Joseph L. Email & Phone Number

Torrance, CA, US

Kent, WA, US

Bethesda, MD, US

• Perform data transfers between air-gapped networks, reviewing material to avoid potential data spills.
• Ensure systems in the RMF lifecycle are maintained in accordance with NIST 800.53 and ICD 503.
• Ensure configuration management tasks are carried out in accordance with organizational policy/procedures.
• Perform vulnerability scans using the Nessus security suite of tools.
• Utilize RSA Archer to perform continuous monitoring tasks associated with risk management.
• Review log files with RSA Netwitness to identify and report suspicious activity.

Mclean, Virginia, US

• Analyze open source technologies being deployed into a cloud environment (AWS) and implement minimum security requirements to ensure compliance with NIST 800-53.
• Identify and develop specific security control guidance to develop security control traceability matrices for the technologies.
• Establish a portfolio of common controls tenants of the platform can utilize to reduce their time to accreditation.
• Conduct analyses of alternatives to promote the selection of appropriate technologies with regard to security, cost, and ease of deployment.
• Draft and maintain a Concept of Operations (CONOPS) defining the computing environment and the security protection profiles offered by the preconfigured applications.
• Develop and maintain a System Security Plan (SSP) for the platform.

Ashburn, Virginia, US

• Analyze classified information systems to ensure compliance with DCID 6/3 directives.
• Review various vulnerability scan results using SCAP Compliance Checker (SSC) and Assured Compliance Assessment Solution (ACAS) to ensure computers and network devices meet compliance requirements.
• Analyze DISA STIGS to check compliant/non-compliant devices including printers, videoteleconference suites, and switches.
• Draft and submit Plan of Action and Milestones (POA&M) to ensure vulnerabilities are remediated in a timely fashion and results are tracked and reported to superiors.
• Developed timelines to ensure maximum achievement of milestones described within the POA&M.
• Assisted with preliminary steps in transition from DCID 6/3 to ICD 503 Risk Management Framework (RMF).

Reston, Virginia, US

• Responsible for drafting, editing, reviewing and implementing Army Cybersecurity Policy and procedures.
• Administer the Army’s Information Systems Security Program Application, a database that tracks Army cybersecurity requirements.
• Analyze network diagrams to ensure security devices are being properly implemented.
• Utilize technology roadmaps to forecast cybersecurity requirements for US Army Networks.
• Develop modernization strategy, implementation plan, and roadmap. Published documents inform acquisition decisions and modernization paths for US Army Networks.
• Use Microsoft Office products to analyze the status of fielded cybersecurity equipment to ensure legacy items are being modernized to maintain compliance with DOD modernization initiatives.

• Conducted daily cryptographic keying material management operations; performed routine issue and destruction of keying material, trained individuals on proper use of cryptographic key and equipment, and performed other.
• Ensured networks remained operational and protected with current cryptographic equipment and key.
• Performed software and firmware upgrades on cryptographic equipment.
• Ensured cryptographic incidents were documented and reported properly and in the required timeframe.
• Ensured unauthorized individuals did not gain access to protected materials and information through the use of two person combination locks and protective materials.

Falls Church, Virginia, US

• Alternate COMSEC Account Manager
• Conducted daily cryptographic keying material management operations; performed routine issue and destruction of keying material, trained individuals on proper use of cryptographic key and equipment, and performed other.
• Ensure networks remained operational and protected with current cryptographic equipment and key.
• Performed software and firmware upgrades on cryptographic equipment.
• Ensure cryptographic incidents were documented and reported properly and in the required timeframe.
• Ensured unauthorized individuals did not gain access to protected materials and information through the use of two person combination locks and protective materials. Network Administrator