Joey Knight, CISSP

Experience

• 

  CACI International Inc

  May 2006 - Aug 2014

  Information Systems Security Officer (ISSO)

  • Information System Security Officer (ISSO) for unclassified and classified Air Force Equipment Management System (AFEMS) and unclassified Stock Control System (SCS) Oversaw first USAF program information system, AFEMS, to shift Certification and Accreditation (C&A) methodology from DoD Information Assurance Certification & Accreditation Process (DIACAP) compliance based to risk based under National Institute of Standards and Technology (NIST) Risk Management Framework (RMF). Headquarters Air Force (AF/A4/7) by name requested me to be part of a team to study and make recommendations on the effects the NIST RMF had on changing the Air Force Certification and Accreditation (C&A) methodology. This resulted in Lt. Gen. Judith A. Fedder, Deputy Chief of Staff for Logistics, Installations and Mission Support, Headquarters U.S. Air Force, Washington, D.C., recommending the team for the AF General Jumper Award for contributions to information assurance.• Technical team lead for five (5) members supporting AFEMS, Stock Control System (SCS), and Item Management Control System (IMCS) projects• Federal Information System Controls Audit Manual (FISCAM) Led the effort to perform the Program Office FISCAM Vulnerability Gap Analysis Liaison between the AFEMS PMO and the SAF/FM audit team to review, test, and create Corrective Action Plans (CAP) for the FISCAM Dealbreaker Analysis Liaison between the AFEMS PMO and the Air Force Audit Agency (AFAA) for the second phase of the Financial Improvement and Audit Readiness (FIAR) Existence and Completion effort• Alternate Facility Security Officer (FSO)• Supporting System Expertise Enterprise Mission Assurance Support Service (eMASS) Enterprise Information Technology Data Repository (EITDR) Vulnerability Management System (VMS) Joint Personnel Adjudication System (JPAS)• USAF Retired Senior Master Sergeant (SMSgt) – Superintendent Command, Control, Communication, and Computer (C4) Systems Security Show less

• 

  Oasis Systems LLC

  Mar 2016 - Apr 2023

  Information Systems Security Manager

  I provide Assessment and Authorization (A&A) support to multiple Air Force Contracting Systems (ACPS, CBIS, ConWrite, CPRS, & EZ Source) using the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) methodology. I assist in the planning, development and evaluation of system security artifacts as well as plan and provide technical input in implementing NSA, DoD, and AF security governing directives. This is the ground work necessary to ensure the milestones are accurate for the Authorizing Official (AO) to make an informed Authority to Operate (ATO) decision. I provide ad-hoc security assistance to the Program Managers for their systems throughout their lifecycle. Show less