Adil Shahzad Email and Phone Number

- Offered Cyber support in the Electronic Health Record Modernization project for Veterans Affairs. - Implemented the NIST 800 series guideline, VA Risk Management Framework (RMF) and collaborated with project teams to integrate robust security measures, adhering to VA cybersecurity policies. - Executed protocols for Authority to Operate (ATO) and Authority to Connect (ATC) in alignment with VA standards.- Led and executed ATC Package reviews to establish connection between VA, Cerner, and DOD systems by submitting a complete ATC Packages to the Department of Health Agency (DHA).- Developed, maintained, and reviewed comprehensive artifacts, including System Security Plan (SSP), Risk Assessment Report (RAR), ATO Memo, Hardware/Software lists, ICAMP/Scan reports, Plan of Action & Milestone (PO&AM) and Interface Control Document (ICD).- Assisted in the development of ICD for VA interfaces by actively attending design sessions and provided valuable input on security architecture and design patterns for security compliance.- Assisted in establishing external connections between VA and DoD systems by adhering to VA policies and assisted in the development of Memorandum of Understanding (MOU)/ Interconnection Security Agreement (ISA) between both entities.- Familiarity and practical expertise in eMASS, complemented by proficiency in utilizing Project tracking Tools including Power BI, JIRA, and Slack.

- Applied and validated appropriate information security control for Federal Information System based on NIST 800-37 rev1, SP 800-53, FIPS 199, FIPS 200, and NIST SP 800-53A R4.- Performed computer and/or network security vulnerability A&A assessments to identify, evaluate and mitigate security risks, threats and vulnerabilities.- Conduct IT Risk Assessment to identify system threats, vulnerabilities and risk, and generate reports.- Reviewed information security system documentations, including System Security Plan (SSP), Plan of Action & Milestone (POA&M), created Security Assessment Reports (SAR), policies and procedures, according to NIST Guidelines.- Assist in the authorization process by providing accurate and comprehensive information on the security posture of the system, contributing to the decision-making process for granting or maintaining an Authority to Operate (ATO).- Collaborate with system owners, security administrators, and other stakeholders to gather information, clarify security requirements, and address any concerns related to security controls.- Stay updated on the latest cybersecurity threats, trends, and technologies to adapt security assessment methodologies and remain effective in identifying evolving risks.

- Conduct security risk assessments and analysis of information systems to identify vulnerabilities and weaknesses.- Ensured proper access controls are implemented for both system access and physical access to data processing facilities.- Assist in the development, review, and updating of security policies and procedures to ensure alignment with industry standards and organizational needs.- Recommended improvements and identified metrics for remediation of information security weakness.- Ensure compliance with data privacy laws and regulations and contribute to the development of privacy policies and practices.- Collaborate with IT teams to integrate security measures into the development and maintenance of information systems.

- Collaborated with stakeholders to elicit, analyze, and document business requirements for IT projects, ensuring alignment with organizational goals and objectives.- Conducted thorough analysis of existing business processes, identified pain points, and recommended solutions to streamline workflows and improve efficiency.- Writing and creating user stories based on software system core requirements, customer requests, and bug fixes in an agile environment.- Created comprehensive documentation, including business requirements documents, use cases, user stories, and process flows, to guide development and testing efforts.- Facilitated customer communication during emergency bug fixes and system downtime to maintain healthy customer relations.- Performed analysis of business models for new databases to tailor the training of software requirements based on individual workflow needs.- Performed system, integration, unit, and functional/performance testing on new features as well as bug fixes using manual testing methods.- Successful coordination and collaboration with multiple projects to effectively achieve common goals aimed at customer satisfaction.