Information Technology Assurance Analyst

Location:

Herndon, VA

Salary:

160K

Posted:

July 23, 2025

Contact this candidate

Resume:

Timothy Lee Stokley

***** ***** **. ********, ** 20607 Mobile: 301-***-****

**********@*******.***

SUMMARY:

20+ Years of IT experience, including Medical Technology, Test and Evaluation, Cyber Security, Task Management and System Analysis.

Perform business and technical analysis for IT initiatives, analyzing business and design requirements, architecture, database and system security.

Strong experience working in government space, including a background in government Internet Protocol (IP) data systems and Open Systems Interconnection (OSI) Reference Model.

Conducted System Observation and Progress Briefs and generate reports to Senior Management and Government Officials.

Experienced with Web Services and Integration Testing.

Create and Conduct Table Top and Rehearsals for Business Concept Processes.

Responsible for reviewing, analyzing and making recommendations to executive management for information technology acquisition and Tactics, Techniques and Procedures Assessments (TTPA) to facilitate and ensure process improvement for all systems evaluated.

Knowledge of Privacy (IT) and Privacy (Foundation).

Performed, Analyzed, and Controlled Risk Analysis during the project lifecycle.

Analyzed and defined security requirements for Multilevel Security (MLS) issues in a Trusted Network Environment (TNE).

Design, develop, engineer, and implement solutions to MLS requirements for systems and user roles.

Gathered organized and created technical informational requirements using the organization's mission goals and needs, existing security products, and ongoing programs in the MLS arena.

Supported the development of MLS standards.

EDUCATION:

George Washington University Washington, DC

Master's, Information Technology

Graduated Jan. 2001

Virginia Commonwealth Richmond, VA

Bachelors of Science, Management Information Systems

Graduated Dec. 1995

Norfolk State University, Norfolk, VA

Bachelors of Science, Medical Technology

Graduated May 1982

CLEARANCE:

Active Top-Secret SCI, CI Polygraph, SAP

CERTIFICATIONs:

Security + December 2010

ICAGILE Certified Professional Foundation of DEVOPS (ICP – FDO) August. 2019

Dept. of the Navy (DON) Test and Evaluation Level II Career Field Certification August 2020

PROFESSIONAL EXPERIENCE

Naval Information Warfare Center Atlantic (NIWC) (Retired)

1008 Eberle Place, SE Building 220, Suite 113

Washington Navy Yard, DC 20374

Test and Evaluation Lead, IA & Cyber Lead Support Competency

Dates of Employment – 10/2018-11/2024

Positions Held during Tenure:

Joint Strike Fighter Program Office (JPO) Maintenance System Cybersecurity Lead

Dates of Employment 05/2020 – 11/19/2024

Duties, Accomplishments and Related Skills:

Provide JPO government oversight in support of providing program IATTs and ATOs for the Autonomic Logistics Information System (ALIS).

Familiar with NIST and ISO standards, as well as their implementation into projects.

Utilized the Risk Management Framework (RMF) policy to manage and develop the project, helping to ensure a thorough adherence towards Risk Management and the understanding of inherent risk on the platforms.

Supported the decision process for hiring and training of new staff for a wide array of projects.

Advise management through verbal and written communications of viable solutions to security

Issues.

Assist with maintenance of RMF/Cybersecurity related documentation/artifacts repository and ensure accessible to authorized individuals.

Conduct Table Top reviews.

Provide IATT recommendations to JPO for Adversarial Assessments.

Review cyber contract Basis of Estimates (BOEs), CLINs, SOWs etc. in support of future Fiscal Year pricing.

Perform assigned tasking related to all RMF steps throughout the Assessment & Authorization process.

Assist with assembly and maintenance of the Security Authorization Package including eMASS entry and updates.

Supported the proposal process for multiple contracts, filling in from a cybersecurity standpoint.

Analyze, view, and validate current ALIS compliance activities and operations and provide deep insight to enable effective continuous monitoring and awareness activities.

Assist with development of the security control baseline and coordination of validation with the system owners and authorizing officials.

Implement and enforce all DoD Cybersecurity policies and procedures and ensure all users have proper authorization for access.

Ensure proper incident and vulnerability process response is in place and followed as well as contingency planning with annual reviews conducted.

Perform security reviews and control testing per requirements and coordinating scans as appropriate (ACAS, SCAP, etc.).

