Spearheaded vulnerability scans, leading to a 30% improvement in system compliance rates.· Managed the configuration and operation of Nessus Manager, optimizing security acrossenterprise systems.· Conducted DISA STIGs analysis and SCAP scanning to ensure Army compliance with DoDstandards.· Collaborated with internal teams to resolve scanner software issues and analyzed scan outputsto drive security enhancements.Situation: Required to ensure the security compliance of DoD networks and systems.Task: Perform Assessment & Authorization (A&A) to maintain Authorization to Operate (ATO) and Authorization to Connect (ATC).Action:• Compiled security documentation and conducted network audits to identify compliance gaps.• Executed risk and vulnerability assessments on engineered networks, ensuring alignment with NMCI Enterprise standards.• Developed and maintained documentation for new systems and coordinated with engineering teams to resolve security issues.• Analyzed automated scans and prepared Risk Management Framework (RMF) packages using eMASS.• Created Plans of Action & Milestones (POA&Ms) to track compliance and report to leadership.Result: Successfully maintained ATO and ATC for multiple systems, contributing to improved cybersecurity posture and compliance with DoD standards.

Performs Assessment & Authorization (A&A) related tasks to ensure to ensure assigned DoD Networks/Enclaves/systems can obtain and maintain Authorization to Operate (ATO) and Authorization to Connect (ATC). Develops and reviews Assessment and Authorization (A&A) documentation in compliance with DoD policies and guidance including DoD, NIST special publications, ICD and CNSS. Utilizes the Risk Management Framework (RMF) to provide A&A and Cybersecurity support; assessing compliance with Security Technical Implementation Guides (STIGs). Performs technical audits and briefs leadership on technical vulnerabilities.

• Monitor and analyze network traffic, IDS, security events, and logs• Investigate and report on security incidents from start to finish• Serve as a tier 2 escalation point for tier 1 analysts• Contribute to the creation of SOC technical documents such as SOPs, Playbooks, and knowledge base articles• Perform threat hunting to identify undetected reportable security incidents• Create custom rules, searches, and dashboards for SIEM • Responsible for the initial triage of providing cyber monitoring, detection, prevention, analysis, response, and reporting. • Identify anomalous activity and potential threats to enterprise resources. Providing timely, clear, technically accurate notification to impacted government employees of the risk potential associated with IT security events and options for remediation. • Developing and implementing programs that ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies or procedures.• Promotes awareness of security issues for management and ensuring a sound security posture is reflected in an organizations structure.• Stays current on emerging tools, techniques and technologies. Assists information engineers on application of specialized knowledge to coding, testing, implementation and documentation projects. • Ensuring notifications are tracked to closure and that escalations occur consistently in accordance with documented Standard Operating Procedures (SOP's).• Performs data analysis and network monitoring for the discovery of potentially malicious or statistically unusual patterns using PCAPs from Wireshark, Splunk, and other network monitoring or SIEM tools.

Cyber Surety, 3D053• Performs detailed analysis to reveal target network communications nodes, structures, operating procedures, and mediums for additional exploitation• Conducts IA risk and vulnerability assessments• Evaluates and assists IT activities. Makes periodic evaluation and assistance visits, notes discrepancies, and recommends corrective actions.• Develops and employs techniques to identify and exploit target network configurations and operating characteristics• Conducts Information Operations, provides analysis for Information Warfare activities and support to Air Operations Centers and supported commanders. Provides detailed support to the contingency and deliberate planning process.• Mission to protect IT resources from malicious activity.• Experience in functions such as analyzing network communications traffic or preparing technical and intelligence reports.

