Technical Experience and Knowledge

•Extensive knowledge of National Institute of Technology (NIST) Special Publications (SP) including SP 800-53, Rev. 4 and Rev. 5; SP 800-53A, Rev. 4; SP 800-60 Volume II, Rev. 1, SP 800-37, SP 800-34, Rev. 1

•Extensive experience in developing Security Authorization documents to ensure compliance with Federal Information Management Act (FISMA), OMB Circular A-130, and DOT and FAA orders and policies

•Proficient in using the Department of Justice (DoJ) assessment tool, the Cyber Security Asset Management (CSAM) tool to perform assessments, update System Security Plans, tailoring and inheriting controls, and managing Plan of Action and Milestone (POA&M) items

•Extensive knowledge of Federal Information Processing Standards (FIPS) publications and categorizing IT systems for confidentiality, integrity, and availability

•Experience in developing privacy documentation in support of the Privacy Act of 1974 and DOT and FAA Privacy policies

•Expert in Microsoft Office Suite

•Proficient in developing technical documentation including technical architecture diagrams using Visio

Security Clearance:

•Level: Public Trust, Issuing Organization: FAA

Education:

•James Madison University, September 1985 – May 1989, Bachelor of Arts, May 1989

Work Experience

Self employed January 2023 – December 2023

Technical editing of user manuals, marketing materials, and social media content.

Business Integra November 2022 to December 2022

Job Description: Proposal Writer and Technical Editor

Wrote Standard Operating Procedures for Policy and Waivers work.

Trained employee who was transitioning into my position.

Assisted with editing proposal in response to RFQ.

Other duties as assigned.

Business Integra/Federal Aviation Administration May 2020 – November 2022

Washington, DC

Job Description: IT Security Policy Analyst, and Security Consultant for the Federal Aviation Administration (FAA) Security Governance Division, Policy, Training, & Customer Liaison Branch.

Develop and manage security policy waivers to submit to various organizations at the FAA for review, approval, and concurrence. Waivers process includes research of systems, customer outreach, and analyzing security documents to provide details about the security risk of granting the waiver.

Present completed waiver documents to the Chief Information Security Officer (CISO) and Deputy CISO and provide recommendation for approving or disapproving waivers.

Support the FAA governance and policy team in writing and editing security policy documents including policies and other governance documents include FAA Order 1370.121, as amended, FAA Information Security and Privacy Program & Policy, and the FAA Supply Chain Risk Management Plan.

Provide Subject Matter Expert (SME) support to security team including providing extensive knowledge for the FAA environment, infrastructure, and systems. The FAA hosting environments include both on-prem data centers as well as FAA-specific cloud environments (AWS and Azure).

Business Integra/Federal Aviation Administration November 2014 – May 2020

Job Description: IT Security Assessment Team Lead in support of the FAA Office of Information Security & Privacy (IS&P)

•Serve as Team Lead and provide mentorship and training to junior assessors and assessment coordinators

•Manage Quality Control team member to ensure accurate and complete security assessment deliverables

•Act as Subject Matter Expert (SME) for FAA assessment processes, business missions, system information, and other organizational information

•Perform Security Assessments as Lead IT Assessor of FAA IT systems using NIST SP 800-53, Revision 4 controls, including assessments of General Support Systems (GSS)

•Identify vulnerabilities, perform vulnerability assessment, and write recommendations to create Plan of Action and Milestone (POA&M) items

•Develop System Security Plans (SSPs) in support of Security Assessments

•Develop Security Authorization documents to ensure compliance with Federal Information Management Act (FISMA), OMB Circular A-130, and DOT and FAA orders and policies

•Developed security documentation for the FAA to ensure compliance with Federal Information Management Act (FISMA), OMB Circular A-130, and DOT and FAA orders and policies including System Security Plans (SSPs) and System Characterizations for multiple initial systems including FAA Cloud Services (FCS) MAC and AWS IaaS, M365, Huddle SaaS, Continuous Diagnostics Monitoring (CDM) system, the ASKME suite of applications, and the Unmanned Aircraft System (UAS).

•Updated all documentation and assessed more than 70 systems at the FAA.

•Provided guidance to FAA on security templates and other security documentation templates.

