Profiles search
Kerry GRAMSE, CISSP
Security Control Assessor & Navy Validator at nDepth Security, LLC
Gettysburg, PA, United States
Details
Education:
Bachelor's
Business Management
Eastern New Mexico University
2003 : 2006
Business Management
Eastern New Mexico University
2003 : 2006
Experience:
2017 : Present
nDepth Security, LLC
Security Control Assessor & Navy Validator at nDepth Security, LLC
• Serving as Information System Security Officer (ISSO) : for twelve medical device systems, conduct all aspects of Cyber Security Analysis for Risk Management Framework (RMF) accreditation, preparing for authorization to operate or authorization to connect to Department of Defense Information System Network DoDIN.
o Cyber Security Analysis as it relates to C&A/A&A, CCRI, RMF, DIACAP, etc.
o Complete Security Testing and evaluation (ST&E) & Configuration testing and evaluation (CT&E) reviews on specialized Cross Domain Systems (CDS), and their related equipment
o Evaluate various systems for Certification & Accreditation (C&A/A&A) and products and write risk assessment or risk acceptance, certification recommendation documentation
o Write and submit authorization to connect (ATC), authorization to operate (ATO), and independent validation and verification (IV&V)
• Serve as Subject Matter Expert (SME) for Cyber Security analysis/engineer and patch management as it relates to medical devices and their associated equipment
o Vulnerability assessment using ACAS & STIG/SCAP tools
o Provide support for medical device systems in relation to RMF, DoD and NIST standards
o Interface with the medical device vendors and client site and their related partners to ensure the security posture networks meets the strict requirements of modern information systems security on a global scale
2017 :
Kforce Technical Staffing
Sr. CyberSecurity Engineer
• DoD Contractor to the Defense Information Systems Agency (DISA) Risk Management Executive (RME); 8570.1M IAM Level III, IAT Level III, IASAE level II with CISSP; Active DoD TS/SCI Clearance
• Manage a team of 2 direct reports
o Cyber Security Analysis as it relates to C&A/A&A, CCRI, RMF, DIACAP, etc.
o Vulnerability assessment using ACAS & STIG/SCAP tools
• Serve as Subject Matter Expert (SME) for Cyber Security analysis/engineer related to the US Battlefield Information Collection & Exploitation Systems (US BICES), a NATO system and related programs as they relate to DISA RME interests
o Complete Security Testing and evaluation (ST&E) & Configuration testing and evaluation (CT&E) reviews on specialized Cross Domain Systems (CDS), and their related systems
o Evaluate various systems for Certification & Accreditation (C&A/A&A) and products and write risk assessment or risk acceptance, certification recommendation documentation
o Write and submit authorization to connect (ATC), authorization to operate (ATO), and approval for testing (AfT) documents for signature by the US BICES Authorizing Official, and DISA RME Security Control Assessor
o Provide support for CDS systems in relation to RMF (risk management framework), DoD and NIST standards
o Interface with the client and their related partners to ensure the security posture networks meets the strict requirements of modern information systems security on a global scale
2016 : 2017
Booz Allen Hamilton
Lead CyberSecurity Engineer
• Manage a team of 8 direct reports and 2 subcontract employees
o Team includes 3 Network Admins, 5 System Admins, and 2 IA specialists
• Manage all aspects of System Administration & Server Administration
• Manage all aspects of Network Administration, Engineering
• Manage all aspects of backup and disaster recovery, including a warm site and a hot site (CoOP)
• Team, under my direction has stood up a robust VMware environment using 16 previously purchased servers that remained unused for over 18 months. This effort has migrated 60% of physical servers to VM and will end with the migration of 90% of servers, decommissioning over 25 servers, also to include 100 VDI clients
• Team, under my direction has begun migration to 802.1x authentication protocols for over 1500 users & 1200 devices
• Vulnerability assessment using ACAS & SCAP Scan tools
• Supporting the needs of the Program Management Office/Officer
2016 : 2016
Salient CRGT
NOC Manager (Network Engineer 3)
• E-2D Advanced Hawkeye Automated Logistics Environment (ALE) Lead Field Service Engineer, System Administration, providing hardware, software, networking support for Windows 7/Server 2003/2008 environment
• Lead Training Specialist responsible for content preparation, personnel coordination and training delivery
• Transition of ALE Environment from Server 2003/Windows XP to Server 2008/Windows 7
• Directly support Aircrew and Maintenance Personnel in the use of the ALE Software/System
• Provide classroom instruction and on-the-job training to the ALE User Community
• Supporting LINUX file conversion to Windows format for analysis and trending
• Supporting the needs of the Program Management Office/Officer regarding the ALE Contract
• IAVA/IAVM support including evaluation, installation and mitigation of issues
• Patch Management, awaiting Patch Tuesday release for study, test and deployment strategy outside WSUS process for Servers and desktop/laptop environment
• Vulnerability assessment using eEye Retina & ACAS & SCAP Scan tools
• Provide problem analysis and recommend software modification to correct/improve system
2011 : 2016
Northrop Grumman Corporation
Field Service Engineer 4
nDepth Security, LLC
Security Control Assessor & Navy Validator at nDepth Security, LLC
• Serving as Information System Security Officer (ISSO) : for twelve medical device systems, conduct all aspects of Cyber Security Analysis for Risk Management Framework (RMF) accreditation, preparing for authorization to operate or authorization to connect to Department of Defense Information System Network DoDIN.
