Post Job Free
Sign in

Security Clearance Risk Management

Location:
Pasadena, MD
Salary:
150,000
Posted:
September 19, 2024

Contact this candidate

Resume:

KIMBERLY M. KENNEDY (USAF Retired)

Odenton, Maryland

472-***-****, ***********@**.***

SECURITY CLEARANCE: Secret (Submitted for periodic reinvestigation Feb 2024) CERTIFICATIONS:

Certified in Governance Risk Compliance (CGRC)/Certified Authorization Professional (CAP) 2026

Certified Ethical Hacker (CEH) 2025

Cybersecurity Analysis + (CSA +) 2026

Security + CE (DOD 8750 IAT Level II) 2026

Security Analytics Professional (Sec+ & CSA+) 2026 A+ Hardware/Systems (A+) 2005

Certificate in JAVA Programming 2004

JCAVS Security Clearance program 2003

CISSP bootcamp 2020

Penetration Testing + (PenTest+ bootcamp) 2020

CITIZENSHIP: United States

OBJECTIVE: Seeking work in Information Technology field. Recently completed two Master’s degrees with classes in cryptography, computer forensics and IT Risk Management, Advanced Computer Architecture, Advanced Network Security Design, Cybercrime Techniques and Responses, IT Project Management, Strategic Planning for Database Systems using UNIX system creating a database, ensuring input validation script was secure. Check web application security for cross-scripting and brute-force attacks using Wireshark. Completed Security Plus and Cybersecurity Analyst plus, near- ly 21 years Honorable service in the United States Air Force. EDUCATION:

MBA Professional Studies (Computer Security), Strayer University. D.C. 2017 MIS, Info Systems Concentration in Systems Security, Strayer University D.C. 2016 B.S. Computer Info Systems, Regis University, Colorado Springs, CO. 2004 Associates Computer Info Systems, Community College of the Air Force, CO. 2003 SPECIFIC WORK/TASK EXPERIENCE:

Cybersecurity Specialist Level IV

Cherokee-Federal, Tulsa, OK @ Ft Detrick, Fredrick, MD. 08/2021/Present

Evaluating and reviewing of medical devices work with distributors and manufac- tures to ensure medical devices security controls meet FISMA, NIST, Health Insur- ance Portability Accounting Act, Privacy Act and other requirements prior to integra- tion with Authorization to Operate (AO)

Following the 6 Step process (7 steps DoD) IAW the Risk Management Framework

(RMF) process

Categorize and define the boundaries of the device according to information collect- ed and the processing of that information

Select control for the device either common or tailored importing scans applying ap- propriate STIG common-controls and system specific IAW policies, procedures and higher governance

Assess security controls identified and implemented and their effectiveness and de- veloping the Security Assessment Report and the Security Assessment Plan

Entered and updated responses to findings in e-Mass ensuring POAMs and artifacts are updated accordingly

Submit the entire security package for ATO or receive guidance of how to proceed for accreditation to the AO

Continuous monitoring and maintenance by receiving scans and periodically updat- ing e-Mass for any changes in the environment

Cybersecurity Specialist Level II

Tuvli LLC, Herndon, VA @ Ft Detrick, Fredrick, MD. 10/2018-08/2021

Evaluating and reviewing of medical devices work with distributors and manufac- tures to ensure medical devices security controls meet FISMA, NIST, Health Insur- ance Portability Accounting Act, Privacy Act and other requirements prior to integra- tion with Authorization to Operate (AO)

Following the 6 Step process (7 steps DoD) IAW the Risk Management Framework

(RMF) process

Categorize and define the boundaries of the device according to information collect- ed and the processing of that information

Select control for the device either common or tailored importing scans applying ap- propriate STIG common-controls and system specific IAW policies, procedures and higher governance

Assess security controls identified and implemented and their effectiveness and de- veloping the Security Assessment Report and the Security Assessment Plan

Entered and updated responses to findings in e-Mass ensuring POAMs and artifacts are updated accordingly

Submit the entire security package for ATO or receive guidance of how to proceed for accreditation to the AO

Continuous monitoring and maintenance by receiving scans and periodically updat- ing e-Mass for any changes in the environment

