Active Top Secret Clearance w/ Ability to obtain SCI
Energetic, motivated leader, who specializes in providing exceptional Cybersecurity subject matter expertise, exudes collaborative communication skills, and provides knowledgeable experience in several process workflows related to Information Security. By employing these skills, the career objectives comprise of influencing personnel and clients towards success, solving engineering challenges, and substantially growing the morale and culture within the company business.
Education
University of Maryland, Baltimore CountyBaltimore, MarylandExpected in 2014 – –Master of Professional Studies:Biotechnology Management - GPA:
University of Maryland, Baltimore CountyBaltimore, MarylandExpected in 2014 – –Post-Baccalaureate Certificate:Biochemical Regulatory Engineering - GPA:
University of HartfordWest Hartford, ConnecticutExpected in 2012 – –Bachelor of Science:Biochemistry - GPA:
University of Hartford - Hillyer CollegeWest Hartford, ConnecticutExpected in 2010 – –Associate of Arts:Liberal Arts - GPA:
Certifications
CISSP - Information Systems Security Engineering Professional (ISSEP) (July 2021)
Certified Information Systems Security Professional (CISSP) (March 2021)
CompTIA Pentest+ (April 2022)
Systems Security Certified Practitioner (SSCP) (May 2020)
CompTIA Security+ (January 2019)
CompTIA Cloud Essentials+ (February 2022)
LPI Linux Essentials (June 2021)
Experience
Bae Systems - Information Systems Security Officer (ISSO) Alexandria, VA, 02/2020 - Current
3/2021 - Current | Information System Security Officer (ISSO) | USAF Contract
Applies fundamentals of effective management and leadership within an organization, in addition to excellent skills in organizational and analytic thinking
Develops, reviews, and updates RMF documentation and ensures Plans of Actions and Milestones (POA&Ms) are thoroughly addressed and submitted through eMASS
Develops and delivers organizational required artifacts for Information System Security Manager (ISSM) and Authorizing Official Designated Representative (AODR) approval
Participates in change management process, assessing security impact of proposed changes
Deploys Red Hat Assured Compliance Assessment Solution (ACAS) kickstart to multiple test systems, and patches servers in accordance with program Vulnerability Management Plan
Builds ACAS configurations, including policies, scans, and reports through Tenable Security Center
Gathers ACAS scan results for scan findings, tracks vulnerability metrics, and recommends mitigation strategies among system and network administrators
Manages Red Hat servers in a testing environment, performs Security Content Automation Protocol (SCAP) scans from command line, and updates Red Hat STIG checklists
Performs troubleshooting and patch management procedures to Red Hat virtual instances within VMWare environment
Performs client product updates in Host Based Security System (HBSS)
Participates in vulnerability assessments serving as 'Blue Team', and demonstrates continuous, defensive safeguards against attacks and correcting vulnerabilities
Briefs administrative and technical security posture to leadership and advises on mitigation methods for future security threats
Experienced in the following NIST 800 series publications: 800-30, 800-37, 800-53, 800-53A, 800-160v1 and v2, and 800-137
9/2021 - Current | Sr. Cybersecurity Architect | DISA Application Contract
Conducts risk assessment by assessing and measuring risks and their impact, provides recommendations for software application design, and communicates risk to stakeholders
Develops solution test procedure, test reports, and implementation plan documents as required
Serves as the focal point of contact for the RMF/A&A team and the customer/organization
Develops, reviews, and updates RMF documentation to include Security Plans, Plans of Actions and Milestones (POA&Ms), and Risk Assessment Reports (RAR)
Assesses system compliance against NIST, DoD, and DISA security requirements to include NIST 800-53 controls and DISA Security Technical Implementation Guides (STIGs) / Security Requirements Guides (SRGs)
2/2022 - Current | Information Systems Security Engineer (ISSE) | DISA ZTA Contract
Serves as a subject matter expert on Cyber activities based on comprehensive knowledge of DoD principles
Demonstrates proficiency with utilizing eMASS, submitting packages through workflows, and providing evidence through DISA approving database
Provides consultation to ISSOs to ensure Authorization to Operate (ATO) and Interim Authority to Test (IATT) packages meet compliance with RMF standard
Evaluates overall risk posed by vulnerabilities to missions, networks, and data
Develops security documentation to support program milestone testing and evaluation
10/2021 - 2/2022 | ISSO | DISA SATCOM T. Contract
Assesses organizational risks associated with security threats and recommends mitigation strategies
