Information Technology Cyber Security

Location:

Jacksonville, FL

Salary:

145,000

Posted:

April 21, 2025

Contact this candidate

Resume:

Lewis M. Hamilton

**** *. ****** ***.

Jacksonville, FL 32209

Cell: 904-***-****

Email: ********.****@*******.***

SUMMARY OF QUALIFICATIONS AND TRAINING

Obtained CompTIA Security+ Certification with an expiration date of 2025 December 7

Obtained CompTIA Network+ Certification with an expiration date of 2025 December 7

Proficient in Microsoft Word, Excel and Outlook

Knowledge of federal cybersecurity regulations, such as NIST, FISMA, and FedRAMP.

Assured Compliance Assessment Solution (ACAS), Vulnerability Remediation Asset Manager (VRAM)

Enterprise Mission Assurance Support Service (eMASS), Cyber Security Assessment and Management (CSAM), Risk Management Framework (RMF)

SUMMARY OF EXPERIENCE

Information Technology professional with over 13 years of Cyber Security experience. Effective communicator, with strong time management, scheduling, and project management skills, I excel at keeping processes on track and delivering key time-sensitive objectives. I have held roles as an Information System Security Officer (ISSO), Information Systems Security Manager (ISSM) and a Security Control Assessor Representative (SCAR) with a strong background in auditing, network security and risk management. As a contract lead I also have proven success in training, staff management, and information technology management.

PROFESIONAL EXPERIENCE

Information System Security Officer (ISSO) 02/08/2023 to 07/10/2024

Information Assurance and Cybersecurity Division (IAD)

Transportation Security Administration (TSA)

Department of Homeland Security (DHS)

Serves as the Information Systems Security Officer (ISSO) for multiple systems supported by Transportation Security Administration (TSA) and Department of Homeland Security (DHS).

Took part in planning and conducting Incident Response Test (IRPT) within the physical security of the buildings wich included many troubleshooting senerios with the HVAC, lighting, fire suppression and the access control system.

Assist in planning, developing, implementing and maintaining automation security programs to ensure the confidentiality, integrity, and availability of automated systems, networks and data/information spanning the planning, analysis, development, implementation and maintenance phases of TSA programs.

Develop, review and update RMF documentation and ensures Plans of Actions and Milestones (POA&Ms) are thoroughly addressed and submitted through Cyber Security Assessment and Management (CSAM).

Track project schedules and resources to ensure successful and on time completion of Authority to Operate (ATO)’s, Authority to Connect (ATC)’s, Contingency Plan (CP)’s, Contingency Plan Test (CPT)’s, Incident Response Plan (IRP)’s and Incident Response Plan Test (IRPT)’s while maintaining, identifying, mitigating and managing project risk.

Track audit findings and recommendations to ensure that appropriate mitigation actions are taken.

Recommend resource allocations required to securely operate and maintain an organization's cybersecurity requirements.

Implement and maintain cybersecurity policies and procedures, ensuring compliance with federal regulations and agency requirements.

Assess and mitigate risks related to the confidentiality, integrity, and availability of information processed, transmitted, or stored by the IT systems.

Troubleshoots security-networking issues; participates in scheduling and progress meetings, installations and security penetration testing.

Responsible for security assessments, tests, and reviews; ensuring proper measures are taken when an incident or

vulnerability affecting classified systems or information is discovered.

Develops, conducts, and prepares reports for security audits, reviews and other actions as appropriate.

Conducts in-depth technical security reviews, risk assessments, and provides recommendations for improvements.

Maintains systems access management based on approved personnel security investigations/clearances, a need-to-know, and authorizations.

Collaborate with the security teams in remediating audit findings, security planning and reporting, and mitigation of security vulnerabilities are completed in a timely manner.

RMF Security Control Assessor Representative (SCAR) 02/14/2022 to 02/05/2023

AFSOC HQ, Hurlburt Field Air Force Base

Review the adequacy of the selected security controls and their ability to protect the information system and data for over 50 different packages for the Air Force.

Track project schedules and resources to ensure successful and on time completion of ATO’s and ATC’s while maintaining, identifying, mitigating and managing project risk.

Experience with creating and managing user accounts and access rights to the accounts while also removing those accounts and access rights when they are no longer needed through Active Directory.

Integrate organizational input and documentation in developing the IT Plans and revise and maintain plans as required.

Responeded to trouble tickets through Track IT/Jira which helped in planning, tracking, and managing work, including issues, tasks, and projects.

