Senior ISSO/SCA TS/SCI Information Security Analyst

Location:

Washington, DC

Posted:

March 28, 2026

Contact this candidate

Resume:

Kelvin Boodie - Active TS/SCI

Address: **** ******* ****, *******, **, 20735

Phone: 301-***-**** Email: **********@*******.***

PROFESSIONAL SUMMARY

More than over 18 years of IT experience, delivering a variety of services to the Department of Defense (DOD) Department of Health Agency (DHA), and Department of Justice (DOJ) organizations, providing IT support/Information Security services across multiple platforms and technologies. As an Information Technology Cyber Analyst/Engineer, I have become technologically proficient and customer service driven as result from challenging experiences. Major skills I offer to your organization include visual censoring for best mitigation practices of the cybersecurity world, the ability to multitask by prioritizing and organizing work responsibilities, proper application of security measures and best practices. As an ISSO/RMF Security Analyst, I provide experience working on enterprise technology assessments, security assessments, policy/procedure documents, RMF packages, Continuous Monitoring, implementation and understanding of the six phases of the Risk Management Framework. Knowledge with Security Protocols - NIST Cybersecurity Framework NIST 800 series publications to include:800-30, 800-37, 800-53, and 800-53a. Also provided hardware and software engineering support for Information Systems utilizing object-oriented programming and client / server applications and being proactive as either a team member or supervisor. Led/Managed a team of 3 - 4 ISSOs for 3 plus years. Provide support with Configuration, implementation, and development of supporting functional policy/procedures around SIEM and system security. Security Information and Event Management (SIEM), patch management, vulnerability management experience.

EXPERIENCE

EOIR, JMD – MIND POINT GROUP INC. Alexandria, VA/Washington D.C.

SR. ISSO/SCA May 2024 - Present

Document and present findings to management suitable for customer consumption

Reviewing Artifacts attached/reference to the control families before validation of the Risk Assessment

Knowledge with Security Protocols - NIST Cybersecurity Framework 800-53 R4, NIST 800 series publications to include:800-30, 800-37, 800-53, 800-53a, and 800-60.

Knowledge of FedRAMP SA&A approaches to ensure that assessment plans and packages are executed and constructed in alignment with FedRAMP PMO requirements.

Expand the usage of security monitoring tools to improve the security of the environment, including detection, prevention and policy enforcement; Define security configuration for monitoring tools, including alerts, correlation rules and reporting

Assessing systems of varying scope and complexity and comprised of various technologies.

Serve as Security Controls Assessors for formal Security Test and Evaluation, Conduct of Security Certifications of systems/networks/sites assessing security control compliance, providing guidance regarding remediation and mitigation of identified vulnerabilities, all security domains.

Support to the Security Assessment and Authorization (SA&A) Risk Management Framework tasks for all managed systems, networks, and enclaves (all security domains); ensure validity and accuracy review of all associated documentation.

Experience interpreting and evaluating implementations of NIST 800-53 rev 4 security controls.

Led/Managed a team of 4 ISSOs on the EOIR contract reviewing documentation that includes but is not limited to System Development Lifecycle Documentation (SDLD), network topology diagrams, System Security Plans and other documents that comprise existing A&A packages, cyber/system/network security artifacts/SOPs, audit logs, system configurations, as well as policies, procedures, and processes related to NIST 800 series security controls for accuracy and completeness.

Participated in various development and implementation of policies and SOP standards and implementation guidance to exceed the statutory and practical requirements of associated use of IT solutions within the federal government

Provide reports as assigned on key trends, performance and risk indicators affecting the group’s processes, tools, and responsibilities for management and key stakeholders

Communicate requirements and recommendations with System Owners that would help mitigate these issues for future ATT and ATO renewals for their system.

DELIOTTE/ DOD AIR FORCE- GUIDEHOUSE/RM ADVISORY Remote Support

SAF SIEM Analyst/Assessor April 2023 – April 2024

Document and present findings to management suitable for customer consumption

Reviewing Artifacts attached/reference to the FISCAM controls, provide GAP Analysis for onboarding systems to the ARCI FIAR program

Experience and knowledge of the approval chain within eMASS

Knowledge with Security Protocols - NIST Cybersecurity Framework 800-53 R4, NIST 800 series publications to include:800-30, 800-37, 800-53, and 800-53a

Define security configuration for monitoring tools, including alerts, correlation rules and reporting

Assessing systems of varying scope and complexity and comprised of various technologies.

Assessing security control compliance, providing guidance regarding remediation and mitigation of identified vulnerabilities, all security domains.