Serves as the leading Cybersecurity liason to the client
Maintains system data and submits relevant updates within eMASS package
Designs, develops, documents, tests, and maintains RMF documentation and solutions for system architecture and infrastructure
Performs quantitative analyses within risk assessments to recommend viable solutions to determine appropriate risk treatment (e.g., mitigate, accept, transfer, avoid)
Provides technical expertise and system administration support
Facilitates Cyber Working Group meetings to review, task team members, and track action items to successful completion
2/2020 - 3/2021 | ISSO | DISA SATCOM G. Contract
Supports engineering, sustainment, and management of DoD communications systems partnering with communications and systems engineers
Manages multiple, accredited system packages in the Enterprise Mission Assurance Support Service (eMASS) system
Performs risk assessments of systems and equipment, and creates detailed test results and implementation plans for submission in eMASS
Performs ongoing system analyst activities, e.g. Continuous monitoring (ConMon), for DoD programs
Creates and maps DoD security technical implementations guides (STIGs) and submits change requests for system components
Manages software and hardware change management procedures in accordance with security policy
Analyzes and audits policies, procedures, and security architectures as part of gap analyses, and to develop applicable mitigations to support compliance
Performs risk assessments of systems and equipment and assists engineers with identifying solutions for vulnerabilities
Performs vulnerability management using automated systems
Interprets and updates STIG checklists or Secure Control Assessment Protocol (SCAP) Compliance Checker (SCC) report.
Develops a Plan of Action and Milestones (POA&M)
Creates documentation supporting risk management framework (RMF) accreditations, including but not limited to System Security Plans (SSPs), SOPs, Program Protection Plans (PPPs), Information System Contingency Plans (ISCPs), etc
Briefs technical posture to client leadership, prepares brief slides and summaries of vulnerabilities, and advises leadership on prevention and mitigation methods for future security threats
Utilizes great proficiency in Microsoft Excel, Microsoft PowerPoint, Microsoft Outlook, Microsoft Word, Microsoft Visio, and Microsoft Project. Also, familiar with Microsoft 365 and Sharepoint
Experienced in the following NIST 800 series publications: 800-30, 800-37, 800-53, 800-53a, and 800-137
Raytheon Solipsys - Sr. Information Assurance Cyber Specialist, ISSM City, STATE, 12/2018 - 01/2020
Performs dual roles as ISSM/ISSO being responsible for Information Security program as specified by various US Government requirements, including but not limited to, NISPOM, DAAPM, Baseline Technical Security Configuration Standards, and customer/contract specific Information Assurance (IA) regulations.
Ensures development, implementation, and maintenance of secure, compliant environments across various classified programs.
Manages Assessment & Authorization activities (A&A) activities to include documentation preparation, system configuration/validation, certification testing, etc.)
Oversees Security sustainment activities, such as hardware and software change management, account management, media protection, and file transfers.
Conducts self-inspections, audit trail review, and delivers information systems security education and awareness.
Manages the IA incident response program, and other security disciplines such as industrial security (i.e. document control) and physical security.
Understands supporting various system configurations (Standalones, Client Server Active Directory Local Area Networks, Peer-to-Peer, etc.)
Familiar with STIGs, SCAP, and proper remediation procedures.
Primary point of contact with ISSP/SCA, DCSA supporting and engaging in classified meetings (i.e. RMF On sites and Security Vulnerability Assessments (SVAs)/ Comprehensive Security Review (CSRs).
Designs and implements processes regarding identification and mitigation of specific risks within the security environment.
Monitored multiple databases to keep track of information systems inventory.
Collaborates with Information System Owner (ISO), IT team, and Security, as well as establishes and updates POAMs. The POAM statuses are updated to DCSA and senior management.
Familiar with virtual machines/virtual environments, and deviations from compliancy systems (i.e. non-compliant systems, Risk Assessment Letters (RALs), tactical systems, etc.).
Ensures audit collection and audits all Windows and Linux systems on a weekly basis, and reports any nefarious and/or suspicious activity to the FSO.
Reviews Incident Response plan and implements incident response procedures in the event of a security incident.
