INFOSEC Analyst

Mr. Terry David Lehman

Phone: 703-***-**** Email: ************@*****.***

Relevant work experience

IT SPECIALIST (INFOSEC/PLCYPLN) Department of Airforce Las Vegas, NV Series: 2210 - Grade: GS12

**/*024 - Present

Hours per week: 80

Ensures appropriate operational security requirements are maintained for assigned IT assets and security updates are completed within required established timeframes. Implement cybersecurity program ensuring enforcement of policies, procedures, and countermeasures. Ensures software, hardware, and firmware comply with appropriate security configuration guidelines (e.g., security technical implementation guides /security requirement guides). Initiates corrective steps to ensure compliance with cybersecurity requirements. Establishes suspense for cybersecurity actions and ensures tasks are conducted within established procedures/timeframes. Provides status updates as needed on cybersecurity activities impacting mission operations to leadership. Information Systems Security Officer (ISSO) ManTech, Intel Space Las Vegas, NV 02/2024 - 12/2024 Hours per week: 80

Prepare, review, and update authorization packages. Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media. Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change. Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties. 5G Cyber Risk Assessor Modern Technologies Systems, Inc. MTSI Las Vegas, NV 06/2022 - 02/2024 Hours per week: 80

Responsibilities as the 5G Cyber Risk Assessor (CRA) included providing the Authorizing Official (AO) with an independent “Cyber Risk Analysis” and acceptable “Risk of Use” for the Systems and Capabilities throughout the entire Agile Authorization process while focusing on criteria, observables, and overall behaviors of the 5G Experimental Mobile Nellis AFB, USAFWC Project. Participation in the DoW CIO 5G Cybersecurity Pilots Review Senior Team in a high- profile, fast- paced environment with the successful delivery of several ATO streamline processes and applied advanced principles. Information System Security Manager (ISSM) Data Intelligence Technology Las Vegas, NV 12/2019 - 06/2022 Hours per week: 80

Responsibilities as ISSM included assessing the management, operational, assurance, and technical security and privacy controls implemented on an information system(s) by utilizing Security Testing and Evaluation (ST&E) methods. Managed responsibilities unified cybersecurity standards for future DoD acquisitions. Information System Security Manager (ISSM) Insight Global, LLC, San Antonio, TX San Antonio, TX

02/2019 - 12/2019

Hours per week: 80

Ensure the Government only Community Cloud Service Models are compliant within the eMASS Risk Frame Management Tool. Ensure the Joint Authorization Board, DHA, GSA and FedRAMP Information System Owners, Privacy Officials, Delegated Authorizing officials, Security Control Assessors and senior management are aware of any changes and modifications to meet Cloud services and infrastructure shared by several organizations/ agencies with same policy and compliance considerations.

Systems Engineer TASC/Engility Inc. Chantilly, VA 09/2014 - 07/2018 Hours per week: 80

Provide guidance and direction to developers, testers and fellow engineers clear understanding or assessment requirements involving delivery and creation of System Security Plans, Software/Hardware Inventory List, Cryptography Procedures, Security Control Traceability Matrix (SCTM) Rev4, Risk Assessment Reports (RAR), Interconnectivity Agreements (ISA), Plan of Actions and Milestones (PoAM), Vulnerability Scans, Nessus (Operating System), Nessus Compliance, WebInspect, AppDetective and Other BoE Overlays as required for A&A. Information System Security Manager (ISSM) Digital Intelligence Systems LLC Chantilly, VA

07/2018 - 03/2019

Hours per week: 80

Provide guidance and direction to developers, testers and fellow engineers clear understanding or assessment requirements involving delivery and creation of System Security Plans (SSPs), Software/Hardware Inventory List, Cryptography Procedures, Security Control Traceability Matrix (SCTM), Risk Assessment Reports (RAR), Interconnectivity Agreements (ISA), Plan of Actions and Milestones (POAM), Vulnerability Scans, Nessus (Operating System), Nessus Compliance, WebInspect, AppDetective and Other Body of Evidence (BoE) artifacts. Education, certification or licenses

University of Phoenix Phoenix, AZ

Master's degree GPA: 3.58 of a maximum of 3.58 Credits Earned: 45.00 Major: Master Business Administration Minor: Technology Management Completion date: 01/2009

Technology Management Seminar in Decision Outcomes; Technology Management Seminar in Problem Solving; Strategies for Competitive Advantage; Sustainable Customer Relationships; Enterprise Risk; Maximizing Shareholder Wealth; Managerial Decision Making; Human Capital Development; Transformational Leadership; Introduction to Finance and Accounting; Managing the Business Enterprise; Forces Influencing Business in the 21st Century and Foundations of Problem-Based Learning

George Mason University Fairfax, VA

Bachelor's degree GPA: 3.5 of a maximum of 3.5 Credits Earned: 180 Major: Bachelor of Individualized Study Minor: Networking Technology Completion date: 06/2005

A Bachelor of Individualized Study (BIS) in Networking Technology (circa ~2005) was typically a customized, interdisciplinary program built around core IT, networking, and systems administration competencies. While exact coursework varied by institution, the curriculum generally aligned with industry standards of the time (e.g., Cisco, Microsoft, CompTIA tracks).

Northern Virginia Community College Herndon, VA

Associate's degree GPA: 3.4 of a maximum of 3.4 Credits Earned: 60 Major: General Studies Minor: Biology

Completion date: 06/2001

Coursework included college composition, mathematics (algebra and statistics), natural sciences with laboratory components, social sciences (history, psychology, sociology), humanities, and computer applications, with elective emphasis in general studies and introductory information systems. Job-related training

Department Of Airforce, Unauthorized Disclosure (UD) of Classified Information and Controlled Unclaissified Information (CUI) 02/7/2026

Department Of Airforce, DAF-Operations Security Awareness Training, 02/18/2026 USAFWC Special Se curity Office, Sensitive COmpartment Informaton Training 2025 Cyber Aware Technologies, JSIG Risk Management Framework, 02/19-21, 2025 Department Of Airforce, AF Civilian Leadership Developmental Continuum, 02/21/2025 Language skills

English Spoken: Advanced Written: Advanced Read: Advanced Professional publications

Motorola SATCOM; Drafted Human Safety documentation for Motorola SATCOM Facility and personnel operations. Motorola SATCOM; Drafting and co- authored the Iridium Satellite Master Control Facility Maintenance document supporting Network and Security Architectures.

Additional information

CompTIA Secure Cloud Professional (CSCP) ID# #COMP10669683 ITIL v3 Certified ID # 5136143.20309951

CompTIA A+ CE Certified ID #COMP10669683

CompTIA Security + CE Certified ID #COMP10669683

CEH (Certified Ethical Hacker) Certified ID #ECC967728 CNDA (Certified Network Defense Architect) ID #ECC967728 MCP (Microsoft Certified Professional) ID #A122-6947 CASP + CE certified ID COMP10669683

Contact this candidate