Jessica Jeff

Woodbridge, VA *****

Telephone 571-***-****

ad3c7h@r.postjobfree.com

Active Top Secret/SCI with CI Polygraph

EDUCATION:

ROCHESTER INSTITUTE OF TECHNOLOGY

ROCHESTER, NY

Bachelor of Science

NEW YORK CITY TECHNICAL COLLEGE

BROOKLYN, NY

Associate of Arts (A.A)

CERTIFICATIONS – Current

Project Management Professional (PMP)

Certified Information System Security Professional (CISSP)

CompTIA Security +

Certified Data Privacy Solution Engineer (CDPSE)

Certified Ethical Hacker (CEH)

Certified Network Defense Architect (CNDA)

Information Technology Infrastructure Library (ITIL V3)

CompTIA Advance Security Practitioner (CASP)

CompTIA Network +

Certified Information Security Manager (CISM)

Oracle Certified Professional PL/SQL

PROFESSIONAL EXPERIENCE

Open Systems Technologies Corporation (OST)Quantico VA Information Systems Security Officer, (ISSO) April 2022-Present Responsible for ensuring the appropriate operational security posture is maintained for information systems, works in close collaboration with Information System Security Managers and Information System Owners. Monitor the information system(s) and its environment of operation to include developing and updating FISMA documentation, keep track of the implementation of configuration management across authorization boundaries. Cooperate with security specialists, program managers, engineers, and all levels of management to execute strategic and tactical goals to obtain ATOs utilizing Risk Management Framework methodology.

Monitor security controls for FBI Information Systems to maintain security Authorized to Operate (ATO).

Ensure that system security documentation is developed, maintained, reviewed, and updated on a continuous basis.

Ensure the day-to-day implementation, oversight, continuous monitoring, and maintenance of the security configuration, practices, and procedures for each Information System.

Ensure that selected security controls are implemented and operating as intended during all phases of the Information System lifecycle.

Manage the risks to Information Systems and other FBI assets by coordinating appropriate correction or mitigation actions and oversee and track the timely completion of (POAMs).

Ensure that changes to an FBI Information System, its environment, and/or operational needs that may affect the authorization status are reported to the system owner and the Information System Security Manager (ISSM).

Deloitte Touché Tohmatsu India, LLP. Springfield VA Security Control Assessor, November 2021- April-2022 As a Security Control Assessor responsible for assessing the management, operational, assurance and technical security controls implemented on information system via security testing and evaluation. Determine which teams are responsible for development and implementing common controls. Identify the points of contact within the organization and obtain the materials needed for the assessment.

Identify systems and agency risks and conduct vulnerability analysis in accordance with industry best practices.

Research, detect, analyze vulnerabilities of information systems.

Provided technical knowledge and analysis of complex vulnerabilities.

Apply principles, methods, and knowledge to identifying and remediating vulnerabilities.

Experience with ACAS (Nessus) and DISA STIGS

Knowledge of A&A (RMF) testing and assessing cyber security solutions Federal Data Systems, Inc. Alexandria VA

Incident Handler, July 2017- November 2021

As a member of the Pentagon Computer Incident Response Team/Non-Compliant Reporting Team, provide incident analysis, communicate threat indicators, warnings and disseminate situational awareness on current and emerging threats to JSP leadership, and related agencies. The non- compliance reporting team utilizes technologies for the preservation of data required for strategic and tactical analysis, counterintelligence, and law enforcement investigations.

Use appropriate skills and techniques in scoping, containing and eradicating incidents based on the processes outlined.

Experience with handling escalations and managing the incident process to closure.

Apply threat intelligence to proactively manage incidents to minimize the impact to the customer by utilizing the tools within the environment to resolve issue in a timely manner.

Employ industry standards incident response technics, escalations procedures and warm handoff of cases to various agencies and department across the organization.

Able to provide feedback to the team to mediate false escalations to support the learning process.

NetOps Solutions, Inc. Alexandria City, VA

Junior Analyst, November 2016- July 2017

As a member of a Vulnerability Assessment Team that supports JSP customers at the highest level. The VAT team serves as the principal coordination point for the network vulnerability assessment process. The VAT team organizes the threat mitigations strategies with the various organization’s teams. The analysis and mitigation strategies provided are in accordance with JSP priorities.

Managed, tracked Cyber–Task Orders issued by USCybercom.

Employed Vulnerability Assessment findings to prepare Plan of Action and Mile Stone

(POA&Ms), to facilitate the tracking and handling of threats to the network.

Managed and reported on Information Assurance Vulnerability Alerts (IAVA) and DISA STIG Compliancy

Stayed abreast of the organization polices as emerging technologies were introduced to make sure they were in alignment with organization’s risk tolerance

Documented security information in accordance with the Risk Management Framework

(RMF) and NIST guidelines.

ActioNet, Inc., Arlington, VA

Quality Assurance Testing Engineer September 2015 – September 2016 Ensured the organization received the best product possible. Aimed to delivered consistent results through a set of established and standardized procedures. Employed existing processes to achieve the specified benchmarks set by the organization. Performed regression testing on Commercial Off- The-Shelf (COTS) and provided input on the design test of plans. Performed analysis and worked with application vendors to make sure they adhered to the security requirements for information systems. Conducted vulnerability testing on patches to mitigate Information Assurance Vulnerability Alerts (IAVA) issued by USCyber Command. Conducted functionality tests of assigned software, in accordance with Department of Defense Security Technical Implementation Guides.

Performed scripted and ad hoc test cases on the approved Army Gold Master images/builds for NIPRNET and SIPRNET systems running on VMs.

Interpreted and reported testing results and was vocal proponent for quality in every phase of the development process.

Reviewed product user interface for conformity to design guidelines.

Executed and monitored functions including running and analyzing security scans using ACAS

Worked with technical teams to develop software test plans. Zolon Tech Inc., Arlington, VA

Quality Assurance Analyst/Software Test Engineer September 2014- September 2015 Associate member of the Quality Assurance team, assisted with security analysis of existing services, computing systems and the safeguarding of our IT domain. Enforced policies, followed procedures and best practices to ensure compliancy with federal regulations that governed our environment. Other duties included evaluation of security controls for information systems, and various stages of data.

Prepared Accreditation documents in accordance with current DoD security requirements as applicable for the product or system undergoing certification.

Performed functional and regression tests to ensure code functioned as designed. Applied test methodology and product knowledge in the design of tests and testing strategies.

Provided production support of software products by investigating and reporting on defects.

Supported testing of multiple major releases in coordination with development team while monitoring testing activities and key internal deliverable.

Provided the day-today essential activities for onboarding new personnel. L-3 Communications Straits, Arlington, VA

ITA Tier 2 Customer Care Technician October 2009- September 2014 Provided technical support to end users in a client-server environment. Utilized strong analytical and problem-solving skills to resolve Remedy incident tickets and Work Orders. Performed installation and maintenance of software and hardware for network deployments.

Troubleshot and fixed computers issues, software problems and wireless handheld devices glitches to resolve Remedy tickets.

Expertly set users’ Microsoft Outlook enterprise email accounts. Also assisted with the management of user’s privileges access such as logon script, and setup local and network printers’ connections.

Recovered users PKI certificates from Defense Information System Agency (DISA) website.

Assisted users with resolving Encryption File System (EFS) issues.

Served as a trusted agent for JSP for the dissemination of privilege tokens for NIPR and SIPR domain per the Registration Authority (RA) instructions.

Assisted in special projects, Microsoft System Center Configuration Manager (SCCM) team assisting with manually patching of systems to mitigate Zero-day exploits.

Contact this candidate