Information System Security Officer
Current• Spearheads RMF processes, ensuring systems achieve and maintain Authorization to Operate (ATO) through rigorous control implementation and documentation using eMASS.• Conduct in-depth vulnerability assessments to identify risks and mitigation strategies across systems.• Develop and maintain RMF documents, including System Security Plans (SSP), Risk Assessment Reports (RAR), and Plans of Action and Milestones (POA&M).• Evaluate system compliance with NIST 800-53 controls, DISA STIGs, and SRGs; ensure adherence to DoD security guidelines.• Perform continuous monitoring of systems, analyzing vulnerability scan results (e.g., Nessus), and coordinating remediation efforts with system administrators.• Serve as the subject matter expert (SME) for risk management, guiding teams through compliance reviews and technical security configurations.• Collaborate with system owners and developers to create boundary diagrams, architecture diagrams, and hardware/software inventories.• Oversee configuration management, ensuring security impacts of system changes are assessed and documented.• Conduct security awareness sessions and communicate evolving cybersecurity policies to stakeholders.• Regularly produce executive reports outlining security status, identified risks, and compliance milestones.