Conducts Information Security training education, establishes and maintains a formal records management system.
Participates in Change Control Board (CCB) meetings and collaborates with other IA team members in the organization.
Synergy Business Innovation & Solutions - FSO/Security Manager City, STATE, 09/2018 - 12/2018
Responsible for handling employee personnel security clearances and provide executive management with guidance on personnel clearances.
Manages and distributes DD254s to company contractors, subcontractors, and CSOs after award of contract. Also, communicates security requirements for both cleared and non-cleared projects.
Sends VAR/VALs through JPAS to various clients and works with clients on security issues that may arise.
Initiates and submits personnel for initial clearances and periodic re-investigations.
Responds to general security related questions and utilizes JPAS to complete requests. Also, interfaces with government customers on security related issues.
Maintains personnel security files and Synergy security websites via Sharepoint, conducts annual security trainings for all cleared personnel.
Reviews and implements federal security regulations to apply to the organization.
Provides applicable license designations, creates user accounts, and serves as the secondary POC for IT issues.
Obtained CMMI v2.0 for development training and serves as an Appraisal Team Member for maintaining CMMI level 3.
Performs HR Management functions to include compliance, benefits administration, employee relations, recruiting & proposal support.
Maintains facility supplies/supply management, GAL database, and both new hire and termination tracker for staffing.
Acts as a system administrator and auditor for company e-mail accounts and the company Intranet. Assists in company website maintenance and interface.
Reviews and assists with DD254 forms and CAC/TASS/SAAR employee paperwork, background vetting procedures.
Manages and oversees JPAS, SWFT, NCAISS, ACCS, and NISS security systems.
Creates job orders, posts job postings, and consistently updates by providing notifications within the recruiting tracking system as needed/required on a daily and weekly basis.
Prepares exit checklists, various types of offer letters, and new hire packets. Tracks receipt of new hire paperwork.
Assists in transferring calls by phone and e-mail. Communicates with new hires during on boarding and extends initial briefing and debriefing upon out-processing.
Supports new recruit candidates by reviewing their applications and other qualifications for the intended employment. Phone screens as necessary.
Performs security checks, submits visit requests (JPAS & Fax) for cleared employees, initial and periodic re-investigations, and reviews/updates personnel information as needed.
Maintains up-to-date security personnel documentation in employees' security folder.
Serves as the primary point of contact for NISPOM requirements and compliance.
Prepares and submits SCI requests according to procedure, well familiar with ACCS (Army Centralized Contracts and Security).
Adds new hire personnel to company system database to ensure secured processing.
Inputs and terminates employees' benefits and receives annual HIPAA training as required.
Manages foreign travel and counterintelligence briefings and assists with international visits per Defense Security Service instructions/procedures.
Initiates drug screens and assist background investigators with personnel information on a need-to-know basis (Privacy Act).
Gathers and retains contractual and required government training and certifications received by employees. Also, sends weekly reminders with relevant training information/attachments.
Collects and tracks invoices as an integral part in payroll and accounts reconciliation.
Utilizes general office automation software such as Microsoft Word, PowerPoint, Excel, Outlook and Visio in creating, editing, and maintaining business documents.
Ensures protection of confidential and CUI documentation at all times and develops mandatory security training education.
Professional Skills & Training
Received certificates of completion for ISC2 Certified Cloud Security Professional (CCSP) Self-Paced Online Training (SPOT) and Cybrary's CCSP training courses
Completed Linux and Red Hat Certified System Administrator (RHCSA) Cyber Ranges on InfoSec Institute Skills platform
Successful completion of DISA required annual security courses: Cyber Security Awareness, Derivative Classification, Insider Threat, Operations Security (OPSEC), Continuity of Operations (COOP), etc.
Completed DISA eMASS and attended ACAS training via Private Cyber Training Cloud (PCTC) Cyberforce platform
Provides Cybersecurity support to proposal engagements or recompetes
Completion of CMMI Institute Introduction to CMMI for Development. Obtained CMMI for development training materials (October 2018).
Successful completion of FSO Orientation for Possessing and Non-Possessing Facilities IS030.CU and IS020.CU
Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.
How this resume score could be improved?
Many factors go into creating a strong resume. Here are a few tweaks that could improve the score of this resume:
