnel to available resources.
· Led CSR Workgroup, CSO Senate, and Cyber related training.
· Coordinate, prepare and maintain the Cyber Security Accreditation Agreement (CSAA) information in NWIS, in accordance with applicable Corporate and Cyber Security policies.
· As the Information System Security Officer (ISSO) for classified stand-alone cyber systems within a business center, coordinate, prepare and maintain one-page classified cyber security plans.
· As the ISSO and AISSO for several standalone networks, responsible for the development, implementation, and testing of the security plan, approving network connections, monitoring and reviewing logs on the servers for anomalies, and ensuring that all MOW's and system administrators are in compliance with all applicable requirements.
· Conduct Center Self evaluations and line assessments.
· Assist Cyber Security in performing line, organization and center level audits and pre-audit assessments.
· Provide prompt phone response to customers for received tickets on a daily basis.
· Troubleshoot a variety of software and hardware issues and provide a timely resolution to the customer.
· Appropriately document all required information into the BMC Remedy ticketing system.
· Load standard corporate supported image on new and rebuilt desktops and laptops for use in a corporate and lab environment.
· Support and troubleshoot network connectivity issues and work with other teams to resolve.
· Provide support for the ordering and purchase of computers and computer related equipment.
· Provide setup and troubleshooting of networked and local printers, plotters scanners and label printers.
· Certificate of Excellence - OASIS Diode Certification
· Employee Recognition Award - Field intelligence Element Configuration Management Board Methodology Team
· ISACA CISM 1946035 05/20/2019
· Foundations of Digital Forensics with EnCase 05/10/2019
· TestOut Network Pro C2FFK 08/16/2017
· TestOut PC Pro C2A7E 05/16/2017
· TestOut Linux Pro C2HJW 11/17/2017
· Risk Management Framework II NRO/OSCI 03/23/2017
· Information Assurance 101 NRO/OSCI 02/23/2017
· Understanding the IC OONI Learning Network 08/25/2017
· Comp TIA Security+ COMP001021056293 07/29/2016
Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.
Companies Worked For:
School Attended
Job Titles Held:
Degrees
