Daryl Kitchens CISM, CASP

Experience

• 

  Regional Supprt Organization (RSO) Norfolk

  Apr 2005 - Nov 2007

  Senior Chief Information Systems Technician

  Senior Chief Information Systems Technician / Communications Officer / ADP OfficerInspected and evaluated the security posture of sites, systems and made recommendations to the System Owners and Officers in charge. Analyzed and evaluated local policies and training requirements to ensure adherence to DoD, NIST, FISMA, and other IA Standards and advised management on IA trends and solutions. Subject Matter Expert (SME) in conducted, Independent Verification and Validation (IV&V), Communications Readiness Assessments, System Operational Verification Test (SOVT), Security Testing and Evaluation (ST&E), Afloat C&A and facilities physical security inspections. Responsible for supporting the design and development of advanced networking projects for 14 Patrol Coastal commands and ships which included analyzing data communications networks, planning, designing, evaluating, selecting, upgrading network device operating systems and protocol suites, and configuring communication media with routers, switches, firewalls and other devices within a service provider and enterprise DoD architecture. Provided technical support and troubleshooting to make improvements to the network when necessary. Weniger anzeigen

• 

  Falconwood, Incorporated

  Nov 2007 - Aug 2010

  Information Security Analyst

  Provides direct subject matter expert support to the Navy's Certification and Accreditation (C&A) process, serving as a member of the Operational Designated Accrediting Authority (ODAA) staff at Naval Network Warfare Command (NETWARCOM). Responsible for the full range of Information Assurance (IA) activities in support of the ODAA, specializing in C&A matters. Serves as primary customer interface with external Navy commands and Program Management Offices for the purpose of conducting collaboration on automated information system C&A packages as part of the Navy C&A process. Performs detailed analysis of C&A documentation packages to determine the operational security posture of the system and adequacy of corrective actions and mitigations applied by system owners. Provides accreditation recommendation to the DAA and prepares accreditation letters. Meets with appropriate Government management personnel, Government representatives from external commands, customer representatives, and contractor personnel. Represents the ODAA and Navy during reviews of DoD and Navy Information Assurance directives, instructions, and policy documents. Reviews and provides authoritative comments on IA-related technical documents to include Security Technical Implementation Guides (STIGs), Security Readiness Reviews (SRRs), Computer Tasking Orders (CTOs), and other C&A-related documents. Drafted and reviewed ODAA guidance documents. Represented Navy DAA while conducting Command Cyber Readiness Inspection (CCRI) onboard afloat units. Weniger anzeigen

• 

  Dynamic Network Enterprises

  Aug 2010 - Jan 2012

  Information Security Engineer

  Served as Project Manager for the initial research for MSC Afloat Site accreditation for 150 ships; successfully laid the initial groundwork for the deliverable. Responsible for analysis and submission of Certification and Accreditation (C&A) packages for Platform IT, Site, and Systems Type Accreditation, in support of Military Sealift Command (MSC). Analyze IT security postures of Afloat Information Systems to ensure compliance with DoD Information Assurance requirements Performed final QA on all documentation before submission to ODAA. Ensure traceability between POA&M, Scorecard, Validation Report, and Implementation Plan, Diagrams and other artifacts. Weniger anzeigen

• 

  Smartronix / Conscious Security

  Jan 2012 - Apr 2013

  Information Assurance SME

  Information Security Site Lead. Responsible for coordinating all work prioritization to deliver quality projects on time and within budget. Provides advice and recommendations on IA and C&A matters and programmatic support in a dynamic and challenging environment for 16 Marine legacy systems and mainframes, participates in collaboration meetings to prepare Program Managers and IA practitioners through certification and compliance processes, and tracks critical IA processes and elements through the use of automated and semi-automated tools. Provide technical data and information for Certification and Accreditation documentation. Draft technical application architecture drawings as required. Identify unique system security characteristics, interview critical organizational personnel, compose requisite documentation (security test plans and procedures, risk assessments, contingency planning, etc.), and map complex technical requirements, functionality, and capabilities to prescribed security controls, policies, and practices. Track and report Information Assurance Vulnerability Management (IAVM) compliance using Assured Compliance Assessment Solution (ACAS) . Maintain Authorization to Operate (ATO) records in the XACTA / MCCAST system manage and report Plan of Actions and Milestones (POA&M) compliance. Review certification and accreditation (C&A) documentation, providing feedback on the completeness and compliance of its content. Weniger anzeigen

