Supporting the Space Force at Peterson and Schriever AFBs in Colorado Springs serving as a Cyber Security Liaison Officer between the local AFBs and Vandenburg and Los Angeles AFBs in California.

Supporting the Information Assurance and Risk Management Framework at the Federal Bureau of Investigation (FBI)

Supporting the Information Assurance and Risk Management Framework at the Federal Bureau of Investigation (FBI)

Provided Security Control Assessor (SCA) services to the Defense Intelligence Agency (DIA). Responsibilities: - Served as SCA Team Lead which includes management responsibilities, such as timecard approvals, performance appraisals, task assignments, conflict resolution, new hire interviews, etc. of a team comprised of 15+ SCAs located globally with the majority in the National Capitol Region (NCR). - Served as SCA providing assessor services to various offices within DIA resulting in classified systems obtaining Approval and Authorization. - Prepared security authorization packages to include System Security Plans (SSPs), Risk Assessments, Plan of Action and Milestones (POA&Ms), Assessor Memos, Draft Approval to Operate (ATO)/Interim Approval to Test (IATT) Letters, Security Assessment Reports (SARs), Security Control Traceability Matrices (SCTMs), System Inventories, and Security Test Procedures (STPs). - Served as an IA Subject Matter Expert (SME) representing the CIO’s office in various working groups and teams resulting in enhanced security across the systems employed by DIA. - Utilized various tools and testing techniques to accomplish the security assessment of classified systems, such as Nessus, Retina and DISA Security Technical Implementation Guides (STIGs). - Reviewed STPs for consistency and accuracy while ensuring that the STPs reflect the overall security posture of the classified system under test.

Provides IA engineering services to the National Reconnaissance Office (NRO) Advanced Systems & Technology (AS&T). Responsibilities include: - Accesses/coordinates/validates IA requirements with Program Managers, Security Personnel, and Certification/Accreditation personnel. - Ensures IA requirements are addressed and integrated at the appropriate system development lifecycle (SDLC). - Ensures IA requirements are documented in appropriate acquisition and accreditation documents. - Provides sound advice and guidance to the customer regarding the creation or alteration of organizational IA policies and implementation of security controls and appliances. - Represents customer's IA interests. - Coordinates IA efforts with CIO/CIAO for approval. - Performs IA-related research as needed. - Implements standardized approach to assessing IA risk end-to-end. - Supports ICD 503 A&A activities while minimizing costs without compromising security requirements. - Designed and implemented a CONOPs Template for non-NRO unclassified FOUO systems that is semi-automated and feeds into a Risk Assessment tool. The tool produces a risk assessment based on responses provided in the CONOPs document.

Provided IA engineering services to the National Reconnaissance Office (NRO). Responsibilities include:• Accessed/coordinated/validated IA requirements with Program Managers, Security Personnel, and Certification/Accreditation personnel.• Ensured IA requirements are addressed and integrated at the appropriate system development lifecycle (SDLC).• Ensured IA requirements are documented in appropriate acquisition and accreditation documents.• Performed/assisted in obtaining end-to-end, system security evaluations to assist in identifying IA-related vulnerabilities, assurances, threats, and risks.• Provided sound advice and guidance to the customer regarding the creation or alteration of organizational IA policies.• Represented customer's IA interests.• Documented implementation guidance from ND 52 series documents for common controls.• Coordinated efforts with CIO/CIAO for approval.• Performed IA-related research as needed.• Provided IA guidance on COTS/GOTS IT products.• Implemented standardized approach to assessing IA risk end-to-end.• Supported ICD 503 A&A activities while minimizing costs without compromising security requirements.

• Oversaw the C&A process of the Enhanced View program resulting in complete classified system accreditation.• Oversaw and contributed to the development of secure DigitalGlobe and Enhanced View network architectures and implementations, resulting in accredited, classified systems.• Updated and maintained Enhanced View certification data in XACTA, which maintains the current system accreditation.• Liaisoned with the NGA IA Officers and Office of the CIO representatives to discover, discuss and mitigate Enhanced View security findings resulting in excellent customer satisfaction and a high level of customer security assurance.• Knowledgeable in the SDLC, where security was built-in to the process rather than bolted-on at the end, thus saving money, time and resources.• Designed IA CBTs used to train over 50 Data Transfer Agents and over 400 DigitalGlobe personnel on the proper C&A process and procedures.• Used Retina and Tenable NESSUS Vulnerability Scanners and REM Retina Manager to successfully scan and mitigate all system vulnerability issues.• Knowledgeable in DCID 6/3, ICD 503, FISMA, NISPOM, DoD 8500.1, NIST 800-53, STIGs and other regulatory documents resulting in secure information systems based on government standards.

Assigned to the NGA, NSG SI. Responsibilities included:• Overseeing the C&A process of several NGA information systems resulting in complete system accreditation.• Overseeing and contributing to the development of secure network architectures and implementations, resulting in accredited US Government classified systems.

Assigned to the DoD, Office of the Under Secretary of Defense for Intelligence (OUSD(I)), Intelligence Systems Support Office (ISSO) and to the Director of National Intelligence, Office of the Chief Information Officer (ODNI CIO). Responsibilities included:• Oversaw the C&A of the DCMS PL-4 Multilevel Secure Database resulting in its accreditation.• Served as IA Team Lead for the DCMS Program Office leading three contractors to ensure the DCMS system is secured to a DCID 6/3 PL-4 level.• Provided IA expertise with respect to security controls, C&A, security architecture, which increased the overall security posture of the DCMS Database.• Assisted the Unified Cross Domain Office (UCDMO) Technical Director develop a Profile to advise and guide Cross Domain Solution (CDS) developers and Program Offices utilize the new CNSSI 1253 Security Control Catalog as applied to CDSs.

Assigned to the Central Intelligence Agency (CIA). Responsibilities include:• Performed security risk analyses on proposed and existing architectures and recommended mitigation factors to reduce the residual risk.• Briefed internal CIA security and customer groups, as well as various security groups within the Intelligence Community, such as DICAST and DSAWG, regarding the projects currently under development in APPS and C21.

Leader of a CSC computer security team assigned to NGA, Certification and Accreditation Division (SISA) overseeing the C&A of NGA classified information systems.

Technical member of an MAI computer security team assigned to the Department of State's (DoS), Bureau of Diplomatic Security, Information Security Technology (IST) Lab.

Assigned to the Office of Security (OS) and served as Personnel Security Officer, Technical Security Officer, Physical Security Officer, and Information Security Officer.