Network Technician Security Specialist

Location:

Kiln, MS, 39529

Posted:

August 11, 2022

Contact this candidate

Resume:

Jessie Williams

***** ********** **., *********** ** 87112

Phone:+1-505-***-**** Email: **********@*****.***

Citizenship: United States

Desired Job Type: InfoSec Manager

Certifications: DoD 8570/8140, IAM III CISM, IAT III CASP CE, CompTIA Cloud +, AWS Cloud Practitioner

Security Clearance: Top Secret/Q

Desired Locations: USA

Relocation Yes

Summary of Qualifications

I have experience as a Cyber Security Service Provider (CSSP) Manager, working on SCI/SAR projects. My strength lies in using the Risk Management Framework (RMF) for Assessments & Authorization (A&A) Certifications, aka Certifications and Accreditation (C&A) of Command, Control, Communications and Computer (C4i) Systems and the Space and Missile Systems Center (SMC) on Kirtland AFB. While supporting DOD combat systems, test and evaluation planning, identification, implementation, integration, and monitoring of processes, and acquisition strategies on numerous Platforms. Proficient at ensuring systems are operated, maintained, and disposed of in accordance with the RMF, and ICD-503 processes. While using my Electronic Engineering disciplines to harvest a System Security Plan (SSP), using the Body of Evidence (BOE) to assist in the assessment process. While being responsible for designing, developing, integrating, and deploying security-related systems, supporting the Automated Information System (AIS). Using the Security Engineering tasks may include preparing, a request for proposal, information, and change (RFP, RFI & RFC), and gathering requirements for the development of policies, procedures, and baselines using existing standards. Interviewing personnel for technical positions, while nurturing and providing support for young personnel.

Xacta/eMass/Service Now (SNOW)

Cyber Security

DISA Trained, HBSS, and ACAS

Assessment & Authorization Package Development

Electronics Engineering

XACTA/eMASS

IMO, SCCM Imaging

Project Management Skills

Gov Cloud AWS

Cross Domain Solution (CDS)

Defense Red Switch Network (DRSN)

AFI 16-1404 (OPSEC)

COMSEC Monitoring

Writing SOPs

AFI 31-501 (PERSEC)

ICD 705

FISMA

Preparing Systems Requirements Traceability Matrices (SRTMs)

NIST IA controls

ICD-503 RMF Package Development

Patching/Scanning

Incident Reporting Mgt.

CNSSI 1253

Remedy Ticket System

DoD Security Strategies

SSPs and BOEs

SIEM/ SolarWinds/Splunk

Command Cyber Readiness Inspections (CCRI)

Education

University of Maryland University College M.S., Information Assurance Management (Aug 2015)

Thomas Edison State College B.S., Electronic Engineering (Feb. 2011)

Hinds Community College A.S., Electronics/Telecommunication (May 2008)

RETS Electronics School Graduate (Nov. 1981)

Experience

Sandia National labs Sept 2019 – Present

Cyber Assurance Architect: As a Technical Principal Member at the Labs, I service Cybersecurity Architect. My duties include but not limited to: Design, build, implement and support enterprise-class security system, Align organizational security strategy and infrastructure with overall business and technology strategy, Identify and communicate current and emerging security threats, Design security architecture elements to mitigate threats as they emerge, Plan research and design robust security architectures for any project, Perform or supervise vulnerability testing, risk analyses and security assessments, Create solutions that balance business requirements with information and cybersecurity requirements, Identify security design gaps in existing and proposed architectures and recommend changes or enhancements, Provide supervision and guidance to a security team, Define, implement and maintain corporate security policies and procedures, Regularly communicate vital information, security needs and priorities to upper management

