Data Engineering It Operations
Resume:
Jose Hernandez Arroyo, DIT, MBA, BS
787-***-**** ****************@*******.*** 550 14th RD S, Apt. 1032, Arlington, VA 22202
A highly skilled Service-Disabled Veteran with over 16 years of experience in cybersecurity, data engineering, and IT management. Holds an active DOD TS/SCI SAP clearance eligibility. Proven expertise in leading large-scale IT operations, developing secure data pipelines, performing in-depth risk assessments, and implementing robust security measures across diverse environments including government, defense, and healthcare sectors. Adept at orchestrating cybersecurity and data strategies, ensuring compliance with NIST SP 800-53, RMF, and CNSSI 1253. Exceptional communicator with a history of interacting with top-tier executives, government agencies, and technical teams.
Certifications
S+ce, CEH, CNDA, CASP+ce, CISSP, (CISM & AWS Certified Solutions Architect (in progress))
Core Competencies
Information Systems Security & Compliance (NIST, FISMA, FedRamp)
Continuous Integration/Continuous Deployment (CI/CD
System Security/Reliability
System Integration/Design
ETL Design & Cloud Data Pipelines
Risk Management Framework (RMF) Implementation Testing/Troubleshooting
Vulnerability Management & Penetration Testing
Cloud Security (AWS, Azure)
Analytical Skills
Superb Presentation Skills
Planning & Scheduling
Data Modeling & Warehouse Design
Cybersecurity Operations & Incident Response
Sales Strategies
Conflict/Issue Resolution
Blueprint Analysis
Project Management
Business/Revenue Growth
Team Leadership & Cross-functional Collaboration
Business/Revenue Growth
Problem Solving
Technical Skillsets
Networking: UNIX, Linux, VMware ESXi, MS Server, Solaris, Active Directory
Software Applications: JAMF, MS Office Suite, MS Project, MS SharePoint, Visio, ArcSight, WireShark, NetWitness
Programing Languages: Python (Data Engineering, Pandas, NumPy, Scikit-learn), Java, JavaScript, T-SQL, SQL (MySQL, PostgreSQL)
Cloud Platforms & Tools:AWS (S3, Lambda, Glue, Redshift, CloudFormation), Azure (Data Factory,
Synapse,ARMTemplates)
DevOps Tools: GitLab, Jenkins
Database Systems: MS Access, MS SQL Server 2012, MySQL, ORACLE, Casper
Education and Training History
Capella University · Minneapolis, MN
D.I.T Information Assurance and Security Expected December 2026
M.S. Information Technology January 2024
ECPI University · North Charleston, SC
B.S. Computer Information Science/Network Security July 2015
A.A.S. Computer Information Science/Network Security September 2014
American InterContinental University · Hoffman Estates, IL
M.B.A. Healthcare Management, 3.5/4.0 GPA July 2010
B.B.A. Healthcare & Operations Management, 3.0/4.0 GPA March 2008
A.A. Business Administration with Honors, 3.58/4.0 GPA March 2006
United States Army SGM Academy –Structure Self Development
SSD1 TO SSD4 August 2012
United States Army Signal Corps, Fort Gordon, GA
CCNA & CCENT September 2009
Information Technology Specialist September 2009
Human Resources Specialist June 2014
Jose Hernandez Arroyo, DIT, MBA, BS Page 2/6
787-***-**** ****.***************@*******.*** 550 14th RD S, Apt. 1032, Arlington, VA 22202
Relevant Experience
Allele Consulting, LLC· Tampa, FL April 2018 – Present
Founder/CEO
Allele Consulting, LLC is an experienced and highly motivated IT professional with a demonstrated history of success working with Small, Medium, and Enterprise Companies. Allele Consulting, LLC works with clients to improve workflows and reduce any expenses from diverse areas (DevOps Program, Cyber Security, Cloud, Virtual, Infrastructure, Data Assurance, Networking, Healthcare) in Information Technology and Healthcare by implementing cutting edge and proven solutions. Focus on delivering outstanding customer satisfaction, meeting timelines before its due date or on its due date.Allele Consulting, LLC focuses on On-Demand Cybersecurity Leadership to commercial and government entities to help them solve their toughest security challenges by aiding on radically reducing your organizational risk, by closing cyber security holes and helping to meet cyber security compliance needs; responsible for establishing and maintaining an enterprise and or cloud security vision, strategy, and programs to ensure information assets and technologies are appropriately protected; Allele Consulting, LLC offers a long term partnership or works with you to implement a specific project.
