Technical Experience and Knowledge
•Extensive knowledge of National Institute of Technology (NIST) Special Publications (SP) including SP 800-53, Rev. 4 and Rev. 5; SP 800-53A, Rev. 4; SP 800-60 Volume II, Rev. 1, SP 800-37, SP 800-34, Rev. 1
•Extensive experience in developing Security Authorization documents to ensure compliance with Federal Information Management Act (FISMA), OMB Circular A-130, and DOT and FAA orders and policies
•Proficient in using the Department of Justice (DoJ) assessment tool, the Cyber Security Asset Management (CSAM) tool to perform assessments, update System Security Plans, tailoring and inheriting controls, and managing Plan of Action and Milestone (POA&M) items
•Extensive knowledge of Federal Information Processing Standards (FIPS) publications and categorizing IT systems for confidentiality, integrity, and availability
•Experience in developing privacy documentation in support of the Privacy Act of 1974 and DOT and FAA Privacy policies
•Expert in Microsoft Office Suite
•Proficient in developing technical documentation including technical architecture diagrams using Visio
Security Clearance:
•Level: Public Trust, Issuing Organization: FAA
Education:
•James Madison University, September 1985 – May 1989, Bachelor of Arts, May 1989
Work Experience
Self employed January 2023 – December 2023
Technical editing of user manuals, marketing materials, and social media content.
Business Integra November 2022 to December 2022
Job Description: Proposal Writer and Technical Editor
Wrote Standard Operating Procedures for Policy and Waivers work.
Trained employee who was transitioning into my position.
Assisted with editing proposal in response to RFQ.
Other duties as assigned.
Business Integra/Federal Aviation Administration May 2020 – November 2022
Washington, DC
Job Description: IT Security Policy Analyst, and Security Consultant for the Federal Aviation Administration (FAA) Security Governance Division, Policy, Training, & Customer Liaison Branch.
Develop and manage security policy waivers to submit to various organizations at the FAA for review, approval, and concurrence. Waivers process includes research of systems, customer outreach, and analyzing security documents to provide details about the security risk of granting the waiver.
Present completed waiver documents to the Chief Information Security Officer (CISO) and Deputy CISO and provide recommendation for approving or disapproving waivers.
Support the FAA governance and policy team in writing and editing security policy documents including policies and other governance documents include FAA Order 1370.121, as amended, FAA Information Security and Privacy Program & Policy, and the FAA Supply Chain Risk Management Plan.
Provide Subject Matter Expert (SME) support to security team including providing extensive knowledge for the FAA environment, infrastructure, and systems. The FAA hosting environments include both on-prem data centers as well as FAA-specific cloud environments (AWS and Azure).
Business Integra/Federal Aviation Administration November 2014 – May 2020
Job Description: IT Security Assessment Team Lead in support of the FAA Office of Information Security & Privacy (IS&P)
•Serve as Team Lead and provide mentorship and training to junior assessors and assessment coordinators
•Manage Quality Control team member to ensure accurate and complete security assessment deliverables
•Act as Subject Matter Expert (SME) for FAA assessment processes, business missions, system information, and other organizational information
•Perform Security Assessments as Lead IT Assessor of FAA IT systems using NIST SP 800-53, Revision 4 controls, including assessments of General Support Systems (GSS)
•Identify vulnerabilities, perform vulnerability assessment, and write recommendations to create Plan of Action and Milestone (POA&M) items
•Develop System Security Plans (SSPs) in support of Security Assessments
•Develop Security Authorization documents to ensure compliance with Federal Information Management Act (FISMA), OMB Circular A-130, and DOT and FAA orders and policies
•Developed security documentation for the FAA to ensure compliance with Federal Information Management Act (FISMA), OMB Circular A-130, and DOT and FAA orders and policies including System Security Plans (SSPs) and System Characterizations for multiple initial systems including FAA Cloud Services (FCS) MAC and AWS IaaS, M365, Huddle SaaS, Continuous Diagnostics Monitoring (CDM) system, the ASKME suite of applications, and the Unmanned Aircraft System (UAS).
•Updated all documentation and assessed more than 70 systems at the FAA.
•Provided guidance to FAA on security templates and other security documentation templates.