Review security and software security scans to identify vulnerabilities to ensure compliance with DoD standards.

Ensure policies and procedures are up-to-date and comply with applicable laws, regulations and other binding standards by meeting or exceeding senior leadership expectations for the resilience of the agency systems and data.

Determine the measures that can be used to meet the minimum assurance requirements and tailoring security controls.

Ensure the selection of security controls is consistent with the enterprise architecture, including reference models segment and solution architectures.

Develop, maintain, and update RMF documentation and artifacts, including security plans, risk assessments, and system security plans.

Took part in planning and conducting Incident Response Test (IRPT) wich included many troubleshooting senerios with the HVAC, lighting, fire suppression and the access control system.

Develop Assessment Plans and work flows for approval by the Security Control Assessor.

Perform technical analysis/assessment of the security controls in accordance with the assessment procedures defined in the security assessment plan.

Develop Interim Authority to Test (IATT), Authority to Operate (ATO) and/or Denial of Authority to Operate (DATO) packages.

Develop the Risk Assessment Report for Authorizing Official.

IT Specialist (INFOSEC) (ISSM) GS 11 Step 4 12/08/2019 to 03/25/2022

TSAE 7ATC

Serves as the technical Advisor to the Chief of the Training Support Activity Europe (TSAE) concerning Information Technology (IT) security and Cyber Security (CS). Serves as the TSAE Information Systems Security Manager (ISSM) to assist in planning, developing, implementing and maintaining automation security programs to ensure the confidentiality, integrity, and availability of automated systems, networks and data/information spanning the planning, analysis, development, implementation and maintenance phases of TSAE IT programs.

Plan, develop, implement and maintain TSAE, 7ATC programs, policies and procedures to protect the integrity and confidentiality of 402 office computers, 58 Multifunctional Printers (MDF), 42 Visual Information systems, 26 Mobile Computing Devices (MCD), 15 Video Telecommunications Systems and 2 SIPR systems.

Responeded to trouble tickets through Track IT/Jira which helped in planning, tracking, and managing work, including issues, tasks, and projects.

Responsible for troubleshooting basic network level connectivity.

Experience with creating and managing user accounts and access rights to the accounts while also removing those accounts and access rights when they are no longer needed through Active Directory.

Reviews and audits the technical work of the TSAE Information Systems Security Officers (ISSOs), Systems Administrators (SA), and other personnel assigned within the organization and involved in Information Systems Security.

Develops and updates the SSP, manages and controls changes to the system, and assesses the security impact of those

changes.

Responding to system outages and taking appropriate action(s) to alt-route and/or use available failover/back-up capabilities to meet VTC client needs.

Conducted site surveys both remotely and on-site to determine specific requirements for new VTC system installations and/or upgrades.

Conducting on-site VTC installations to include assisting with end network device configurations, equipment installations, and equipment configuration.

Prepare and oversee the preparation of the documents needed to maintain all four Organizational Unit (OU) Tenant Security Plans (TSP) for review and evaluate accreditation input also prepared by other IT Specialists. Creating and maintaining standard operating procedures (SOP’s) for the organization.

Enforce information assurance vulnerability management (IAVM) dissemination, reporting, compliance and verification procedures in accordance with DoD policies, regulations and guidelines.

Managed active directory by creating, deleting and updating user, group and computer accounts.

Report to and advise the Commanding Officer on all Information Assurance issues for all General Service systems and networks operating within the command while implementing and maintaining the Information Assurance security program which includes assignment of security associated tasks and responsibilities.

Identifies, analyzes and reports attempts to gain unauthorized access to information, system failures, or suspected defects which could lead to unauthorized disclosures using the BMC Remedy ticketing system.

Plan preparation and submission of required COOP AAR’s, Fire Inspections, Incident Response Plans, Physical Security reviews and site Annual reviews needed to maintain current ATO’s, while ensuring System Identification Profile (SIP), System Diagrams, Hardware / Software list are updated and submitted in CART which is equivalent to eMASS.

Coordinate the acquisition and life cycle management process for major computer hardware and software systems.

Establish and maintain documentation, licensing and service support for the software configuration that reside on workstations.

Evaluate the impact of new laws and guidance on current programs and systems and recommend changes to existing plans and policies to ensure compliance and responsiveness.

Utilize remote management tools such as Dameware Remote Support to correct customer workstation problems.

Complete information technology (IT) trouble-tickets using BCM Remedy to meet customer service support requirements.