Information Assurance/Cybersecurity SME

Agensys Corp. Ashburn, VA @ Aberdeen Proving Grounds, MD. 06/2018-10/2018

As a Tiger Team member assisted Aberdeen Proving Ground’s CECOM-G6 with pre- inspection for their Command Cyber Readiness (CCRI) to validate and verify sys- tems settings and policies according to the Risk Management Framework

Imported system scans into the DISA STIG Viewer and applying STIG checklists as- sessing and re-address findings as necessary

Entered and updated STIG vulnerabilities and responses to findings in e-Mass en- suring POAMs and artifacts were entered and/or updated

Assisted with the integration of the ESS system to the R-NEC and submitted ATO for processing

Software Engineer

Harmonia, Blacksburg, VA @ Aberdeen Proving Grounds, MD. 09/2017-04/2018

Reviewed software from U.S. Army to run through classified system using Fortify and Code DX130; Cppcheck, FxCop, Gendame, JSHint, PHP_CodeSniffer, PDM, and Retire.js

Evaluated findings to determine Cat I, II & III for manual review, and recommended remediation as well as identified false positives

Categorized findings as False Positives or Escalation annotating recommendations

Using PowerShell, Java, and Linux scripting to pull information from the scans of the findings to prepare a comprehensive report with graphs, statistics, STIG’s definitions and Common Weakness Enumeration (CWE’s) break downs for submission to Gov- ernment clients for remediation

Operations and Intelligence Analyst

GEM Companies Inc. Denver, CO @ Annapolis Junction, MD. 09/2011-03/2017

Operations and Intelligence Analyst at Colorado Springs Operation Center (CSOC) for TSA’s Crew Vetting Program

Handpicked team lead at redundancy Ops Center in Annapolis Junction, MD (AJOC)

Perform Tier 1 analysis on user accounts across four production systems for all pro- grams to include the Finger Print Analysis Program for all airports

Perform Tier 2 & 3 system analysis through Event Viewer and Tivoli by adjusting pipelines, load balancing and services ensuring primary systems were online 24/7

Controlled maintenance windows, routine updates, hot-fixes, fail-overs, and POAMs on system which occurred as many as 30+ times a month providing 24/7 Ops

Performed physical maintenance replacing devices, and reconfiguration of systems

As Network Administrator, disable and enable user accounts, permissions, and password resets on all four systems for numerous applications and programs

Briefed POAM status to clients in daily briefings

Process derogatory information across four systems; Terrorist Screening Data Base

(TSDB), Office of Foreign Assets (OFAC), Cleared list, No Fly, Selectee, Center for Disease Control (CDC), Federal Air Marshalls, Warrants, Cleared list and across 32 other programs

Identified Person(s) of Interest (POIs) and Preliminary Persons of Interest (PPOI) posting information on confidential website

Ensured100% accountability of all files and records submitted to the Crew Vetting Program for analysis with an average of 50 files or more daily and including thousands of records

Operations and Intelligence Analyst

ManTech International Annapolis Junction, MD 08/2007-09/2011

Operations and Intelligence Analyst at Colorado Springs Operation Center (CSOC) for TSA’s Crew Vetting Program

Handpicked team lead at redundancy Ops Center in Annapolis Junction, MD (AJOC)

Perform Tier 1 analysis on user accounts across four production systems for all pro- grams to include the Finger Print Analysis Program for all airports

Perform Tier 2 & 3 system analysis through Event Viewer and Tivoli by adjusting pipelines, load balancing and services ensuring primary systems were online 24/7

Controlled maintenance windows, routine updates, hot-fixes, fail-overs, and POAMs on system which occurred as many as 30+ times a month providing 24/7 Ops

Performed physical maintenance replacing devices, and reconfiguration of systems

As Network Administrator, disable and enable user accounts, permissions, and password resets on all four systems for numerous applications and programs

Briefed POAM status to clients in daily briefings

Process derogatory information across four systems; Terrorist Screening Data Base

(TSDB), Office of Foreign Assets (OFAC), Cleared list, No Fly, Selectee, Center for Disease Control (CDC), Federal Air Marshalls, Warrants, Cleared list and across 32 other programs