Lead the security control implementation and controls testing effort, review security controls and assisting with assessing the controls.

Develop and manage POA&Ms to ensure vulnerabilities are properly identified, tracked, mitigated, and eventually resolved.

Oversee the development and maintenance of system’s cybersecurity solution (Security Plan, etc.).

Assist in system type identification, special considerations (multi-service/agency, joint, cross domain, PII, tactical, etc.) in support of Categorization step and identifying mission criticality.

Initiate the Risk Assessment Report.

Assist in the mitigation and closure of open vulnerabilities as a part of the change control process.

Oversee the cybersecurity testing to assess security controls and record security control compliance status during the continuous monitoring phase.

Support the drafting and review of the Cybersecurity Task Orders (CTOs) with my team so that they are prepared to be issued and released to the ALIS customers

Drafted and reviewed policy documentation that support the execution of CTOs to support RMF objectives and tasks.

Review and analysis of the Authority-to-Connect (ATC) memorandums for external and internal information system access to ALIS services.

Review Privacy Impact Assessment (PIA) submissions and documentation for systems collection of Personal Identifiable Information (PII) and analyze potential weaknesses or areas of concern in the manner of collection, transmission, dissemination and propagation of PII.

Update status reports for the compliance program to ensure all facets are accurate and measurable items are accounted for; to include FISMA reportable items.

KMS Project Lead USCG

Dates of Employment 03/2020 – 05/2020

Duties, Accomplishments and Related Skills:

Accepts, manages, and executes tasking requirements within scope of IAA.

Provides clarity and guidance to NIWC Atlantic Task Lead and team members for tasking and scope of work.

Verifies and negotiates with NIWC Atlantic Team Lead and stakeholders on estimates, schedules, requirements, and resource planning

Creates and maintains Project Plans

Follows guidance from NIWC Atlantic Team Lead

Ensures PM functions are being performed

oContracts (Material / Service)

oFinancial: Budget / Independent Government Estimate (IGE), Spend Plan, Tracking

Scheduling (MS Project)

Reporting

oProject Plans

oOrg. Chart

oProgram Management Review (PMR)

oRisks

Reviews / Submits Deliverables

Determines resources required for project execution

Ensures fees are budgeted and tracked amongst project personnel

PMW 220 Navy Enterprise Resource Planning (NERP) Test and Evaluation Lead

Dates of Employment 10/2019 – 12/2019

Duties, Accomplishments and Related Skills:

Test and Evaluation Lead for PMW 220 Navy Enterprise Resource Planning (NERP)

Review various test plans and reports analyzing them to standardize the information being sent to decision makers

Attend weekly Navy ERP Application Performance Monitoring Team meetings in support of the ERP project

Participate in the weekly NCR Cyber Table Top (CTT) Leadership Sync meetings

Review and comment on various project documents, to include the Infrastructure Continuous Performance Monitoring Team (CPMT) Charter, and the Project CONOPS

Support the Cyber Test Team with various Table Top discussions and exercises concerning the critical business processes and disaster recovery

Convey all information to intended audience in a clear, concise and organized manner using correct English grammar

Develop/review Test Plans for Navy ERP projects

Cybersecurity Testing

Develop and report T&E metrics analysis for Navy ERP releases and projects

Facilitate/adjudicate test defect criticality reviews

Monitor conduct of Navy ERP technical and functional testing

Monitor implementation of SE processes across Navy ERP supporting organizations

Develop/update IV&V process for quality assurance of key Navy ERP products and deliverables

Naval Information Warfare Center Atlantic (NIWC) Test and Evaluation Lead

Dates of Employment 10/2018 – 09/2019

Duties, Accomplishments and Related Skills:

Test and Evaluation Lead for a Classified Project

Supported the Risk Management Framework Workshop teachings for NIWC

Secondhand receipt holder for the RMF workshop binders. In addition, I kept track of the leftover binders in the local areas, saving on the cost of buying and not needing them

Presented various artifacts and files using eMASS and STIGViewer to present to the class during presentations

Technical Editor for the RMF slide decks that are being used for the RMF workshops given around the country for contractor and government Cybersecurity individuals

Supported the Risk Management Framework Campaign taking meeting minutes and action items

Conveyed all information to intended audience in a clear, concise and organized manner using correct English grammar

Engility Corporation

Explosive Ordinance Disposal (EOD)

Stump Neck Rd., Indianhead, Md.