Metis Technologies Aug 2018 – Sept 2019

Senior Information System Security Engineer (ISSE): Serving as an ISSE for Space and Missile Systems Center (SMC) on Kirtland AFB, my duties and responsibilities include supporting CyberSecurity Architecture from the Ground System to the Space Vehicle. Providing acquisition strategy for the Information Assurance (IA) team (ISSM, ISSO), system administrators, and program technical staff for ongoing SCI/SAP programs to manage program risks and to meet program objectives. My duties also include performing analysis, identifying and implementing protection solutions, and preparing and maintaining engineering and security-related documentation. My day to day task may include the following, performing vulnerability assessments; Certification and Accreditation (C&A) activities (e.g., DoD, RMF, NIST); implementation of security controls in networking devices databases, operating systems, hardware and software components; administering and managing IA Vulnerability Alerts (IAVA), and Security Plan of Action and Milestones (POA&M) mitigations through timely assessment of IAVA notices and POA&M corrective actions; conducting technical and nontechnical reviews and audits as necessary to support development and test efforts both in house and at customer sites; assisting system administrators and ISSM in maintaining system accreditations in accordance with the approved IA program and procedures

N3B Los Alamos Labs April 2018-Aug 2018

Information System Security Manager (ISSM) I serve as the Information Systems Security Manager (ISSM) for classified computers in DOE and Intelligence Community computing environments. Maintaining day-to-day security posture, acquisition strategy continuous monitoring of Information Systems (IS), including security event log review and analysis. My team and I ensure system security measures comply with applicable government policies. We provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system. Maintain a thorough understanding of NIST 800-53 controls, and determine which controls are applicable to the application, as well as document implementation in Security Controls Tractability Matrix (SCTM). As ISSM I am reasonable for maintaining appropriate operation information assurance (IA) posture for programs. I conduct reviews and technical inspections to identify and mitigate potential security weaknesses and ensure that all security features applied to a system are implemented and functional. We monitor and resolve the Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned Information Systems. I Draft and/or prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, SAR, RAR, SCTM)

Leidos: Kuwait May 2017- April 2018

Info Assurance Security Engineer: Working within the Combined Joint Task Force – Operation Inherent Resolve (CJTF–OIR) G2 Systems. I was responsible for completing accreditation processes on multiple ICD 503 SCI networks/systems under the Risk Management Framework (RMF) working with an appointed Government Information Security System Manager (ISSM) to implement organizational security and acquisition strategy. I lead Incident Handling issues with the use of the Remedy ticketing system I track and document actions needed for the organizations Situational Awareness (SA). Serving as a CyberSecurity Officer (IASE), I support the high-level technical and practical expertise with technologies, including, The Security Content Automation Protocol (SCAP), Host Based Security System (HBSS), Assured Compliance Assessment Solution (ACAS), and security information and event management (SIEM) software products. I apply analytical and evaluative methods and techniques to issues or studies concerning the efficiency and effectiveness of CyberSecurity implementation Support the continuous assessment of IA Control compliance for the program, while monitoring milestones, and metrics.

Booz Allen Hamilton (BAH): ABQ, NM March 2017- May 2017

Senior, Cybersecurity Engineer: My team and I provide expertise in the implementation of the Department of Defense (DoD) Risk Management Framework (RMF) in accordance with ICD 503. Tasks on SAP projects for Missile Defense Agency (MDA) that include Providing analysis, design, development, implementation, security assessments and acquisition strategy to ensure compliance with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, CNSSI 1253, and DoD RMF Knowledge Service guidance. While supporting the transition from Department of Defense (DoD) Information Assurance Certification and Accreditation Process (DIACAP) to RMF, including the development of RMF documentation created from existing DIACAP documents using XACTA IA MANAGER and ENTERPRISE MISSION ASSURANCE SUPPORT SERVICE (EMASS) tools, both are used for IT risk management tools that meets the complex challenges of managing IT risk with continuous compliance monitoring, security assessment, and ongoing authorization.

CACI National: ABQ, NM July 2013-March 2017

Information Systems Security Engineer Lead: My team and I provide expertise in the implementation of the Department of Defense (DoD) Risk Management Framework (RMF) in accordance with ICD 503. This includes Providing analysis, design, development, implementation, security assessments and acquisition strategy to ensure compliance with the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, CNSSI 1253, and DoD RMF Knowledge Service guidance. While supporting the transition from Department of Defense (DoD) Information Assurance Certification and Accreditation Process (DIACAP) to RMF, including the development of RMF documentation created from existing DIACAP documents using XACTA IA MANAGER and ENTERPRISE MISSION ASSURANCE SUPPORT SERVICE (EMASS) tools, both are used for IT risk management tools that meets the complex challenges of managing IT risk with continuous compliance monitoring, security assessment, and ongoing authorization.

