• Managed the Risk Management Framework (RMF) Assessment & Authorization (A&A) process for the Zumwalt Class Destroyer Total Ships Computing Environment (TSCE), including the maintenance and oversight of Enterprise Mission Assurance Support Service (eMASS) accreditation packages to ensure compliance and cybersecurity integrity.• Authored and critically reviewed RMF documentation, encompassing the System Level Continuous Monitoring (SLCM) strategy, Security Plan, and Security Assessment Plan, ensuring comprehensive coverage and alignment with cybersecurity best practices.• Analyzed WSTR# in Itracker to effectively differentiate between cyber and administrative issues, providing crucial insights for prioritization.• Guided the categorization of cyber WSTRs as a member of the SRB board, ensuring alignment with CAT prioritization standards.• Assisted in identifying test result data, managing system inheritance within eMASS, and provided input into Memoranda of Understanding/Agreements (MOU/As) to formalize inheritance between TSCE and other systems.• Identified and applied relevant security controls and overlays, implementing them in strict accordance with DISA standards to ensure robust cybersecurity measures.• Reviewed and provided input into system design documentation, such as Accreditation Boundary Diagrams, Network Topology, Information Flow Diagrams, Ports Protocols and Services, and Hardware/Software lists.• Assisted in continuous monitoring and periodic assessments of security controls and posture, ensuring ongoing compliance and security integrity.• Utilized ACAS scans, SCAP Compliance Checker (SCC) benchmarks, and STIG/SRGs to comprehensively review, validate, and document vulnerabilities in Lab/Ship system assets, ensuring adherence to stringent cybersecurity standards and protocols.• Evaluated security controls implementation and provided test evidence and Objective Quality Evidence (OQE) statements to support DoD compliance.

• Experience with Enterprise mission assurance support service (EMASS), security technical implementation guides (STIGs), security content automation protocol (SCAP), assured compliance assessment solution (ACAS), Ports, protocols and services matrix, vulnerability remediation asset manager (VRAM), and host-based security.• Led a team in conducting a comprehensive vulnerability assessment and penetration testing of the network infrastructure, identifying critical vulnerabilities, and recommending remediation measures to enhance the organization's security posture.• Developed and implemented a robust incident response plan, including defining roles and responsibilities, establishing communication protocols, and conducting tabletop exercises to test the plan's effectiveness in real-time scenarios. • Identified and deployed appropriate security tools and technologies to protect against cyber threats by overseeing the deployment and configuration of solutions across all endpoints. • Analyzed and prioritized risks based on their potential impact and likelihood by conducting thorough assessments and vulnerability analysis. • Maintained and updated security documentation, including policies, procedures, and guidelines, to incorporate lessons learned and enhance the organization's incident response capabilities. • Assisted in conducting security control assessments and validation testing to ensure compliance with NIST guidelines.

• Conducted FIPS-199 categorization and control selections for my client; develop test plans; and testing procedures.• Supervised and monitored the FISMA testing of the client’s systems.• Prepared and reviewed security documentations including System Security Plans (SSP), Security Assessment Reports (SAR), Contingency Plan (CP), Privacy Impact Analysis (PIA), and other artifact required for system’s security. • Supported the remediation actions to correct assessment findings and develops supporting plan of action and milestone (POA&M) reports. • Organized authorization package for ATO of the client’s systems. • Supported the penetration testing group with information gathering and scanning using Nessus and Nmap tools.

• Conducted daily walk-thru with executives and other staff members to ensure that no technical issues will hinder the daily operation.• Communicated with the government customer daily to tackle enterprise priorities.• Proficient with Service now ticketing system.• Received and sourced equipment’s.• Troubleshoot enterprise-wide issues, often coordinating with other teams to accomplish a positive outcome.• Troubleshoot issues related to computer systems, accounts, software, and hardware.• Produced detailed technical reports establishing repeatable procedure. • Prioritized and assigned work to team members carefully weighing team member’s strengths and weaknesses. • Provided support to the End-user services teams by offering insight into issues that they are struggling to complete.

• Utilizing MDM software such as Air Watch and Purebred to manage iPhone, iPad and blackberries. • Communicate with the government customer daily to tackle enterprise priorities. • Troubleshoots enterprise-wide issues, often coordinating with other teams to accomplish a positive outcome.• Produces detailed technical reports establishing repeatable procedure. • Prioritizes and assigns work to team members carefully weighing team member’s strengths and weaknesses. • Provide support to the End-user services teams by offering insight into issues that they are struggling to complete.• Create and maintain large spreadsheets to track ongoing enterprise issues, in preparation to present to leadership.• Resolving complex issues escalated from Tier 1 requiring detailed systems and application knowledge, • Support implementation and maintenance of network and system services, (monitor network and system performance; as well as troubleshoot problems as they arise)

• Spearheaded comprehensive risk assessments and meticulously crafted, reviewed, and updated System Security Plans (SSPs), Plans of Action and Milestones (POA&M), and other pivotal security documents. Orchestrated the alignment of these efforts with esteemed standards such as NIST 800-37 rev1, SP 800-18, SP 800-30, SP 800-60, SP 800-53 rev4, SP 800-53A, FIPS 199, FIPS 200, and OMB A-130 App• Applied a sophisticated comprehension of information security control implementation tailored to Federal Information Systems, adeptly translating intricate business prerequisites into tangible control objectives. Developed a keen sense of aligning organizational goals with security strategies.• Evaluated and provided insightful reports on diverse security control practices employed by clients, displaying adept analytical skills. Collaborated with stakeholders to cultivate an in-depth understanding of their security needs and to ensure that their goals were being met.• Pioneered the establishment of schedules and deadlines for pivotal assessment activities, actively participating in periodic and on-demand system audits, vulnerability assessments, and thorough reviews of existing configurations. Ensured continuous compliance by closely monitoring controls post-authorization.• Cultivated effective working relationships with stakeholders, fostering a dynamic dialogue and rapport to discuss information system status and emerging security needs. Demonstrated strong executive communication skills by presenting the ongoing security and privacy posture, aligning business requests with security objectives.