Serves as senior risk management executive in the DCSA Central Region, providing leadership, immediate and second-level supervision, guidance, mentoring and direction to the Information System Security Professionals (ISSP) and Team Leads (TLs) throughout a geographically dispersed area in the application of the Cybersecurity Risk Management Framework to National Industrial Security Program stakeholders. Key contributor to the agency Strategic Planning process. Develops short and long-range… Show more Serves as senior risk management executive in the DCSA Central Region, providing leadership, immediate and second-level supervision, guidance, mentoring and direction to the Information System Security Professionals (ISSP) and Team Leads (TLs) throughout a geographically dispersed area in the application of the Cybersecurity Risk Management Framework to National Industrial Security Program stakeholders. Key contributor to the agency Strategic Planning process. Develops short and long-range organizational goals and objectives while forecasting projected changes in Federal legislation, DoD Directives and organizational strategic direction changes. Delivers risk-based decisions by leading the cybersecurity risk analysis all Information Systems in the Central Region DCSA cognizance. Performs analysis, evaluation, and verification of defense contractor security plans for computer systems, networks, IS, and emerging technology solutions to ensure protection of classified information. Develops and applies quality standards for all work of the team. Collaborates consistently with seniors, peers, and subordinates across organizational boundaries to lead change activities and innovate creative solutions to complex problems. Delivers security and risk management expertise through collaborative engagements with Military, US government, and industry partner customers throughout the Continental United States (CON US). Advises agency executive leadership on information systems security issues, program requirements and personnel resources positively influencing strategic direction of the agency. Represents DCSA in meetings, conferences, and on committees regarding information systems security. Show less

Served as an Information Technology Specialist implementing DOD policy with respect to industrial security matters concerned with the safeguarding of classified information in Information Systems (IS), networks, and cyberspace operations utilized by the National Industrial Security Program (NISP) contractors. Performed Cybersecurity activities including security control assessments in support of Information Technology (IT) system assess and authorize activity utilizing the Risk Management… Show more Served as an Information Technology Specialist implementing DOD policy with respect to industrial security matters concerned with the safeguarding of classified information in Information Systems (IS), networks, and cyberspace operations utilized by the National Industrial Security Program (NISP) contractors. Performed Cybersecurity activities including security control assessments in support of Information Technology (IT) system assess and authorize activity utilizing the Risk Management Framework (RMF). Exercised security oversight of cleared contractor information systems within the National Industrial Security Program (NISP). Analyzed, assessed, evaluated, verified and validated cleared contractor information system security plans and controls, and delivered system authorization risk recommendations to the Authorizing Official. Developed and maintained security documentation and artifacts for Information Systems assigned. Enforced IT security control requirements, recommended configurations for information systems and networks and identified strategies to manage risk through mitigation of IT vulnerabilities, considering the rapidly evolving Cybersecurity threat to IT systems. Advised and assisted the Industrial Security Representatives and conducted IS inspections and staff assistance visits to assure cleared defense contractor compliance with established IS security policy. Participated in developing and implementing IS security training sessions for cleared defense contractor and industrial security personnel involved in the NISP. Show less

Served as the Sr. Security Manager and Information System Security Manager (ISSM) for Classified Cybersecurity at Lockheed Martin Missiles and Fire Control (MFC) in Grand Prairie, TX. Responsible for managing the Classified Cybersecurity function consisting of twelve direct and indirect charge security employees. Required to gain timely authorizations and approvals for classified computing environments by appropriately applying the requirements of the Risk Management Framework (RMF) in… Show more Served as the Sr. Security Manager and Information System Security Manager (ISSM) for Classified Cybersecurity at Lockheed Martin Missiles and Fire Control (MFC) in Grand Prairie, TX. Responsible for managing the Classified Cybersecurity function consisting of twelve direct and indirect charge security employees. Required to gain timely authorizations and approvals for classified computing environments by appropriately applying the requirements of the Risk Management Framework (RMF) in accordance with the DSS Assessment and Authorization Process Manual (DAAPM), the Joint Special Access Program (SAP) Implementation Guide (JSIG) as well as currently approved operations under various Certification and Authorization guides. Routine contact with senior level executives from inside the company and from multiple US Government agencies, working hand-in-hand with the other security functions to ensure the success of all company programs. Served on corporate committees and participate on internal and enterprise-wide self-inspection teams. Collaborated with other security disciplines to ensure all classified computing assets are operating in compliance with governing directives. Effectively interfaced with numerous cognizant security agencies and customers. Possessed strong written and verbal communications, interpersonal relations, and analytical skills, worked with multiple customers, building and maintaining effective team and customer relationships. Have a thorough understanding of Defense Security Service Assessment and Authorization Process Manual (DAAPM) / Risk Management Framework (RMF) authorization requirements, including a familiarity with Host Based Security System (HBSS), Assured Compliance Assessment Solution (ACAS), and trusted agent responsibilities. Knowledge of Security Content Automation Protocol (SCAP), Security Technical Implementation Guides (STIG) Viewer and writing Plan of Action and Milestones (POA&Ms). Show less

Served as an Information Systems Security Professional (ISSP) Team Lead and a member of the Industrial Security Field Operations (ISFO) management team reporting to the NIST Authorizing Official (NAO), assisted the Authorizing Official (AO) in managing the region's certification/accreditation and review responsibilities. Utilized a wide range of Cybersecurity and advanced Information Technology concepts, principles, and practices to apply to difficult and complex work assignments; identified… Show more Served as an Information Systems Security Professional (ISSP) Team Lead and a member of the Industrial Security Field Operations (ISFO) management team reporting to the NIST Authorizing Official (NAO), assisted the Authorizing Official (AO) in managing the region's certification/accreditation and review responsibilities. Utilized a wide range of Cybersecurity and advanced Information Technology concepts, principles, and practices to apply to difficult and complex work assignments; identified, documented and communicated security plan vulnerabilities; and utilized risk management principles to perform risk analysis. Provided supervision, guidance, mentoring and direction to five ISSPs in support of the certification and accreditation (C&A) following the Risk Management Framework (RMF), of Defense Contractor’s classified systems as well as the conducting of Security Vulnerability Assessments. Served as a Cyber Information Technology Specialist (Team Lead) performing duties as an Information Systems Security Professional (ISSP) with Industrial Operations (IO), reporting to the Authorization Official (AO), assisting the AO in managing the region's certification & accreditation of SIPRNet Nodes. Performed Command Cyber Readiness Inspections (CCRIs) and Security Vulnerability Assessments (SVAs) at contractor facilities in accordance with established DoD policies, Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs), that included industrial security procedures, systems, standards, and regulations governing the safeguarding of classified information in IS utilized by contractors functioning in the NISP. Served as an Information Technology Specialist implementing DOD policy with respect to industrial security matters concerned with the safeguarding of classified information in Information Systems (IS), networks, and cyberspace operations utilized by the National Industrial Security Program (NISP) contractors. Show less