Elijah Matthews Email and Phone Number

• Provide cyber security subject matter expertise to corporate and federal executives as it pertains to proposal development and security program development.• Develop and maintain strategic and tactical infrastructure security plans• Develop and review federal IT Security Program Policy, OMB, and FISMA• Develop plans, policies, and guidelines for the security architecture• Perform a wide range of IT security support activities including:− Security architecture, audit, and assessment − Policy review and development − Implementation, oversight, and enforcement of all security documentation, Plan of Action and Milestones (POA&Ms) and their timely closure, and artifacts in Cyber Security Assessment and Management (CSAM)− IT security awareness and training, monitor and enforce compliance.

Provide comprehensive Information Assurance and Information Security support to the Federal Risk Management Framework and compliance initiatives regarding adherence to FISMA, OMB A-130, FIPS 200 and NIST SP 800-53 mandates. Specific examples include:• Providing information security protections commensurate with the risk and magnitude of the harm resulting from unauthorized access, use, disclosure, disruption, modification, or destruction of systems maintained on behalf of the federal government• Ensuring compliance with the security requirements of FISMA policies, procedures, standards, and guidelines. • Ensuring that information security management processes are integrated with clients strategic and operational planning processes.Provide optimal service in support of clients’ IT Security Continuous Monitoring effort by contributing significantly to the implementation of safeguards and processes designed to protect the confidentiality, integrity, and availability of the IT environment. Provide support the CIO Risk Management by providing processes and procedures aimed at preparing them to achieve more secure information systems and ensured compliance with federal information security standards by:• Enabling more consistent, comparable, and repeatable assessments of security controls; • Promoting a better understanding of FISMA-related mission risks resulting from the operation of information systems; and • Creating more complete, reliable, and trustworthy information for the executive management - to facilitate more informed security authorization decisions and the issuance of ATO.Initiate development of the clients Information Security Program with defined processes geared at satisfying NIST requirements; work in concert with the existing compliant organizational security policies, and provide mitigation strategy and support for designated Corrective Action Plans and POA&M tasks.

• Analyze and define security requirements for Multilevel Security (MLS) issues.• Design, develop, engineer, and implement solutions to MLS requirements.• Gather and organize technical information about an organization’s mission goals and needs, existing security products, and ongoing programs in the MLS arena.• Perform risk analyses, which also include risk assessment.• Work independently and lead MHBE security staff through an assessment of information security controls related to MARS-e version 2.0. • Complete Security Control Technical Testing, Network and Component Scanning, Configuration Assessment, Documentation review, Personnel Interviews and Observations for a moderate system. • Create an independent Security and Privacy Assessment Report.• Adhere to all security, change control and client processes, tools and methodologies

Provide comprehensive Information Assurance and Information Security support to the Federal Risk Management Framework and compliance initiatives regarding adherence to FISMA, OMB A-130, FIPS 200 and NIST SP 800-53 mandates. Specific examples include:• Providing information security protections commensurate with the risk and magnitude of the harm resulting from unauthorized access, use, disclosure, disruption, modification, or destruction of systems maintained on behalf of the federal government• Ensuring compliance with the security requirements of FISMA policies, procedures, standards, and guidelines. • Ensuring that information security management processes are integrated with clients strategic and operational planning processes.Provide optimal service in support of clients’ IT Security Continuous Monitoring effort by contributing significantly to the implementation of safeguards and processes designed to protect the confidentiality, integrity, and availability of the IT environment. Provide support the CIO Risk Management by providing processes and procedures aimed at preparing them to achieve more secure information systems and ensured compliance with federal information security standards by:• Enabling more consistent, comparable, and repeatable assessments of security controls; • Promoting a better understanding of FISMA-related mission risks resulting from the operation of information systems; and • Creating more complete, reliable, and trustworthy information for the executive management - to facilitate more informed security authorization decisions and the issuance of ATO.Initiate development of the clients Information Security Program with defined processes geared at satisfying NIST requirements; work in concert with the existing compliant organizational security policies, and provide mitigation strategy and support for designated Corrective Action Plans and POA&M tasks.

Provide comprehensive Information Assurance and Information Security support to the NOAA OCIO IT security Risk Management Framework and compliance initiatives regarding adherence to FISMA, OMB A-130, FIPS 200 and NIST SP 800-53 mandates. Specific examples include:Providing information security protections commensurate with the risk and magnitude of the harm resulting from unauthorized access, use, disclosure, disruption, modification, or destruction of systems maintained on behalf of NOAA Ensuring compliance with the security requirements of DoC, NOAA and NESDIS policies, procedures, standards, and guidelines. Ensuring that information security management processes are integrated with NOAAstrategic and operational planning processes.Provide optimal service in support of NOAA IT Security Continuous Monitoring effort by contributing significantly to the implementation of safeguards and processes designed to protect the confidentiality, integrity, and availability of NOAA’s IT environment. Supported the CIO Risk Manager by providing processes and procedures aimed at preparing NOAA to achieve more secure information systems and ensured compliance with federal information security standards by: Enabling more consistent, comparable, and repeatable assessments of security controls; Promoting a better understanding of NOAA-related mission risks resulting from the operation of information systems; and Creating more complete, reliable, and trustworthy information for the NOAA CIO - to facilitate more informed security authorization decisions and the issuance of ATO.Initiated development of an NOAA Information Security Program which defined processes geared at satisfying NIST requirements; work in concert with the existing compliant DoC/ NOAA security policies, and provide mitigation strategy and support for designated Corrective Action Plans and POA&M tasks.