Experience
| Agency |
Description |
|
|
Department of State |
Led the IA Strategic Planning Initiative, facilitated the IA Strategic Planning weekly meetings, prepared planning artifacts, developed the strategic planning schedule and the Functional Area Interview Questionnaire, established presentation material, conducted assessment interviews for various functional areas, developed a presentation for delivery to the Chief Information Security Officer (CISO), presented in the E-Gov Non-Major Functional Training session for Part I, attended E-Gov meetings concerning E-authentication, developed a SP 800-37 based Certification and Accreditation (C&A) Work Breakdown Structure (WBS) for the Customer Service Division, developed a WBS and Independent Verification & Validation (IV&V) Plan for the Enterprise Risk Division, worked with FISMA Reporting Team Lead to complete the Corrective Action Plan (CAP) report, worked with members of the Customer Service Performance Metrics and Plan of Action and Milestones (POA&M) staff to document existing POA&M process, developed checklists in support of the document library and C&A IV&V efforts, presented on Process Improvement at the IA brown bag, meeting with Customer Service Division Manager regarding several IV&V requests, liaison with the Office of Privacy, attended the 2008 IAPP Privacy Summit. |
Department of Energy |
Provided support in the transition of several cyber related subtasks to the A-76 contract vehicle, assisted in the development of sub-task management plan under the A-76 vehicle, managed program activities, developed proposal(s) in response to customer’s statements of work (SOW), established project plans, developed financial plans in accordance with specified program activities, provided adhoc financial reports, provided and managed resources to include reallocation of resources in accordance with customer requirements, provided bi-weekly and monthly status reports to the customer(s), provided programmatic support to the Office of Cyber Security, ensured the development of reports to reflect Program Office results for quarterly Federal Information Security Management Act (FISMA) Performance Metrics and Plan of Action and Milestones (POA&M), provided comments on draft National Institute of Standards and Technology (NIST) publications. Interfaced with Departmental Headquarter (HQ) Program Offices, reviewed and responded to General Accounting Office (GAO), and DOE Office of Independent Oversight and Performance Assurance (OA) and Inspector General (IG) audit reports, facilitated cyber conference activities, provided cyber training and outreach, developed Departmental-wide classified and unclassified cyber security policy consistent with Public Law, Executive Orders, Federal policy/guidance, and best practices. |
Department of Health and Human Services |
Created Security Plans for the CDC and EPA that satisfied requirements outlined in each organization’s Security Program. Established a security plan questionnaire for each information system area, conducted interviews to obtain required information pertaining to system specific activities, developed documentation for each identified information system, provided weekly and monthly status reports, and interfaced with the federal CDC Security liaison. |
| Department of State |
Participated on the Department of State Enterprise Architecture team, developed an enterprise-wide Information Security Architecture for Department of State, conducted interviews to gain insight on security-related operational activities, conducted analysis of existing Department of State policy and standards for compliance with federal laws, directives, and with NIST standards and guidelines, analyzed new security requirements and presented security analysis results to the Information Assurance Office, recommended and developed new policies and standards to ensure compliance with NIST standards and guidelines. |
Internal Revenue Service |
Worked with a security team tasked to develop several security products that included a security plan, Technical Contingency Planning Document (TCPD),risk assessment, and a system test and evaluation (ST&E) Plan for a C&A effort. Involved in the C&A effort for the IRS Compliance Research Information System (CRIS) which included developing the CRIS Security Plan, Risk Assessment, and TCPD, established mitigation strategies for those requirements not satisfied by the system and presented security analysis results to the federal CRIS project office. |