• 

  Falconwood, Incorporated

  Apr 2013 - Jan 2018

  Information Systems Security Liaison Officer

  Liaison Officer for Space and Naval Warfare Systems Command (SPAWAR), on behalf of the Navy Program Executive Office for Enterprise Information Systems (PEO EIS) and the Naval Enterprise Networks Program Office (PMW 205) for all C&A efforts. Served as the primary contact and communicator for PEO-EIS C&A solutions and efforts. Served as a liaison between NAO and PEO-EIS on all cybersecurity matters to ensure that new technologies and capabilities are implemented effectively and as prioritized. Performed quality assurance and gave recommendations on all PEO EIS C&A packages before documents are submitted to NAO for review and approval. Experience with DoD Enterprise Mission Assurance Support Services (eMASS) & Vulnerability Remediation Asset Manager (VRAM) Assured Compliance Assessment Solution (ACAS) DON IT Portfolio Repository/DON Application and Database Management Systems (DITPR/DADMS) and DIACAP and RMF artifacts. Weniger anzeigen

• 

  Watershed Security

  Jan 2018 - Jan 2021

  Program Manager

  Supports NAVSEA HQ Cyber Branch Head while working directly with the Office of the Navy Authorizing Official (NAO). Provides expert advice and consultation on a diverse range of IT subjects, focusing on policy, cybersecurity, engineering, and process development. SME in conducting in-depth technical reviews of A&A and C&A documentation. Provides final package review of NAVSEA HQ and all NAVSEA's Program Executive Offices (PEOs) and Naval Surface Warfare Center(s), seeking authorization and/or accreditation from the Navy Authorizing Official (NAO) in accordance with appropriate policies and procedures. Provides final approval recommendation to NAO Director for all NAVSEA operational systems requiring authorization and/or accreditation. Collects and reports metrics, manages scope, prioritizes work and resources while acting as the identified contact for the Government to manage metrics, reports, briefings, and other means of communication contract requirements. Responsible for the design, implementation, and performance of projects or tasks in accordance with contract requirements. Ensures completion and timely submission of required tasks and deliverables. Ensures sufficient coverage of contractor personnel in each task area to meet deliverables and tasks. Provides project management support/oversight of all projects. Coordinates with the PMO and COR on Contract requirements and concerns as needed. Develops and implements project schedules. Directs and supervises resources for the performance of project assignments and activities. Responsible for personnel, finance, training, supply systems, and support services necessary for specific site requirements. Weniger anzeigen

• 

  VT Group (VTG)

  Jun 2021 - Jan 2024

  Sr. Cyber Security Analyst

  Advise the Assistant Secretary of the Navy Research, Development, and Acquisition (ASN RDA) Office in conducting Risk Management Framework (RMF) assessment and authorization activities on all matters pertaining to Navy science, technology, advanced research, and development programs for all applicable systems and enclaves scheduled for authorization, including Future Naval Capabilities (FNCs), Advanced Technology Demonstrations (ATDS), and Joint Capability Technology Demonstrations (JCTDs).Subject Matter Expert (SME) in the review and analysis of RMF documentation, and other system information in NIPRNet and SIPRNet eMASS system associated with Navy RMF packages. Conduct detailed comprehensive reviews of authorization packages. Detailed analysis of network topology, data flow diagrams, hardware and software lists, System Security Plan (SSP), System Assessment Report (SAR), Plan of Action & Milestones (POA&M), Ports, Protocols, and Services (PPS) registrations, Host-Based Security System (HBSS) compliance, Security Technical Implementation Guides (STIGS) and Information Assurance Vulnerability Management (IAVM) compliant. Review all supporting artifacts for security controls.Advise Information System Owners/Program Managers (ISO/PM) on correcting and revising required RMF documentation and information input into the eMASS system before final submission to the Echelon 2 (ECH-II) commands and/or the Functional Authorizing Official (FAO) or the Navy Authorizing Official (NAO). Provides prompt, courteous, and quality customer support in a professional manner. Participate in collaboration meetings regarding RMF reviews and other directly related A&A issues. Weniger anzeigen

• 

  Soliel, LLC

  Feb 2024 - now

  Senior Cyber Security Assessment and Authorization Expert

  Supports NAVSEA HQ Cyber Security