ISSO
Resume:
Carlton B. Harris II
San Antonio, TX *****
(C) 434-***-****
Email: *********@*****.***
EXECUTIVE SUMMARY
** ***** ** ****** ********** expertise providing enterprise risk management and compliance management; including, nearly 2 years of securing systems and networks, Tier-II technical support, and technical project management across complex and dynamic environments. CORE COMPETENCIES AND EXPERIENCE
• Technical Proficiency: Windows 11, M365, Project Management, Compliance Management
• Network Support and Security: Extensive experience in network configuration, cybersecurity, and securing networks, and various ISSO tasks
• Data Management and Information Security: Proven expertise in managing and securing data across various platforms
• Effective Communication and Customer Support: Strong interpersonal skills with a focus on delivering exceptional customer service
• Policy Review and Risk Management: Skilled in policy development, risk analysis, and mitigation strategies
• Process Improvement: Adept at identifying and implementing process improvements to enhance operational efficiency
EDUCATION
• Graduate Certificate in International Relations with a Concentration in Conflict Resolution (24 Credit Hrs.)
o Northeastern University, Boston, MA
• B.A. in History (120 Credit Hrs.)
o Virginia Tech, Blacksburg, VA
• Cyber Defense Analyst Certificate (440 Hrs.)
o CISA Cyber Defense Skilling Academy
CERTIFICATIONS AND CLEARANCE:
• CompTIA (Security+)
• Active Secret Clearance
• Top-Secret/SCI: Adjudicated March 2025, Result- Favorable PROFESSIONAL EXPERIENCE
Information Systems Security Manager
TEKsystems – Joint Base San Antonio Fort Sam Houston, TX 04/2025 – Present Information Systems Security Manager - Supervisor: Edrick Ramos Full Time (Temporary): 40 hrs./week
• Appointed by Enterprise ISSM as the designated ISSO for CE control system COINE, ensuring compliance with cybersecurity directives across mission-critical infrastructure.
• Assist in validating and verifying implementation of NIST 800-53 controls on geographically distributed Facility-Related Control Systems (FRCS) within CE COINE enclaves.
• Contribute to security design reviews of system architectures and recommend mitigations based on emerging vulnerabilities and mission risk.
• Participate in RMF security planning and support the development of ATO documentation in eMASS, coordinating with ISSM, SCA, and AO.
• Collaborate with engineers and system administrators to assess cybersecurity impacts of system changes, configuration drift, and patching strategies.
• Help manage compliance with enterprise-wide security baselines and STIG requirements by auditing control implementations and flagging deviations.
• Monitor ACAS/Tenable scan results and assist with mitigation plans for system-level vulnerabilities, ensuring operational security posture remains intact.
• Work with internal cybersecurity personnel to align technical implementations with DoD security directives, standards, and enterprise-wide risk posture.
• Document risk analysis results and configuration updates to support continuous monitoring and ATO sustainment.
• Participate in incident response investigations by reviewing host and system logs, identifying possible exploitation attempts, and supporting containment.
• Maintain accurate system inventories and configuration baselines to support security documentation and audit requirements.
• Provide inputs on the secure integration of control system devices and remote connections, identifying risks and validating access control measures.
• Contribute to policy enforcement by tracking vulnerability management and assisting with system remediation verification.
• Work alongside engineering and cybersecurity teams to support CM planning and impact analysis for hardware/software modifications.
• Maintain and monitor compliant information systems used in government contracts, supporting readiness for operational use and secure maintenance.
• Execute security testing and evaluation (ST&E) activities to confirm implementation of technical security requirements.
• Perform weekly audits, media reviews, and analyze system anomalies to ensure optimal system performance and compliance.
• Provide tiered technical support to users and document resolutions to support secure daily operations.
• Deliver oral and written guidance to users on resolving IT issues, proper use of IT systems, and ways to prevent future issues.
• Use automated ticketing systems to track technical issues and document privileged account access.
• Coordinate system implementation activities with engineers, division chiefs, and mission stakeholders to avoid disruption to ongoing operations.
• Utilize knowledge of IT principles, methods, and DoD security regulations to support the base- wide INFOSEC (COMPUSEC) program.
• Implement procedures to safeguard transmission of sensitive information across LANs, WANs, and internet-based systems.
• Administer the COMSEC program by controlling cryptographic material and enforcing CAP access requirements.
• Conduct semi-annual functional reviews and inspections of COMSEC user accounts and facilities, ensuring adherence to federal standards. IT Specialist (GS-9)
Department of Defense – Joint Base San Antonio Fort Sam Houston, TX 10/2023 – 04/2025 Information Systems Security Manager - Supervisor: Robert Hobbs Full Time (Temporary): 40 hrs./week
• Provision new civilian Army and Airforce user accounts and assign hardware devices and accessories to new employees
• Supported implementation of system security controls for both Army and Air Force networks, maintaining alignment with DoD 8510.01 and RMF lifecycle processes.
• Analyzed ACAS and HBSS scan data to identify and respond to system-level risks, supporting remediation of critical findings across multiple DoD environments.
• Contributed to system security assessments by providing control implementation evidence, participating in audit readiness, and tracking POA&M closures.
• Reviewed system and user configurations to enforce least privilege access and support security compliance baselines.
• Participated in evaluating security posture of devices used in remote and operational settings, including VPN-connected systems, tablets, and smart devices.
• Supported continuous monitoring efforts by maintaining eMASS documentation and tracking security controls through testing and audit cycles.
