Rodney Collier Email & Phone Number

Herndon, VA

• Provides Subject Matter Expert (SME) guidance for various Smartronix/SMX customers in the preparation, execution, and review of their information systems whether they are seeking to obtain an ATO or FedRAMP.
• Possess extensive experience in developing and documenting processes and procedures used in various IT operations and cybersecurity plans and required A&A artifacts, such as Access Control Plan (ACP), Configuration.
• Possess practical experience interpreting and applying cybersecurity policy & standards in an enterprise environment (to include NIST SP 800-171 and application of DoD DFARS cybersecurity requirements), an.
• Created IT process templates adopted by the organization and widely used in our accreditation efforts.
• Served as a security team lead for various FedRAMP certification efforts; Task included assessing and drafting the Level of Effort (LoE) included in the systems Statement of Work (SOW); Implementing a control process.
• Conducted PCI/DSS compliance security assessments for several Smartronix clients; identifying and addressing security gaps identified with their AWS environment; compling a comparative analysis of all major Cloud.

Hyattsville, MD

• Served as SME in the area of security within the Office of Public Affairs (OPA) within the Depart of Labor (DOL); tasked with completing the Authority to Operate (ATO) re-certification for OPA’s WPES system (consisting.
• Developed, implemented, and managed NIST-compliant security documents, including disaster recovery plans, contingency plans and test, system security plans, and other ATO documentation using the Cyber Security.
• Developed and monitored Memorandum of Understandings (MOU) and Service Level Agreements (SLA) between various agencies and departments.
• Assisted the Security team in is the analysis of software security services such as Web Application Vulnerability Assessments, and Independent Verification and Validation (IV&V)
• Exhibited extensive knowledge of FISMA, OMB Circular A-130, FIPS 199-201, and NIST SP 800 series related to qualitative and quantitative research and analytical methodologies, and vulnerability assessment tools.
• Developed and implementing continuous monitoring strategies for both current and future systems/applications.

Manassas, VA

• Serving as SME assisting States with implementing security requirements in conjunction with the Affordable Care Act (ACA) Health Exchanges.
• CISO Security Team member assisting Business Owners and ISSO's by analyzing system documentation for completeness and compliance with NIST/FISMA guidelines; providing expert guidance in the preparation, execution and.
• Maintaining the system accreditation status tracking for all systems undergoing C&A authorization, in addition to the life-cycle management of all currently accredited systems using the CMS FISMA Controls Tracking.
• Obtaining and compiling system data metrics required for the Quarterly and Annual FISMA Reporting requirements to Health and Human Services (HHS).
• Evaluating system security including data classification, controls and countermeasures, life-cycle maintenance, roles and responsibilities, and design features for all software, hardware, and peripheral system interfaces
• Developing strategies to identify security improvements, establishing corrective action plans, and utilizing Risk Management/Mitigation strategies to ensure the completeness and adequacy of regulatory requirements.

Greater Atlanta Area

• Certification & Accreditation (C&A) Team member within the Office of the Chief Information Officer (OCISO) assisting system Stewards to meet Federal NIST / FISMA C&A requirements.
• Tasked in dual roles as a Cyber Security Analyst for OCISO and Outsourced Security Steward to various centers within the Center for Disease Control (CDC) where 600+ were maintained within the CDC’s network.
• Proficient in using encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research for CDC systems risk assessments.
• Initial point of contact for business stewards, CDC center management and ISSO’s, assisting them in developing system’s characterization data, creating Plans of Action and Milestones (POA&M), and completing the Risk.
• Proactively involved in designing, testing, and implementing state-of-the-art secure operating systems, firewalls, network access, electronic data traffic and database products.
• Provide solutions to a variety of technical problems ranging from low – high in scope and complexity.

Greater Atlanta Area

• Identified Significant application and IT controls directly affected by the Sarbanes-Oxley (SOX) compliance
• Conducted testing in the design and operational effectiveness of internal controls as a full-time resource in the areas Security, Application Information System Management, Information System Operations, and Networking
• Facilitated testing of internal controls surrounding Fixed Assets.
• Assisted in completion researching and filling of Inpat / Expat tax returns for clients of the IAS Tax group within Deloitte Tax.
• Conducted testing in the design and operational effectiveness of internal controls as a full-time resource in the areas Security, Application Information System Management, Information System Operations, and Networking.
• Supervised staff and coordinated communications and testing between Client, Internal Audit, and Deloitte & Touché, LLP Management

Greater Atlanta Area

• Identified Significant application and IT controls directly affected by the Sarbanes-Oxley (SOX) compliance; Presenting documentation and testing plans to External Auditors for review
• Managed/Maintained Risk Assessment & IT General / Application Control Matrices; Conducted General Computer Control testing of IT General and Application controls
• Coordinated with Internal & External Audit to test controls which involve a review of Internal Audit test plans
• Responsible for researching process information and system databases
• Worked within Accounts Payable/Account Receivable/ and Fixed Assets Analysis in relation to Sox Compliance
• SOCET entry and organization of Corporate IT General / Corporate Finance Controls

Bs, Industrial Technology

Activities and Societies: Sonic Boom of the South

Diploma, College Prep