● Reviewing, maintaining, and ensuring all Assessments and Authorizations (A&A) documentation are included in the system security package. ● Ensure Implementation of appropriate security control for Information System based on NIST Special Publication 800-53 rev 4, FIPS 200, and System Categorization using NIST 800-60, and FIPS 199. ● Review and update remediation on (POAMs), in organization's Cyber Security Assessment and Management (CSAM) system. Work with system administrators to resolve POAMs, gathering artifacts and creating mitigation memos, residual risk memos and corrective action plans to assist in the closure of the POA&M. ● Perform vulnerability and baseline scans, using tools such as Tenable Nessus, CIS-CAT, Retina Vulnerability scanner, analysis scan results and document findings in POA&M. ● Collaborate with system administrators to remediate (POA&Ms) findings. Ensure vulnerabilities and risks are efficiently mitigated in accordance with the organization's continuous monitoring Plan. ● Monitor controls post authorization to ensure continuous compliance with the security requirements. ● Identify new, maintain and disposal of information system inventory in accordance with established policies and procedures, ensure accurate configuration management and property accountability. ● Modify and maintain procedures, operational process document, change control document, operational checklist, detailed system specifications and procedures. ● Conducted security assessment interviews to determine the Security posture of the System and to develop a Security Assessment Report (SAR) in the completion of the Security Test and Evaluation (ST&E) questionnaire using NIST SP 800-53A required to maintain Company Authorization to Operate (ATO), the Risk Assessment, System Security Plans, and System Categorization.

● Established comprehensive IT compliance frameworks, ensuring adherence to industry standards and regulatory requirements. ● Conducted thorough reviews of users' access control, IT controls, and disaster recovery readiness. ● Assessed organizational IT policies and standards for accuracy and compliance with guidelines. ● Coordinated and executed projects to identify, communicate, and mitigate security risks and vulnerabilities. ● Led initial risk assessments on new vendor relationships and performed quality assurance assessments. ● Collaborated with IT departments to facilitate timely remediation of audit recommendations. ● Performed SOC 1 and SOC 2 report testing in line with applicable standards. ● Performed SOX audit, IT infrastructure audit and business applications audit from planning phase to reporting phase while documenting the audit report and procedures. ● Developed audit programs based on recognized frameworks for industry best practices. ● Conducted comprehensive audits of IT platforms, OS platforms, and operating procedures, focusing on efficiency, accuracy, and security. ● Evaluated IT infrastructure to identify risks and implemented controls to minimize potential loss. ● Supervised engagements, including planning, work paper review, and preparation of audit reports. ● Managed project status meetings to effectively communicate findings and improvement opportunities. ● Prepared detailed audit reports, oversaw corrective action plan implementation, and maintained open communication with management. ● Conducted in-depth security assessments of critical financial reporting systems, including SAP.

● Conducted regular inventory audits, ensuring accuracy and compliance with regulations. ● Oversaw the receipt, inspection, and disposition of incoming shipments, ensuring quality control and timely delivery. ● Collaborated with various departments to forecast supply needs and ensure on-time delivery of critical items. ● Applied internal standard operating procedures on supply regulations and property management. ● Verified material safety, updated and maintained consumption files and conducted research for stock discrepancies. ● Maintained inventory database, financial logs and prepared reports/correspondence. ● Monitored documents on material issues, processes receipt and handled customer refusals. ● Assisted in preparing recommendations and directives for procurement of materials. ● Maintained Operating Target (OPTAR) logs and reports for Fiscal year planning. ● Maintained authorized stock levels of publications, forms and office supplies. ● Collaborated with various groups or individuals including suppliers, contractors, other government agencies, to resolve issues and situations related to logistics management issues.