Post Job Free
Sign in

System Security Information

Location:
Springfield, VA
Posted:
August 28, 2025

Contact this candidate

Resume:

Monica Harris

571-***-**** / Email: **************@*****.***

SUMMARY: Highly accomplished Security Professional with a diverse range of expertise and a consistent track record of achievements in Information Assurance, Information Technology, and Cybersecurity. Skilled in Incident Response/Management, security planning, assessment, risk analysis, risk management, and authorization activities for both on-premise and cloud systems. Proficient in developing and maintaining System Security Plans (SSPs) in adherence to government directives such as Intelligence Community Directive (ICD) 503, Risk Management Framework (RMF), NIST SP 800 Series, CNSS 1253, JSIG, eMASS, and DAAPM. Recognized as a seasoned Information System Security Officer and Information System Security Manager, leveraging over 20 years of Cybersecurity and Information Assurance experience across the Department of Defense, contractor environments, and the Intelligence Community. Exceptionally motivated and articulate, possessing outstanding organizational and customer service skills. Proven track record of delivering exceptional customer service and achieving mission objectives.

CLEARANCE: Holds active TOP SECRET clearance with access to Sensitive Compartmented Information (SCI), granted upon completion of Single Scope Background Investigation (SSBI). Additionally, possesses a CI Polygraph. CERTIFICATION:

Security+ ce (COMP001020456094)

EDUCATION:

Master of Science, Security Management, American Military University (June 2012) Bachelor of Arts, Computer Information Systems, Strayer University (June 2004) PROFESSIONAL EXPERIENCE:

Jacobs (Blacklynx) (December 2025 – Present) Chantilly, VA Information System Security Manager

· Manage the day-to-day system security including physical and environmental protection, incident handling, and infor- mation system security training and awareness

· Maintain the system security plan (SSP), and other related documents, following NRO, IC, and DoD applicable poli- cies, procedures, and templates

· Maintain and update asset record in ServiceNow (SNOW) and Security Center

· Perform continuous monitoring (ConMon) and periodic self-inspections of information systems to ensure security com- pliance

· Review Nessus security scans, communicate vulnerabilities to technical stakeholders, and perform remediation

· Support customer responses to ongoing information system audits and reviews in accordance with established schedules

· Ensure change control requirements are documented and tracked

· Monitor and track status of applicable patches including IA Vulnerability Alerts (IAVA), IA Vulnerability Bulletins

(IAVB) and Technical Advisories (IA) for the information system

· Conduct periodic reviews of Privileged User (PU) accounts (Developer, Admin, etc.)

· Assist in the creation of new policies/procedures as needed

· Perform Configuration and Change Management for the security relevant IS software, hardware, and firmware, Event Management, Vulnerability Management, Security Incident Management, POA&M Management, Reauthorization, and Decommissioning of IT asset environments

· Maintain Approval to Operate (ATO), including the development and management of security documents

· Develop and maintain any Plans of Action & Milestones (POA&M) documents

· Control, label, virus scan, and appropriately transfer data (uploading/downloading) between various information sys- tems as required and Portable Electronic Device (PED) registrations and tracking

· Provide security design guidance and analysis to the project team throughout the RMF process

· Perform reviews of technical security assessments of computing environments to identify points of vulnerability, non- compliance with established Information Assurance (IA) standards and regulations, and recommended mitigation strat- egies

· Develop and maintain a Data Loss Prevention process to investigate, track, and mitigate security incidents

· Provide briefings on the network security posture and compliance status of assigned system(s) to Security Management

· Assign, maintain, and administer RSA SecurID Tokens to new and existing users Radiance Technologies (May 2023 – November 2024) Huntsville, AL Information System Security Officer

· Served as the Information System Security Officer (ISSO) support to the Organizational ISSM, in the management and administration of authorization and accreditation (A&A) package processing. Responsible for IA of tactical networks, systems, security practices, and the application of IA concepts to rapid hardware/software prototype development.

· Participated, as a team member, within the assessment of confidentiality, integrity, and availability of systems, net- works, and data through the coordination, planning, analysis, development, implementation, and enhancement of infor- mation assurance programs, policies, procedures and tools

· Served as the front-line team member to the organization’s Authorizing Official team ensuring the dissemination and adherence to IA policies, procedures, guidance, and training requirements. Enforces IA standards and procedures for all phases of hardware and software lifecycle management process and assists in developing solutions to complex prob- lems.

· Assisted in the administration management support of the RCCTO by carrying out and responding in a timely manner to IT/IA tasks and requests; and managing internal office IT/IA work tasks

· Developed and maintain relationships between Program/Project Management Offices, RCCTO program staff, and out- side organizations to ensure proper communication, development and deployment of information assurance technolo- gies, products, and systems

· Assisted in preparing briefing materials, supporting engineering and development meetings coordinating security test- ing events, scheduling, and supporting teleconferences and video teleconferences and other administrative support tasks as directed

· Monitored and managed system accounts in eMASS

Oracle (November 2019 – April 2024) Reston, VA

Consulting Technical Manager

· Responsible for ensuring confidentiality, integrity and availability is implemented into the concept, development and transition to production of information systems.

· Performed, reviewed technical security assessments of cloud computing environments to identify points of vulnerabil- ity, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies.

· Assisted the Government Security Personnel in the oversight, inspection, review and accreditation of Information Sys- tems.

