Profiles search
Nicholas Walsh
Information Security Analyst - Specialist at Watershed Security
Levittown, PA, United States
Details
Experience:
•Review system security A&A package submissions for consistency, completeness and traceability ensuring compliance with current Navy A&A/C&A guidance
•Follow a detailed program SOP for Post Validation Review execution of RMF Packages
•Maintain SOP checklists for each package to ensure compliance
•Provide package compliance reports which list specific rework actions to Government customers and the submitting Program.
2018 : Present
Watershed Security
Information Security Analyst - Specialist
2018 :
Data Intelligence, LLC
Senior Cyber Engineer
• Multiple duties involving Information Assurance (COMSEC, EMSEC, COMPUSEC)
• Conducts IA risk and vulnerability assessments
• User accounts management and troubleshooting network issues
• Properly escalate unresolved queries to the next level of support
• Provides CIA by verifying IA controls are implemented in accordance with DoD and Air Force IA standards
2015 :
United States Air Force
Cyber Surety
As an Information System Security Engineer, I am responsible for implementing and enforces Information Assurance controls on the Littoral Combat Ship Freedom Class Land Based Test Environment Authorization to Operate (ATO). I work alongside the Information Assurance Officer (IAO) to support remediation efforts for the Authorization and Accreditation (A&A) packages in accordance with Risk Management Framework (RMF). It is his duty to ensure patches, hotfixes, system change packages, and antivirus definitions are up-to-date. To maintain an up-to-date security posture I am using tools such as the DISA Security Technical Implementation Guidelines (STIGs), SCAP compliancy checker, Tenable’s Nessus scanner and Security Center, and Manage Engine’s Desktop Central. To determine compliance of the network, user accounts, application access, and file systems, I preform periodic and on-demand system audits and vulnerability assessments. Along with these responsibilities I pride myself on maintaining a current knowledge of current and future technology as it applies to Information Assurance and Cyber Security.
2016 : 2017
EHS Technologies
Information System Security Engineer
• Accrediting 13 systems through the Risk Management Framework (RMF) process
• Document C&A information in the Comprehensive RMF package ensuring internal consistency of the information and that there are no omissions
• Work all artifacts in the Navy Implementation of eMASS
• Review CT&E test plans and procedures to ensure the test plan addresses the correct level of effort and is sufficiently comprehensive to validate all IA requirements applicable to the IT system or site being certified and accredited.
• Develop Plan of Actions and Milestones (POA&Ms)/ Risk Assessment Reports (RARs) creation/updates, automated scan reviews, DISA Security Technical Implementation Guides (STIGs), Retina and Assured Compliance Assessment Solution (ACAS) scans.
• Responsible to do all work in regards to hardening and remediation of the system. This includes STIGs, patching, scanning, validation of inventory and creation of network diagrams.
• Evaluate all discrepancies to recommend mitigation measures for reducing or eliminating specific risk items
• Optimize C&A test and validation procedure results to ensure the most accurate reporting in the appropriate format and that all IA requirements have been addressed.
2016 : 2016
Watershed Security
Cyber Security Analyst
•Follow a detailed program SOP for Post Validation Review execution of RMF Packages
•Maintain SOP checklists for each package to ensure compliance
•Provide package compliance reports which list specific rework actions to Government customers and the submitting Program.
2018 : Present
Watershed Security
Information Security Analyst - Specialist
2018 :
Data Intelligence, LLC
Senior Cyber Engineer
• Multiple duties involving Information Assurance (COMSEC, EMSEC, COMPUSEC)
• Conducts IA risk and vulnerability assessments
• User accounts management and troubleshooting network issues
• Properly escalate unresolved queries to the next level of support
• Provides CIA by verifying IA controls are implemented in accordance with DoD and Air Force IA standards
2015 :
United States Air Force
Cyber Surety
As an Information System Security Engineer, I am responsible for implementing and enforces Information Assurance controls on the Littoral Combat Ship Freedom Class Land Based Test Environment Authorization to Operate (ATO). I work alongside the Information Assurance Officer (IAO) to support remediation efforts for the Authorization and Accreditation (A&A) packages in accordance with Risk Management Framework (RMF). It is his duty to ensure patches, hotfixes, system change packages, and antivirus definitions are up-to-date. To maintain an up-to-date security posture I am using tools such as the DISA Security Technical Implementation Guidelines (STIGs), SCAP compliancy checker, Tenable’s Nessus scanner and Security Center, and Manage Engine’s Desktop Central. To determine compliance of the network, user accounts, application access, and file systems, I preform periodic and on-demand system audits and vulnerability assessments. Along with these responsibilities I pride myself on maintaining a current knowledge of current and future technology as it applies to Information Assurance and Cyber Security.
2016 : 2017
EHS Technologies
Information System Security Engineer
• Accrediting 13 systems through the Risk Management Framework (RMF) process
• Document C&A information in the Comprehensive RMF package ensuring internal consistency of the information and that there are no omissions
• Work all artifacts in the Navy Implementation of eMASS
• Review CT&E test plans and procedures to ensure the test plan addresses the correct level of effort and is sufficiently comprehensive to validate all IA requirements applicable to the IT system or site being certified and accredited.
• Develop Plan of Actions and Milestones (POA&Ms)/ Risk Assessment Reports (RARs) creation/updates, automated scan reviews, DISA Security Technical Implementation Guides (STIGs), Retina and Assured Compliance Assessment Solution (ACAS) scans.
• Responsible to do all work in regards to hardening and remediation of the system. This includes STIGs, patching, scanning, validation of inventory and creation of network diagrams.
• Evaluate all discrepancies to recommend mitigation measures for reducing or eliminating specific risk items
• Optimize C&A test and validation procedure results to ensure the most accurate reporting in the appropriate format and that all IA requirements have been addressed.
2016 : 2016
Watershed Security
Cyber Security Analyst
Company:
Watershed Security
About
Nicholas W. Walsh
Profile Photo
