Information Security Risk Specialist, Team Lead
Resume:
Dallas Donovan Security Clearance: Public Trust
Coeur d’Alene, Idaho 406-***-****
www.linkedin.com/in/dallasdonovan *************@*****.***
Professional Summary
Strategic Information Security and Risk Analysis leader with extensive experience orchestrating cybersecurity policy, system interconnections, and risk mitigation strategies. Expert in coordinating complex project management initiatives from planning to support, leveraging diverse technical backgrounds to achieve business objectives and drive program growth. Demonstrated expertise in leveraging and enforcing MOU/ISA frameworks aligned with NIST standards and FedRAMP guidelines. Adept at steering cross-functional teams, optimizing processes through automation, and delivering robust IT solutions in high-security environments.
Core Competencies
Cybersecurity Leadership & Compliance Management: FISMA, NIST RMF (800-47/53/37), FedRAMP, FIPS 199
Risk Analysis & Policy Development: MOU/ISA compliance documentation, security audits, System Assessing & Authorization, vendor assessments
IAM & GRC: Identity governance, control mapping, CA-3 control enforcement
Project & Process Optimization: Agile (Scrum), TEAMS, SharePoint workflow optimization, IT Risk Analysis, Process Automation, Documentation, Change Control
Technical Solution Architecture: VMware & Virtualization, Nutanix, Microsoft Enterprise Technologies
SIEM & Incident Response: Splunk, SOC analysis, vulnerability assessment, Incident Response
Stakeholder Engagement & Operational Oversight: Federal systems integration, vendor and partner collaboration
Professional Experience
DEPARTMENT OF VETERANS AFFAIRS, MKS2 2019 – 2025
Information Security Risk Specialist, Team Lead 2020 – 2025
TSS Contract (BAH) - Enterprise Cybersecurity Support Division,
Office of Information Security Risk Management & Operations
•Led Analyst team providing cybersecurity support for VA ITOPS TSS 1.0 & 2.0 contracts, ensuring compliance with NIST, FISMA, and VA Handbook policies. Strengthened VA's security posture by drafting, reviewing, and approving MOU/ISA agreements for external connections, aligning documentation with FedRAMP and FIPS 199 Security Categorization standards.
•Managed project deliverables, team coordination, and stakeholder engagement communication. Conducted training sessions, strategic reporting, and mentorship programs, ensuring efficiency, compliance, and professional development for cybersecurity staff as Team Lead with strong understanding of IAM Governance, Risk and Compliance (GRC) processes, ensuring compliance with NIST standards.
•Subject Matter Expert (SME) on NIST controls, optimizing OIG annual inspection preparations and security assessment reviews. Spearheaded process automation initiatives using Microsoft SharePoint workflows, enhancing risk mitigation, operational efficiency, and security governance.
Facilitated elicitation sessions requirements for end-to-end project management establishing and coordinating over hundreds MOU/ISA agreements, ensuring secure external system interconnections and 100% compliance with CA-3 control standards.
Implemented standardized MOU/ISA templates aligned with NIST 800-53r5, FIPS 199 standards and VA Handbook policies, adopted across 100+ projects, enhancing compliance and operational efficiency.
Facilitated daily Scrum stand-ups and requirements elicitation, improving project delivery timelines by 25%.
Validated cloud connections (VA Enterprise Cloud, AWS) per FedRAMP and FIPS 199 standards, enhancing security posture.
Automated critical workflows via Microsoft SharePoint, boosting process efficiency and reducing manual effort.
Coordinated the end-to-end MOU/ISA process to enhance documentation quality, security compliance and audit readiness for annual OIG inspections and provide SME guidance for documenting secure external system interconnections, complying with NIST 800-47 rev. 1 controls, OIG policies and VA guidelines.
Served as a primary liaison for all interconnection agreements, collaborating with federal and contractor teams, VA system owners, security officers, and external partners to resolve cybersecurity concerns and enhance technical documentation, vastly reducing documentation errors for critical interconnection agreements.
Cybersecurity Operations Analyst 2019 -2020
CRISP Contract (ASMR) - Enterprise Cybersecurity Support Division,
Office of Information Security Risk Management & Operations
Analyzed IT specifications and assessed security risks, ensuring adherence to the NIST Cybersecurity framework and risk management methodologies.
Managed SIEM (Splunk) platforms for proactive cybersecurity incident detection and remediation, bolstering threat response capabilities and detection rates.
Drafted and updated security policies, technical documentation, privacy breaches, malware threats and risk assessments to support robust IT security practices and strengthen compliance with FISMA guidelines.
Conducted cybersecurity risk assessments in accordance with NIST and RMF standards.
Managed SIEM platforms (Splunk), improving threat detection and incident response.
Drafted incident response policies and oversaw vulnerability assessments.
Engaged in SOC analysis, risk mitigation, and policy enforcement.
ARROW SYSTEMS INTEGRATION, Englewood, CO 2011 – 2017
Solutions Architect 2016 – 2017
•Designed enterprise-level IT architecture and technical roadmaps, aligning with organizational goals.
•Researched, proposed, and deployed enterprise IT architectures that reduced operational costs and performance optimization.
•Deployed and managed Nutanix and VMware environments.
Directed technical teams in the development and delivery of IT solutions aligned with strategic objectives.
Designed and implemented cost-effective architecture frameworks, improving system performance and scalability.
Collaborated with senior leadership and vendors to evaluate and source technology solutions, ensuring business continuity and risk mitigation.
Unified Communications IT Systems Engineer 2011 – 2016
Established IT infrastructure standards and managed projects involving system upgrades and maintenance using VMware, and Windows Server environments.
Provided first-line analysis and resolution for client deployment issues, significantly reducing downtime and enhancing service reliability.
Executed network and storage infrastructure solutions, ensuring high availability and performance while addressing business continuity challenges.
•Delivered infrastructure solutions involving Windows Server, Active Directory, and vSphere.
•Oversaw installation and patching of applications and server infrastructure.
Implemented VMware vSphere and Windows Server environments
Resolved 100+ infrastructure incidents using ServiceNow and Autotask
Technical Skills
Virtualization & Cloud: VMware vCenter/vSphere, Nutanix, Cloud (VA Enterprise Cloud, AWS)
Microsoft Technologies: Windows Server, Active Directory, Exchange, SCCM, SharePoint, TEAMS, MS Office Suite (Excel, Word, PowerPoint)
Tools & Applications: Autotask, ServiceNow, NAble, Microsoft SharePoint Workflows
Certifications & Training
VMware Certified Professional (VCP) 6.5, Data Center Virtualization, (2019 – Present)
VMware Site Recovery Manager: Install, Configure, Manage 5.5, (2013 – Present)
Microsoft Certified IT Professional (MCITP), Server Administrator on Windows Server 2008, (2011 – Present)
Microsoft Certified Technology Specialist (MCTS), Windows Server 2008 Network Infrastructure, Configuration, (2011 – Present)
Microsoft Certified Technology Specialist (MCTS), Windows Server 2008 Active Directory, Configuration, (2011 – Present)
Nutanix Consulting Specialist (NCS), (2017 – Present)
Trend Micro Certified Professional for Deep Security, (2016 – Present)
Education
Bachelor of Science (B.S.), Texas A&M University, Corpus Christi, TX
Contact this candidate