· Assessed and mitigated system security threats/risks throughout the program life cycle and contributed to the security planning, assessment, risk analysis, risk analysis, risk management, certification and accreditation activities for system and network operations.

· Developed and managed Standard Operating Procedures (SOP), System Security Plan (SSP), Continuous Monitoring Plan (CMP), Incident Response Plan (IRP), and Emergency Plan as well as providing feedback on recommended and required modifications.

· Reviewed and tracked progress of sites Plan of Action and Milestone (POA&M). Radiant Solutions (January 2017 – November 2019) Herndon, VA Information System Security Engineer

· Responsible for ensuring confidentiality, integrity and availability is implemented into the concept, development and transition to production of information systems.

· Builds IA into systems deployed to development and operational environments and assisting architects and system de- velopers in the identification/implementation of appropriate information security functionality to ensure uniform appli- cation of Agency security policy and enterprise solutions

· Provided support to the planning, designing and implementing security controls which safeguard and monitor events for information systems and applications and data

· Utilized various scanning tools such as Nessus Tenable

· Drafted, reviewed and edited assessment and authorization (A&A) documentation, providing feedback on completeness and compliance of its content

· Created and maintained Plan of Action and Milestones (POAMs) as required

· Utilized various databases such as XACTA IA Manager, XACTA 360, and eMASS Blue Canopy Group, LLC (August 2013 – January 2017) Reston, VA System Analyst

· Responsible for Certification and Accreditation of security systems and advancing them through the ICD 503 process achieving approval to operate (ATO).

· Ensured systems are operated, maintained, and disposed of in accordance with internal security policies and practices outlined in the security plan.

· Developed and maintained security artifacts and ensure they are written and adhered to customer policies, procedures, techniques, and industry best practices (ICD 503).

· Monitored and maintained Configuration Management (CM) for security related IS software, hardware, and firmware.

· Participated in Integrated Product Teams to ensure system security control requirements are understood and integrated into the system.

· Led system testing before granting approval to load to production environment through Security Testing and Evaluation

(ST&E).

General Dynamics (June 2012– August 2013) Chantilly, VA Security Control Assessor

· Responsible for assessing security controls for more than 80 NRO Assets.

· Coordinated and collaborated with primary stakeholders to include the Designated Authorizing Official (DAO), Pro- gram Security Officers (PSO), Information System Security Engineer (ISSE), and Information System Security Officer

(ISSO) during assessment and authorization under ICD 503.

· Coordinated, tracked, and organized IA requirements and facilitates flow of required documentation for ICD 503 transi- tion.

· Served as a security expert by articulating security policy and technical requirements for system design, development, and operations.

Welkin, Assoc (August 2011 – June 2012) Chantilly, VA Security Specialist

· Advised and assisted with getting COMM assets certified and accredited through the ICD 503 process

· Acted as a liaison between the Program, PSOs, ISSEs, and ISSOs to complete all documentation required for system Approval to Operate (ATO)

· Reviewed information system security artifacts for accuracy, relevance and compliance

· Applied knowledge of IC, DoD, AF, and local requirements for system assessments MILITARY:

United States Air Force (Retired)

National Reconnaissance Office (Jan 2009 - Jul 2011) Program Security Officer (PSO)

Logistics Facility Support Group (L&FSG) Manager with oversight of 15 military and contractor personnel including

$20M in security assets.

Project Manager for physical and technical security infrastructure projects supporting classified programs. National Reconnaissance Office (Sep 2007 - Dec 2008) Manager, Information Management & Technology Program Led IT Program ensuring 24/7 computer support to 22 military, 4 government civilians, and 45 contractor personnel.

Directed and managed acquisitions, repair, operation, and upgrade of 150 IT systems and served custodian of all IT material.

National Reconnaissance Office (Sep 2004 - Aug 2007) Manager, Information Systems Certification

Provided certification and accreditation assistance to Industrial Security Representative and contractors on Information System (IS) requirements.

Led inspections at contractor facilities in accordance with established DCID 6/3 policies and implemented procedures, standards, and regulations governing the safeguarding of classified information.

Reviewed, edited, and approved system security plans, CONOPS, Risk Management Matrix (RMM) and modifications to ensure compliance with DCID 6/3.

National Reconnaissance Office (Oct 2002 - Aug 2004) Deputy Chief, Video Network Operations

Managed and accounted for over $55M in operational multimedia communications equipment that governed the global videoconferencing network and services.

Air Force Studies & Analyses Agency (AFSAA), Rosslyn, VA (Apr 2001 – Sep 2002) Managed Information Technology (IT) support to 200 DoD and contract research analysts who provided critical analytic support to the Secretary of the Air Force, AF Chief of Staff, Office of the Secretary of Defense, Joint Staff, Air Staff and Major Air Force Commands (MAJCOM).

United States Air Force, Laughlin Air Force Base, TX (Jun 1999 - Mar 2001) Information Assurance Manager

Managed two military Communications-Computer Systems (C-CS) operators who isolated faults, determined causes, and recovered from malfunctions due to hardware, software and communications failures. Applied security techniques to preclude unauthorized access to sensitive information and misuse of automated resources. United States Air Force, Various Air Force Bases (Dec 1989 - Mar 1999) Logistics Manager

Managed the supply of logistics-related data to support customers in the day-to-day general areas of acquisitions, supply, configuration management, technical requirements identification, installation and maintenance of equipment, safety and documentation development and maintenance.



Contact this candidate