Identified Person(s) of Interest (POIs) and Preliminary Persons of Interest (PPOI) posting information on confidential website

Ensured100% accountability of all files and records submitted to the Crew Vetting Program for analysis with an average of 50 files or more daily and including thousands of records

CORE COMPETENCY:

Code DX, Fortify, O/S Systems, DOS/MS-DOS O/S, Pinnacle Studio 8, Pascal Pro- gramming, C++, Programming, Java Programming, HTML Web Page Design, Visual Studios.NET, RCA, Digital Voice Manager, JCAVS Security Clearance program, Dream Weaver Web Page, Design, Front Page, Text Pad, WinZip, Tivoli, Microsoft Office, Word, PowerPoint, Access, Excel, Visio, Explorer, Safari, Firefox, Pages, SARAH-Lite Message Management, Dbase IV, Bedbaord, SolarWinds, MAC OS and Remedy, STIG Viewer, E-Mass, Vulenator, and STIG viewer

PROFESSIONAL DEVELOPMENT AND TRAINING:

Noncommissioned Officer Academy Peterson AFB, CO. 2002 Information Managers 7-level, Biloxi AFB, MS. 1993 Noncommissioned Officer School, Barksdale AFB, LA. 1990 Noncommissioned Officer Preparatory Course, Blytheville, AR. 1988 Information Managers 5-level, Biloxi AFB, MS. 1986 Basic Military Training, Lackland AFB, TX. 1985

AWARDS AND HONORS:

Decorations and Awards included: Meritorious Service Medal, Combined Forces Commendation Medals, Air Force Commendation Medals, Air Force Achievement Medals, Outstanding Unit and Wing Awards, Longevity Medals, Good Conducts Medals ADDITIONAL PROFESSIONAL EXPERIENCE:

Chief, Information and Workgroup Manager, USAF Academy, CO. 2001-2006 Chief, Information and Workgroup Manager, Cheyenne AB, CO. 1999-2001 Chief, Information and Workgroup Manager, Osan AB, South Korea 1998-1999 Chief, Intel Info and Workgroup Manager McChord AFB, WA. 1992-1998 Information Manager, Blytheville AFB (aka Eaker AFB) AR. 1986-1992 Journeyman Information Manager, Whiteman AFB, MO. 1985-1986 SERVICE SPECIFIC ACCOMPLISHMENTS

Managed seven subordinate units' information from "cradle-to-grave."

Streamlined review processes of reports reducing time by 50% between five orgs

Coordinated efforts supporting 100 cadets sent to for POTUS’ Inauguration Day

Authored and incorporated Performance Reports Checklist adopted throughout wing

Enabled procurement of critical assets for UIC/ORI and Graduation with V-POTUS

Authored ten program continuity binders; "Excellent" rating for HQ AFIA UIC/ORI

Created step-by-step instruction for personnel for clearance reinvestigations

Training program for security reinvestigations saved 14 hours per person

Obtain $90K in unfunded monies to furnish acquired office space for C-17 Program

During Operation DESERT STORM, supporting the B-52 at RAF Fairford AB, Eng- land

Key player in bare-base deployment, obtaining essential wheel assemblies

During base closure of Eaker AFB, AR.; ensured proper disposition of all unit records

Performed system scans, updates, and patching, identified firewall required changes

Attended A+ course and received certification

Simplified the conversion process of cadets' e-mail accounts; saving over 30 hours

Managed ADPE over $80,966 of equipment/resources with 100% accountability

Flawlessly worked as Personnel Specialist managed squadron doubling in size

Personal protection to Iceland delegates supporting 2003 NATO conference

Coordination all contingency situations as Red Carpet Team member

Resource Manager for C-17 program budgeting of over $200K

Intelligence Battle Staff Team authority on Communication and Intelligence matters

Provided staff assistant to subordinate Intelligence units receiving an “Excellent”

For conference and briefings, created, reproduced and assembled welcoming pkgs

Member of Single Integrated Operational Plan and Emergency War Order Teams



Contact this candidate