•Develop Information System Contingency Plans (ISCP) in support of Disaster Recovery (DR) activities

VMD Systems Integrators/Federal Aviation Administration June 2011 − October 2014

Washington, DC

Job Description: IT Security Assessor and Project Control Analyst (PCA) in support of the Federal Aviation Administration (FAA) Office of Aviation Safety (AVS)

IT Security Assessor: September 2012 – October 2014

•Perform Security Assessments as Lead IT Assessor of FAA IT systems using NIST SP 800-53, Revision 3 controls as described above.

Project Control Analyst (PCA): June 2011 – September 2012

●Technical Writer and Assessment Team Support for Federal Aviation Administration (FAA) Office of Aviation Safety (AVS)

●Includes additional duties as Technical Writer/Quality Assurance (QA) position identified under Cashwell LLC

Cashwell LLC/Federal Aviation Administration Washington, DC April 2009 − June 2011

Technical Writer/Quality Assurance (QA)

Job Description: Technical Writer and Assessment Team Support of the Federal Aviation Administration (FAA) Office of Aviation Safety (AVS)

•Participate in Security Authorizations in support for Assessment Team of FAA IT systems

•Assist IT Assessor with identifying vulnerabilities, performing vulnerability assessment, and writing recommendations to create Plan of Action and Milestone (POA&M) items

•Perform Quality Assurance for Security Authorization documents to ensure compliance with Federal Information Management Act (FISMA), OMB 300, and DOT and FAA orders and policies

•Develop annually AVS-specific FAA Authorization document templates based on the FAA Security Authorization Handbook

•Liaison with Privacy Office to complete and request approval of Privacy Threshold Analysis (PTA) and Privacy Impact Assessment (PIA) documents

•Review and produce Security Authorization Packages for submittal to Information System Security Manager (ISSM) and the FAA Office of Information Security (AIS)

•Coordinate production schedule for more than 40 systems for FY2009 FAA AVS annual assessment activities, including managing subcontractor

Freelance Work/Volunteer Work February 2004 − April 2009

Job Description: Provided copy writing, editing and design services to various clients.

•Edit quarterly newsletter for cultural society using Microsoft Word and Adobe PageMaker

•Write press releases, information sheets and brochures using Microsoft Word and Adobe PageMaker

•Edit and maintain Web site for speech pathology clinic using Hypertext Markup Language (HTML)

•Create and design various flyers for charity and fund-raising events using Microsoft Word, Adobe PageMaker and Photoshop CS

Volunteer Work: Volunteered in the Prince George’s County public schools.

•Worked with regional superintendent to change local school administration to improve school conditions

•Increased PTA membership using social media and marketing; served as PTA president and VP

•Organized several successful activity-based fund raisers per school year

ESI International, Arlington, VA November 2000 − February 2004

Relevant Work Performed: Marketing Communications Copywriter/Newsletter Editor

•Wrote marketing copy for all marketing materials e.g, direct mail pieces, white papers, advertising, marketing packages, and press releases

•Edited and wrote articles for monthly project management newsletter

•Managed independent project managers for submission to monthly newsletter

•Prepared newsletter both in print and online

The McGraw-Hill Companies

Aviation Week Group, Washington, DC April 1994 – November 2000

Summary: Managed product marketing and print marketing activities for World Aviation Directory and Overhaul & Maintenance magazine for this large publishing firm.

Job Titles:

Marketing Manager, Electronic Products: April 1998 - November 2000

Assistant Manager, Marketing Services: February 1995 - April 1998

Marketing/Client Services Representative: September 1994 - February 1995

Marketing Services Coordinator: April 1994 - September 1994

Technical Writing and Marketing Copywriting

Technical User Support

Management and Sales

Media Cybernetics, Silver Spring, MD January 1992 − April 1994

Title/Job Description: Marketing Coordinator and Technical Product Support

Technical Support: Provided end-user support for a drawing application that later became MS Paint.

Sales and Marketing: Wrote copy based on complex technical information from the engineering team and developed copy and marketing materials for the lay person.

Deupi & Associates, Arlington, VA June 1991 − January 1992

Title/Job Description: Performed all relevant administrative functions as Office Manager as well as tracking budget and sales using Excel and creating fliers using Word.

DeltaTech Corporation, Arlington, VA and Silver Spring, MD Nov. 1989 − June 1991

Title/Job Description: Marketing Assistant

Uniphoto Picture Agency, Washington, DC May 1989 − November 1989

Title/Job Description: Administrative and Marketing Assistant

Contact this candidate