Serving as a CyberSecurity engineer (ISSE) lead, supporting the Command, Control, Communications, Computer and Intelligence (C4i) SCI/SAP Systems. While supporting DoD combat systems test and evaluation planning, identification, implementation, integration, and monitoring of processes and strategies and Platforms. Using applied Cyber Security technologies, including, The Security Content Automation Protocol (SCAP), Host Based Security System (HBSS), Assured Compliance Assessment Solution (ACAS), and security information and event management (SIEM) software products. I apply analytical and evaluative methods and techniques to issues or studies concerning the efficiency and effectiveness of Cyber Security implementation that supports the continuous assessment of IA Controls compliance for the program. While creating milestones, metrics and monitors adherence to software plans and schedules, that identifies problems and obtains solutions, such as allocation of resources or adapting to changing contractual specifications.

Epsilon, Inc. New Orleans, LA October 2012 – July 2013

IT Cyber Security Specialist: I was responsible for providing analysis, design, development, implementation and security assessments to ensure compliance with the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, CNSSI 1253, and DoD RMF Knowledge Service guidance. Support the transition from the Department of Defense (DOD) Information Assurance Certification and Accreditation Process (DIACAP) to RMF. Operationally I apply analytical and evaluative methods and techniques to issues or studies concerning the efficiency and effectiveness of Cyber Security implementation using up to date tools (i.e.) ACAS, HBSS and ArcSight, also providing recommendations for improvements and enhancements of platforms, systems and Next Generation Enterprise at Marine Corps Support Facility (MCSF).

L-3 Communication Services, Inc. · Middle East, Southwest Asia Jul. 2011 - Oct 2012 IT Cyber Security Specialist: I was responsible for providing analysis, design, development, implementation, and security assessments to ensure compliance with the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, CNSSI 1253, and DoD RMF Knowledge Service guidance. Support the transition from the Department of Defense (DOD) Information Assurance Certification and Accreditation Process (DIACAP) to RMF. Operationally I apply analytical and evaluative methods and techniques to issues or studies concerning the efficiency and effectiveness of Cyber Security implementation using up to date tools (i.e.) ACAS, HBSS, and ArcSight; also providing recommendations for improvements and enhancements of platforms, systems, and labs.

KBR · Camp BondSteel, Kosovo- Middle East, Southwest Asia, and Tikrit, Iraq: Nov. 2008 - Jul. 2011

IT Asset Analyst Lead & Information Management Officer (IMO): Using a security checklist I performed and supervised a variety of risk management and vulnerability analysis to verify compliance to a baseline level of security. Using (STIGs) and readiness review scripts to support in the configuration of Sipr & Nipr networks, all done while working with or reporting to the DoD or Army's Contracting Officer Rep (COR) that was assigned to us. Being part of a Computer Security Incident Response Team (CSIRT); we provided management to the misuse of the system's computers while preventing any NISPOM violations and ensuring that these systems maintain the appropriate level of Confidentiality, Integrity, and Availability (CIA). This was based on DIACAP certification and accreditation (C&A) for the systems life cycle. I also had to attend a bi-weekly patch management class for the NIPRNet and SIPRNet Systems.

University of Mississippi Medical Center – Jackson MS: Jan 2006 – Oct 2008

Network Technician: As a Network Technician is responsible for analyzing LAN/WAN functionality, peripherals, security, and anti-virus protection. The I.S. Network Technician identifies/ locates and resolves problems as well as evaluates trends and anticipates problems. Maintains the network anti-virus application, including addition/deletion of users, upgrades and enhancement of software and works with the Exchange administrator to ensure users have the appropriate functionality in place Executes steps necessary to protect network from outside virus, spam, spyware when reported by Staff or automated alerting system Configures, installs and maintains application and network server hardware and software

Charity Hospital – New Orleans, LA May. 1997 –Aug 2005

Contact this candidate