Risk/Vulnerability Analyst
Resume:
Immuri B. Lang
Harvest, AL *****
******.*.****@*****.***
Professional Summary
I am a cybersecurity professional and U.S. Army veteran with 12 years of experience and a Top-Secret clearance. I have led teams in high-stakes environments, managing cybersecurity operations, risk assessments, and compliance for complex defense systems. My expertise spans vulnerability management, RMF implementation, security control assessments, and incident response, supported by strong skills in process improvement and technical documentation. I have safeguarded assets exceeding $500M in value and excel at collaborating across departments to meet security and operational objectives. Backed by a master’s degree, industry certifications, and a track record of award-winning performance, I am committed to advancing organizational cybersecurity resilience and operational excellence.
Skills
Risk Management Framework (RMF)
Vulnerability Assessment
Security Control Assessment
Incident Response
Information Assurance (IA)
Tenable/Nessus Security Scans
Security Compliance & Auditing
eMASS & POA&M Management
HBSS (Host-Based Security System)
FISMA Compliance
Cybersecurity Policy Development
Change Management & TCCB/CMB
DISA STIGs & System Hardening
Technical Configuration & Documentation
ATO (Authorization to Operate) Processes
Professional Experience
ARES
Risk/Vulnerability Analyst 2 October 2023 – Present
Conduct cybersecurity control assessments, vulnerability assessments, software assurance, and risk analysis for the ballistic missile defense program.
Perform threat analysis, gap assessments, and develop implementation plans to strengthen cybersecurity posture.
Review security controls, POA&Ms, ATC documentation, and compliance artifacts across multiple organizations.
Manage eMASS database verifications and conduct telecon and onsite briefings to support assessment processes.
VSOLVIT
Cybersecurity Compliance Specialist November 2022 – July 2023
Led and briefed cybersecurity compliance initiatives in engineering and logistics meetings.
Coordinated cybersecurity communication and ensured accurate reporting via briefing charts and written reports.
Reconciled COLTS database with ATO and engineering documentation; maintained IT asset data including EOL and replacement recommendations.
Supported software reviews and ensured documentation was updated to meet compliance standards.
DOJ (FBI), Huntsville, AL
IT Specialist (Enclave Manager) (ISSO) October 2021 – October 2022
Oversaw the implementation and maintenance of baseline security controls for FBI information systems.
Defined system-specific continuous monitoring strategies and managed privileged user access recertification.
Ensured systems complied with FISMA standards; developed ATO security assessment packages.
Led vulnerability scans using Tenable, worked with admins on remediation, and coordinated inspections, testing, and change management.
I3, Huntsville, AL
Cyber Systems Engineer February 2020 – October 2021
Delivered direct cyber support and collaborated with ISSOs, ISSMs, and technical teams to integrate cybersecurity best practices.
Managed RMF policies, system scans, HBSS policies, and compliance audits across Army, DISA, DoD, and MDA requirements.
Reviewed and remediated logs using tools like Splunk, ACAS, SolarWinds, and HBSS; generated system documentation and RMF artifacts.
PHACIL, Huntsville, AL
Information Assurance/Security Engineer June 2019 – February 2020
Identified security risks, performed RMF best practices, and managed data in eMASS.
Configured Tenable Security Center/Nessus, automated infrastructure services, and developed security reports and user training programs.
Assessed new software for security compliance and managed ATCTS user profiles.
Raytheon, Huntsville, AL
Information Assurance Cyber Specialist II October 2016 – June 2019
Provided ISSO support for classified environments, developing and enforcing security procedures per NISPOM standards.
Executed RMF steps, compliance tests, and IA sustainment activities (e.g., change management, media protection).
Led IA training, audits, and incident response; authored customer-compliant IA policies and procedures.
Education
Master of Science in Acquisition and Contract Management
Florida Institute of Technology (GPA: 3.63) – 2006
Bachelor of Science in Business Administration/Management of Technology
Athens State University – 2005
Certifications & Training
Security+ CE
Certified Authorization Professional (CAP)
A+ CE
Certified Novell Admin (CNA)
MCITP Enterprise
MCDT Windows XP
MCSA Server 2003
Server Management
Information Assurance Fundamentals (IASO)
ACAS Vulnerability & Compliance Auditing (Intro, Operator & Supervisor Course 4.6.2)
Contact this candidate