Responsible for the implementation and enforcement of all cybersecurity related executive orders, acts, regulations and laws by performing security inspections in nine different locations through Europe and correct deficiencies based on internal program standards.

Coordinate and integrate technical aspects of workstation configuration, while providing training to customers on workstations, network navigation, email and commercial applications.

Evaluate Information Systems to identify vulnerabilities, risks and protection needs also conduct systems security evaluations, audits and reviews. Sometimes utilizing remote management tools to mitigate identified vulnerabilities.

Verify and adjust if needed the Elevated Privileges Memo for all required users, ensure that all IT personnel have appointment orders also that Privileged Level Access Agreements (PAA) have been signed within 12 months.

Currently conduct weekly audits to verify Cyber Challenge training is current, Acceptable Use Policies (AUP) have been signed and DD Forms 2875, System Authorization Access Requests (SAAR) are correct and complete for all 402 users by running a scripted report established in ATCST.

Information System Security Officer (ISSO) GS 11 Step 1 07/27/2018 to 12/04/2019

Commander Navy Region Southeast

Evaluate and enforce Information Assurance program/policies and ensures Confidentiality, Integrity, Availability, Non-Repudiation and Accountability (IAW DoD 8140).

Ability to operate a variety of technology system components, to include microphones, cameras, and other related audio visual equipment.

Responsible for troubleshooting basic network level connectivity.

Responeded to trouble tickets through Track IT/Jira which helped in planning, tracking, and managing work, including issues, tasks, and projects.

Experience with creating and managing user accounts and access rights to the accounts while also removing those accounts and access rights when they are no longer needed through Active Directory.

Responsible for the implementation, and safe operation of current viruses’ definitions, Information Assurance Vulnerability Alert (IAVAS), Host Based Security System (HBSS), Risk Management Framework (RMF) compliant Security Technical Implementation Guide (STIG) and any other cybersecurity network protective measures.

Provides technology support services, including customer assistance and training in response to user requirements.

Work as part of an Information Assurance Team that is responsible for maintaining IA standards and procedures while preforming security scans to determine potential points of weakness, recommending a course of action to correct deficiencies and ensuring that deficiencies are corrected in a timely fashion.

Develops risk assessments, security, test and evaluations, systems security contingency and disaster recovery plans, and the preparation of certification and accreditation of 3packages.

Took part in planning and conducting Incident Response Test (IRPT) wich included many troubleshooting senerios with the HVAC, lighting, fire suppression and the access control system.

Diagnosing and/or resolving problems in response to a customer reported incident via trouble tickets in Track-It!.

Responsible for configuration, administration of, and utilization of network security scanning software, such as Tenable Nessus Network Security Center.

Maintaining and updating system files necessary to control all aspects of system operations and access using Force Point and Solar Winds.

Work closely with the IAM and Systems Administrators to ensure proper remediation/mitigation of findings.

Ensures that incoming personnel are properly checked in, and that System Authorization Access Requests forms (SAAR) are completed properly while evaluating SAAR forms for each new user to determine the proper level of access.

Information Assurance Specialist 10/01/2016 to 07/20/2018

Commander Navy Region Southeast

Responsible for designated Command Navy Region South East ( CNRSE) Platform Information Technology (PIT) systems requiring Information Assurance (IA) accreditation as per Department of Defense (DOD) policy.

Assist in the transformation from DoD Information Assurance Certification and Accreditation Process (DIACAP) to Risk Management Framework (RMF) process by supporting and helping develop appropriate documentation to acquire the accreditation and certification of IT systems.

Report and give advice on actual and potential computer vulnerabilities and threats using NESSUS and Security Center through Oracle Virtual Machine (VM).

Ensure that all Information Technology (IT) systems attain and maintain accreditation as well and keep the IA posture current for the life of the system by assuring the DISA STIG are compliant.

Assist the IA Senior, CNRSE HQ Departments and Installation’s IA staff with the development and obtainment of IA accreditation to achieve DoD compliancy.

Provide baseline training awareness materials, content, and products pertaining to DOD IA policies, concepts, procedures, tools, techniques, and systems to DOD components to integrate into their IA training and awareness programs.

Recommend corrective action on information technology networking issues.

Conduct risk assessments in the efforts of preventing problems that can be caused by the introduction of new or modified technology and IT applications.

Routinely work with contract representatives, vendors, customers, and end users to coordinate work, resolve problems, and or provide information on IT/IA related issues.

Provide solutions for problems that are elevated beyond the Help Desk or problems in which the end user is not completely satisfied.

