Information Systems Security Manager (ISSM)

• Feb 2023 - Present

Internal company promotion to fill new ISSM position added to renewed contract at DoD customer. Supporting PMO for key business system with focus on compliance IAW the Cybersecurity Risk Management Framework (RMF). Working with systems engineers and SAs to configure IAW STIGs and mitigate finding results from ACAS scans. Reviewing all applicable policies and plans to ensure compliance. Using results to test all applicable security controls in eMASS and recommending approval of the continuing Authority to Operate (ATO).

Cybersecurity/IT Audit Consultant

• Jun 2022 - Feb 2023

Member of PMO team contracted to provide SME and Agile system development oversight OBO the government for assigned programs of DoD customer.

Eastern Range (ER) Lead and Cybersecurity Engineer Senior Principal

• Dec 2021 - May 2022

• Leading a team of 14 Cybersecurity (CS) engineers in support of the Launch and Test Range Systems (LTRS) contract for the ER of the U.S. Space Force at Patrick SFB and Cape Canaveral SFS. • Performing CS engineering tasks in accordance with NIST and DoD RMF to align with the System Development Life Cycle (SDLC) of 70+ projects, on average, of both Range of the Now (ROTN) and emerging Range of the Future (ROTF), to ensure milestones and contractual requirements are met. • Conducting and peer reviewing Security Impact Analyses (SIA) for multiple projects to ensure new or upgraded systems are hardened and prepared for DoD RMF Assessment & Authorization (A&A) activities. • Analyzing the architectures of IT systems for compliance with applicable policies and project requirements, including the review and editing of topologies, HW/SW Lists, and Ports, Protocols, and Services (PPS). • Designated Security Functional Area approver of System Access Authorizations (SAA) and SME reviewer of Requirement Statements (RS), ensuring the Confidentiality, Integrity, and Availability of 15 Enclaves. • Organizing, developing, and presenting briefs, summaries, and reports incorporating narrative, tabular and graphic elements, e.g., Internal Project Reviews, Quad Charts, and customer Working Group presentations. • Using tools such as the DISA Assured Compliance Assessment Solution (ACAS), Nessus, STIG Viewer, SCAP (SCC), Evaluate STIG, and Vulnerator in the scanning, mitigating, and tracking of vulnerabilities. • Performing project planning and estimation of CS tasks in response to Request for Proposals (RFPs) by developing technical volume content and Basis of Estimates (BOE) for CS schedules and labor.

Team Lead and Sr Information Systems Security Officer (ISSO)

• Jul 2021 - Dec 2021

Led Akima Team on the first-ever contract with the Naval Air Warfare Center Training Systems Division (NAWCTSD) customer in Orlando. Responsibilities included, but were not limited to, the following: • Appointed by remote Akima PM to be the local Team Lead (TL) and supported the successful onboarding of the initial and ongoing new hires, doubling team size in less than 3 months. • As TL, acted as liaison between the customer Contract Officer Representative (COR), the PM, and the team, relaying critical information on team performance to PM, as well as being the voice of both the PM and COR by conveying their guidance and alerts to all team members. • Maintained the security posture of both the unclassified and classified infrastructures of the flagship program, the Interoperability, Design, Engineering, and Application (IDEA) Lab, including Windows and Linux OS servers and workstations, networked using Cisco switches. • Administered the RMF using the Enterprise Mission Assurance Support Service (eMASS) tool to document all evidence for the Authorities to Operate (ATO). • Coordinated with System Admins in the consolidating of data as RMF artifacts, to include Topologies, Scan Results, and HW/SW Lists. • Used tools such as STIG Viewer, SCAP (SCC), VRAM, HBSS, and Assured Compliance Assessment Solution (ACAS) in the scanning, mitigating, and tracking of vulnerabilities. • Drafted contract deliverables and other docs, including the OPSEC Plan and monthly statuses.