o Cyber Security Analysis as it relates to C&A/A&A, CCRI, RMF, DIACAP, etc.
o Complete Security Testing and evaluation (ST&E) & Configuration testing and evaluation (CT&E) reviews on specialized Cross Domain Systems (CDS), and their related equipment
o Evaluate various systems for Certification & Accreditation (C&A/A&A) and products and write risk assessment or risk acceptance, certification recommendation documentation
o Write and submit authorization to connect (ATC), authorization to operate (ATO), and independent validation and verification (IV&V)
• Serve as Subject Matter Expert (SME) for Cyber Security analysis/engineer and patch management as it relates to medical devices and their associated equipment
o Vulnerability assessment using ACAS & STIG/SCAP tools
o Provide support for medical device systems in relation to RMF, DoD and NIST standards
o Interface with the medical device vendors and client site and their related partners to ensure the security posture networks meets the strict requirements of modern information systems security on a global scale
2017 :
Kforce Technical Staffing
Sr. CyberSecurity Engineer
• DoD Contractor to the Defense Information Systems Agency (DISA) Risk Management Executive (RME); 8570.1M IAM Level III, IAT Level III, IASAE level II with CISSP; Active DoD TS/SCI Clearance
• Manage a team of 2 direct reports
o Cyber Security Analysis as it relates to C&A/A&A, CCRI, RMF, DIACAP, etc.
o Vulnerability assessment using ACAS & STIG/SCAP tools
• Serve as Subject Matter Expert (SME) for Cyber Security analysis/engineer related to the US Battlefield Information Collection & Exploitation Systems (US BICES), a NATO system and related programs as they relate to DISA RME interests
o Complete Security Testing and evaluation (ST&E) & Configuration testing and evaluation (CT&E) reviews on specialized Cross Domain Systems (CDS), and their related systems
o Evaluate various systems for Certification & Accreditation (C&A/A&A) and products and write risk assessment or risk acceptance, certification recommendation documentation
o Write and submit authorization to connect (ATC), authorization to operate (ATO), and approval for testing (AfT) documents for signature by the US BICES Authorizing Official, and DISA RME Security Control Assessor
o Provide support for CDS systems in relation to RMF (risk management framework), DoD and NIST standards
o Interface with the client and their related partners to ensure the security posture networks meets the strict requirements of modern information systems security on a global scale
2016 : 2017
Booz Allen Hamilton
Lead CyberSecurity Engineer
• Manage a team of 8 direct reports and 2 subcontract employees
o Team includes 3 Network Admins, 5 System Admins, and 2 IA specialists
• Manage all aspects of System Administration & Server Administration
• Manage all aspects of Network Administration, Engineering
• Manage all aspects of backup and disaster recovery, including a warm site and a hot site (CoOP)
• Team, under my direction has stood up a robust VMware environment using 16 previously purchased servers that remained unused for over 18 months. This effort has migrated 60% of physical servers to VM and will end with the migration of 90% of servers, decommissioning over 25 servers, also to include 100 VDI clients
• Team, under my direction has begun migration to 802.1x authentication protocols for over 1500 users & 1200 devices
• Vulnerability assessment using ACAS & SCAP Scan tools
• Supporting the needs of the Program Management Office/Officer
2016 : 2016
Salient CRGT
NOC Manager (Network Engineer 3)
• E-2D Advanced Hawkeye Automated Logistics Environment (ALE) Lead Field Service Engineer, System Administration, providing hardware, software, networking support for Windows 7/Server 2003/2008 environment
• Lead Training Specialist responsible for content preparation, personnel coordination and training delivery
• Transition of ALE Environment from Server 2003/Windows XP to Server 2008/Windows 7
• Directly support Aircrew and Maintenance Personnel in the use of the ALE Software/System
• Provide classroom instruction and on-the-job training to the ALE User Community
• Supporting LINUX file conversion to Windows format for analysis and trending
• Supporting the needs of the Program Management Office/Officer regarding the ALE Contract
• IAVA/IAVM support including evaluation, installation and mitigation of issues
• Patch Management, awaiting Patch Tuesday release for study, test and deployment strategy outside WSUS process for Servers and desktop/laptop environment
• Vulnerability assessment using eEye Retina & ACAS & SCAP Scan tools
• Provide problem analysis and recommend software modification to correct/improve system
2011 : 2016
Northrop Grumman Corporation
Field Service Engineer 4
Company:
nDepth Security, LLC
Years of Experience:
23
Skills
Aerospace, Air Compressors, Contract Negotiation, Customer Service, Data Analysis, Earned Value Management, Energy, Engineering, Healthcare, Inspection, Integration, Leadership, Logistics, Management, Microsoft Office, Military, Negotiation, Operations Management, Petroleum, Process Improvement, Procurement, Product Development, Program Management, Project Engineering, Project Management, Project Planning, Public Speaking, Research, SharePoint, Six Sigma, Strategic Planning, Systems Engineering, Team Building, Team Leadership, Technical Writing, Troubleshooting, Vendor Management
Profile Photo
