I perform project management on enterprise data storage, software applications, and networking systems. Develop plans, techniques, and policies to solve, mitigate, and correct software issues.Play a lead role in aligning technology and business goals by providing advice, recommendations, and guidance to key internal and external stakeholders.Review impact of new systems design policies, and recruit support from senior management.

*Determine Reliability of service systems and subsystems by validating and verifying systems applicable security parameters, specifications, technical and status.*Initiates action for timely system assurance analysis, repair or restoration of services and systems, with emphasis on confidentiality, integrity, and availability of primary and backup systems.*Configuration Management - Manage re-configurations to minimize service interruptions to mitigate criticality of particular functions to the safe and efficient systems operations.*Coordinates and directs the maintenance of all critical services/systems and subsystems with the appropriate teams and commits resources to restorations of failed facilities.*Coordinates, evaluates and implements changes to systems and services.*Coordinates contractor activity to ensure interface compatibility in the development, procurement and installation of modifications and enhancements.

Provide oversight and management for the performance, evaluation, and authorization of System Security Certification and Authorization Packages (SCAP). Identified and evaluated cybersecurity and technology risks related to the information technology systems. Created & certified local contingency plans in order to mitigate any identified risks. Assessed cybersecurity activities and technology controls to reduce and mitigate risks to acceptable levels. Provided risk management recommendations to internal, and external stakeholders. Utilized the NIST Special Publication (SP) 800-53, Security and Privacy Controls for Federal Information Systems and Organizations comprehensive catalog of controls to mitigate and control threats. Deployed baselines depending on potential adverse impacts (Low, Medium, High), as starting points in selecting the appropriate controls for protecting IT systems. Ensure staff compliance with security policies, and utilize Security Administration procedures aligned to business goals, and NIST FISMA Risk Management Framework. Review assurance mechanisms and procedures to effectively identify weaknesses or failures of key controls, and work with system owner, custodian, and steward to reduce risk levels based on structured risk framework. Maintain and or oversee relevant policies and procedures related to technology and security processes, review metrics and escalation reports to monitor risk and control-related developments, issues and trends, technology and security risk issues as well as internal and external incidents Monitor cve.mitre.org for latest posted vulnerabilities. Rehearse emergency recovery procedures with backup systems. Introduction of authorized integrity (virus scanning, checksum, vulnerability scans) checks, installation of approved software/hardware, categorize, handle, and control of Sensitive Security, and protected privacy data.

*Managed, collaborated, planned, coordinated, installed and maintained NSA certified secure communications and network automated systems. I Provided Training, Automation, Telecommunication, and Information Assurance. *Ensured confidentiality, integrity, reliability and availability of communications, computers, and data in a S6 NETOPS IT Assurance Role. *Directed and applied FISMA federally mandated compliance requirements using NIST FISMA 800 series documents. I developed a series of compliance checklists for Certification and Accreditation. *Performed assessments using FISMA compliant process providing deliverables per the NIST Risk Management Framework to characterize the sensitivity level of system, contingency plan, system security plan development, security awareness training, privacy impact assessments, and security risk assessments.*Recommended approval for Authority to Operate for an information system and took actions in regards to vulnerabilities and audit findings Used DoD 5000 series documents, various laws, and regulations to comply with privacy requirements. *Utilized NIST Risk Management Framework steps as follows: 1) FIPS 199 and SP800-60 to categorize system; 2) FIPS 200 and SP 800-53 to select controls; 3) NIST documents to implement controls such as SP 800-34, SP 800-61, and SP 800-128; 4) SP 800-53A to assess controls, 5) SP 800-37 to authorize system, and 6) monitor controls using SP 800-137, SP 800-37, and SP 800-53 A. *Utilized Public Law 107-347, The E-Government Act of 2002, Title III, the Federal Information Security Management Act of 2002, to charter a statutory authority of the Information Security and Privacy Advisory Board (ISPAB) to categorize, protect, and monitor networks Personal Identifiable Information (PII) as it related deployment of readiness force in protection of Iraqi Freedom.