Reviewed documentation includes but is not limited to System Development Lifecycle Documentation (SDLD), network topology diagrams, CSSP documents, cyber/system/network security artifacts/SOPs, audit logs, system configurations, as well as policies, procedures, and processes related to NIST 800 series security controls for accuracy and completeness.

Provide reports as assigned on key trends, performance and risk indicators affecting the group’s processes, tools, and responsibilities for management and key stakeholders

Review System Surveys, eMASS site archived document, system plans and procedure for onboarding system owners.

Identify IT control gaps in Air Force systems and provide recommendations that support auditability, security, and compliance.

Provide rules, guidance, validation, framework, and knowledge to support third-party design and implementation of the Information Technology General Controls that provide Air Force IT systems FISCAM auditable controls.

Gained an understanding of the audit issues identified within Notices of Findings and Recommendations (NFRs) through the ACRI FIAR Onboarding process. Communicate requirements and recommendations with System Owners that would help mitigate these issues for future A&A and ATO renewals for their system.

DHA / DEPARTMENT OF HEALTH AGENCY-SERTAR INC. Remote Support

Sr. ISSO/RMF Specialist March 2019 – April 2023

Document and present findings to management suitable for customer consumption

Reviewing Artifacts attached/reference to the control families before validation of the Risk Assessment

Experience and knowledge of the approval chain within eMASS

Knowledge with Security Protocols - NIST Cybersecurity Framework 800-53 R4, NIST 800 series publications to include:800-30, 800-37, 800-53, and 800-53a

Assessing systems of varying scope and complexity and comprised of various technologies.

Led/Managed a team of 3 ISSOs reviewing documentation that includes but is not limited to System Development Lifecycle Documentation (SDLD), network topology diagrams, System Security Plans and other documents that comprise existing A&A packages, cyber/system/network security artifacts/SOPs, audit logs, system configurations, as well as policies, procedures, and processes related to NIST 800 series security controls for accuracy and completeness.

Provide reports as assigned on key trends, performance and risk indicators affecting the group’s processes, tools, and responsibilities for management and key stakeholders

Develops and reports key trends, performance and risk indicators affecting the group’s processes, tools, and responsibilities for management and key stakeholders

JSF / JOINT STRIKE FIGHTER- JACOBS Crystal City, VA

SOC Lead/ CIRT Analyst/ ISSO May 2016 – March 2019

●Perform monitoring using, Azure Sentinel, MDI, 365 Defender, HBSS, FireEye, Cisco Fire Power and other tools looking for security incidents.

●Utilize FireEye Threat Intelligence and Appliances. Working in PhishMe Triage and Proofpoint to determine recipients and take appropriate actions, as necessary.

●Utilize network sniffer tools to perform packet analysis.

●Execute incident response process when a security incident has been detected and declared.

●Plan, coordinate, and implement network security measures in order to protect data, software, and hardware on government networks.

●Perform analysis of security logs in an attempt to detect unauthorized access and anomalies.

●Work as an incident management analyst to cleanup spillages, bring all affected parties together and quarterback incident analysis and management session to remediate the incident and put together a lesson learned document on the incident. Lead/Manage a team of 5- 7 SOC Analyst

●Document and present findings to management suitable for customer consumption.

●Conduct detailed security event analysis from network traffic attributes and host-based attributes (memory analysis, binary analysis, etc) to identify information security incidents.

●Correlate threat data from various sources. Conduct research and evaluate threat intelligence to develop in-depth analysis and assessment on threats to critical networks and infrastructure components.

●Expand the usage of security monitoring tools to improve the security of the environment, including detection, prevention and policy enforcement; Define security configuration for monitoring tools, including alerts, correlation rules and reporting.

●Manage case number generation and provide labels for physical evidence such as hard drives, memory cards, optical disks and the like.

●Perform static and dynamic file analysis to identify malware characteristics, intent and origin.

●Validating controls within eMASS pertaining to Risk Management Framework.

●Reviewing Artifacts attached/reference to the control families before validation of the Risk Assessment

●Familiar with Security Protocols - NIST Cybersecurity Framework 800-53 R4

CHIEF CONSULTING INC. Remote Support

IT Specialist / Technical Support Analyst April 2014 – October 2017

Receive inbound calls and record significant information.

Handle complaints, provide appropriate solutions and alternatives within the time limits; follow up to ensure resolution.

Keep records of customer interactions, process customer accounts and file documents.

Establish and maintain user accounts, profiles, file sharing, access privileges and security.

Monitor servers, network, and system performance.

Install, troubleshoot, and upgrade desktop and server-based applications.

