Post Job Free
Sign in

Risk Management Security Clearance

Location:
Alexandria, VA
Salary:
120000
Posted:
November 19, 2024

Contact this candidate

Resume:

Jimmy Chavez-Lovo

*** *. ****** ** *** *** Alexandria, VA 22304

***************@*****.*** Cell: 571-***-****

US Citizen

Security Clearance: Top Secret/ SCI – Active

QUALIFICATIONS SUMMARY

- Bachelor Degree in Criminology.

- CompTIA Security +

- CASP (In Progress).

- Amazon Web Service (AWS) Certification.

OBJECTIVE

I am a committed professional looking to apply my expertise and experience in Risk Management Framework (RMF). My goal is to propose, implement, and monitor system security policies and procedures in accordance with government requirements for your organization's mission-critical systems. I am seeking for a Security Control Validator/Assessor or ISSO role in a forward-thinking organization that prioritizes Risk Management Framework (RMF) and offers opportunities for growth.

PROFESSIONAL EXPERIENCE

DCSA/ ASRC Federal Quantico, Virginia

Cybersecurity- Validator A&A April 2023- Present

Support Cyber Assurance Management Office (CAMO) on A&A Technical STIG Validations.

Review and Assess eMASS Risk Management Framework (RMF) Security Controls to ensure they are compliant.

Review Technical and Administrative POA&Ms that systems submit related to Nessus Scans Findings and STIG Findings.

Experience with vulnerability tools such as STIG Viewer, eMASSter, and Vulnerator.

Analyze CONs (Certificate of Networthiness) on any product that is being requested to join the DCSA Network for known vulnerabilities, foreign ownership and Government Approved Product List.

Responsible for monitoring systems on the Classified Network such as SIPR systems and on Xacta enclave for Top Secret Systems to ensure they are in compliance IAW DOD 8500.01.

Review and analyze all data that is input in eMASS from all systems that are in the DCSA Network.

Review IATT, ATO and ATO-C Requests submitted in eMASS.

Generate Reports on systems that are non-compliant.

Knowledgeable on DISA Security Technical Information Guides, NIST SP 800-53, and other DOD Cybersecurity Policies.

Create Open Finding Reports and Validation Timelines. DCSA/Echelon Services LLC. Quantico, Virginia

Cybersecurity- Validator A&A July 2022- April 2023

Conducted comprehensive security control assessments in accordance with Risk Management Framework (RMF) guidelines to ensure compliance with security requirements.

Collaborated with cross-functional teams to analyze, interpret, and apply security policies, standards, and guidelines to ensure alignment with RMF requirements.

Prepared detailed reports documenting security control validation findings, including recommendations for remediation and improvement.

Provided expertise in security control validation activities, including assessing system security plans, security assessment reports, and continuous monitoring documentation.

Participated in security control validation meetings and discussions to communicate findings, address concerns, and provide guidance on RMF compliance.

Conducted regular reviews of security controls to ensure ongoing compliance with RMF and other relevant security standards.

DCSA/ Broadleaf-Inc. Quantico, Virginia

Cybersecurity- Cyber Analyst February 2021- July 2022

Analyzed CONs (Certificate of Networthiness) on any product that is being requested to join the DCSA Network for known vulnerabilities, foreign ownership and Government Approved Product List.

Reviewed and analyzed RMF documentation submitted by the System’s ISO to include Security Plans, Implementation Plans, Hardware/Software List, CONOPS, Port, Protocols, Services, and Management (PPSM), Plans of Action and Milestones

(POA&Ms), and Risk Assessment Report.

Assisted the Program Managers on developing POA&Ms for technical and administrative findings.

Conducted Team Meetings to update Government Leadership on the RMF compliance status of systems.

Experienced on creating MFR (Memorandum for Record) for systems.

Built and provided Validation Timelines to the System’s Program Managers for Technical Validation.

Assisted ISOs and SMEs submit POA&M Extensions in eMASS.

Hosted meetings for Government leadership and all stakeholders to brief them on all system’s Risk Posture.

Technical Skills:

Software: MS Office (Word, Excel, Outlook, Access, PowerPoint).

Security Technologies: Nessus Scans, IDS/IPS; Active Directory, Anti-Virus Tools, McAfee, and Splunk.

Networking: LANs, VPNs, Routers, Firewalls.

.

Education Background:

Bachelors of Arts in Criminology

University of Maryland

College Park, MD 20742

301-***-****

GPA 3.046

Additional Information:

Fluent in Spanish (Speaking, Writing, and Reading). REFERENCES: Available upon request



Contact this candidate