Team Lead and Sr IA Analyst

• Apr 2021 - Jun 2021

Same position as with previous employer, Chugach (Wolf Creek). By Light won the contract recompete and retained me as incumbent. Team Lead and Sr IA Analyst supporting the Space Force’s Space Launch Delta 45 by ensuring unclassified and classified networks are compliant to the DoD RMF. Responsibilities include: • As a SME, advising the Wing Cybersecurity Office (WCO) and the base NIPR/SIPR Enclaves’ Information Systems Security Manager (ISSM) on the DoD Cybersecurity RMF process. • Administering the Enterprise Mission Assurance Support Service (eMASS) tool to document all evidence of system assessments, architecture, and compliance for Authorities to Operate (ATO). • Providing DevSecOps SME input for enclave transitions, including VOIP and the DoD cloud. • Using tools such as Vulnerator, STIG Viewer, STIG SCAP (SCC) and Assured Compliance Assessment Solution (ACAS) in the scanning and mitigation of security vulnerabilities. • Overseeing the Wing’s Ports, Protocols, and Services Management (PPSM) approval process. • Coordinating with Command Support Staff (CSS) and System/Network Admins in the consolidating of data as RMF artifacts, to include Topologies, Scan Results, and HW/SW Lists. • Designated CSS to support contract by provisioning systems and users in Active Directory.

Team Lead and Cyber Security Architect

• Aug 2019 - Mar 2021

Policy Team Lead managing the DoD Cybersecurity RMF process for both the NIPR and SIPR Enclaves of the 45th Space Wing. Assessing all SW/HW/PPS changes to enclaves as well as advising all PAFB tenants on RMF.

Cyber Security Analyst

• Aug 2018 - Aug 2019

Managing DoD Cybersecurity Risk Management Framework (RMF) process for both the NIPR and SIPR Enclaves of the 45th Space Wing. Assessing all SW/HW/PPS changes to enclaves as well as advising all PAFB tenants on RMF. Developed BoE that increased contract value and team size.

Lead Security Engineer, ISSE 5

• Jun 2017 - Aug 2018

ISSE supporting various engineering programs including DoD and International Defense customers. ISSE supporting various engineering programs including DoD and International Defense customers.

Information Security Advisor

• Jun 2015 - Jun 2017

Senior Manager, IT Auditing

• Apr 2014 - Mar 2015

Led IT Audit teams and IT SME for large financial audit teams providing services to Federal government customers. Led IT Audit teams and IT SME for large financial audit teams providing services to Federal government customers.

Team Lead and Assessment Manager

• May 2012 - Jan 2014

Led team providing both DIACAP assessment management and FIAR auditing for DoD customer. Contributed security technical content and BOE to multiple proposals. Led team providing both DIACAP assessment management and FIAR auditing for DoD customer. Contributed security technical content and BOE to multiple proposals.

Information Security Engineer

• Jan 2010 - May 2012

Subcontractor to Accenture providing DIACAP assessment advice to multiple teams on large SAP system development for DoD customer. Subcontractor to Accenture providing DIACAP assessment advice to multiple teams on large SAP system development for DoD customer.

Information Assurance Consultant

• Jan 2006 - Oct 2006

Provided IA advice to State Department customer. Provided IA advice to State Department customer.

Information Assurance Analyst

• Aug 2004 - Oct 2005

Provided DITSCAP support for DoD customer. Provided DITSCAP support for DoD customer.

Department Chair

• Nov 2001 - May 2003

Department Chair for Business Information Systems (BIS), and Computer Networking Technology degree programs. Department Chair for Business Information Systems (BIS), and Computer Networking Technology degree programs.

IT Associate Director for Infrastructure

• May 1995 - Jun 1998

Oversaw all IT Moves, Adds, and Changes (MAC) as well as administered the Information Security and IT Audit Program for co-located banking and trading entities (china-wall model). Oversaw all IT Moves, Adds, and Changes (MAC) as well as administered the Information Security and IT Audit Program for co-located banking and trading entities (china-wall model).

Crypto Systems Maintenance Supervisor

• Jan 1976 - Oct 1994

Managed 90+ projects of secure voice/data systems installations at multiple international locations. Performed and trained airmen on crypto systems maintenance, change management documentation writing, and user training for military users, command levels, host-country joint forces, and US Embassy personnel. 1st Secure Engineer for the Air Force Wargaming Center. Managed 90+ projects of secure voice/data systems installations at multiple international locations. Performed and trained airmen on crypto systems maintenance, change management documentation writing, and user training for military users, command levels, host-country joint forces, and US Embassy personnel. 1st Secure Engineer for the Air Force Wargaming Center.