Resume

Experience

ISSM / Senior Cybersecurity Engineer
Rise8 – AFWERX
Sept 2024 – Present Remote
  • Directed the authorized deployment of 39 applications across IL2/4/5 environments in accordance with NIST 800-53.
  • Led the execution and management of the Assessment and Authorization process for 5 classified and unclassified systems in accordance with Risk Management Framework (RMF) process.
  • Mapped NIST 800-53 controls to technical implementations within cloud-native architectures, successfully securing 6 ATOs for AWS GovCloud environments implementing Zero Trust models.
  • Translated complex government compliance mandates into actionable engineering requirements by integrating security tooling, SAST, and DAST directly into development workflows.
  • Authored clear Body of Evidence (BoE) and core security documentation (SSP, RAR, SAR, PIA), facilitating seamless collaboration among executive management, stakeholders, and technical teams across the federal ATO ecosystem.
Senior Information Systems Security Officer (ISSO)
MindPoint Group – Department of Justice (DOJ) / ATF
July 2023 – Sept 2024 Washington, D.C.
  • Supported DOJ cloud computing architecture to meet FedRAMP compliance, successfully acquiring 6 ATOs for AWS GovCloud systems, including Zero Trust models.
  • Led stakeholder and executive management meetings regarding mission-critical systems and initiated the coordination for 4 additional ATOs.
  • Performed annual FISMA assessments, maintained core security documentation (SSP, RAR, SAR, PIA), remediated 30 POA&Ms across 6 systems.
  • Performed security assessments of web applications, APIs, and mobile applications.
  • Documented security processes and operational procedures for vulnerability and application security programs.
Senior Information Security Specialist
FEDITC – Department of Defense (USSOCOM)
April 2023 – July 2023 Tampa, FL
  • Managed the Special Operation Forces (SOF) IT RMF Continuous Monitoring program, integrating NIST 800-53A to improve the Cybersecurity program.
  • Audited compliance for 20 programs of record, including System Security Plans (SSP) and Security Risk Assessments, ensuring operations aligned with USSOCOM’s risk posture.
  • Directed cybersecurity privacy and control verifications for 175+ unclassified systems, networks, and cloud service offerings.
  • Conducted vulnerability scans and assessed the effectiveness of security controls.
  • Managed enterprise vulnerability assessment tools including ACAS, Nessus, and Qualys.
Information System Security Manager (ISSM)
U.S. Navy – MPRWS
May 2020 – April 2023 U.S. Navy

Details to be added.

Information Security Manager
U.S. Navy – Fleet Support Unit Five
September 2016 – May 2020 U.S. Navy

Details to be added.

Cyber Threat Intelligence Analyst
Department of Defense – National Security Agency (NSA)
February 2014 – September 2016 Fort Meade, MD

Details to be added.

Education

Master of Science (M.S.)
Cybersecurity and Information Assurance
Western Governors University
Bachelor of Science (B.S.)
Information Technology Management
Western Governors University

Skills

Risk Management Framework (RMF)Expert
NIST 800-53 / NIST 800-171 / JSIGExpert
FedRAMP / FISMA / CMMCExpert
System Authorization (ATO)Expert
Vulnerability ManagementAdvanced
Incident Response & Continuous MonitoringAdvanced
Cloud Security (AWS GovCloud)Advanced
Zero Trust ArchitectureAdvanced
ISO 27001 / PCI-DSS / SOC / COBITAdvanced

Tools & Technologies

eMASS / CSAM / RSA ArcherAdvanced
ACAS / Nessus / SCAP / STIG ViewerAdvanced
ServiceNowAdvanced
AWS / TerraformIntermediate
SplunkIntermediate
Docker / GitLabIntermediate
SAST / DAST / OWASP ZAPIntermediate