Provide support for Citrix Virtual Desktop Infrastructure to manage the virtualization of Windows applications and desktops to allow secure remote access.

Use phone, text message, or emails to communicate with technicians or other field units at appropriate locations.

Monitor the route and status of field units to coordinate and prioritize their schedule.

Enter data into ticketing system, and maintain logs and records of calls, activities and other information.

Handle complaints, provide appropriate solutions and alternatives within the time limits; follow up to ensure resolution.

Follow communication procedures, guidelines and policies.

Remotely Troubleshoot and resolve end user desktop/laptop issues in a mixed Windows OS, Linux OS, Chrome OS Mac OS X..

Backup, image and restore data on desktop/laptop systems.

JIEDDO / JOINT IMPROVISED-THREAT DEFEAT AGENCY – BOOZ ALLEN Crystal City, VA

SOC /CIRT Analyst / System Admin October 2011 – May 2016

●Perform monitoring using ArcSight, Splunk, Cisco Source fire and other tools looking for security incidents.

●Utilize FireEye Threat Intelligence and Appliances.

●Utilize network sniffer tools to perform packet analysis.

●Perform analysis of security logs in an attempt to detect unauthorized access and anomalies.

●Use vulnerability assessment data to pinpoint potential points of attack.

●Document and contain security incidents detected on the network.

●Execute incident response process when a security incident has been detected and declared.

●Plan, coordinate, and implement network security measures in order to protect data, software, and hardware on government networks.

●Maintain logs related to network functions, as well as maintenance and repair records.

●Document and present findings to management suitable for customer consumption.

●Conduct detailed security event analysis from network traffic attributes and host-based attributes (memory analysis, binary analysis, etc) to identify information security incidents.

●Configure and monitor Security Information and Event Management (SIEM) platform for security alerts.

●Use various forensic tools such as Encase or FTK to search for and prepare information and evidence

●Manage case number generation and provide labels for physical evidence such as hard drives, memory cards, optical disks and the like.

●Perform static and dynamic file analysis to identify malware characteristics, intent, and origin.

US DEPT. OF JUSTICE / OJP – WINS INC. Washington, DC

GMS Help Desk Analyst/ Technical Support Analyst May 2010 – October 2011

●Serve as the primary point of customer contact on ticket and issue follow up via phone using Cisco Call Agent.

●Provide operational support and software troubleshooting for Tier 1 service desk to insure reliable and efficient resolution to critical issues.

●Document and record all activity and communication with customers over telephone and email using Heat Call Logging System and Heat Ticketing Alert Monitor.

●Manage 1st priority issues with responsibility for the timely documentation, escalation, resolution and closure of problem tickets.

●Create new user RSA Security accounts and assign new RSA tokens and key fobs, reset RSA Pins and synchronized RSA tokens using RSA Authentication Manager.

●Image telework laptops and desktops; install new operation systems and patches on the assets.

●Provide enterprise Blackberry support, android support, account management, solved network issues, and performed data entry while protecting sensitive information

●Utilize Active Directory and CA Provisioning Manager to created accounts, disable accounts, manage user’s (new, current and departed) accounts, groups, OUs, ACLs and Exchange accounts, reset users network logins, delete and add new and current machines back to the domain and to their respective OU, managed access to various group memberships, network shares and resources, moved user account and computers to various containers and OU.

●Provide support for Citrix Virtual Desktop Infrastructure to manage the virtualization of Windows applications and desktops to allow secure remote access.

●Deploy all host and system security patches and updates as required.

●Coordinate system hardware and software maintenance and stay aware of when this maintenance is required, Evaluate urgency of patches, upgrades and maintenance.

FBI HEADQUATERS- GENERAL DYNAMICS Washington, DC

Systems Administrator October 2007 - May 2010

●Establish and maintain user accounts, profiles, file sharing, access privileges and security.

●Managing systems resources including performance, capacity, availability, serviceability, and recoverability.

●Resolving hardware/software interface and interoperability problems.

●Monitor servers, network, and system performance.

●Install, troubleshoot, and upgrade desktop and server-based applications.

●Maintain and troubleshoot local printers, copiers, faxes, and other peripherals.

●Assist with system monitoring, reviewing logs, and verifying completion of scheduled tasks.

●Provide Windows Server OS installation, administration, and maintenance.

●Manage IT infrastructure and security, including preventative maintenance, regularly scheduled updates and backups of Windows servers, databases and installed applications.

●Deploy all host and system security patches and updates as required.

●Research, analyze, monitor, troubleshoot and resolve server or data network problems; develops, maintains and implements network support, and archiving procedures;

●Assist the Infrastructure Manager with projects and other duties as assigned.

