Experience

• 

  JSL Technologies, Inc.

  • Greater San Diego Area

  • Information Systems Security Manager

    • Jul 2018 - Jul 2021
    • Greater San Diego Area

• 

  INSIGHT GLOBAL SOLUTIONS LIMITED

  • Greater San Diego Area

  • Information Systems Security Officer

    • Oct 2017 - Jun 2018
    • Greater San Diego Area

    • Managed over 100 applications for County of San Diego (COSD). Performed risk assessments to ensure compliance with HIPAA, NIST, and CJIS. Coordinated with Business Analyst’s, Program Managers, Architects, to incorporate security-by-design philosophy into the SDLC for COSD applications. Result: Provided stakeholders the ability to make risk-based decisions, implement controls, and reduce vulnerabilities.• Performed risk assessments for third party vendors software solutions. Acted as liaison to identify risk to COSD personnel to facilitate risk-based decision making. Result: Completed COSD elections with no major security incidents, preserved data integrity for the entire COSD election cycle.

• 

  TEKsystems

  • Greater San Diego Area

  • Information Systems Security Engineer

    • Jul 2016 - Jul 2017
    • Greater San Diego Area

    • Supported Design Engineers with generation of Information Assurance compliance documentation. Performed certification and accreditation duties under Agile Methodology Tracked and managed multiple DIACAP packages in EMASS. Result: Ensured risk level maintained was within risk acceptance threshold.• Collaborated with stakeholders and program managers. Performed vulnerability scanning and analysis using Nessus. Scheduled DIACAP package submissions to ensure accreditations are completed within program deadlines. Result: Completed all risk assessments and submissions with specified timelines

• 

  Integrits Corporation

  • Cyber Security Analyst/Navy Validator

    • Oct 2015 - Feb 2016

    • Ensured Navy systems meet certification and accreditation (C&A) requirements for all Department of Defense• Reviewed and provided recommendations for Navy C&A packages, assists in updating of documentation for systems and program technical descriptions. • Assisted with Security Testing & Evaluation (ST&E) for system accreditation as needed. • Attended collaboration meetings with Echelon II, Certifying Authority (CA) and Designated Approving Authority/ Navy-Authorizing Officer (DAA/NAO) as necessary. • Provided feedback on Navy system security lockdowns IAW Security Technical Implementation Guidance. • Provided engineering guidance based on Navy and industry Security Best Business Practices. • Coordinated and performed technical and non-technical C&A assessments to evaluate compliance with established information assurance policies and regulations IAW processes, as applicable.

• 

  Northrop Grumman Corporation

  • Greater San Diego Area

  • Information Systems Security Officer (ISSO)

    • May 2015 - Oct 2015
    • Greater San Diego Area

    • Provides support to the Information Systems Security Manager (ISSM) with all information systems security (ISS) controls. Ensures compliance with federal Information Assurance (IA) standards, develops corporate security policies and procedures by working with team members, engineers, program security and management personnel. • Generates Certification and Accreditation (C&A) documentation and system authorization artifacts, such as System Security Plans, Privileged User's Guides, Plan of Action and Milestones, Interconnection Security Agreements, Risk Assessments, supports the development, review and submission of this documentation.• Performs security audits using DoD STIG’s, compliance tools, and auditing tools. Provides general direction and oversight in the performance and development of work products. Provides recommendations to the ISSM for developing plans to approach and resolve information system security solutions.

• 

  Pacific Achitects and Engineers

  • Coronado, California

  • Information Assurance Analyst

    • Feb 2014 - Sep 2014
    • Coronado, California

    • Identified network vulnerabilities using scanning tools. Coordinated with Information Assurance Officer (IAO) and Information Assurance Manager (IAM) to mitigate risks and improve security posture. Result: Certified FASFAC/SCORE network as (.mil), awarded Authorization to Operate (ATO).• Implemented security controls. Acted as liaison for Defense Information Security Agency (DISA) generated analysis reports, and submitted Plan of Action and Milestones or DAA Risk Acceptance (DRA) reports.• Reviewed Security technical implementation Guides, NIST, and ISO standards. Translated standards and incorporated them into system as security controls. Result: Achieved regulatory compliance which lead to system certification and accreditation. • Planned risk reduction activities with Information Assurance Officer (IAO) and Information Assurance Manager (IAM). Evaluated impact of identified threats. Assigned mitigation or remediation duties to System Administrators. Result: Improved security posture to align with DoDi 8500 series standards.• Initiated network vulnerability assessments acting as on-site liaison for Defense Information Systems Agency. Planned monthly vulnerability assessments in coordination with business operations. Result: Reduced enterprise wide vulnerabilities by 40%. • Prepared monthly IA documentation for review by Information Assurance Officer (IAO), and Information Assurance Manager (IAM), and DAA. Result: Successful completion of PAE/SCORE C&A package

• 

  Strategic Data Systems

  • Camp Pendleton

  • IT Specialist/Account Management

    • Jun 2013 - Feb 2014
    • Camp Pendleton

    • Managed various account types using Active Directory with a team of Domain Administrators to implement identity management and access controls. Result: Marine Corps Installation West (MCI West) achieved system certification and accreditation by successful completion of CCRI inspection, and awarded Authorization to Operate (ATO). • Improved information flow. Streamlined internal processes for account creation and Identity management. Result: Reduced likelihood of data loss and unauthorized access for Marine Corps Enterprise Network

• 

  Department of Veterans Affairs

  • La Jolla

  • IT Specialist/Work Study

    • Sep 2012 - Mar 2013
    • La Jolla

    • Assisted in management and development of Computers-on-wheels (COW’s) inventory program. Performed system hardening in accordance with of HIPAA standards. Result: Improved system integrity ensuring patient privacy. Mitigated risk of data loss associated with patient privacy. Successful completion of Inspector General semiannual audit congressional report.• Enhanced security baseline for all hardware and software by system hardening. Successfully upgraded to Windows 7 over 700 computers. Result: Reduced enterprise-wide risks associated with unsupported OS by upgrading to more secure.

• 

  US Navy

  • Camp Pendleton

  • Work Center Supervisor

    • Sep 2002 - Sep 2010
    • Camp Pendleton

    • Instructed damage control team members in training environment. Evaluated the performance and decision making of damage control team members in a high stress environment. Result: Reduced the likelihood of mass casualty, ship board fire, and damage to communications and propulsion systems• Supervised as Lead Craftsman for ACU-5 in support of forward deployed Naval and Marine Corps forces during Operation Iraqi Freedom and Operation Enduring Freedom. Result: Reduced risk of damage to high value communications assets and personnel assets.