Sr. It Security Engineer
CurrentSenior IT Security Engineer and Project Manager — ISHPI Information Technologies, Inc. (Customer: Internal Revenue Service, U.S. Bureau of Engraving and Printing) Washington, DC, September 2018 – Present ● Managing a team of assessors, overseeing Enterprise wide security assessment for all cloud systems within IRS.;● Personally investigating, assessing, and completing Authority to Operate (ATO) assessments for Enterprise systems, managed assessment of Enterprise baselines for BEP, and performed continuous monitoring for 10 other enterprise systems;● Provided written reports for ATO approval, statistics on completion results and briefings to senior management;● Tracked security accreditation packages with Virtustream Viewtrust/ACE;● Oversaw compliance with Federal Information Processing Standards (FIPS) 200 Security controls;● Developed FIPS 199 System security plan;● Studied National Institute of Standards and Technology (NIST) Special Publication 800-60 to categorize information and information systems according to risk level;● Applied Security Controls as outlined in NIST SP 800-37 rev1, and NIST SP 800-53 rev4, and FedRAMP;● Met Federal Risk and Authorization Management Program (FedRAMP) requirements;● Implemented Agile Scrum processes into analysis of systems;● Accredited according to Committee on National Security Systems (CNSS) Instruction No. 1253;● Wrote accreditation reports, documenting interviews, creating documents for CIO signature, and preparing presentations for high-level review.