Experience

• 

  Jcpenney

  Sept 2018 - Mar 2019

  Associate
• 

  Oriontek

  May 2019 - Jul 2019

  Apprentice
• 

  Delta solutions and strategies

  Aug 2019 - Feb 2021

  Provided support to RMF for NIPR/SIPR along with Coalition networks under the NORAD andUnited States Northern Command. Maintained the RMF Assessment and Authorization program.Developed, updated, organized, tracked, and maintained RMF packages. Prepared test plans.Provided Assessment and Authorization (A&A) support in the development of securitycontingency plans and conduct complex risk and vulnerability assessments. Analyzed policiesand procedures against DoD security policies and regulations. Provided informationrecommendations for closing security gaps. Created and tracked Plan of Action & Milestones(POA&Ms). Interfaced with both client managers and system users. Used eMASS daily to buildpackages, answer controls, build POA&Ms and upload artifacts. Imported network topologies,flow-diagrams, hardware and software listings, ports, protocols, and Services Managementdocumentation as artifacts. Conducted full system package reviews periodically. Accreditedsixteen (16) packages. Assisted development of System Security Plans (SSP). Participated inChange Control Board (CAB) to identify upcoming changes to networks. Utilized SecurityContent Automation Protocol (SCAP) Security Compliance Checker (SCC) and AssuredCompliance Assessment Solution (ACAS) scans daily. Show less Responsible for the daily management, upkeep, and configuration of computer systems.Installed and maintained desktop and laptop computers, networks, IT security systems andother critical components of IT infrastructure. Maintained and applied STIGs to appropriatesettings required by Department of Security Services. Determined appropriate IT policies foroffice and applied them to everyday work life. Applied, maintained, and updated NIST 800-171controls for proper producers. Maintained and updated company website Show less

  • Risk Management Framework Analyst

    Mar 2020 - Feb 2021

  • Network And Systems Admin

    Aug 2019 - Mar 2020
• 

  Booz allen hamilton

  Feb 2021 - Sept 2022

  Cyber defense operations analyst

  Provided defensive cyber operations for NORAD and United States Northern Commandnetworks. Actively mitigated potential threats. Analyzed and integrated cyberspace tactics,techniques, and procedures (TTP) to internal and external networks of the organization.Maintained situational awareness with NetOps Concept of Operations (CONOPS) to ensure dataand systems were protected. Responded to queries and requests for computer securityinformation and reports. Provided threat intelligence analysis daily and integrated data intoArcSight Enterprise Security Manger. Drafted and published orders released by United StatesCyber Command. Used Splunk daily to validate logs on systems. Attended daily intelligencebriefings and provided recommended counter measures based on reports. Show less

• 

  Prime technical services inc.

  Sept 2022 - Feb 2023

  Senior cyber security engineer

  Was team lead for Northrop Grumman’s Assessment and Authorization (A&A) activities onauthorization package preparation and maintenance. Updated RMF authorization packages ineMASS with implementation details for system/site specific security controls. Coordinated,collected, prepared, and maintained RMF body of evidence documentation relevant tooperational processes, procedures, and site-specific information. Conducted annual securitycontrols assessment to support continuous monitoring. Provided input to Security AssessmentReports (SAR) and Risk Assessment Reports (RAR). Assisted in the implementation of therequired government policy (NISPOM, NIST, DoD), making recommendations on processtailoring, participating in and documenting process activities. Performed analyses to validateestablished cybersecurity controls and requirements and to recommend cybersecuritysafeguards. Coordinated across the program to address identified deficiencies during RMFassessment activities. Show less

• 

  Jacobs

  Feb 2023 - Jul 2023

  Information system security officer

  Supported NISSC II activities and Jacobs’s customers throughout multiple classified LegacySpace Domains. Maintained and implemented all Information System Security policies,standards, and directives to ensure the assessment and authorization of information systemsprocessing classified information. Worked independently to implement security controls acrosseMASS system packages. Reviewed and updated documentation including hardware, andsoftware inventories, security plans, network topologies, authorized boundary diagrams, andother network configurations. Collaborated with internal team members and clients to obtainproper security documentation. Used wide variety of eMASS tools to process security controls,plan of action & milestones (POA&Ms), and test results. Show less

• 

  Leidos

  Nov 2023 - now

  Information system security officer

  • Collaborated with internal team members and stakeholders to obtain the appropriate security documentation.• Provided security and system knowledge to programmers.• Investigated information security breaches to identify vulnerabilities and evaluate damage.• Provided oversight of getting in-office SCIF and systems certified with DCSA.• Made recommendations to improve security procedures and systems.• Reviewed plan of action & milestones (POA&Ms), eMASS artifacts, and test results.• Made recommendations to customer to reduce POA&M backlog, update security controls, and to renew authorityto operate (ATO).• Reviewed and security plans, customer briefings, and SharePoint pages. Show less