Ensure availability of designated system by creating full system images allowing sites the ability to restore operations in the event of system failure.

Florida Army National Guard 25B IT Specialist 08/17/2014 to 08/17/2018

146th Signal Battalion

Provide computer system administration, local area network administration, and system/network security.

Subnet IP addresses for computers on the local network, routers, and switches.

Control personnel access by monitoring the identification of individuals entering controlled areas due to sensitive information stored on servers.

Monitor personnel movements via CCTV to and from a controlled access area to support security efforts.

Patrol buildings, parking lots and perimeters to prevent theft or damage to property, equipment, tools, and supplies.

Respond to radio dispatch calls for assistance in maintaining the safety and security of people and property at the same time reporting any suspicious events or personnel to the Security Manager.

Preformed cabling, patching, punch downs and documentation for network nodes.

Maintain hardware, software, tools and reference material for network.

During field missions participated in screening and/or inspecting personal and commercial vehicles requesting site access, controlling personnel access by verifying identification, patrolling buildings or perimeters for suspicious activity, maintaining detailed desk logs, desk journals, and pass-down logbooks to document security events.

Connect devices and determines placement of routers and switches for servers.

Install Web servers, file servers, print servers domain name servers, and mail servers.

Maintain Active Directory content.

Create user accounts and sets up necessary user workstation application software.

Provide technical advice and guidance on satellite communication systems.

Troubleshoot network to include connectivity, hardware and software issues.

Provide desktop computer support which includes diagnosing and resolving any workstation operating system software, application software or hardware problems.

Setup and configure standard workstation operating system software, all authorized standard application software, and all related services and authorized application software.

Information Assurance Assistant 03/15/2010 to 01/10/2011

Naval Supply System Command

Independently design spreadsheets monitoring the progress of deliveries or work being performed involving special purpose equipment of services.

Developed, implemented, and ensured compliance with plans, policies, standards, infrastructures, and architectures that establish the framework for the management of all IT programs.

Managed and performed work to develop and implement policies, procedures, training and methods to identify and protect critical data, personnel and property from unauthorized disclosure and misuse, theft, assault, espionage, sabotage, or loss.

Have knowledge of Information Assurance (IA) policies and procedures, vulnerabilities, and reporting requirements to ensure adequate protection of DoD IT systems and information.

Assisted the Information Assurance Manager (IAM) by ensuring all employees are properly trained and adhere to the requirements for marking, labeling, and downgrading of both unclassified and classified Information Assurance (IA).

Prepared required Information Assurance (IA) documentation to include Surveys & Checklists; Certification; Risk Assessments; Security Test & Evaluations (ST&Es); and other requirements for the Department of Defense (DOD) Information Assurance Certification and Accreditation Process (DIACAP).

Responsible for obtaining and managing security certifications and accreditation of systems, networks, for 22 site consisting of eight hundred and thirty two military and civilian employees.

Assisted ACTR with oversight of NMCI Tech Refresh procedures to include ensuring all correct software is associated to the correct asset.

Possess excellent oral and written communication.

Assisted the Information Assurance Manager (IAM) with the processing, issuance, and accountability of NIPRNet and SIPRNET Alternative PKI Tokens.

Researched and acquired necessary data to assist ACTR’s with the preparation of request for move/add/change (MAC) actions, and update MAC request.

Managed the efforts in the review, applications, and maintenance of information assurance policies and procedures.

Reviewed and maintained the certification plans and accreditation documentation while performing security, analyses and risk vulnerability assessments.

EDUCATION

Enterprise High, Enterprise, Al.; 1995 High School Diploma

Florida State Collage Jacksonville, Jacksonville, Fl.; AS in Business Management On going

PROFESSIONAL TRAINING

Management Training Program, 8 weeks, 3/19/2008

NAVSUP Household Goods Entitlement Training, 1 week, 9/7/2011

Information Technology Specialist Training, 16 weeks, 3/16/2015

CNIC Risk Assessment Workshop, 24 hours, 11/15/2018

CompTIA Security+ Certification with an expiration date of 2025 December 7

CompTIA Network+ Certification with an expiration date of 2025 December 7

Active Directory Organizational Unit Administrator, 16 hours, 8/12/2020

Cyber Security Fundamentals, 24 hours, 11/24/2020

U.S. MILITARY SERVICE INFORMATION

Active Duty 04/17/1995 to 04/17/2000 - U.S. Army

National Guard 08/17/2014 to 11/27/2018 – U.S. Army

Honorable Discharge

Contact this candidate