As a senior analyst on the Sutter Health Privacy and Information Security Risk Management Team, I conducted Security Risk Assessments (SRAs) for Sutter vendors and applications. This required me to engage stakeholders across the enterprise including our Business Owners, Technical Services, Contracting, Legal, and other Privacy and Information Security Teams. In addition to completing SRAs, I co-developed the peer review process and provided feedback to 5 fellow analysts.

While at eGlobalTech, I supported contracts with the Department of Health and Human Services (HHS) and the Federal Emergency Management Agency (FEMA). At HHS, I served as a Continuous Monitoring Analyst and supported the Information Security Continuous Monitoring (ISCM) Program, the DHS Continuous Diagnostics and Mitigation (CDM) Program, the Federal Risk and Authorization Management Program (FedRAMP). I assisted in developing the HHS ISCM Strategy and Program to support continuous monitoring and ongoing authorization. I supported CDM Phase 1 across 8 HHS Operating Divisions, which included automated tools for hardware asset management, software asset management, configuration management, and vulnerability management. And as FedRAMP support, I evaluated Cloud Service Providers through system authorizations, annual attestations, and monthly continuous monitoring meetings.At FEMA, I served as an Information System Security Officer (ISSO) and maintained an Authority to Operate for a privacy sensitive financial system by ensuring compliance with the NIST Special Publication 800-53, Revision 4; the DHS Sensitive Systems Policy; and OMB requirements. I ensured security controls were implemented properly, completed system documentation, and monitored vulnerability and compliance scans.

As the DMS IT Security Manager, I was responsible for the ISO 27001:2005 framework as the Enterprise Security Management Group Lead. I conducted internal audits of DMS policies and standards; defined measurements and metrics to evaluate the effectiveness of Information Security Management System (ISMS); and briefed Executive Management on IT risks and new developments in the ISMS.

ILIVE2LEAD International is a women's leadership organization that provides training to young women from around the world. As an intern, I supported 4 senior staff members; processed applications and evaluated over 80 candidates for the 2013 summits; and represented the organization at the Women in the World Summit 2013 in New York City.