Security Control Information System
Resume:
Felix Che
Sr. Security Control Assessor
Profile
Experienced Sr. Security Control Assessor adept at conducting comprehensive security control assessments following NIST guidelines. Skilled in leading Test Readiness Review meetings and analyzing NESSUS scan results to ensure system compliance. Proficient in utilizing XACTA to generate detailed Security Assessment Reports with actionable recommendations. Known for supporting Information System Security Owners in obtaining Authority to Operate. Exceptional at collaborating with stakeholders to enhance security posture and mitigate risks effectively. Demonstrated expertise in information gathering, communication, and continual self-development. Employment History
Sr. Security Control Assessor at nDepth Security LLC April 2023 — May 2025
Conducted security control assessments for 100 IT systems following NIST 800-53A Rv4. Scheduled and led Test Readiness Review meetings for Security Assessment and Authorization. Reviewed Security Plan, Configuration Management Plan, and NESSUS scan results. Utilized XACTA to create Security Assessment Reports with findings and recommendations. Supported Information System Security Owners in achieving Authority to Operate.
Sr. System Vulnerability Analyst at National Security Agency August 2021 — April 2023
- Maintain operational security posture and accreditation status for organizational networks
• Advise system owners on information system security post-implementation
• Report vulnerabilities to prevent insider threats and adversary activity
• Analyze system vulnerabilities and attacks to support operational missions
• Collaborate with industry cybersecurity experts to enhance network understanding.
Sr. IT Security Analyst at NASA- ASRC Federal Corporation February 2016 — July 2021
- Conducted software analysis to identify vulnerabilities, assess risk levels, and implement security controls.
• Dispatched cases for further research and development to address identified issues effectively.
• Enhanced security measures by preventing threats through data analysis and implementing remediation strategies.
• Significantly reduced data exfiltration risk by 90% through the creation of data movement reports.
Details
***********@*****.***
Skills
Security Control Assessments
NIST Guidelines
NESSUS Scan Analysis
XACTA
Security Assessment Reports
Authority to Operate
Stakeholder Collaboration
Risk Mitigation
• Collaborated with the IT team to eradicate malicious software, streamlining daily removal processes and enhancing network security.
Sr. Software IT Analyst at NASA- Global Science and Technology February 2013 — January 2016
- Enhanced quality and met standards by implementing QA in production processes, increasing productivity, and reducing security risks by 20%.
• Authored, reviewed, and maintained policies, procedures, and documentation, collaborating with QA manager to ensure safety and achieve 95% fraud risk reduction.
• Identified vulnerabilities and risks, using security tools to prevent insider threats and adversary activity.
• Led QA processes, collaborated with team, ensured compliance, reduced fraud risk, and mitigated security threats by 20%.
• Authored, reviewed, and maintained policies, procedures, and documentation, achieving 95% fraud risk reduction and enhancing safety protocols.
Software Test Engineer at CareFirst Blue Cross Blue Shield June 2011 — December 2012
- Led risk management and loss reduction efforts for 50+ health insurance policyholders.
• Analyzed 55+ health and demographic parameters to recommend ROI maximizing strategies.
• Developed QA procedures and automation test scenarios for Java platform.
• Implemented security patches to prevent data breaches in line with HIPAA and OWASP TOP 10.
• Managed testing using HP ALM v11, QTP, and change management control for 100+ users.
Education
Master of Science, University of Maryland Global Campus, Adelphi Bachelor of Science, University of Maryland Global Campus, Adelphi
Contact this candidate