Experienced executive with a demonstrated history of working in the defense/government, logistics, transportation, intelligence, law enforcement, retail, legal industries. Skilled in Security Incident Response, Security Operations, Digital Forensics, Vulnerability Management, Networking, Security Architecture, NIST CSF, COBIT 2019 and Intelligence acquisition/application
Designed and deployed data pipelines using Python, SQL, and AWS services (Lambda, S3, Glue, Redshift) to automate ETL workflows and enhance data availability across cloud environments.
- Built and maintained relational and non-relational databases, optimizing SQL queries and stored procedures to improve performance by 30%.
- Developed predictive models and statistical analysis using Python libraries (Pandas, NumPy, Scikit-learn) to support operational and strategic decision-making.
- Created interactive dashboards and reports using AWS QuickSight and integrated Azure Data Factory for real-time data ingestion and transformation.
- Performed cloud-based data integration using Azure Synapse and AWS Glue, managing large-scale datasets for cybersecurity, DevOps, and infrastructure analytics.
- Implemented CI/CD pipelines to automate testing and deployment of data science models using GitLab and Jenkins.
- Utilized cloud-native tools such as AWS CloudFormation and Azure Resource Manager (ARM) templates to build scalable, secure environments for data projects.
- Collaborated with cybersecurity teams to integrate log data analysis and threat intelligence into operational dashboards, improving incident response times.
- Led data architecture efforts across hybrid IT infrastructure, advising on schema design, indexing strategies, and storage optimization for cloud-native applications.
- Mentored junior analysts and engineers on cloud-based data modeling, SQL query performance tuning, and best practices for secure data engineering.
GDIT· Pentagon/Arlington, VA Feb 2024 – May 2025
Security Control Assessor 2
Led the assessment and authorization (A&A) process in J35 Special Access Program (SAP) environments, ensuring rigorous compliance with RMF, JSIG, NIST 800-53, NIST 800-37, and CNSS 1253 standards to protect mission-critical systems. Served as a trusted advisor to Information System Owners (ISO), Program Security Officers (PSO), and Authorizing Officials (AO), providing expert guidance on security control implementation, authorization challenges, and risk management to support mission-aligned decision-making.
Jose Hernandez Arroyo, DIT, MBA, BS Page 3/6-787-***-**** ****.***************@*******.*** 550 14th RD S, Apt. 1032, Arlington, VA 22202
Relevant Experience Continues
Spearheaded the development, implementation, and continual evaluation of security policies tailored to J35 SAP requirements, aligning security protocols with operational priorities while ensuring adherence to regulatory frameworks.
Conducted comprehensive risk assessments and security control evaluations for technical and administrative controls, utilizing Independent Verification & Validation (IV&V) and identifying critical vulnerabilities for proactive remediation. Drafted and reviewed essential security artifacts, including System Security Plans (SSPs), inventories, contingency plans, security control traceability matrices, and Security Assessment Reports (SARs), contributing to a robust compliance documentation framework.
Conducted annual site assessments to ensure alignment with organizational policies, enhancing security postures by identifying gaps and recommending actionable improvements. Directed the creation, management, and tracking of Plans of Action and Milestones (POA&M) for authorized systems, setting remediation timelines, addressing exceptions, waivers, and residual risk acceptance when necessary.
Designed and optimized the Assessment & Authorization (A&A) process for cloud environments, such as AWS, and created reusable templates for Agile SDLC workflows, streamlining compliance and security control assessments. Conducted vulnerability scans across multiple platforms (AWS, Google, IBM, Azure, Oracle) and recognized vulnerabilities in security systems using tools such as Nexpose Rapid 7 and SPLUNK, contributing to proactive threat identification and mitigation.
