Senior Information Security Officer for the Office of the Secretary of Health and Human Services reporting to the Deputy Chief Information Security Officer on all matters related to the information security of systems and the initiatives of the agencies security program. Serves as a primary point of contact for governance risk and compliance. Acts as a steward of information security practices and policies while fostering an environment of communication and collaboration with organizational entities, intergovernmental teams, working groups, and direct support of IT security strategic and tactical initiatives. Implements and administers programs to protect the information resources of the agency by assuring compliance with Risk Management Framework, Federal legislation, FISMA, NIST standards, executive orders, directives of the Office of Management and Budget. - Leads a large group of System Owners and Information Security Officers in the completion of IT Security related task and the security authorization process.- Accounts for tracking and reporting the risk profile of a large number of information systems and actively driving the mitigation of threats and vulnerabilities though customer communication and system security team management.- Serves as the representative the office of the HHS Chief Information Security Officer liaison and the Enterprise Information System Security Manager for IT Projects and CTO initiatives that span the operating divisions of the Department. - Maintains an IT Systems FISMA inventory of over 100 systems, security compliance, Plan of Action and Milestone Management with risk mitigation progress tracking and reporting systems raising the Office of the Secretary’s security authorization compliance from a 68% to 92%. - Serves as the lead liaison and POC for all IG requests, reviews and audits of organizational IT Security systems.

Project leader in the Office of Cyber Security, Certification Program Office responsible for the development and operation of department-wide IT systems testing and certification programs. Insured independent verification and validation of security control assessments and accurate reporting of risks and vulnerabilities in IT inventory management tools. Responsible for the management of special projects related to certification and accreditation with team members, customers and contract staff, to help VA achieve the goals of the Federal Information Security Management Act. - Managed certification testing as Ex Officio/Certification Agent for the department and evaluated the findings of all assessments to determine risk profiles and the effectiveness of IT security control implementations. - Provided oversight for all VA security programs. Prepared and presented recommendation for program and policy changes for the department level security control assessments and security control selections to the Deputy CISO and other senior information security officials. - Ensured that enterprise security policies, procedures and standards were in compliance with regulatory requirements and legislated mandates governing information security. - Prepared statements of work, independent government cost estimates and cost benefit analyses and other documentation necessary for the procurement of IT and telecommunication equipment, goods and services.

Specialist of information security in the Offices of Cyber Security identifying, developing, and recommending information protection and risk management solutions for the VA enterprise. Reported directly to the CISO/ADAS of Information Protection and Risk Management. Provided support on technical security matters to CIO, DAS, CISO, ISO’s, engineering, enterprise architecture, system administrators, software developers and other personnel involved in the implementation of security technologies and IS systems. - Investigated sources of Federal security requirements and best practices including, existing policy, guidelines, standards, legislation, mandates and advised leadership in the development and maintenance of departmental policy as it relates to cyber security, information protection, privacy and risk management. - Represented OCS and communicated management’s interests to VA stakeholders, OIT customers, staff members, external elements, and identified specific project goals and objectives to determine the effort, resources, and methodology necessary to complete the project.

Responsible for the recommendation and evaluation of emerging technologies for the modernization and innovation of the agencies enterprise information technology systems. Served as a Senior IT Specialist of information protection and risk management. Performed work that involved a wide range of IT security services that extend and apply to the Office of Information & Technology (OI&T) and or the VA enterprise in general. Evaluated technologies for their ability to meet the VA’s existing cyber security standards and requirements. - Conducted product evaluations and proof-of-concepts to determine functional and technical ability to meet VA security requirements. - Oversaw and managed research to address practical application of existing and emerging information systems technologies. - Advised senior leadership on system and application planning, design, development, and procurement processes to ensure security integrity and compliance with policy.

• Responsible for complete design, installation and maintenance of business IT networks and communication systems. Generated revenue and retained customers though account management and project planning while providing pre and post sales support. • Duties included determining scope and technical needs of project, implementation requirements, design, planning, installation and oversight of technicians, other vendors and contractors, product delivery and documentation along with initial customer training.• Accountable for qualifying customer needs and delivering optimal solutions over IP (LAN and WAN), DBN, WI-FI, IPCentrex, VoIP, P2P and copper telecom. • Managed support staff and contract employees performing facility work at customer sites and provisioning work within the telecom infrastructure.

Designed, installed and maintained business IT networks and communication systems. Generated revenue and retained customers though account management and project planning while providing pre and post sales support. Duties included determining scope and technical needs of project, implementation requirements, design, planning, installation and oversight of technicians, other vendors and contractors, product delivery and documentation along with initial customer training.