Cyber Security Data
Resume:
.
CONTACT
Address : Auburn, Washington *****
Phone : 520-***-****
Email : ****.**********@*****.***
SKILLS
• eMass
• Data Security
• Principle of Least Privilege
• Cloud Computing
• FedRAMP
• ATO, FISMA
• FIPS 199, POA&M's
• Active Directory Identity Management
• Analytical Aptitude
• VPN, Database Mirroring
• Windows 11, Linux, Unix
• Critical Thinking
• Software Windows Server
• SSL Certificates
• ISO 27001, CMMC
• GDPR
• Security Controls Assessor - Validator
(SCA-V) Act as an independent 3PA
(third-party assessor) to validate
companies or government entities to
ensure they are within compliance of
NIST 800-53, FedRamp, GDPR, ISO
27001 and SOC 1/SOC2.
• Security Technologies: Hands on
security experience with Operating
Systems, Intrusion
Detection/Prevention System
(IDS/IPS), Endpoint Detection &
Response (EDR), Security Information
and Event Management (SIEM).
• Communication Skills: Excellent
verbal and written skills. Adjust
presentations to fit the audience.
Presentations given to large
audiences and C-Suite personnel.
Created and propagated NIST 800-53
SOP's covering individual Common
Control Identifiers (CCI).
• Vulnerability Management: Proficient
in reviewing, prioritizing, and
validating vulnerability results,
PROFESSIONAL SUMMARY
Seasoned Cyber Security Manager with 15+ years of experience fortifying organizations against cyber threats. A strategic leader skilled in developing and implementing robust security frameworks, conducting risk assessments, and ensuring compliance. Certified in CISSP. Proven track record of driving innovation, strengthening defenses, and ensuring compliance within forward-thinking organizations.
WORK HISTORY
Senior Cyber Security Analyst, 03/2022 to 09/2023
SCIENCE APPLICATIONS INTERNATIONAL CORPORATION (SAIC)
• Conducted a thorough risk analysis of security requirements in accordance with NIST 800-53 ensuring data security using eMASS as the collection and review of all artifacts leading to a comprehensive assessment.
• Recognized and implemented efficient security solutions and countermeasures for the SCA-V and ISSM, guaranteeing adherence to all NIST 800-53 controls.
• Logged and organized software entries in DADMS, improving the precision and comprehensiveness of accreditation procedures.
• Introduced a structured cataloging system, resulting in a 25% reduction in errors and promoting more streamlined accreditation workflows.
• Drafted and submitted security documents in accordance with DoD RMF, aligning with STIGs and IA Checklists
• Improved document preparation efficiency by 20%, streamlining the accreditation process.
Senior ISSO, 04/2020 to 03/2022
THE BOEING COMPANY
• Performed a thorough risk analysis of security requirements, identifying, and implementing measures to mitigate factors that could pose a threat to the successful execution of all information systems using eMASS as the GRC tool of choice.
• Successfully identified and implemented robust data security solutions and countermeasures for the ISSM, fostering a proactive strategy to mitigate potential security breaches
• Drafted comprehensive security documentation in strict compliance with the Department of Defense Risk Management Framework (DoD RMF), ensuring alignment with Security Technical Implementation Guides (STIGs) and Information Assurance (IA) Checklists
• Developed and delivered comprehensive security awareness programs to educate employees on security best practices
• Played a key role in facilitating the optimization of processes within the US Army Europe G6 IAPM office through active support
• Played a pivotal role in fortifying the security of Boeing's aerospace platforms, ensuring the safety and reliability of systems that serve both civilian and military interests.
Principal Cyber Security Analyst, 02/2012 to 03/2020 JOHN MOSBRUCKER
ensuring effectiveness and efficiency
of remediation efforts.
• Technical Leadership: Led critical
vulnerability remediation campaigns,
serving as a point of contact for
supporting technologies.
• Continuous Improvement: Identified
and executed improvement
opportunities for enterprise
vulnerability management services,
facilitating program efficiency gains.
• Cloud Security: Skilled in AWS Cloud
Computing, Microsoft Azure,
FedRAMP and ATO processes
• Compliance and Documentation:
Experienced in developing System
Security Plans (SSP), Contingency
Plans (CP), and Security Impact
Analysis (SIA).
• Stakeholder Engagement: Engaged
stakeholders in the vulnerability
management program, ensuring
collaboration for continuous
improvement.
• Tool Proficiency: Extensive
experience with cybersecurity tools
(Nessus, Qualys, Burp), network
topologies, intrusion detection, PKI,
and secured networks.
• Project Management: Led special
projects and teams, authored
methods of vulnerability detection,
and introduced new technologies for
process improvement.
• Vulnerability Management Lead:
Conducted in-depth analysis across
diverse technologies, prioritized
vulnerability results, and led
remediation campaigns. Validated
and verified remediation
effectiveness, identified false
positives, and performed barrier
analysis for corrective measures.
Introduced automation to
vulnerability management processes,
enhancing program efficiency.
• Technical Leadership and Training
Coordinator: Served as a point of
contact for technical issues,
coordinated team training activities,
and enhanced team skills. Validated
vulnerabilities remediated, performed
barrier analysis, and recommended
corrective measures. Supported the
execution of the vulnerability
management program through
meeting education. facilitation and program
General Dynamics
• Conducted thorough assessments of systems throughout the United States Army, effectively mitigating security defects and vulnerabilities using eMASS to collect and review artifacts to issue ATO’s,
• Prepared and presented comprehensive reports to executive leadership, summarizing the organization's cybersecurity posture, ongoing initiatives, and recommended data security improvements
• Successfully expedited security assessment processes, reducing turnaround time by 25%
• This improvement has fortified the organization's capacity to promptly address and respond to security issues
• Effectively crafted pertinent documents and spearheaded certification and validation initiatives, guaranteeing adherence to established security standards
• Implemented and managed advanced security technologies, including SIEM solutions, threat intelligence platforms, and endpoint detection and response systems, enhancing the organization's overall cyber resilience
• Verified that the systems fulfilled NIST requirements, consistently upholding a compliance rate of 100%
• Orchestrated and monitored teams for security audits encompassing 70 units, ensuring the punctual completion and examination of Tenant Security Plans (TSP).
EDUCATION
Bachelor of Science in Computer Science: Computer Science, 04/2004 CROWN COLLEGE - Tacoma, Washington
CERTIFICATIONS
• CISSP #362085
• ITIL v4
• SECURITY +
• NETWORK +
.
Contact this candidate