• Managed the overall security related policies, procedures, laws, and regulations. • Created, documented, and implemented various security plans and compliance documents to enforce Information Assurance principles of Agencies systems. • Developed, maintained, and managed Security Authorization and Assessment packages that include System Security Plans (SSP), Contingency Plans (CP), Configuration Management Plan (CMP), Plan of Action and Milestones (POA&M) and other relevant security documentation for existing and new systems. • Conducted both technical and non-technical internal audits and testing to validate system and operational requirements compliance; document, organize, and implement security control requirements.• Identified current and new risks; and prepare vulnerability test plans and coordinated the testing and result procedures. • Conducted security control testing activities based on NIST 800-53A.• Reviewed, assessed, and executed security assessment plans to include a comprehensive set of procedures for assessing the effectiveness of security controls employed in a system.• Developed security assessment reports to include all the assessment results and assigned mitigation strategy for each risk; perform analysis on each finding to promote a better understanding of the risks to organizational operations; organizational assets, and individuals.• Developed NIST / FISMA SA&A documentation for systems and networks undergoing authorization.• Assessed risks, identified mitigation requirements, and developed authorization recommendations; be responsible for tracking SA&A requirements for assigned systems within the agency and validate that tasks are on schedule, and ensure the delivery of quality documentation.• Deep understanding of NIST Special Publications; specifically, 800-30 rev 1, 800-37 rev 2, 800-39, 800-137, 800-34, 800-53, 800-53A, 800-60 rev 1, volume 1&2, 800-18 rev. 1, and 800-128.

• Monitored and analyzed network traffic, system logs, and security alerts to identify potential threats and vulnerabilities.• Conducted regular vulnerability assessments and penetration tests to assess and strengthen the organization's security posture.• Responded promptly to security incidents, including malware infections, data breaches, and phishing attacks.• Investigated security breaches and incidents, determined root causes, and recommended remediation measures.• Managed and maintained security tools and systems, including firewalls, intrusion detection/prevention systems, and antivirus solutions.• Collaborated with IT teams to implement security best practices and ensure compliance with security policies and standards.• Developed and documented security procedures, incident response plans, and disaster recovery plans.• Participated in security awareness training programs for employees to enhance the organization's security culture.• Conducted research on emerging cybersecurity threats and recommended proactive security measures.• Prepared and presented clear, concise, and actionable security reports to management and stakeholders.• Assisted in the development and maintenance of security policies, standards, and procedures.