Information System Security Officer | Cyber Security Analyst | Technical Trainer
CurrentInformation System Security Officer (ISSO) • Captured organizational changes by maintaining assigned Business Impact Analysis (BIA) statements, annually. • Educated users on security measures, potential threats, and installed s/w security updates while monitoring network activities.• Safeguarded information and prevented unauthorized access by assessing and implementing NARA’s information security protocols.• Updated the System Security Plan (SSP), in alignment with agency, FISMA, and NIST 800-53 rev 4 and 5 requirements.• Assisted in addressing information requests and participating in audits, led by the OIG and CFO, in compliance with FISMA.• Developed, implemented, and tested Incident Response Plans (IRP), ensuring optimal preparedness for potential disruptions.• Assured annual maintenance of assigned Contingency Plans (CP), reflecting changes and performing annual Contingency Plan Tests.• Tracked and documented the impact of changes on the security posture of designated IT systems, as a member of the Configuration Control Board (CCB).Information Security Training Officer • Strategized, and customized training materials to enhance departmental knowledge and skills development. • Evaluated training requirements for agency/department and conducted diverse information security classes tailored to needs, promoting an approach to cybersecurity education.• Empowered existing staff with the "Beware of Viruses and Malware" course, which improved cybersecurity awareness and threat prevention.• Authored and delivered the "Introduction to Cyber Security" course for new employees, fostering a foundational understanding.• Supervised and reviewed subordinates' work to oversee the accuracy to cybersecurity governance policies, as per security standards.