•Develop Information System Contingency Plans (ISCP) in support of Disaster Recovery (DR) activities
VMD Systems Integrators/Federal Aviation Administration June 2011 − October 2014
Washington, DC
Job Description: IT Security Assessor and Project Control Analyst (PCA) in support of the Federal Aviation Administration (FAA) Office of Aviation Safety (AVS)
IT Security Assessor: September 2012 – October 2014
•Perform Security Assessments as Lead IT Assessor of FAA IT systems using NIST SP 800-53, Revision 3 controls as described above.
Project Control Analyst (PCA): June 2011 – September 2012
●Technical Writer and Assessment Team Support for Federal Aviation Administration (FAA) Office of Aviation Safety (AVS)
●Includes additional duties as Technical Writer/Quality Assurance (QA) position identified under Cashwell LLC
Cashwell LLC/Federal Aviation Administration Washington, DC April 2009 − June 2011
Technical Writer/Quality Assurance (QA)
Job Description: Technical Writer and Assessment Team Support of the Federal Aviation Administration (FAA) Office of Aviation Safety (AVS)
•Participate in Security Authorizations in support for Assessment Team of FAA IT systems
•Assist IT Assessor with identifying vulnerabilities, performing vulnerability assessment, and writing recommendations to create Plan of Action and Milestone (POA&M) items
•Perform Quality Assurance for Security Authorization documents to ensure compliance with Federal Information Management Act (FISMA), OMB 300, and DOT and FAA orders and policies
•Develop annually AVS-specific FAA Authorization document templates based on the FAA Security Authorization Handbook
•Liaison with Privacy Office to complete and request approval of Privacy Threshold Analysis (PTA) and Privacy Impact Assessment (PIA) documents
•Review and produce Security Authorization Packages for submittal to Information System Security Manager (ISSM) and the FAA Office of Information Security (AIS)
•Coordinate production schedule for more than 40 systems for FY2009 FAA AVS annual assessment activities, including managing subcontractor
Freelance Work/Volunteer Work February 2004 − April 2009
Job Description: Provided copy writing, editing and design services to various clients.
•Edit quarterly newsletter for cultural society using Microsoft Word and Adobe PageMaker
•Write press releases, information sheets and brochures using Microsoft Word and Adobe PageMaker
•Edit and maintain Web site for speech pathology clinic using Hypertext Markup Language (HTML)
•Create and design various flyers for charity and fund-raising events using Microsoft Word, Adobe PageMaker and Photoshop CS
Volunteer Work: Volunteered in the Prince George’s County public schools.
•Worked with regional superintendent to change local school administration to improve school conditions
•Increased PTA membership using social media and marketing; served as PTA president and VP
•Organized several successful activity-based fund raisers per school year
ESI International, Arlington, VA November 2000 − February 2004
Relevant Work Performed: Marketing Communications Copywriter/Newsletter Editor
•Wrote marketing copy for all marketing materials e.g, direct mail pieces, white papers, advertising, marketing packages, and press releases
•Edited and wrote articles for monthly project management newsletter
•Managed independent project managers for submission to monthly newsletter
•Prepared newsletter both in print and online
The McGraw-Hill Companies
Aviation Week Group, Washington, DC April 1994 – November 2000
Summary: Managed product marketing and print marketing activities for World Aviation Directory and Overhaul & Maintenance magazine for this large publishing firm.
Job Titles:
Marketing Manager, Electronic Products: April 1998 - November 2000
Assistant Manager, Marketing Services: February 1995 - April 1998
Marketing/Client Services Representative: September 1994 - February 1995
Marketing Services Coordinator: April 1994 - September 1994
Technical Writing and Marketing Copywriting
Technical User Support
Management and Sales
Media Cybernetics, Silver Spring, MD January 1992 − April 1994
Title/Job Description: Marketing Coordinator and Technical Product Support
Technical Support: Provided end-user support for a drawing application that later became MS Paint.
Sales and Marketing: Wrote copy based on complex technical information from the engineering team and developed copy and marketing materials for the lay person.
Deupi & Associates, Arlington, VA June 1991 − January 1992
Title/Job Description: Performed all relevant administrative functions as Office Manager as well as tracking budget and sales using Excel and creating fliers using Word.
DeltaTech Corporation, Arlington, VA and Silver Spring, MD Nov. 1989 − June 1991
Title/Job Description: Marketing Assistant
Uniphoto Picture Agency, Washington, DC May 1989 − November 1989
Title/Job Description: Administrative and Marketing Assistant