• Federal contractor working for CMS maintaining security posture for high-level FISMA accredited government system, HIGLAS.• Create and deliver documentation necessary to obtain ATO package for a high-level FISMA government system during its planning and implementation.• Develop and update Standard Operating Procedures for obtaining, maintaining, and revoking access to multiple components of government systems, as well as other tasks and procedures.• Maintain and provide documentation and records for government and internal audits, including A-123, CFO, FISMA, and SCA.• Manage access to federal systems for contractors, ensuring principles of Separation of Duty and Least Privilege are appropriately followed and documented for auditing purposes. • Mitigate and respond to violations of security concepts such as Separation of Duty, Least Privilege, and System Inactivity.• Process paperwork to provide background investigations through the Department of Health and Human Services for all HIGLAS team members.• Maintain asset inventory for physical hardware, software licenses, and certificates issued to users, providing necessary equipment to new employees and collecting issued equipment from off-boarded employees. • Troubleshoot and resolve hardware and software issues affecting employees' ability to work locally and remotely.

• Provide support of INSCOM Information Assurance and Security mission• Assist in the development and implementation of INSCOM information assurance and network security courses of actions• Generate required systems security plans, designs, and reports in accordance with DIACAP and Intelligence Community Directives to include (ICD) 503, DCID 6/3 and the NIST Risk Management Framework• Apply Information Assurance (IA) principles during all phases of the system development lifecycle and conduct internal audits to ensure compliance with current DoD and Intelligence Community Security directives, policies, regulations, guidance, security technical implementation guides, and industry security best practices• Experience in Computer Network Defense policies and procedures• DoD Information Assurance Certification and Accreditation Process (DIACAP)

• Provide customer assistance on wide area networks using a variety of software monitoring, problem reporting tools (System Center Operations Manager (SCOM), and Remedy-ITSM) and application services (Microsoft Exchange 2003/2008, Microsoft ISA Server and Microsoft 2003/2008 Active Directory). • Perform initial basic troubleshooting of Enterprise level issues. Research and follow established tactics, techniques, and procedures for implementing approved resolutions to applicable technical issues. • Resolve major incidents and special service requests (Priority 1 and 2) affecting INSCOM Enterprise in IAW approved tactics, techniques, and procedures. • Managed all assigned and escalated INOSC Service Desk tickets to ensure the ticket information is accurate, the ticket assignment is correct, the ticket resolution is applied, the ticket resolution is published, the customer issue is resolved, and that the ticket is properly closed. Provide input to INSCOM’s Quarterly Progress Reports.• Report all critical Enterprise network and system issues to management within established reporting timelines. Monitor the effectiveness of Incident and Service Request Management and make recommendations for improvement. Maintain the INOSC Service Desk tactical, technique, and procedures and standard operation procedures.

• Provide optimized boundary security within the Air Force Network Enterprise. Manage over 300 firewalls and proxies to deliver network security that protects the AF Enterprise IT infrastructure. • Perform in-depth troubleshooting, assistance, and coordinating with various organizations including but not limited to DoD, AF-SPACE and other AFMS agencies.• Provide training and guidance to military and DoD civilian personnel on the features and functions of the programs used daily, troubleshooting, outages and connectivity issues, as well as the reporting structure between AF: 624 OC, 26 NOS, INOSC West, INOSC East deployed Detachments and local base NCCs.• Detect and analyze internal and external IT threats to the AF NIPR/SIPR network investigating packet captures, audit logs, and real-time incidents using Wireshark, Power Shell, Sidewinder, TCPdump, SecureCRT and UNIX command lines. • Administer McAfee Firewall Enterprise Control Center (MFECC) to configure, create, modify and enable firewall rules and policies. • Utilize Blue Coat to manage AF proxies, upgrade software, update group/local polices and to secure designated TCP/UDP ports and ACL’s.• Mission to protect IT resources from malicious activity.• Provide engineering support for EITSM (Electronic Information Technology Service Management) assisting Infrastructure team members with VPN, routing and switching issues. • Assist using VMware to monitor performance, analyze system logs and identify potential issues.• Hand selected to sit on the I-NOSC Change Review Board (CRB) reviewing average of 50+ change requests on a daily basis to arrive to an approval/disapproval of any configuration changes to AF Enterprise.