Heather Moon

Experience

• 

  USAA Real Estate

  May 2018 - Aug 2018

  IT- Cybersecurity Intern

  • Designed, implemented, and presented to the CAO (Chief Administrative Officer) and Executive Director of IT Security and Infrastructure a company-wide program to improve the company’s phishing email protection capabilities.• Analyzed solution options for reducing security risks noted in audit reports to mitigate present and projected threats.• Analyzed and reported on system anomalies, security alerts, and network activities for potential threats.• Diagnosed machines that had been detected to have unexpected behaviors or fingerprints. Show less

• 

  United States Department of Defense

  May 2019 - now

  •Enables security solutions by utilizing systems engineering and systems security engineering principles in defining information system security requirements and functionality, designing system architectures, developing security designs, assessing effectiveness of security solutions, and producing formal and informal reports, briefings, and direct input to customers regarding security and functionality requirements, system architecture, and security designs.• Assesses, prevents, and/or mitigates threats to information systems and infrastructures and the information contained in or transmitted by these systems. This encompasses threat and vulnerability analysis, risk mitigation, incident response, information assurance, penetration testing, and preparing accreditation documentation.• Applies standards, policies, procedures, and requirements for ensuring information security Show less • Architected and revamped the in- and out-processing process to fulfill cybersecurity requirements with key principles like soft and hard resets, identified 30 errors, and eliminated 240 vulnerabilities.• Responded to Management Internal Control Toolset (MICT) assessments to comply with NIST controls, vetted 2.7M security items and 641K network users, identified 22K non-compliant users, eliminated 300K objects, and slashed CSCS (Cybersecurity and Control System) attack vectors by 35%.• Designed and presented an end-to-end automated workflow process for DD 2875 access request approvals replacing emails, to assure integrity, privacy, traceability, and compliance with USAF records retention requirements.• Restored squadron performance and reliability. Investigated and remedied 80% of the issues within 1 week. Revamped the process and achieved 99% ISSO report accuracy saving USAF 250 hours.• Was instrumental in forming an ISSO collaboration team, trained new ISSO personnel, and mentored 5 fellow PAQ interns.• Was recognized in Q3 2021 as one of the 15 award winners at the 688th Cyberspace Wing level after one year at position, the only PAQ intern among the recipients, and was finalist in the annual award after winning the squadron and group level.• Submitted information assurance policies to the Enterprise Governance group for the USAF global enterprise network system.• Contributed to the problem management/incident response concerning a case using knowledge on LLMNR.• Practiced enterprise situational awareness for operating the USAF Cybersecurity and Control System (CSCS) weapons system.• Learned from DISA and AFNIC by attending the weekly military commander’s call meetings and regular teleconferences. Show less

  • DCO Capabilities Integration | Cyber Platforms

    Nov 2023 - now

  • Information System Security Engineer

    May 2022 - Oct 2023

  • PCIP | PAQ | Information System Security Officer

    May 2019 - May 2022
• 

  The University of Texas at San Antonio

  Jan 2020 - May 2020

  Teaching Assistant - Digital Forensics Analysis II

  • Worked with students as student coach and teaching assistant in a senior level IS 4523 Digital Forensics Analysis II class while being graduate student working towards master’s degree.