Test and Evaluation Lead

Dates of Employment 06/2018 – 09/2018

Duties, Accomplishments and Related Skills:

Test Lead for the Explosive Ordinance Division.

Reviewed and analyzed requirement documents.

Created scenarios, test plans and reports.

Created daily, weekly and monthly team status reports to upper management.

Provides excellent customer service when working with internal and external stakeholders, communicating in a clear and concise manner.

Responsible for developing and preparing the technical documentation and participating in negotiation while ensuring that all final plans, reports are checked for clarity, conciseness, technical correctness, and approved format prior to delivery to the GPOC in electronic and hard copy format.

Experienced system/functional analyst, gained in a national intelligence program / testing agency.

ManTech International Corporation

6910 Cooper Ave. Fort Meade, MD 20755

Task Manager/Test Lead/System Analyst

Dates of Employment 01/2009 – 02/2018

Duties, Accomplishments and Related Skills:

Task Manager for the Multi-National Information Sharing (MNIS) Test and Evaluation Support

Test Lead for the (MNIS) Test and Evaluation Support.

Provides excellent customer service when working with internal and external stakeholders, communicating in a clear and concise manner.

Analyzed and defined security requirements for Multilevel Security (MLS) issues in a Trusted Network Environment (TNE) in support of cyber-attacks and user incidents guarding information.

Identifies and analyzes problems providing effective solutions and recommendations.

Assessed systems and applications for extra layers of security beyond a username and password in response to Cybersecurity.

Experience in Technology Insertion - evaluating and integrating new technology into a network / system architecture.

Responsible for creating assessing and supporting Cybersecurity Plans/Reports listing the user roles authorized to access the systems/applications, their level of access, how users will access the system, system strengths and weaknesses and how they are handled and sometimes to include backup and restoration procedures.

Experience with various operating systems (OS) such as Microsoft Windows, Cisco IOS, Cisco Call Manager, etc.

Adhered to the DoD Defense Federal Acquisition Regulation Supplement (DFARS) 225-***-**** to implement the NIST Special Publication 800-171 standards and DoD Directive 8570 DoD to protect covered defense information / controlled unclassified information in lieu of Cybersecurity.

Gathered organized and created technical informational requirements using the organization's mission goals and needs, existing security products, and ongoing programs in the MLS arena.

Familiar with script testing processes and software.

Analyze statistical results while conducting Performance testing using an IXIA, traffic generator, establishing baselines, trends and anomalies.

Supported the Design, development, engineering, and implementation of solutions to MLS and non-MLS requirements for system and user roles.

Background in government Internet Protocol (IP) data systems and Open Systems Interconnection (OSI) Reference Model.

Experience working with layer 2/3 network devices to include routers, switches and other devices.

Conceptual understanding of Virtual Private Networks (VPNs), Virtual Local Area Networks (VLANs), High Assurance Guards (HAGs), routers, switches, encryption devices (KG-175/250 and KIV-7), servers (Windows based and UNIX), intrusion detection/prevention systems and firewalls.

Experience working with Microsoft Exchange mail environments.

Knowledge of routing and network protocols.

Identified and resolved issues related to Test and Evaluation policies and took innovative actions to address new or evolving policy requirements.

Experience as a system/functional analyst, gained in a national intelligence program, testing agency, or similar Department of Defense (DoD) environment.

Conceptual understanding of a distributed computing environment and Web-based technologies, i.e., XML, ASP, JAVA, etc.

Coordinated, monitored, and participated in the MNIS Safety Review Boards (SRB), MNIS Engineering Review Board (ERB), and the MNIS Engineering Change Control Board for upcoming developmental, operational and functional testing.

Develop and conduct Interoperability Assessments and/or Interoperability Certification Tests of MNIS, as required by the MNIS Program Management Office (PMO) or as requested by the GPOC.

Responsible for developing and preparing the technical documentation and participating in negotiation while ensuring that all final plans, reports, proposals, certification letters, and general correspondence are checked for clarity, conciseness, technical correctness, and approved format prior to delivery to the GPOC in electronic and hard copy format.

Managed the inter/intra-agency liaisons with DoD and MNIS Test and Evaluation personnel to manage Test and Evaluation career path development.

Familiar with JITC functions and procedures, especially in the area of test planning, test documentation, and test conduct.

