Yyyyyy x. yyyyyy

0000 xxxxxx xxxx , xxxx , xxxxx 00000 (xxx-xxx-xxxx abc@xyz.com

Cyber Security ~ Risk Management ~ Vulnerability Assessments

Configuration Management ~ Security Engineering ~ Personnel Training

         Extremely well-versed in security architecture concepts, security communications, embedded mission systems and architectures, patch management, vulnerability management, flaw remediation, asset tracking, authentication, system auditing, central log management, monitoring, and reporting.

         Skilled in Interim Authority To Test (IATT), Authority To Operate (ATO), and JSIG/RMS processes.

         Extensive talents in systems architecture and requirements for trusted security products.

         Offer substantial knowledge of risk management framework tools and procedures.

         Adept at systems engineering, system security design, requirements analysis, and report writing.

         Proven ability to accomplish program-critical projects with high visibility to SAPCO and F-35 PEO.

Lockheed Martin Aeronautics, Fort Worth, TX, 2014 Present

Computer System Security Analyst Sr. 2017 to Present

         Evaluate security practices and degree of JSIG-RMF compliance ahead of 2016 Self Inspection reporting period to address compliance gaps, prioritize efforts for maximum scorecard improvement, and build sustainable program for annual inspection consistency.

         Manage policies, procedures and standards to ensure ATO documentation is kept current and relevant.

         Assisted F-35 Tech Ops Team with implementation of JSIG-RMF security standards to enhance security position, reduce management burden, elevate compliance, and protect critical assets.

         Contribute to compliance strategy, contingency plan and disaster recovery plan, and reinforce risk management by enabling near real-time continuous monitoring tools across the architecture.

         Refine F-35 IA database to close data gaps and consolidate numerous single-user data silos.

         Provided IA technical security pre-briefings for 15 events in PMTS and processed 25+ Partner Nation user accounts for PMTS events.

Computer System Security Analyst Sr. 2016 to 2017

         Extensively supported JAFAN-to-JSIG transition by authoring four JSIG/RMF ATO packages for GrayAVC, PumpkinMSIL, YellowMSIL, and Partner Network.

         Coordinated seamless implementation of NESSUS on Lab networks and conducted vulnerability scans to identify and remediate information systems to align with JSIG/RMF patch management criteria

         Joined forces with system administrators to support Continuous Monitoring flaw remediation/patch management effort by identifying and updating information systems with hot fixes, patches, definitions, service packs, and implementation of vulnerability mitigation strategies.

         Implemented LANGuard and Security Center Essentials on Lab networks to establish software baseline.

         Issued tracking numbers and processed destruction certificates for 2,000 media as part of JSIG/RMF media control plan.

         Overhauled SAP software database, SAP user account database, and SAP media database to increase data consistency, eliminate data redundancy, and boost application performance.

         Supported Lab, CATB and AV security requirements for Block 3i software testing and delivery in support of US Air Force IOC which was declared as major program milestone.

Continued ►

Page 2 of 2

Computer System Security Analyst Sr. 2015 2016

         Adeptly provided detailed customer support to F-35 subcontractors in submittal of security documentation to government approvers.

         Achieved 100% audit success during facility/program/product/fire prevention/loss prevention inspections.

         Supported NIFC-CA ADP IRAD through weekly audits of 27 standalone/network systems and 21 manual log reviews as well as system integration and certifications.

         Issued 1,500+ media tracking numbers, processed destruction certificates as part of F-35 media control plan, and assembled five ATO packages for approval.

         Participated in three security investigations and provided IA technical security support to F-35 investigator.

         Supported lab, CATB and AV security requirements for Block 2B testing and delivery in support of USMC IOC which was declared as a major program milestone.

Computer System Security Analyst Sr. 2014 2015

         Headed Information Assurance across five lab infrastructures and 21 standalone information systems.

         Performed weekly auditing, hardware/software configurations, certification/decertification of systems, and processing of hardware and software requests for government accreditation.

         Delivered influential technical security support to SIMSIS+ lab upgrade and USG sell-off to streamline testing and verification of country-specific builds for LRIP-6 and beyond.

         Provided critical IA technical security input for three MTS-1 security briefings for partner visits to the labs.

         Conducted security pre-briefings for US, UK, Italy, Norway, Australia, and Israel partner visits to PMTS.

         Managed IA operations for several months as Interim Lead IAO at LM-MST in Beaufort, SC.

GbHawk, LLC, MCAS, Beaufort, SC, 2011 2014

Information Systems Administrator

         Helmed IT policy development, network/system administration, certifications/accreditations, asset/inventory management, user account administration, and disaster recovery procedures for roll-out of Marine Aviation Training Systems Site (MATSS) Mission Planning Center (MPC) and Electronic Classrooms (EC).

         Conducted vulnerability assessments to safeguard against unauthorized disclosures, modifications, destruction of information, and service denials.

         Launched mitigation systems and facility security strategies including software patches and access controls to defend assets and achieve regulatory compliance.

Xerox (ACS), Inc., Hilton Head, SC, 2007 2011

Network Administrator

         Handpicked as project leader to establish PCI-DSS compliance framework encompassing remediation, patch management, vulnerability assessments, IT security, anti-virus, and data protection.

         Managed LAN, routers, servers, switches, storage area networks, fiber optics, cabling, access controls, facility security systems, IA policies, backup & recovery procedures, and employee training manuals.

Time Warner Cable, Inc., Hilton Head, SC, 2005 2007

Field Service Technician II

         Methodically performed CATV/ISP network installation, decommissioning, and troubleshooting.

Prior background includes roles as Police Officer, Macon, GA, Police Department, Deputy Sheriff, Dodge County, GA, Sheriff s Department, Aviation Mechanic, USAF, and Infantry Squad Leader, USMC, honorably discharged

BS, Business/IT Management, Western Governors University, 2013

AAS, IT/Networking Specialist, Central Georgia Technical College, 2006

CompTIA Security+

Completed extensive and ongoing professional training covering areas such as data encryption, phishing, ethics awareness, insider trading, counterintelligence for investigators, operational security, SAP, and JSIG/RMF.

Yyyyyy x. yyyyyy

0000 xxxxxx xxxx , xxxx , xxxxx 00000 (xxx-xxx-xxxx abc@xyz.com

DATE

HIRING AGENT NAME

TITLE

COMPANY NAME

ADDRESS

CITY/STATE/ZIP CODE

Dear __________________:

Please accept this letter and accompanying resume in application for the Compliance Lead opportunity that is currently available with Lockheed Martin Aeronautics. In advance, thank you for your time and consideration.

As a dedicated employee since 2014, I have demonstrated excellent performance as a senior-level Computer System Security Analyst and orchestrated highly visible information assurance projects and initiatives. I m currently playing a major role in administering standards to enhance security posture, resolve compliance gaps, safeguard critical assets, fortify risk management effectiveness, and build a sustainable program to satisfy annual inspections.

My polished managerial, analytical, and strategic planning skills indicate my inherent ability to drive positive transformations and lead high-performing teams. To complement these qualifications, I offer strong abilities in generating cost savings and a constant commitment to enforcing quality control and regulatory compliance in all initiatives.

If considered for this opportunity you will find that I am well-positioned to deliver immediate and long-term results, with a steadfast commitment to supporting you in not only attaining, but exceeding your goals. I am eager to discuss how my qualifications uniquely match your current and future needs, and look forward to interviewing with you in the near future.

Sincerely,

Yyyyyy x. yyyyyy