Profiles search
Sharae Race
CyberSecurity Specialist at Phacil, Inc
Fort George Meade, MD, United States
Details
Experience:
2018 : Present
Phacil, Inc
CyberSecurity Specialist
•Review/develop RMF documentation to include System Security Plan (SSP), Information Security Continuous Monitoring (ISCM), and Account Management Plan,
•Review/modify IACs ( Information Assurance Controls) per guidance of CNSS 1253
•Work action items on POA&M to fix vulnerabilities identified within the system
•Develop system-level security A&A plans and projects with milestones to obtain ATO/ATC
•Making IA recommendations in accordance with applicable DoD orders & directives
•Security testing and evaluation activities for validation in the RMF process
•Attend weekly status meetings with SCAR(Security Control Assessor Representative)/AO
•Review/develop test scripts to ensure vulnerability is assessed properly
2017 :
RG
Information Asssurance Analyst
•Provide Information Assurance engineering support to Naval Air Systems Command (NAVAIRSYSCOM- a multi-faceted Information Technology acquisition program focused on system accreditation and continuous monitoring
•Review and approve required IA documentation in accordance with applicable US government and DoD information assurance and security guidance
• Develop and execute RMF packages for multiple concurrent systems to include Plan of Action and Milestones (POA&Ms) and System Security Plan (SSP)
•Work with multiple teams and stakeholders to understand the capabilities of their IT systems and develop accreditation packages for approval
•Review/approve IA artifacts, documentation, and IACs (Information Assurance Controls) required for RMF
•Assists the customer in initiating and maintaining the IA Risk Management Framework (RMF) and Authorizations to Operate (ATO) for designated systems.
•Analyze and review the designated assets to ensure they are in compliance with DOD IA/Cybersecurity instructions, guidelines and certification requirements as appropriate
•Provide guidance, recommendations, timelines and milestones to stakeholders in order to maintain compliance and improve security posture as needed
•Maintain certification as a Navy Qualified Validator
2017 : 2017
KBRwyle
Information Assurance Analyst
• Prepare documentation for the RMF certification and accreditation process
• Review STIGs to ensure they are in compliance with DoD standards
• Use DADMS (Department of the Navy (DoN) Application and Database Management System) to ensure software is registered
• Ensure IACs (Information Assurance Controls) are in compliant through the use of eMASS
• Generate POA&M in compliance with the IACs
• Review system information profile
• Review SAP (Security Assessment Plan)
• Review ACAS scans to ensure they are in compliance.
• Conduct interviews for information assurance and highly technical roles
• Member of the recruiting management team
• Navy Qualified Validator
2016 : 2017
The MIL Corporation
Information Assurance Specialist
• Manage and lead efforts in the review, application, and maintenance of IA policies and C&A procedures for Programs of Record (POR) acquisition programs
• Coordinates the efforts of multiple personnel and organizations to ensure objectives and goals are achieved on schedule and meets or exceeds DON Cyber Security policy and requirements.
• Prepare, validate, and submit DIACAP/RMF certification and accreditation packages for new and continued system accreditations for multiple systems using Enterprise Mission Assurance Support Service (EMASS).
• Perform Information Assurance/security analyses and risk/vulnerability assessments along with evaluating IA technologies and secure solutions for applications, systems, and platform interconnections/interfaces to include ACAS scans and STIGs
• Conducts risk and vulnerability assessments of accreditations on RDT&E and Operational Data Center systems, based upon environment, connectivity, classification, mission criticality, and other related factors.
• Develop plans, including budgets and schedules, and monitor tasks to meet project requirements and goals for assigned programs.
• Coordinate with system and network administrators to ensure all identified threats are corrected and/or mitigated in accordance with established guidance from the Department of Defense and the US Navy.
• Review C&A plan documentation to include, RAR (Risk Assessment Report), System Implementation Plan (SIP), DIACAP Implementation Plan (DIP), and System Security Plan (SSP) with system owners and provide feedback and assistance where needed to meet accreditation requirements.
• Entry Level Navy Validator
• Responsible for facilitating the C&A process with the goal of getting requested systems their desired accreditation within current impact dates.
• Provides cyber solutions within the program office such as, but not limited to, boundary consolidation, reviewing policy and assisting with mitigation statements.
