I have 20 years of cybersecurity experience. My background includes supporting vulnerability assessments, information system security engineering activities, and performing security risk assessment. I assisted a leading intelligence agency in transitioning to the NIST Risk Management Framework (“RMF”) and implementing a security control review process for NIST SP 800-53 security controls. I am the project lead for three teams of CyberSecurity professionals. My primary responsibilities include assisting financial service clients in understanding cybersecurity threats and the security controls required to mitigate those threats. I leverage my experience in securing intelligence community systems to tailor security solutions to the specific threats of the organization. My leadership assisted clients in obtaining and maintaining authorities to operate for their critical IT systems. My experiences as a program manager for large geographically disperse teams has enabled me to exceed client demands on my assigned projects while ensuring the projects remain on schedule and budget. Previously, I co-Led the Assessment and Authorization (A&A) (previously known as Certification and Accreditation [C&A]) capability offering for Central Maryland (CMD). I was the program manager for several contracts providing (1) Security Risk Assessment support as Delegated Authorization Official (DAO), (2) Security Engineering Services as Information System Security Engineers (ISSE), (3) Security Authorization support by preparing System Security Plans (SSP) and other C&A documentations, as Information System Security Officers (ISSO), (4) Independent Verification and Validation (IV&V) of the proper implementation of security controls as Security Control Assessors (SCA).
Listed skills include Nist, Computer Security, Management Consulting, Information Security, and 20 others.