Information Systems Security Officer with 20+ Years Experience

MONICA HARRIS

571-***-**** **************@*****.*** Clearance TS/SCI CI Poly

PROFESSIONAL SUMMARY

Highly motivated Information Systems Security Officer with over 20 years of experience in creating innovative security strategies and conducting thorough incident investigations. Proven expertise in implementing Risk Management Frameworks (RMF) and NIST 800-53 compliance achieving Authority to Operate (ATO). CERTIFICATION

Conducting market research Pricing and budgeting Social media planning SEO optimization Persuasive copywriting CMS Management Social media analysis Project management Campaign management Marketing automation SKILLS

SEO optimization CMS management Social media analysis Campaign management Marketing automation PROFESSIONAL EXPERIENCE

INFORMATION SYSTEMS SECURITY MANAGER Jacobs Chantilly, VA Dec 2024 – Present Manage the day-to-day system security including physical and environmental protection, incident handling, and information system security training and awareness. Maintain system security plans (SSP) and other related RMF documents, following NRO, IC and DoD applicable policies and procedures

• Maintain asset record in ServiceNow (SNOW) and Security Center.

• Perform continuous monitoring (ConMon), plan of action and milestone (POAM), and periodic self-inspections of information systems to ensure security compliance; utilize Splunk to create/capture Dashboards for ConMon evidence

• Review Nessus security scans, communicate vulnerabilities to technical stakeholders, and perform remediation

• Assign, maintain and administer RSA SecurID Tokens to new and existing users

• Administer Active Directory (AD) to manage users and capture evidence for ConMon evidence INFORMATION SYSTEMS SECURITY OFFICER Radiance Technologies Huntsville, AL May 2023 – Nov 2024 Acted as the ISSM while executing ISSO responsibilities in the management and administration of authorization and accreditation (A&A) package processing

• Served as the front-line team member to the organizations Authorizing Official team ensuring the dissemination and adherence to IA policies, procedures, guidance, and training requirements

• Assisted in preparing briefing materials, supporting engineering and development meetings coordinating security testing events, scheduling and supporting teleconferences

• Managed and updated system in eMASS

CONSULTING TECHNICAL MANAGER Oracle Reston, VA Nov 2019 – Apr 2024 Developed and managed Standard Operating Procedures (SOP), System Security Plan (SSP), Continuous Monitoring Plan (CMP), Incident Response Plan (IRP), and Emergency Plan as well as providing feedback on recommended and required modifications.

• Assessed and mitigated security threats/risks throughout the program life cycle and contributed to the security planning assessment, risk analysis, risk management, certification and accreditation activities for system and network operations

• Performed and reviewed technical assessments of cloud computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations and recommended mitigation strategies

• Assisted in preparing briefing materials, supporting engineering and development meetings, coordinating security testing events

• Monitored and managed system in eMASS

INFORMATION SYSTEM SECURITY ENGINEER Radiant Solutions Herndon, VA Jan 2017 – Nov 2019 Builds IA into systems deployed to development and operational environments and assisting architects and system developers in the identification/implementation of appropriate information security functionality to ensure uniform application of Agency security policy and enterprise solutions

• Drafted, reviewed and edited assessment and authorization (A&A) documentation, providing feedback on completeness and compliance of its content

• Utilized various databases such as XACTA IA Manager, XACTA 360 and eMASS

• Assisted in preparing briefing materials, supporting engineering and development meetings, coordinating security testing events

SYSTEM ANALYST Blue Canopy Group, LLC Reston, VA Nov 2019 – Apr 2024 Developed and managed security artifacts and ensure they are written and adhered to customer policies, procedures, techniques, and industry best practices (ICD 503)

• Assessed and mitigated security threats/risks throughout the program life cycle and contributed to the security planning assessment, risk analysis, risk management, certification and accreditation activities for system and network operations

• Participated in Integrated Product Teams to ensure system security control requirements are understood and integrated into the system

• Led system testing before granting approval to load to production environment through Security Testing and Evaluation (ST&E)

SECURITY CONTROL ASSESSOR General Dynamics Chantilly, VA Jun 2012 – Aug 2013 Coordinated and collaborated with primary stakeholders to include the Designated Authorizing Official (DAO), Program Security Officers (PSO), Information System Security Engineer (ISSE), and Information System Security Officer (ISSO) during an assessment and authorization under ICD 503

• Responsible for assessing security control for more than 80 NRO Assets

• Coordinated, tracked and organized IA requirements and facilitates flow of required documentation for ICD 503 transition

SECURITY SPECIALIST Welkin, Assoc Chantilly, VA Nov 2019 – Apr 2024 Acted as a liaison between the Program, PSOs, ISSEs, and ISSOs to complete all documentation required for system Approval to Operate (ATO)

• Advised and assisted with getting COMM assets certified and accredited through the ICD 503 process

• Reviewed information system security artifacts for accuracy, relevance and compliance MILITARY United States Air Force (Retired) Dec 1989 – Aug 2011 3D171 CLIENT SYSTEM CRAFTSMAN (12 years)

Responsible for advanced troubleshooting, repairing, and managing voice, data and video network devices. As a 7 level- technician, they manage user accounts, oversee technical support operations and maintain hardware/software for critical missions.

2S051 MATERIAL MANAGEMENT JOURNEYMAN (10 years)

Responsible for managing, storing and issuing Air Force supplies and equipment. The handle inventory control, compute requirements, inspect property, and operate automated logistics systems (ILS-S) to ensure worldwide accountability and readiness.

EDUCATION

MASTER’S DEGREE Security Management American Military University 2010 – 2012 BACHELOR’S DEGREE Computer Information Systems Strayer University 2000 – 2004

Contact this candidate