2015 : 2016
General Dynamics Information Technology
Information Assurance Analyst
Phacil, Inc
CyberSecurity Specialist
•Review/develop RMF documentation to include System Security Plan (SSP), Information Security Continuous Monitoring (ISCM), and Account Management Plan,
•Review/modify IACs ( Information Assurance Controls) per guidance of CNSS 1253
•Work action items on POA&M to fix vulnerabilities identified within the system
•Develop system-level security A&A plans and projects with milestones to obtain ATO/ATC
•Making IA recommendations in accordance with applicable DoD orders & directives
•Security testing and evaluation activities for validation in the RMF process
•Attend weekly status meetings with SCAR(Security Control Assessor Representative)/AO
•Review/develop test scripts to ensure vulnerability is assessed properly
2017 :
RG
Information Asssurance Analyst
•Provide Information Assurance engineering support to Naval Air Systems Command (NAVAIRSYSCOM- a multi-faceted Information Technology acquisition program focused on system accreditation and continuous monitoring
•Review and approve required IA documentation in accordance with applicable US government and DoD information assurance and security guidance
• Develop and execute RMF packages for multiple concurrent systems to include Plan of Action and Milestones (POA&Ms) and System Security Plan (SSP)
•Work with multiple teams and stakeholders to understand the capabilities of their IT systems and develop accreditation packages for approval
•Review/approve IA artifacts, documentation, and IACs (Information Assurance Controls) required for RMF
•Assists the customer in initiating and maintaining the IA Risk Management Framework (RMF) and Authorizations to Operate (ATO) for designated systems.
•Analyze and review the designated assets to ensure they are in compliance with DOD IA/Cybersecurity instructions, guidelines and certification requirements as appropriate
•Provide guidance, recommendations, timelines and milestones to stakeholders in order to maintain compliance and improve security posture as needed
•Maintain certification as a Navy Qualified Validator
2017 : 2017
KBRwyle
Information Assurance Analyst
• Prepare documentation for the RMF certification and accreditation process
• Review STIGs to ensure they are in compliance with DoD standards
• Use DADMS (Department of the Navy (DoN) Application and Database Management System) to ensure software is registered
• Ensure IACs (Information Assurance Controls) are in compliant through the use of eMASS
• Generate POA&M in compliance with the IACs
• Review system information profile
• Review SAP (Security Assessment Plan)
• Review ACAS scans to ensure they are in compliance.
• Conduct interviews for information assurance and highly technical roles
• Member of the recruiting management team
• Navy Qualified Validator
2016 : 2017
The MIL Corporation
Information Assurance Specialist
• Manage and lead efforts in the review, application, and maintenance of IA policies and C&A procedures for Programs of Record (POR) acquisition programs
• Coordinates the efforts of multiple personnel and organizations to ensure objectives and goals are achieved on schedule and meets or exceeds DON Cyber Security policy and requirements.
• Prepare, validate, and submit DIACAP/RMF certification and accreditation packages for new and continued system accreditations for multiple systems using Enterprise Mission Assurance Support Service (EMASS).
• Perform Information Assurance/security analyses and risk/vulnerability assessments along with evaluating IA technologies and secure solutions for applications, systems, and platform interconnections/interfaces to include ACAS scans and STIGs
• Conducts risk and vulnerability assessments of accreditations on RDT&E and Operational Data Center systems, based upon environment, connectivity, classification, mission criticality, and other related factors.
• Develop plans, including budgets and schedules, and monitor tasks to meet project requirements and goals for assigned programs.
• Coordinate with system and network administrators to ensure all identified threats are corrected and/or mitigated in accordance with established guidance from the Department of Defense and the US Navy.
• Review C&A plan documentation to include, RAR (Risk Assessment Report), System Implementation Plan (SIP), DIACAP Implementation Plan (DIP), and System Security Plan (SSP) with system owners and provide feedback and assistance where needed to meet accreditation requirements.
• Entry Level Navy Validator
• Responsible for facilitating the C&A process with the goal of getting requested systems their desired accreditation within current impact dates.
• Provides cyber solutions within the program office such as, but not limited to, boundary consolidation, reviewing policy and assisting with mitigation statements.
2015 : 2016
General Dynamics Information Technology
Information Assurance Analyst
Company:
Phacil, Inc
Profile Photo
