Nancy G. Email & Phone Number

Evaluate new products and technologies, make recommendations concerning the introduction of new technologies. Perform assessments for systems/solutions and processes. Review system related material including specifications, diagrams, requirements, and test plans to ensure compliance with applicable security standards. Generate security documentation.

Successfully completed RMF process resulting in achievement of three year ATO for both SIPR and NIPR enclaves, first three year ATO for an Army Reserve network. Generated and maintained security documentation, validated policies and procedural documentation to ensure compliance. Interpreted security requirements (RMF, CCIs, NIST, FISMA, DoDIs, etc) for.

Developed policy and advised commanders and staffs on planning, installing, administering, managing, maintaining, operating, integrating, and securing information systems. Supported SIPR and NIPR RMF Accreditations; verified security requirements, validated procedural documents. Performed system integration/administration and implemented Information.

Established configuration management processes to support the network during the Risk Management Framework (RMF) process. Generated a security focused Configuration Management Plan to establish procedures and guidelines for managing configuration changes, tracking of asset inventories and status, establishing network baselines, establishing naming.

Audited network/system devices to ensure standards compliance. Utilized Retina scanning tool to identify security issues and mitigate security risks. Ensured proper system patching utilizing MS Windows Server Update Services (WSUS) in order to comply with the Department of Defense Information Assurance Vulnerability Alerts (IAVA). Maintained network.

Maintained proper access controls to network shares, citrix applications and resources in order to mitigate possible security risks. Developed and maintained solutions in an enterprise environment that supported compliance with the Health Insurance Portability and Accountability Act (HIPAA) and Sarbanes-Oxley (SOX). Installed and evaluated all applications.