• Collaborated with JSP and Wing-level teams to maintain integrity of classified and unclassified networks, reporting anomalies and assisting with root cause analysis.
• Engaged in system changes and upgrades, ensuring patch and configuration rollouts were documented and aligned with approved security policies.
• Provisioned user accounts, issued hardware, and provided technical support for secure access to Army and Air Force systems.
• Recovered over 200 missing network assets through system inventory audits and reconciliation.
• Drafted documentation for risk acceptance, control implementation summaries, and system security assessments.
• Responded to and supported resolution of cyber incidents, documenting findings and reinforcing endpoint defense measures.
• Participated in system integration projects aimed at improving security functionality and device compliance within joint environments.
• Executed vulnerability scanning and analysis using ACAS and HBSS, validating remediation effectiveness and system readiness.
• Supported ST&E activities for new systems and prepared secure systems for operational deployment in mission environments.
• Performed routine audits and hardware/software CM checks to maintain compliance and improve system performance.
• Delivered end-user technical support and troubleshooting for secure network access, endpoint functionality, and configuration concerns.
• Provided technical mentorship to junior specialists and delivered customer guidance to reduce repeat issues and promote secure system usage.
• Maintained user training data and account compliance records, identifying non-compliant users for access termination and retraining as needed.
• Demonstrated proficiency in Microsoft Office tools including Word, Excel, PowerPoint, Access, and Outlook in support of user tasks and reporting.
• Administered the COMPUSEC program by implementing safeguards to prevent unauthorized access or modification of sensitive DoD IT assets. Pearson Vue Test Administrator
Amherst County Schools - Lynchburg, VA 01/2022 – 05/2023 Test Administrator Support - Supervisor: Contessa Broadus Part Time: 20 hrs./week
• Reviewed diagnostics and assessed the functionality and efficiency of systems to establish a secure testing environment for users
• Managed network security to ensure systems remained secure and safe from internal and external threats
• Coordinated with internal departments to ensure the proper installation and patching of software
• Configured Local Area Networks to establish the integrity, availability, and security of systems for mobile test sites
• Managed maintenance testing to ensure software and hardware operated properly so that end users could easily access systems
• Analyzed error messages to assist customers with troubleshooting methods that allowed systems to regain proper functionality
• Led an end of year test project that resulted in twenty students completing a GED program on time
Program Manager
Links to Life - Lynchburg, VA 01/2019 – 01/2023
Qualified Mental Health Professional (QMHP) - Supervisor: Sharon Robinson Full Time: 40 hrs./week
• Ensured federal compliance through risk analysis and policy development
• Conducted cybersecurity risk assessments and compliance reviews IAW HIPAA Security Rule
(45 CFR Part 164 Subpart C), aligning with DoD cybersecurity requirements under NIST SP 800- 53 by applying access controls (AC), audit logging (AU), risk management (RA), and system security controls (SC) to protect sensitive data and mitigate emerging threats
• Developed program guidelines, goals, and policies to protect sensitive information
• Managed user permissions within Lauris system, ensuring HIPAA compliance
• Collaborated on innovative healthcare solutions for clients
• Evaluated CRM platform and provided improvement suggestions
• Conducted risk audits and reviews to identify emerging threats
• Led change management initiatives for policy/procedure changes
• Contributed to successful state licensing review and acquisition of triennial license Program Director
United & Empowered Care – Lynchburg, VA 03/2018 – 01/2019 Program Director - Supervisor: Franklin Bradford Full Time: 40 hrs./week
• Tailored services to meet client needs effectively
• Analyzed HIPAA compliance policies for PHI security
• Provided expertise in developing healthcare solutions
• Supervised multi-disciplinary teams for project objectives
• Conducted program evaluations and provided status reports
• Enhanced physical security measures for sensitive data
• Revised business expansion plan, doubling profits through successful expansion Program Manager
Harmony Day Support - Lynchburg, VA 10/2016 – 02/2018 Program Manager - Supervisor: Heather Allen Full Time: 40 hrs./week
• Developed support plans from clinical assessments and data
• Led annual employee training and secured personnel information
• Enhanced accessibility services for customer access
• Managed Medicaid program with a $20,000 monthly budget
• Ensured network permissions compliance with HIPAA regulations
• Assisted in operational risk audits and implemented solutions
• Led a project adding a new service, increasing monthly revenue by $30,000 Social Worker
City of Lynchburg Department of Human Services - Lynchburg, VA 04/2013 – 10/2016 Family Services Specialist - Supervisor: Shana Richardson Full Time: 40 hrs./week
• Coordinated services to reunite families and children
• Analyzed and processed court documents
• Entered data into state database (OASIS) and managed inquiries
• Provided evidence and expert testimony in juvenile court
• Implemented best practices for working with foster care children
• Maintained detailed case progress records in online state database DEPARTMENT OF THE AIR FORCE SPECIALIZED TRAINING
• Cyber Awareness
• Basic Leadership, Character, and Followership
• Base Referral Agencies and Military Entitlements
• Financial Readiness
• Uniform Code of Military Justice (UCMJ)
REFERENCES
• Mrs. Contessa Broadus, Former Supervisor at Amherst County Schools Phone: 434-***-**** Email: *********@******.***
• Mr. Robert Hobbs, Current Supervisor at the Department of Defense Phone: 210-***-**** Email: ******.*****.*@**.**.***
• Dr. Marcia Bennett, Colleague
Phone: 434-***-**** Email: **************@*****.***
Contact this candidate