Reviewed and assessed 15 distinct systems with varying classifications and mission scopes, determining residual risk and implementing mitigation strategies to maintain optimal security within SAP boundaries.
Identified potential attack vectors by simulating real-world threat scenarios and refined the security control assessment process, integrating comprehensive evaluation methods to strengthen defenses.
Authored penetration testing Rules of Engagement (RoE), Test Plans, and Standard Operating Procedures (SOPs), standardizing security testing protocols and ensuring consistent, high-quality assessments. Performed gap analyses existing security controls, identifying areas requiring improvement and integrating additional safeguards, leading to enhanced operational resilience.
Collaborated across functions in meetings to address information assurance and risk management, advising on suitable automated tools for monitoring network activity and detecting potential intrusions, enhancing the organization’s security posture.
Partnered with IT and cybersecurity teams to remediate identified security weaknesses, fostering a proactive approach to risk management and promoting interdepartmental coordination. Conducted training sessions for staff on security control assessments, risk management, and best practices, empowering team members and cultivating a proactive security culture within the SAP environment.
Regularly briefed senior leadership on SAP security posture, compliance status, and risk assessments, providing strategic recommendations to support a proactive security framework in alignment with J35 mission objectives. Integrated threat intelligence and emerging cybersecurity trends into J35 SAP security frameworks, strengthening resilience against sophisticated and evolving cyber threats.
FedITC/SOCOM· MacDill AFB/Tampa, FL Aug 2023 – Feb 2024
Sr. IASS/ISSM
Experienced with security engineering as well as subject matter expert in the DoD/DISA Information Assurance (IA) requirements and have expert knowledge of policies of Special Access Program (SAP) environments, ensuring rigorous compliance and processes, the DOD Risk Management Framework RMF, JSIG, NIST 800-53, NIST 800-37, and CNSS 1253 security controls: standards to protect mission-critical systems. Served as a trusted advisor to Information System Owners (ISO), Program Security Officers (PSO), and Authorizing Officials (AO), providing expert guidance on security control implementation, authorization challenges, and risk management to support mission-aligned decision-making.
Jose Hernandez Arroyo, DIT, MBA, BS Page 4/6-787-***-**** ****.***************@*******.*** 550 14th RD S, Apt. 1032, Arlington, VA 22202
Relevant Experience Continues
Candance Coalition/CENTCOM· MacDill AFB/Tampa, FL Oct 2022 – Aug 2023
Sr. Cybersecurity Engineer/SCA
DoD network environment, industry computer/security standards/best practices, and DoD CND initiatives; By providing specialized technical subject matter expertise in the planning, & orchestration of the defense-in- depth security engineering, relevant technology and process development, implementation such as security testing, certification and accreditation, intrusion detection policy development, security baseline management as well as IA focused software development in a mixed Windows/Linux environment
Knowledgeable of enclave protection technologies to include Firewalls, Network IDS/IPS systems, Host Based IDS/IPS and Security Incident and Event Management (ArcSight SIEM)
Experienced with security engineering as well as subject matter expert in the DoD/DISA Information Assurance (IA) requirements and have expert knowledge of policies of Special Access Program (SAP) environments, ensuring rigorous compliance and processes, the DOD Risk Management Framework (RMF), NIST SP 800-53 and CNSSI 1253 security controls, the DoD network environment, industry computer/security standards/best practices, and DoD CND initiatives
Provided specialized technical subject matter expertise in the planning, & orchestration of defense-in- depth security engineering, relevant technology and process development, implementation such as security testing, certification and accreditation, intrusion detection policy development, security baseline management as well as IA focused software development in a mixed Windows/Linux environment
Providing technical direction and engineering knowledge for IT support activities; manage the system vulnerability identification and resolution process in order to support network accreditation process; Manage the Host Based Security System (HBSS) enterprise configurations following the guidance in the DISA HBSS Tier 3 Operations Tactics, Techniques, and Procedures guide; Supervising all contract personnel engaged in the operation and support of information assurance and cyber security activities
