Information System Security Officer
Washington D.C. Metro Area
Served as the primary ISSO responsible for securing the End User Devices boundary (EUD-GSS), comprising five interconnected sub-systems supporting approximately 4,500 users, which represents the most critical segment of the organization’s IT infrastructure. Implemented robust safeguards and operational measures aligned with NIST guidelines to minimize inherent risks. Collaborated frequently with key stakeholders, such as the SO and AO, to maintain awareness of emerging threats and vulnerabilities and optimize response capabilities accordingly.Managed continuous monitoring activities for several high-risk external service offerings, including FedRAMP-certified and non-FedRAMP solutions. Designed comprehensive reporting mechanisms utilizing NIST standards to facilitate ongoing monitoring of these critical assets, enabling proactive identification and mitigation of issues before they escalate into major incidents.Developed extensive system documentation in line with the NIST RMF framework, contributing significantly to the Information System Continuous Monitoring and Ongoing Authorization programs. These documents provided clear guidance to relevant parties regarding system configuration, operations, and maintenance practices, thereby promoting compliance and enhancing overall security posture.Regularly briefed executive leadership, including AOs and SOs, about the risk profiles associated with various components of the portfolio under my care, highlighting trends, challenges, and opportunities for improvement. In addition, monitored developments relating to new technologies, regulatory updates, and evolving best practices, sharing insights and recommendations with team members and stakeholders as appropriate.