Evaluate new products and technologies, make recommendations concerning the introduction of new technologies. Perform assessments for systems/solutions and processes. Review system related material including specifications, diagrams, requirements, and test plans to ensure compliance with applicable security standards. Generate security documentation, validate policies and procedural documentation to ensure compliance. Interpret security requirements (RMF, NIST, FISMA, DoD, etc.) for stakeholders. Create security architecture assessment reports that clearly articulate requirements to address risks identified.

Successfully completed RMF process resulting in achievement of three year ATO for both SIPR and NIPR enclaves, first three year ATO for an Army Reserve network. Generated and maintained security documentation, validated policies and procedural documentation to ensure compliance. Interpreted security requirements (RMF, CCIs, NIST, FISMA, DoDIs, etc) for Cyber, Network and Server engineers. Managed Plan of Actions and Milestones (POA&M) to ensure deficiencies were corrected within the designated timeframe, provided guidance and recommendations to leadership and technical staff for compliance. Utilized the Enterprise Mission Assurance Support Service (eMASS) repository to manage required artifacts, updated Implementation Plan, addressed individual CCIs and prepared eMASS POA&M for “Assessment and Authorization” of RMF packages.

Developed policy and advised commanders and staffs on planning, installing, administering, managing, maintaining, operating, integrating, and securing information systems. Supported SIPR and NIPR RMF Accreditations; verified security requirements, validated procedural documents. Performed system integration/administration and implemented Information Assurance/Computer Network Defense (IA/CND) programs to protect and defend information, computers, and networks from cyber threats. Trained soldiers on the application of various Cybersecurity DoD Directives, Instructions and Army Regulations. Provided mentorship, encouraged soldiers to further their education, recommended specific certifications to further their careers both in and out of the military. Provided guidance for soldiers who were transitioning out of the military and into civilian employment.

Established configuration management processes to support the network during the Risk Management Framework (RMF) process. Generated a security focused Configuration Management Plan to establish procedures and guidelines for managing configuration changes, tracking of asset inventories and status, establishing network baselines, establishing naming standards, etc. Generated a charter to establish the Change Control Board which provides oversight for proposed changes to the network.Established Configuration Management Site on SharePoint which made all CM documentation and resources available to the entire G6 team. Automated the System Change Request and Authorized Service Interruption processes which greatly improved efficiency, visibility and accountability of said processes.

Audited network/system devices to ensure standards compliance. Utilized Retina scanning tool to identify security issues and mitigate security risks. Ensured proper system patching utilizing MS Windows Server Update Services (WSUS) in order to comply with the Department of Defense Information Assurance Vulnerability Alerts (IAVA). Maintained network security through the implementation of Access Control Lists on Cisco routers, enforcing proper authentication and group policy application via MS Active Directory. Worked with Communications Security (COMSEC) Custodian for proper utilization of KG-250 to ensure appropriate network traffic encryption. Over 10 years experience with Department of Defense Information Assurance Vulnerability Management (IAVM) and requirements for maintaining a strong network security posture

Maintained proper access controls to network shares, citrix applications and resources in order to mitigate possible security risks. Developed and maintained solutions in an enterprise environment that supported compliance with the Health Insurance Portability and Accountability Act (HIPAA) and Sarbanes-Oxley (SOX). Installed and evaluated all applications and resources made available via the Citrix environment to ensure operability within established security guidelines. Supervised a regional environment than spanned over 192 sites in 26 states. Provided hardware and software support and maintained equipment life cycle to include configuration and installation of Thin Clients. Maintained working knowledge of all hardware warranties and software license utilization/expiration. Collaborated in the Enterprise architecture and design for 500+ Citrix users. Created and maintained Active Directory user and application architecture. Tested, published and maintained various types of applications and databases both home grown and commercial. Managed configuration and installation of workstation as well as Voice over Internet Protocol (VoIP) phones.