Ensuring that personnel accessing information systems have the proper and current information assurance certification in accordance with DoD 8570.01M, Information Assurance Workforce Improvement Program, and DoDI 8500.2, Information Assurance (IA) Implementation. This includes assistance in the management of the System Authorization Access Request (SAAR) process and the SIPR token process; Assisting the Government in preparing IA audits, inspections, training, policy and other staff action; Research, development, and presentation for approval additions and changes to IA functions to identify, measure, and control threats to minimize the unauthorized disclosure of information via monitoring, IAVAs, and cost-effective countermeasures
Undertake an average of two research and development projects per month, not to exceed 40 man-hours per project; Document integration of procedures changes, organization hardware and software acceptance testing, and mitigation procedures in accordance with organization and industry standards.; Ensure IAVA compliance and security of installed systems applications are within DOD and DA standard
SOS International LLC/NETCOM· FT.Huachuca, AZ November 2019 – April 2020
Information System Security Manager (ISSM)/SCA
Served as a trusted senior advisor to Information System Owners (ISO), Program Security Officers (PSO), and Authorizing Officials (AO), senior consultants/SCA-R, SCA-V providing expert guidance on security control implementation, authorization challenges, and risk management to support mission-aligned decision-making; Expert knowledge of policies of Special Access Program (SAP) environments, ensuring rigorous compliance and processes, the DOD Risk Management Framework RMF, JSIG, NIST 800-53, NIST 800-37, and CNSS 1253 security controls; standards to protect mission-critical systems
Jose Hernandez Arroyo, DIT, MBA, BS Page 5/6-787-***-**** ****.***************@*******.*** 550 14th RD S, Apt. 1032, Arlington, VA 22202
Relevant Experience Continues
Assisted the Circuits team with analysis packages along with circuits; furthermore, the evaluation and with the preparation of recommendations for system improvements, optimization, development, and/or maintenance efforts in the following specialties: information systems architecture; networking; telecommunications; automation; risk management.
Life-cycle management; software development methodologies; modeling and simulation; Managed security systems such as antivirus, patches, intrusion prevention and proactive threat monitored; Conducting performance reviews and contribute to performance feedback for all levels of staff; Monitored regulatory compliance with enterprise security policies and educating business unit leaders and service managers on compliance efforts
Researched and developed statistical models for analysis; devise possible solutions by collaborating with product management and engineering departments; Communicated results and statistical concepts to key business leaders and making use of appropriate databases and project designs to optimize joint development efforts; Developed custom data models and algorithms
Procedure and tools used to help monitor and analyze performance and data accuracy; using predictive modeling to enhance and optimize customer experience, revenue generation, ad targeting, and more; Developed company A/B testing framework and test model quality
Provided directions to staff to ensure risk is minimized through the development and maintenance of information security processes; Performed Certification & Accreditation (C&A), System Assessment & Authorization (SA&A) as part of NIST SP 800-37 Risk Management Framework (RMF) system and application accreditation
Prepared Vulnerability Scanning test plans, coordinate testing, Intrusion Detection, Security Operations, Digital Forensics, Networking, Security Architecture, NIST CSF, COBIT 2019, Encryption, Vulnerability Management and conduct scans using Nessus and other scan applications; Analyzed vulnerability scan results for validation and root cause; Provided Cybersecurity testing and security control validation and assessment of technical and non-technical security features implemented on a system or network in support of the DoD RMF A&A process and legacy DIACAP
Assisted diverse HQ and supported sites personnel in completing relevant documentation to support accreditation decisions; Interpreting DIACAP/RMF controls accurately regarding system security posture, policy updates and configuration of information systems; Conducted comprehensive assessments of the management, operational, and technical security controls employed within or inherited by an IS to determine the overall effectiveness of the controls
