Profiles search
Jeffrey R.
Cybersecurity Engineer at Assured Information Technology (AIT) Engineering
United States
Details
Experience:
Responsible for all aspects of the cybersecurity process utilizing the Department of Defense Risk Management Framework to maintain compliance for multiple U.S. Army training systems. Work with customers to ensure DoD security requirements are understood and properly budgeted for in the system development process to ensure receipt of an Authority to Operate to meet contract requirements. Updates and maintains eMass system records as necessary to document changes to hardware and software, system security policy requirements, hardened security baseline, and maintain a record of continuous monitoring activities. Manages Plan of Actions and Milestones (POA&M) items identifying risks and vulnerabilities against a system to document, track, and maintain a record of remediation activities supporting resolution, mitigation, or risk acceptance.
2021 : Present
Assured Information Technology (AIT) Engineering
Cybersecurity Engineer
Acts as independent authority on behalf of Headquarters Marine Corps to conduct vulnerability assessments and determine overall residual risk of fielded systems. Verifies system cybersecurity baseline compliance through annual on-site inspections and vulnerability scanning. Conducts independent assessment of documented configuration and open vulnerabilities to determine the overall residual risk to training systems and provides risk recommendation to the Marine Corps Security Control Assessor. Validates Risk Management Framework cybersecurity packages for approval through Headquarters Marine Corps. Makes policy recommendations to headquarters Marine Corps to increase efficiency of cybersecurity assessments.
2018 : 2021
Naval Air Warfare Center Training Systems Division (NAWCTSD)
Cybersecurity Validator
Served as lead cybersecurity advisor to the IPT Lead for 95 training systems at 14 locations worldwide. Led cybersecurity efforts within the platform IPT to ensure systems comply with DoD/Navy cybersecurity policy. Acted as independent authority on all cybersecurity matters in formulating instructions, policies, procedures, standards, and managing the implementation of the cybersecurity program across all training sites worldwide. Advised IPT Lead on program security issues including system threat vulnerability assessments, system security requirements, architectures, and security risk mitigation plans. Ensured cybersecurity was integrated into all phases of the acquisition process to include Statements of Work, performance specification review, Cybersecurity Strategies, and Program Protection Plan. Collaborated with other departments such as test and engineering to provide cybersecurity guidance and commented on test plans and design documents during the acquisition process. Verified cybersecurity posture through annual on-site inspections and vulnerability scanning. Maintained program cybersecurity records in eMass and VRAM. Authored RMF cybersecurity packages for approval through Naval Air Systems Command and Fleet Cyber Command to obtain an approval to operate. Drafted and implemented the Standard Operating Procedure and Security Concept of Operations. Ensured on-site personnel and system users have appropriate security clearances, system authorizations, training, and need to know to access the training devices.
2014 : 2018
Naval Air Warfare Center Training Systems Division (NAWCTSD)
Program Cybersecurity Lead
Information Assurance engineer supporting DoD customer. As prime contractor, communicated IA technical and policy guidance as outlined in DoD policies. Supported DoD customer and directed design agent and assembly & installation agent throughout design process. Recommended Common Criteria certified hardware and software to meet system security requirements during design process. Conducted Security Testing & Evaluation on the completed system. Authoreds DIACAP packages through the eMass system to obtain an Approval to Operate. Reviewed IA vulnerability reports monthly for applicability to fielded systems. Attended Engineering Review Boards and Configuration Control Boards representing IA department.
2007 : 2014
Lockheed Martin
Sr. Information Assurance Engineer
Managed a team of 19 military, civilians, and contractors developing Computer Security and Emissions security policy for the Air Force. Ensured systems comply with encryption, identification and authentication requirements prior to connection to the AF GIG. Served as the technical expert in Information Assurance Security and Policy compliance. Addressed security issues that affect the planning, design, execution, and sustainment of command and control, and combat support systems.
2004 : 2007
Air Force Communications Agency
Chief, IA Policy Branch
2021 : Present
Assured Information Technology (AIT) Engineering
Cybersecurity Engineer
Acts as independent authority on behalf of Headquarters Marine Corps to conduct vulnerability assessments and determine overall residual risk of fielded systems. Verifies system cybersecurity baseline compliance through annual on-site inspections and vulnerability scanning. Conducts independent assessment of documented configuration and open vulnerabilities to determine the overall residual risk to training systems and provides risk recommendation to the Marine Corps Security Control Assessor. Validates Risk Management Framework cybersecurity packages for approval through Headquarters Marine Corps. Makes policy recommendations to headquarters Marine Corps to increase efficiency of cybersecurity assessments.
2018 : 2021
Naval Air Warfare Center Training Systems Division (NAWCTSD)
Cybersecurity Validator
Served as lead cybersecurity advisor to the IPT Lead for 95 training systems at 14 locations worldwide. Led cybersecurity efforts within the platform IPT to ensure systems comply with DoD/Navy cybersecurity policy. Acted as independent authority on all cybersecurity matters in formulating instructions, policies, procedures, standards, and managing the implementation of the cybersecurity program across all training sites worldwide. Advised IPT Lead on program security issues including system threat vulnerability assessments, system security requirements, architectures, and security risk mitigation plans. Ensured cybersecurity was integrated into all phases of the acquisition process to include Statements of Work, performance specification review, Cybersecurity Strategies, and Program Protection Plan. Collaborated with other departments such as test and engineering to provide cybersecurity guidance and commented on test plans and design documents during the acquisition process. Verified cybersecurity posture through annual on-site inspections and vulnerability scanning. Maintained program cybersecurity records in eMass and VRAM. Authored RMF cybersecurity packages for approval through Naval Air Systems Command and Fleet Cyber Command to obtain an approval to operate. Drafted and implemented the Standard Operating Procedure and Security Concept of Operations. Ensured on-site personnel and system users have appropriate security clearances, system authorizations, training, and need to know to access the training devices.
2014 : 2018
Naval Air Warfare Center Training Systems Division (NAWCTSD)
Program Cybersecurity Lead
Information Assurance engineer supporting DoD customer. As prime contractor, communicated IA technical and policy guidance as outlined in DoD policies. Supported DoD customer and directed design agent and assembly & installation agent throughout design process. Recommended Common Criteria certified hardware and software to meet system security requirements during design process. Conducted Security Testing & Evaluation on the completed system. Authoreds DIACAP packages through the eMass system to obtain an Approval to Operate. Reviewed IA vulnerability reports monthly for applicability to fielded systems. Attended Engineering Review Boards and Configuration Control Boards representing IA department.
2007 : 2014
Lockheed Martin
Sr. Information Assurance Engineer
Managed a team of 19 military, civilians, and contractors developing Computer Security and Emissions security policy for the Air Force. Ensured systems comply with encryption, identification and authentication requirements prior to connection to the AF GIG. Served as the technical expert in Information Assurance Security and Policy compliance. Addressed security issues that affect the planning, design, execution, and sustainment of command and control, and combat support systems.
2004 : 2007
Air Force Communications Agency
Chief, IA Policy Branch
Company:
Assured Information Technology (AIT) Engineering
About
Over 18 years Cybersecurity experience in securing information systems to include workstations, servers, and network devices. Skilled in interpreting security test results, assessing organizational risk, and planning to eliminate or mitigate open vulnerabilities. Strong knowledge of security policies and standards. Excellent ability to organize and manage multiple priorities. Familiar with tracking cost, schedule, and performance risks. Possess CISSP-ISSEP and Network+ Certifications.
Profile Photo