Experience and proven ability to develop test plans/reports and write test cases/procedures in accordance with CJCSI 6212.01D/E; DoDI 4630.8, DoDD 4630.5, DoDD 5000.1, DoDI 5000.2, and UJTL CJCSM 3500.04B(or current versions of these documents).

Supported the development of MLS standards.

Managed the DoD Multi National Information Sharing test program and determined the goals and objectives of the program.

Knowledge of JITC’s approach to testing.

Experience as a system/functional analyst, gained in a national intelligence program, testing agency, or similar environment.

Managed the information flow between the Test and Evaluation Field Assessments and the DoD-CIO Operations headquarters.

Conceptual understanding of multi-level security environments and devices used to achieve dissemination of releasable information from US to bi-lateral networks and techniques and security devices used to achieve the establishment of Communities of Interest (COIs), i.e., data separation.

Plan, schedule, coordinates, and managing/conducting all required testing to ensure that the current operational capabilities, as well as any planned enhancements, achieve an “operationally suitable and effective” rating prior to transitioning to sustained operations.

FDO support for Country Managers for the AirForce, Redacting Various Cyber documents for US Allies.

Task Lead for the ManTech INTEROP team in support of the MNIS.

Create and modify the project Task Execution Plans for the KO upon request.

Joint Interoperability Test Command (JITC) Technical Specialist for the MNIS Laboratory.

Generate situational awareness reports to Senior Management and Government Officials.

Oversee and support the Implementation of Multi National Test Plans and Reports, Assessment Plans and Reports, Interoperability Certification Evaluation Plans and Reports for JITC.

Conduct In-briefs, Out-briefs and Presentations to Senior Management and Government Officials.

Conduct System Observation and Progress Briefs and generate reports to Senior Management and Government Officials.

Create Memorandums and Letters for Senior Management and Government Officials discussing various research findings.

Create and Conduct Table Top and Rehearsals for Business Concept Processes.

Conduct Mission Proficiency Assessments for the US Communities of Interest (COI).

Provides oversight and coordination of IT acquisition program management in identifying requirements, developing acquisition strategies and initiatives, and establishing procurement processing schedules and milestones while creating and maintaining the project Work Breakdown Structure (WBS) and Task MS Project Plans.

Travel - 35%

Northrop Grumman

Strauss Rd. Indian Head, MD 20640

NGIT Task Manager/Test Lead/Computer Scientist

Dates of Employment 12/2007 - 12/2008

Duties, Accomplishments and Related Skills:

Northrop Grumman Task Lead for the Defense Enterprise Accounting and Management System (DEAMS)

Joint Interoperability Test Command Technical Specialist for DEAMS

Created and Maintained the Task Execution Plan (TEP)

Created daily, weekly and monthly team status reports to upper management.

Created test plans and reports

Reviewed Requirement Documents

Created and Maintained the DEAMS Project Work Breakdown Structure (WBS).

Collected and Analyzed Interoperability Data.

Analyzed and Consolidated Data in support of the Final Interoperability Certification or Report.

Created Interoperability Assessment Plans

Developed Interoperability Certification Evaluation Plans, Reports, and Certification Letters.

Conducted In-briefs, Out-briefs and Presentations.

Conducted Test Observation, Verification Progress Briefs.

Created Performance Management Process (PMP) goals for employees.

Created Trip Reports, Memorandums and Letters.

Created Integrated Test Team and Interface Partner Reports as required.

Created Trouble / Incident Reports.

Insight Global

1921 Gallows Rd Suite 850 Fairfax, VA 22182

Database Deployment Specialist

Dates of Employment 08/2006 - 12/2006

Duties, Accomplishments and Related Skills:

Upgraded the USAF Procurement databases around the U.S.

Conducted kick off meetings explaining the database upgrade process to the System Administrator and colleagues.

Performed Database Consistency Checks (DBCC's) and Backups on all available databases.

Downgraded databases for preparation of the Database Upgrade.

Lead the MOS (measures of success) testing for verification of a successful database upgrade with SA team testers.

Created and configured new databases.

Performed the migration of existing databases into newly created databases.

Setup ftp batch file schedules.

Scheduled Interfaces as specified by SA.

Synchronized all document types as needed.

Conducted database upgrades and adapter training for SA and other technical members.

Conducted exit meetings explaining the successful database upgrades and any issues that were encountered during the upgrade to the System Administrator, Director's, Government Officers and colleagues.