Reviewed relevant artifacts (System Security Plans (SSP), Security Assessment Report (SAR), Privacy Impact Analysis/Assessment (PIAA), etc.) to provide accurate information to support the issuance of an accreditation decision, Working with A&A team members and government customers to resolve issues while performing other associated tasks in parallel ensuring the forward movement of an accreditation package
Working knowledge of A&A package electronic staffing tools (Telos XACTA or AFRL eMAAS); Performed security system event analysis, investigation, and validation; providing incident response to classification spills, malware infection, misconfiguration exposure, internal inappropriate behavior and technical issue; Participated in Lifecycle Management (LCM) Technical Change Control Boards (TCCB) providing technical guidance for security control compliance
Performed Security Technical Implementation Guide (STIG), Federal Information Security Management Act (FISMA) assessments and annual reporting; Performed Security control assessments as part of Continuous Monitoring NIST SP 800-53 V4 compliance sustainment for application, infrastructure, and network; Task, track and mitigate Plan of Action & Milestones (POA&M) vulnerability scan and security assessment findings requiring mitigation; Privileged User Account Management and Role Based
Jose Hernandez Arroyo, DIT, MBA, BS Page 6/6
787-***-**** ****.***************@*******.*** 550 14th RD S, Apt. 1032, Arlington, VA 22202
Relevant Experience Continues
Access assignment; Privacy Threshold Assessment (PTA) and Privacy Impact Assessment (PIA) as part of Personal Identifiable Information (PII) Management
Designed, built and coordinated an automated build & release CI/CD process using Gitlab, Jenkins and Puppet on hybrid IT infrastructure; As a hands-on technical specialist, handle complex and detailed technical work necessary to establish and maintain secure cloud (AWS & Azure) & data center security
Maintained Change Management Plans (CMP), Incident Response Plans (IRP) Information System Contingency Plans (ISCP), and System Security Plans (SSP); Prepared and conducted training, exercises, and functional testing of IRP and ISCP; Assisted with the development of IA policies and procedures as required; Created and provided updates customer facing metrics and presentations designed to provide situational awareness of status of A&A packages and products; Prepared and evaluated activity reports for areas of concern and presents to management
Global Dimensions Solutions LLC/NETCOM· FT. Huachuca, AZ March 2019 – November 2019
Network Security Engineer Manager/ Sr. Lead ISSO
Performed Pre-JRSS Network Baseline, in-depth network analysis, packet captures on OptiView XG device, network path analysis, and network discovery of sites before migration to JRSS. Assisting other senior consultants with analysis and evaluation of capture data with the preparation of recommendations for system improvements, optimization, development, and/or maintenance efforts in the following specialties: information systems architecture; networking; telecommunications; automation; software management; life-cycle management; software development methodologies; modeling and simulation
Prepared and/or ensured that appropriate network documentation exists, including operational instructions; Provided regular monitoring and network analysis regarding short-and long-range planning for in-house systems
Coordinated third-party maintenance for network equipment, Preparing Vulnerability Scanning test plans, coordinate testing, Intrusion Detection, Security Operations, Digital Forensics, Networking, Security Architecture, Encryption, Vulnerability Management NIST CSF, COBIT 2019
Maintained reports, logs, or other records of security audits. Monitor system uptime and performance, troubleshooting and resolved errors. Staying informed of emerging cloud technologies and evaluating their value to the NETCOM’s operations
Installed and maintained cloud-based applications, systems, or associated infrastructure; Designing AWS Cloud Formation and Kubernetes templates to create custom sized VPC, subnets, NAT to ensure successful deployment of Web applications and database templates; Initiating alarms in CloudWatch service for monitoring the server's performance, CPU Utilization, disk usage; Created automated pipelines in AWS CodePipeline to deploy Docker containers in AWS ECS using services like CloudFormation; Configured AWS Multi Factor Authentication in IAM to implement two step authentication of user's access using Google Authenticator and AWS Virtual MFA; Amazon IAM service enabled to grant permissions and resources to users. Integrated services like AWS Elastic Beanstalk to create a deployment pipeline
