Sign in

Security Information

Washington, DC
February 25, 2020

Contact this candidate


Jason A. Schwartz

**** **** **** **. *** # ***-C, Greenbelt, MD 20770 301-***-****


Howard University, B.S. Information Systems, December 2005


Goldbelt HAWK 11/18- Present

CyberSecurity Analyst Auditor for the Department of Commerce (DOC)

Maintain FISMA and the Financial Statement Audit Action Plan reporting, documenting the status for ATOs, as well as the POA&Ms associated with the audit findings on a monthly basis, which are reported to the CISO and Deputy CISO on a quarterly basis

Reviewed and tracked Track the status of 5 bureaus Notification of Finding and Recommendations (NFRs) through their Audit Action Plan (AAP) on a quarterly basis for 5 bureaus on a monthly and quarterly basis while conducting the Financial Statement Audit

Review the artifacts of each POA&M associated with each AAP

Generated monthly and quarterly reports and used a risk rating scoring method to track the status of each audit finding

Review security documentation to ensure the information regarding the system is accurate and up to date for the system to receive their ATO

Track and monitor the risks associated with various systems and programs throughout the Department by using Cyber Security Asset Management (CSAM) to review system documentation routinely, and update the risk management within the system

Attain/Agensys 08/17-11/18

Policy and CyberSecurity Analyst / CSAM Administrator for the Department of Commerce (DOC)

Responsible for providing assistance in FISMA reporting for users on the Cyber Security Asset Management (CSAM) tool as well as monitored, reviewed and assessed security hundreds of systems.

Generated monthly reports tracking the ATO status for close to 300 systems as well as monitored over 4,000 POA&Ms for those systems

Conducted an IT Compliance Check for around 200 systems ensuring their security documentation is accurate and up to date

Served as a CSAM Administrator to hundreds of users across the 11 bureaus of Department of Commerce

Provided assistance with developing IT Security Baseline Policies by establishing minimum standards for all the bureaus within Department of Commerce

Conducted the FISMA Assessment for close to 300 systems across the 11 bureaus of the Department of Commerce by utilizing the CIO FISMA Metrics to satisfy the NIST Cyber Security Framework

AECOM/ASI Government 03/12-03/17

Information Assurance Analyst / Alternate ISSO for the General Service Administration (GSA)

Responsible for reviewing/assessing Security Documentation for over a dozen systems in the Telecomm Industry ensuring that all of the systems are following the Assessment & Authorization(A&A) process

Reviewed Vulnerability Scan Reports on a quarterly basis for over a dozen systems in search of vulnerabilities and ensuring previous vulnerabilities has been remediated

Reviewed Plan of Actions and Milestones (POA&Ms) for over a dozen systems on a quarterly basis verifying that is matches the scan reports and tracked the status of all vulnerabilities

Review the System Security Packages (SSP) for over a dozen systems ensuring that all security controls are detailed and compliant with the NIST 800-53 rev 4 guidelines including all required embedded documents

Reviewed all required security documents ensuring that all documentation is up to date for over a dozen systems to receive their ATO.

Participated in the FISMA Annual Assessment for over a dozen systems by reviewing evidence (screenshots, etc.) that support the selected security control within the test case.

Managed Personal Identifiable Information (PII) and processed incoming employee’s Contract Information Worksheet (CIW) into GCIMS for the approval of a NACI/MBI for Personnel Security

ERT (Earth Resources Technology) 07/11-3/12

IT Security Specialist for the Department Of Commerce, National Oceanic Atmosphere Administration (NOAA)

Responsible for network security migration from Microsoft Outlook to the Google Cloud

Responsible for network security compliance according to NIST 800-53

Developed the System Security Package for NOAA’s Google Apps for Government

Developed Plan of Action and Milestones (POAM) to mitigate issues generated during program migration

Structured the Configuration Management Plan (CMP) for the Google Cloud Service

Developed additional security documents such as the Risk Assessment Report (RAR), Privacy Threshold Analysis (PTA), Privacy Impact Assessment (PIA), Business Impact Analysis (BIA), and the Contingency Plan (CP)

Provided support to users for Google Apps for Government (GAfG)

MSI (Management Solutions Incorporated) 09/09-07/11

Information Security Engineer for the Department Of Commerce, Census Bureau

Responsible for Managing and Tracking new systems and servers prior to reaching the network

Monitored the development of new systems and servers for the Census Bureau network

Responsible for security compliance for each system/server

Responsible for the IT logistics for all Census Bureau systems and servers

Managed the progress of POAMs and updated the status through Cyber Security Assessment and Management (CSAM)

Create Security Packages for each system/server before it hits the network

E&E Enterprises Global Inc. 04/09-9/09

Information Assurance Analyst for the Department Of Commerce, Census Bureau

Responsible for monitoring new systems, servers and POAMs

Tracked all systems and servers on to the network using a phpmysql database

Review NCJ (Non-Compliance Justification) Forms for proper descriptions and explanations of systems vulnerabilities

Tracked the status of POAMs through CSAM ensuring all deadlines are being met

Continuous Monitoring through regular assessments of the systems and servers

Energy Enterprise Solutions 10/06-03/09

Technical Support Specialist for the Department Of Energy (DOE)

Responsible for providing technical support for the Trusted Agent tool

Prepared test cases for the Trusted Agent application

Monitor the Trusted Agent tool ensuring that it is fully functioning

Manage the application to ensure it accurately generates FISMA reports and C&A Tracking.

SharePoint Database Specialist for the Business Development Group

Responsible for creating, uploading, and maintaining the Single Source Intranet Site

Created a database inside of the single source intranet site for the user to locate proposals

Uploaded dissected parts of a proposal to be edited/tailored to be used again for future proposals

Maintained and tracked all Business Development Proposals used to obtain government contracts

Systems Analyst for the Department Of Energy (DOE)

Responsible for the IT inventory within the OE team of the Department of Energy

Created a database using Microsoft Access that resolved and organized the IT Inventory issues within the Office of Electricity Delivery and Energy Reliability (OE) saving the customer approximately $2,000 monthly.

Maintained the data in the database ensuring that it operated on real time using Sunflower

Created Standard Operating Procedures (SOPs) for the client’s understanding of proper protocol


- Certification & Accreditation - Trusted Agent

- Assessments & Authorizations - CSAM

- FISMA - Risk Management Framework (RFM)

- NIST 800-53, Rev 4 - FIPS 199, FIPS 200

- Cyber Security Analysist - System Development Life Cycle (SDLC)

- POAM Tracking - Personnel Security


Microsoft 16 Microsoft Project

Microsoft Outlook Lotus Notes

Microsoft Office Suite (365, Word, Excel, Access, and PowerPoint) CSAM

Google Cloud Trusted Agent

References: Available upon request

Contact this candidate