US ARMY MILITARY SDD COMMAND – TIER 1 TECHNOLOGY Alexandria, VA

Technical Support Analyst February 2007 – October 2007

●Perform system configuration management, installation, optimization, preventative maintenance and repair for all IT Hardware/Software.

●Implement and maintain CAC/PKI environment requirements.

●Build/configure PCs with the appropriate image for the specified network. Build, update, manage and maintain configuration control of system images.

●Ensure that all IT equipment is fully configured on the specified network before releasing the equipment for personnel use. Properly setup and configure user devices, including clients, printers and digital senders that comply with the device configuration management plan.

●Ensure that all returned IT equipment is restored to current capability/normal system operations for the specified network for future use. Perform all activities associated with the receipt, inventory tagging and accountability of IT equipment.

●Manage excess equipment inventory. Prepare, sanitize, and tag equipment for excess and participate in the disposition of equipment as part of the excess process.

US ARMY MATERIAL COMMAND- INSIGHT GLOBAL Fort Belvoir, VA

Help Desk Analyst December 2006 – February 2007

Supported hardware, software, and audiovisual equipment; Assisted in the installation, testing, operation and maintenance of computer software and systems. Assisted in scheduling and setting up the videoconference service for clients

Instructed and assisted computer system users and provided customer support services to over four hundred customers. Coordinated resolution of incidents and problems.

Supported Nortel VPN users.

Managed Active Directory administration.

Supported user with Dell, HP laptops, with 2003 office applications.

Baseline hard drives using Norton ghost software.

Reset user passwords on Citrix Presentation Server based applications. Did troubleshooting for user login issues relating to the Citrix Metaframe access clients. RSA security admin for Citrix. Administered all security accounts of various remote and VPN users through the RSA server.

Logged, prioritized and categorized user calls using ITSM (IT Service Management by FrontRange) ticketing software and tracked them until resolved. Analyzed and provided statistics to management on issues raised and resolved on a regular basis.

Supported remote sites/users through SMS for immediate troubleshooting to all users throughout the organization.

Configured network printers through Global address configuration.

Did imaging on hard drivers for workstations and Laptops.

DEPARTMENT OF STATE – INTER-CON Washington, DC

Diplomatic Security Service / Security officer March 2005 – October 2006

●Supported hardware, software, and audiovisual equipment; Assisted in the installation, testing, operation and maintenance of computer software and systems. Assisted in scheduling and setting up the videoconference service for clients

●Instructed and assisted computer system users and provided customer support services to over four hundred customers. Coordinated resolution of incidents and problems.

●Perform administrative tasks including account creation, password resets and granting access to drives, folders and files in accordance to security guidelines.

US CUSTOMS AND BORDER PROTECTION Washington, DC

Help Desk Analyst September 1999 – March 2005

Support customer inbound requests through phone, self-service and other channels as developed by Service Desk.

Update tickets and continuously coordinate necessary work, Document status updates and communicate to necessary parties using Remedy ticketing software.

Desk side support as required.

Assist in maintaining Help Desk e-mail, by reading, opening/documenting information into tracking tickets and escalating to proper person or department.

Maintain / Create / Disable and grant access to shares to user accounts through Active Directory

Support end user software and hardware enhancements and technical problem solving; build, configure, test end user systems

Perform workstation imaging using Norton Ghost or otherwise build, replace components and configure laptops and desktop PCs.

Troubleshoot software and hardware enhancements, application deployments and infrastructure up-grades remotely using Windows Remote Assistance and Remote Assist

Use remote desktop software with clients to resolve issues or demonstrate solution if necessary.

Provide Remote Access Support for Citrix and VPN by enabling the Laptop IP address in Citrix.

Responsible for maintaining user accounts; duties include: creation, modification, and deletion using Active directory and CA Tools provision Manager

Administer user blackberry account on the Blackberry Enterprise Server.

Manage user accounts, files and directory permissions on Network Shared resources.

Analyze, troubleshoot and resolve system faults on operating systems and hardware

Install and administer Guardian Edge hard disk encryption.

EDUCATION

UNIVERSITY OF MARYLAND EASTERN SHORE Princess Ann, MD

B.A Applied Graphics Design

CERTIFICATIONS AND TRAINING

Certified Information Systems Auditor (CISA)

Certified Information Security Manager (CISM)

CompTIA Advanced Security Practitioner (CASP)

Certified Ethical Hacker (CEH)

CompTIA Security +

MCSA Windows Server 2012

ITIL Foundation v3

MCSE Boot Camp

RMF training

eMASS training

Contact this candidate