Cybersecurity Compliance & RMF/Audit Specialist

JOHN ISRAEL

Middletown, OH 513-***-**** ****.******.***@*****.*** linkedin.com/in/john-israel

Active Top Secret / SCI Clearance

PROFESSIONAL SUMMARY

Cybersecurity compliance and information assurance professional with over 6 years of experience supporting secure U.S. Air Force environments, compliance operations, technical documentation, control implementation, access governance, vulnerability remediation, and audit-ready evidence. Certified Information Security Manager (CISM) with working knowledge of CMMC, NIST SP 800-171, NIST SP 800-53, DFARS 252-***-****, RMF, STIGs, POA&M concepts, System Security Plan support, and continuous monitoring. Experienced translating technical requirements into clear procedures, reports, checklists, and corrective actions while collaborating with technical teams and leadership.

CORE QUALIFICATIONS

CMMC Readiness Support NIST SP 800-171 NIST SP 800-53 DFARS 252-***-**** RMF STIG Compliance Security Documentation Policy and Procedure Development SSP Support POA&M Support Evidence and Artifact Collection Security Assessments Continuous Monitoring Risk Analysis Vulnerability Remediation Technical Writing Microsoft 365 Excel Word PowerPoint Customer-Focused Consulting

PROFESSIONAL EXPERIENCE

Cybersecurity Training Specialist

U.S. Air Force, Joint Base Elmendorf-Richardson, AK September 2024 to April 2026

Developed and maintained cybersecurity training materials, work instructions, checklists, and user guidance aligned with organizational security requirements and operating procedures.

Delivered more than 130 training sessions to over 300 personnel on PKI, data loss prevention, incident response workflows, access management, compliance practices, and secure system use.

Translated technical and policy requirements into practical, understandable procedures for technical and non-technical audiences.

Reviewed existing instructional content, corrected gaps, and updated documentation to improve consistency, usability, and compliance awareness.

Mentored 9 Airmen and supported team development through coaching, cross-training, and structured knowledge transfer.

Information Security Manager

U.S. Air Force, Joint Base Elmendorf-Richardson, AK September 2023 to April 2026

Supported cybersecurity compliance activities for a $14M secure network environment through control validation, documentation review, access governance, risk analysis, and corrective action tracking.

Conducted compliance checks against DoD guidance, RMF-aligned controls, and STIG requirements; documented findings and coordinated remediation with technical teams.

Managed privileged access governance for more than 200 user and system accounts, enforcing least privilege and separation of duties requirements.

Prepared recurring reports, status updates, and management-ready summaries covering administrative actions, foreign national reviews, data loss prevention, and security posture activities.

Collected and reviewed evidence such as account records, configuration results, audit data, and remediation documentation to support compliance and inspection readiness.

Identified control gaps and privilege escalation risks, collaborated with stakeholders on corrective actions, and tracked issues through resolution.

Public Key Infrastructure Manager

U.S. Air Force, Joint Base Elmendorf-Richardson, AK November 2020 to September 2023

Managed lifecycle and compliance records for more than 5,000 PKI tokens supporting secure authentication for over 3,800 users.

Developed and implemented a Local Registration Authority process within provisioning workflows, improving accuracy, processing speed, accountability, and documentation quality.

Performed account and directory audits, validated identity data, and maintained evidence supporting secure access and authentication requirements.

Created and updated procedures, user instructions, and troubleshooting guidance for identity verification, token issuance, and certificate-related support.

Worked with users, system owners, and technical teams to resolve access issues while protecting confidentiality, integrity, and availability.

Client Systems Program Manager

U.S. Air Force, Joint Base Elmendorf-Richardson, AK April 2020 to September 2023

Supported secure enterprise IT operations for a base population of approximately 32,000 users, including endpoint support, configuration compliance, ticket management, and service delivery.

Supported STIG compliance, vulnerability remediation, system imaging, Active Directory, secure printing, software deployment, and access control workflows.

Coordinated technical, operational, and compliance requirements during a $600M 5G modernization effort and a base-wide Enterprise IT as a Service transition.

Managed and improved workflows supporting more than 7,000 annual work orders, reducing average ticket resolution time by approximately 50 percent.

Maintained technical records, operating procedures, issue documentation, and status reporting to support continuity and informed decision-making.

EDUCATION AND CERTIFICATIONS

Associate of Applied Science in Information Technology / Information Systems Management, Community College of the Air Force, March 2025

Certified Information Security Manager (CISM), Expires January 2030

CompTIA Security+, Active, Expires March 2029

CompTIA A+, Active, Expires March 2029

CMMC and NIST SP 800-171 professional development in progress; prepared to obtain CCP within 6 months of hire

ADDITIONAL STRENGTHS

Technical Writing Policy and Procedure Review Evidence Organization Assessment Support Stakeholder Communication Confidentiality Customer Service Prioritization Analytical Problem Solving Continuous Learning Microsoft 365

Contact this candidate