• Support the Risk Management Team as necessary in conducting security assessments of existing and potential vendors, contractors, hardware, and software• Identify potential improvements to risk management processes, security lifecycle awareness, and requirements. This includes improvement of existing processes or updating of existing reusable artifacts, patterns, and guidelines • Validate system infrastructure and other architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable • Periodically review security configurations and access to tools and applications to ensure compliance and recommend security improvements • Articulate security concerns related to the solution during development or prior to acquisition and provide guidance to minimize risks associated with the proposed solutions • Act as an advisor to teams seeking guidance on security risk management processes• Stay up to date on the state of enterprise IT and IS tools, trends, and processes

• Deliver security advisory to business and project stakeholders to remediate the risk findings, document and track the open risks to closure, and enable the leaders in making risk-based decisions to support client's business needs• Provides key technical support in day-to-day workstation compliance functions.• Monitors cloud services, servers, and endpoints for configuration changes in coordination with system owners.• Coordinates with end users on vulnerability remediation and software installations.• Provide operational oversight for all workstation management systems to ensure proper operation, compliance, and effectiveness, including software delivery and continuous security updates management• Update process and procedure document to enable effective vulnerability management program• Coordinates with end users on vulnerability remediation and software installations• Develop compliance with internal policies (audit methodology and risk management) and regulatory requirements

• Function as a cybersecurity consultant for the Office of Information Security (OIS) supporting audit findings, FISMA risk ratings, maturity level, risk likelihood, risk impact, cost, and associated remediation activities• Analyze OIG FISMA Metrics for risk levels and justify acceptable operating levels • Work with client to finalize remediation resulting from audit findings to include associated project plans and other documentation • Coordinate with stakeholders to obtain status information on audit remediation activities • Assist in the creation of briefs and talking points for periodic meetings with leadership on audit findings • Participate in briefing OIS leadership on the audit initiatives• Maintain documentation and milestones in SharePoint • Manage audit mailboxes as requested• Prepare ad-hoc statistics for audit-related efforts

Security Strategy Governance Task:• Continued to mature our Cybersecurity Strategic Plan, Cybersecurity Tactical Plan, and Cybersecurity Risk Register• Provided specific, actionable recommendations for resolving the areas of weakness highlighted by the IG assessment metrics, organized by CSF Function, Category, Sub-category, and NIST 500-53r4 controlsSecurity Configuration Standards Support Task:• Assisted clients in documenting, aligning, and establishing a repeatable process for aligning the Agency cybersecurity program implementation activities, Information Security Policy (ISP), audit findings, and cybersecurity budget with the Cybersecurity Framework (CSF)• Continued to mature clients’ Cybersecurity Strategic Plan, Cybersecurity Tactical Plan, and Cybersecurity Risk Register• Provided specific, actionable recommendations for resolving the areas of weakness highlighted by the IG assessment metrics, organized by CSF Function, Category, Sub-category, and NIST 500-53 R4 controls• Supported the ongoing development of Security Configuration Standards for all clients approved platforms to include: Windows, AWS, Linux, Cisco, and MAC OS • Enhanced the security configuration standards development, clients review and publishing process• Researched clients, government, and vendor sources to determine applicable configuration settings• Analyzed existing Security Configuration Standards content for accuracy• Provided analytical support which included: Researched and applied NIST and Defense Information Systems Agency (DISA) standards, ensure any changes met agency needs, developed a user-friendly and consistent format, developed a strategy for incorporated into the OIS ecosystem and related OIS intranet sites

• Analyzed, designed, coded and tested multiple components of application code across one or more clients • Performed maintenance, enhancements, and cross-browser and test environment testing• Analyzed, designed, and tested multiple components of application code across one or more clients• Performed maintenance, enhancements, and cross-browser testing• Performed application testing with the Test and Developer team for enhancements implemented to the system• Traveled extensively throughout the United States providing CRM application training to clients’ front-line agents providing assistance and completing training on sites• Assisted the deployment lead in all deployment-related tasks, including work planning, scheduling, metrics, training, pilots, and resources.• Provided business support for upcoming client release, including working closely with key business clients and working with the Technical team to resolve defects and any test environment issues• Lead meetings discussing and demonstrate the new enhancements on the application to the clients• Ensured application availability and data integrity through preventative maintenance and upgrades

• Administered successful queries and reports to consolidate information through the client operating system and software applications• Assisted in proactively developing patch and vulnerability management procedures and processes within the security operations team and in conjunction with patch and Configuration Management project team• Ensured software is patched and able to protect from threats• Implemented and improved push Information Assurance Vulnerability Alert (IAVA) updates using System Center 2012 Configuration Manager to non-compliant systems• Increased operating system speeds through the deployment of client servers• Launched and presented new technical and security concepts to non-technical audiences• Monitored security patch levels of the servers, workstations and network environments, and anti-virus systems• Responsible for being up to date on current security Patches/IAVA and provides subject matter expertise to the project team

• Provided support for all Information Technology products and services such as providing support by answering questions, troubleshooting problems, teaching or instructing customers regarding software or hardware functionality, and communicating policy.• Determined the most effective manner to resolve the client's technical issue by conducting research and in-depth troubleshooting to resolve technical issues.• Recorded required customer and problem information in the ticket system.• Updated tickets with appropriate journal entries of activities and closes tickets with resolution entered upon completion of the job.• Resolved Level 1 work orders. Elevates complex and/or high priority problems to the appropriate support groups for resolution.• Verified suggested solutions effectively resolve the users' problems through verbal or email follows up.• Worked on HelpDesk related projects as assigned by the supervisor.

• Monitored numerous mailing project to target demographic areas• Protected and promotes recycling rights for 2 demographic areas• Developed more than 250 printed media such as brochure and presentation for target demographic areas to educate and inspire current and future generations to explore, respect and protect nature