| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidate.CONTACTAddress : Auburn, Washington Street Address
Phone : PHONE NUMBER AVAILABLEEmail : EMAIL AVAILABLESKILLS eMass Data Security Principle of Least Privilege Cloud Computing FedRAMP ATO, FISMA FIPS 199, POA&M's Active Directory Identity Management Analytical Aptitude VPN, Database Mirroring Windows 11, Linux, Unix Critical Thinking Software Windows Server SSL Certificates ISO 27001, CMMC GDPR Security Controls Assessor - Validator(SCA-V) Act as an independent 3PA(third-party assessor) to validatecompanies or government entities toensure they are within compliance ofNIST 800-53, FedRamp, GDPR, ISO27001 and SOC 1/SOC2. Security Technologies: Hands onsecurity experience with OperatingSystems, IntrusionDetection/Prevention System(IDS/IPS), Endpoint Detection &Response (EDR), Security Informationand Event Management (SIEM). Communication Skills: Excellentverbal and written skills. Adjustpresentations to fit the audience.Presentations given to largeaudiences and C-Suite personnel.Created and propagated NIST 800-53SOP's covering individual CommonControl Identifiers (CCI). Vulnerability Management: Proficientin reviewing, prioritizing, andvalidating vulnerability results,PROFESSIONAL SUMMARYSeasoned Cyber Security Manager with 15+ years of experience fortifying organizations against cyber threats. A strategic leader skilled in developing and implementing robust security frameworks, conducting risk assessments, and ensuring compliance. Certified in CISSP. Proven track record of driving innovation, strengthening defenses, and ensuring compliance within forward-thinking organizations.WORK HISTORYSenior Cyber Security Analyst, 03/2022 to 09/2023SCIENCE APPLICATIONS INTERNATIONAL CORPORATION (SAIC) Conducted a thorough risk analysis of security requirements in accordance with NIST 800-53 ensuring data security using eMASS as the collection and review of all artifacts leading to a comprehensive assessment. Recognized and implemented efficient security solutions and countermeasures for the SCA-V and ISSM, guaranteeing adherence to all NIST 800-53 controls. Logged and organized software entries in DADMS, improving the precision and comprehensiveness of accreditation procedures. Introduced a structured cataloging system, resulting in a 25% reduction in errors and promoting more streamlined accreditation workflows. Drafted and submitted security documents in accordance with DoD RMF, aligning with STIGs and IA Checklists Improved document preparation efficiency by 20%, streamlining the accreditation process.Senior ISSO, 04/2020 to 03/2022THE BOEING COMPANY Performed a thorough risk analysis of security requirements, identifying, and implementing measures to mitigate factors that could pose a threat to the successful execution of all information systems using eMASS as the GRC tool of choice. Successfully identified and implemented robust data security solutions and countermeasures for the ISSM, fostering a proactive strategy to mitigate potential security breaches Drafted comprehensive security documentation in strict compliance with the Department of Defense Risk Management Framework (DoD RMF), ensuring alignment with Security Technical Implementation Guides (STIGs) and Information Assurance (IA) Checklists Developed and delivered comprehensive security awareness programs to educate employees on security best practices Played a key role in facilitating the optimization of processes within the US Army Europe G6 IAPM office through active support Played a pivotal role in fortifying the security of Boeing's aerospace platforms, ensuring the safety and reliability of systems that serve both civilian and military interests.Principal Cyber Security Analyst, 02/2012 to 03/2020 JOHN MOSBRUCKERensuring effectiveness and efficiencyof remediation efforts. Technical Leadership: Led criticalvulnerability remediation campaigns,serving as a point of contact forsupporting technologies. Continuous Improvement: Identifiedand executed improvementopportunities for enterprisevulnerability management services,facilitating program efficiency gains. Cloud Security: Skilled in AWS CloudComputing, Microsoft Azure,FedRAMP and ATO processes Compliance and Documentation:Experienced in developing SystemSecurity Plans (SSP), ContingencyPlans (CP), and Security ImpactAnalysis (SIA). Stakeholder Engagement: Engagedstakeholders in the vulnerabilitymanagement program, ensuringcollaboration for continuousimprovement. Tool Proficiency: Extensiveexperience with cybersecurity tools(Nessus, Qualys, Burp), networktopologies, intrusion detection, PKI,and secured networks. Project Management: Led specialprojects and teams, authoredmethods of vulnerability detection,and introduced new technologies forprocess improvement. Vulnerability Management Lead:Conducted in-depth analysis acrossdiverse technologies, prioritizedvulnerability results, and ledremediation campaigns. Validatedand verified remediationeffectiveness, identified falsepositives, and performed barrieranalysis for corrective measures.Introduced automation tovulnerability management processes,enhancing program efficiency. Technical Leadership and TrainingCoordinator: Served as a point ofcontact for technical issues,coordinated team training activities,and enhanced team skills. Validatedvulnerabilities remediated, performedbarrier analysis, and recommendedcorrective measures. Supported theexecution of the vulnerabilitymanagement program throughmeeting education. facilitation and programGeneral Dynamics Conducted thorough assessments of systems throughout the United States Army, effectively mitigating security defects and vulnerabilities using eMASS to collect and review artifacts to issue ATOs, Prepared and presented comprehensive reports to executive leadership, summarizing the organization's cybersecurity posture, ongoing initiatives, and recommended data security improvements Successfully expedited security assessment processes, reducing turnaround time by 25% This improvement has fortified the organization's capacity to promptly address and respond to security issues Effectively crafted pertinent documents and spearheaded certification and validation initiatives, guaranteeing adherence to established security standards Implemented and managed advanced security technologies, including SIEM solutions, threat intelligence platforms, and endpoint detection and response systems, enhancing the organization's overall cyber resilience Verified that the systems fulfilled NIST requirements, consistently upholding a compliance rate of 100% Orchestrated and monitored teams for security audits encompassing 70 units, ensuring the punctual completion and examination of Tenant Security Plans (TSP).EDUCATIONBachelor of Science in Computer Science: Computer Science, 04/2004 CROWN COLLEGE - Tacoma, WashingtonCERTIFICATIONS CISSP #362085 ITIL v4 SECURITY + NETWORK +. |