Performed Certification & Accreditation (C&A), System Assessment & Authorization (SA&A) as part of NIST SP 800-37 Risk Management Framework (RMF) system and application accreditation; Prepared Vulnerability Scanning test plans, coordinate testing, and conduct scans using Nessus, Foundstone, WebInspect, Hailstorm and other scan applications; Analyzing vulnerability scan results for validation and root cause; Developing custom data models and algorithms; Procedure and tools use to help monitor and analyze performance and data accuracy
Provided Cybersecurity testing and security control validation and assessment of technical and non-technical security features implemented on a system or network in support of the DoD RMF A&A process and legacy DIACAP
Jose Hernandez Arroyo, DIT, MBA, BS Page 7/7
787-***-**** ****.***************@*******.*** 550 14th RD S, Apt. 1032, Arlington, VA 22202
Relevant Experience Continues
Interpreted DIACAP/RMF controls accurately with regard to system security posture, policy updates and configuration of information systems; Conducted comprehensive assessments of the management, operational, and technical security controls employed within or inherited by an IS to determine the overall effectiveness of the controls; Reviewed relevant artifacts (System Security Plans (SSP), Security Assessment Report (SAR), Privacy Impact Analysis / Assessment (PIAA), etc.) to ensure they provide accurate information to support the issuance of an accreditation decision; Conducting comprehensive assessments of the management, operational, and technical security controls employed within or inherited by an IS to determine the overall effectiveness of the controls
Worked with A&A team members and government customer to resolve issues while performing other associated tasks in parallel ensuring the forward movement of an accreditation package; Working knowledge of A&A package electronic staffing tools (Telos XACTA or AFRL eMAAS); Performed security system event analysis, investigation, and validation; providing incident response to classification spills, malware infection, misconfiguration exposure, internal inappropriate behavior and technical issue; Participating in Lifecycle Management (LCM) Technical Change Control Boards (TCCB) providing technical guidance for security control compliance
Maintaining Change Management Plans (CMP), Incident Response Plans (IRP) Information System Performed STIG and FISMA assessments and annual reporting; Task, track and mitigate Plan of Action & Milestones (POA&M) vulnerability scan and security assessment findings requiring mitigation of Privileged User Account
Management and Role Based Access assignment; Privacy Threshold Assessment (PTA) and Privacy Impact Assessment (PIA) as part of Personal Identifiable Information (PII) Management; Contingency Plans (ISCP), and System Security Plans (SSP); Preparing and conducting training, exercises, and functional testing of IRP and ISCP; Assisted with the development of IA policies and procedures as required; Creating and providing updates customer facing metrics and presentations designed to provide situational awareness of status of A&A packages and products
C4 Planning Solutions/ SOUTHCOM· Doral, FL March 2018 – March 2019
Senior Cyber Security Engineer/Sr. Lead ISSO/Policy Manager
Softworld/Dept. of Human & Health Services · Atlanta, GA August 2017 – December 2017
Security Engineer RSA/ISSM
CACI/CENTCOM · Macdill AFB/ Tampa, FL January 2017 – June 2017
Cyber Security Analyst Lead/Sr. Lead ISSO
KSH Solution’s, INC/SPAWAR · JB Charleston/North Charleston, SC February 2016 – December 2016
Senior Systems Administrator Tier 4
PROSOFT/ SPAWAR · Joint Base Charleston · North Charleston, SC December 2015 – January 2016
Computer Operator/Helpdesk Tier 1-2
Johnson Service Group/Benefitfocus · Daniel Island, SC September 2015 – December 2015
Helpdesk Support/PC-Apple Technician
Charleston County School District · North Charleston, SC August 2015 – September 2015
Helpdesk Support/PC-Apple Technician
U.S. Army Reserves E4 · Honorable Discharged · North Charleston, SC February 2012 – April 2015
IT Specialist/Network Manager/SCA
Human Resources Manager/Paralegal Specialist (Concurrent Role)
U.S. Army · E4 · Honorable Discharged · Hunter AAF/Ft. Stewart, GA December 2003 – January 2012
IT Specialist/Network Manager/SCA
AVAILABLE FOR TRAVEL AND RELOCATION
Contact this candidate