Manage FISMA Moderate Facility requirements to satisfy DOE contract obligations with
regard to compliance with NIST SP 800-53 rev 4, Risk Registers, POA&M items, NIST SP
800-171, FIPS 199.
Perform Facility Security Officer (FOS) and Internal Threat Program Senior Officer (ITPSO)
duties in compliance with and 32 CFR part 117 NISPOM and DSS/ISS requirements for a
non-possessing classified facility while paying particular attention to Cybersecurity
Awareness training and audit readiness, DISS JVS / JPAS, NISS portal action items.

Skill Sets:
 Active DoD Top Secret clearance
 FISMA 800-53, 800-171, 32 CFR part 117 NISPOM compliance
 Cross map Correlation of NIST 800-171, NIST 800-53, ISO 27001 to CMMC level 3
 Risk Registers and POA&M documentation based on NIST SP 800-37 RMF principles
 DoD 5220.22M and 32 CFR part 117 (NISPOM) compliance
 DCSA – STEPP FSO and ITPSO certified
 Insider Threat and Cyber Awareness program content creation and training.
 SEAD3 and SEAD4 Reporting and Compliance
 Network Security Monitoring and IT Security Policies and Implementation
 Network design and administration for Classified and Unclassified networks
 Secure/Classified network and data server delivery, design and management
 LAN vulnerability monitoring / management & IT Forensics Investigation
 Threat hunting and Mitigation using Unix, Linux, SUSE, Red Hat, Snort, WireShark,
Kali, Tails, Nessus, NMap, Cacti Log analysis, SIEM, Intrusion Detection Systems
(IDS), Shodan
 DoD, NRC/DOE Audit Compliance, Risk Mitigation and Business Continuity planning
 In Process - completing course work for Industrial Security Professional (ISP® )
Certification offered by The Society of Industrial Security Professionals, NCMS.
 Current CISSP certification