Verizon Communications

13100 Columbia Pike, Silver Spring, MD 20901

Software Engineer

Dates of Employment 03/1997 - 03/2006

Duties, Accomplishments and Related Skills:

Performed business/technical analysis for IT initiatives, analyzing business and design requirements, architecture, database and system security.

Validate computer systems and processes for recommendations for upgrades.

Traced application and infrastructure functionality back to core business requirements and processes so that new application enhancements can be implemented in the future.

Prepared and presented complex comprehensive reports to clients and Upper Level Management.

Created, executed scenarios and test scripts for Web applications using Oracle 9iAS with an Oracle 8i database.

9 years of experience as Verizon’s Quality Assurance UNIX Batch Expert using Oracle as the backend database.

Created, executed scenarios and test scripts for Graphical User Interfaces using Oracle 10gAS with an Oracle 10g database.

Performed Project Management on several occasions, including Daylight Savings Time, and System Conversions involving GUI, Unix Batches and Web applications.

Developed certification process for validating that the application functionality has been deployed to the various operating systems (WNT, W2000, XP)

Developed Xterm (Citrix Farm) certification for application functionality.

Wrote and executed scenarios and test scripts for Unix Batches, Web applications and Graphical User Interfaces to assure zero defects once the application is deployed.

Developed excellent Customer Service and Communication skills; to support User-involvement continuously throughout the project and solution.

Employed multiple concurrent threading of projects to compress schedules and accommodate varying integration requirements making sure that all application releases are put into production as scheduled, saving time and money.

Controlled Risks in the project lifecycle by using iterative, incremental steps.

Abstracted business process flows to meta-levels for knowledge and business modeling to assure that the requirements given meets the business goals and needs of the company.

Utilized environmental design to enable developers to accommodate continuous change at a rapid pace.

Chippenham Medical Center

7101 Jahnke Rd., Richmond, VA 23225

Medical Technologist

Dates of Employment 01/1984 - 03/1997

Duties, Accomplishments and Related Skills:

Performed large scale testing in Hematology, Blood Bank, Chemistry, and Bacteriology

Trained and oriented new employees to instrumentation and computer system

Maintained Quality Control data and laboratory integrity

Supervised 2-4 technicians on midnight shift

Performed nightly computer operations, clearing interfaces, crediting patient accounts, rearranging business reports for the business office, monitoring and solving improper admits and discharges, initializing printers, monitoring HBOSS and occasional rebooting of the system

Bon Secours Richmond Community Hospital (RCH)

1500 N 28th St, Richmond, VA 23223

Medical Technologist

Dates of Employment 01/1984 - 03/1997

Duties, Accomplishments and Related Skills:

Performed testing in Hematology, Blood Bank, Chemistry, and Bacteriology

Trained and oriented new employees to instrumentation and computer system

Maintained Quality Control data and laboratory integrity

Supervised 2-4 technicians on Day shift

PROFESSIONAL DEVELOPMENT

DAWIA T&E Level II Certification

DAWIA IT Level I

NAVSEA INTRODUCTION TO CONTROLLED UNCLASSIFIED INFORMATION TRAINING

NAVSEA CYBER SECURITY

Completed 3-day DevOps Implementation Boot Camp

Completed 3-day COMOPTEVFOR Test Planning / Survey Course

Completed the Fleet Integration Team (FIT) RMF Boot Camp

SPAWAR INTRODUCTION TO THE NAVY RISK MANAGEMENT FRAMEWORK (RMF) COURSE: 101

RISK MANAGEMENT FRAMEWORK (RMF) CYBERSAFE TRAIN THE ASSESSOR 101

RMF FOR ACQUISITION AND ISSE PROFESSIONALS 201 PART I

RMF FOR ACQUISITION AND ISSE PROFESSIONALS 201 PART II

RMF FOR ACQUISITION AND ISSE PROFESSIONALS 201 PART III

RMF FOR ACQUISITION AND ISSE PROFESSIONALS 201 PART IV

RMF FOR ACQUISITION AND ISSE PROFESSIONALS 201 PART V

SSC LANT SENSITIVE COMPARTMENTED INFO (SCI) SSO TRAINING

SILK Test

WIN Runner

C+

HTML

Fast Track to Sybase

Configuration Management

Introduction to SQL

Intro to UNIX Fundamentals

Contact this candidate