Summary
Overview
Work History
Education
Skills
Certification
Technology Summary
Timeline
Generic

Aaron Taylor Sr.

Washington DC Metro Area,MD

Summary

Passionate, results-driven Information Security professional with over 7+ years of consistent performance and experience driving visibility, understanding, and compliance with application security policies. Possess a strong understanding of IT security protocols and an unwavering commitment to maintaining the confidentiality, integrity, and availability of critical data. Specialized in areas such as System Security Test and Evaluation guided by NIST SP 800-53 & NIST SP 800-53A, FedRAMP, Assessment & Authorization (A&A), POA&M, developing, reviewing and evaluating System Security Plan based on NIST SP 800-18, System Monitoring and running Risk Assessment Reports. Strong verbal and written communication skills and the ability to multitask. Independently work as a self-starter and as a contributing team member.

Security Clearance: Public Trust

Overview

10
10
years of professional experience
1
1
Certification

Work History

Information Systems Security Officer

VersaTech, Inc.
09.2023 - Current
  • Developed and maintain comprehensive security policies and procedures to protect the integrity and confidentiality of information systems for the Department of Transportation - National Highway Traffic Safety Administration (DOT-NHTSA).
  • Conducted vulnerability scans and to evaluate the security posture of DOT-NHTSA information systems and applications.
  • Ensured compliance with NIST, FISMA, and other relevant cybersecurity frameworks and standards.
  • Reduced exposure to cyber threats by proactively monitoring the threat landscape for new risks or changes in tactics from adversaries.
  • Implemented, monitored, and evaluated security controls to safeguard DOT-NHTSA information systems, ensuring alignment with federal standards and organizational policies.
  • Evaluated emerging technologies and made recommendations for strategic investments in information security tools and resources.
  • Developed and maintained the Information System Contingency Plan (ISCP) and Incident Response (IR) procedures to ensure rapid recovery and effective response to security incidents within DOT-NHTSA.
  • Ensured business continuity by developing disaster recovery plans and conducting regular testing exercises.
  • Established effective communication channels between cross-functional departments to facilitate prompt exchange of relevant cybersecurity information.
  • Provided guidance and training to DOT-NHTSA staff on security best practices and protocols, enhancing overall organizational security awareness.

Information Systems Security Officer

FNE Technology
07.2018 - 09.2023
  • Review System Categorization form for every system in its respective IT Portfolio
  • Perform quality assurance review for RMF Steps 1-2, with appropriate references, for all requirements.
  • Prioritize systems in the review queue based on mission criticality and impact date for review and processing.
  • Communicate to all RMF stakeholders in an agreed upon format initially defined by the PSO
  • Consider the authorization expiration date/mission impact when prioritizing.
  • Prepare packages for review and processing with the SCA and AO
  • Perform all coordinating functions with the SCA Liaisons and the AO CSAs for Security Authorization Package review, processing requirements and issues.
  • Ensure all systems/networks in their portfolio are operating with the required Authorization.
  • Establish PSO business rules in coordination with key stakeholders for A&A processing within the domain that governs specific actions/internal processes unique to the command.
  • Coordinate with the PM/ISO to provide status of post-authorization stipulations within required timelines as stated in authorization document and as requested by the AO
  • Ensure the PMs report on open POA&M items.
  • Schedule ad hoc checkpoints at the request of the PSO or programs to support RMF submissions and ensuring minutes are compiled and uploaded to Xacta to document actions/historical data.
  • When optional checkpoints are held, ensure minutes are compiled and uploaded to SharePoint.
  • Utilize the Collaboration Board in the GRC workflow for all formal coordination during the RMF process.

Cloud Support Engineer

Cloud Wide Technology, Inc
04.2014 - 05.2018
  • Responsible for server/host health within production environments for a multiple of varying services.
  • Utilized code and modern cloud-native deployment techniques to design, plan and integrate cloud computing and virtualization systems.
  • Onboarded an entire service production host to manage fleets to reduce time management and patching efficiency.
  • Created runbooks and technical documents for team processes.
  • Diagnosed and executed resolution for network and server issues.
  • Served as the liaison to implement the mechanic infrastructure to reduce the SSH access to production hosts.
  • Migrated legacy tool commands to custom mechanic namespaces for AWS CloudTrail service team.
  • Partnered with infrastructure teams on evaluation and feasibility assessments of new systems and technologies.
  • Executed and troubleshoot failed deployments for multiple service pipelines within worldwide regions.
  • Worked with teams of talented software engineers to define, build and maintain cloud infrastructure.


Education

Bachelor of Science - Information Technology

Brown Mackie College
Cincinnati, OH
06.2004

Skills

  • Stakeholder Communications
  • Ability to work well with team members and interact professionally with diverse groups and cultures
  • NIST RMF
  • FISMA Compliance
  • Cloud Services
  • ISCP/IR
  • Disaster Recovery Plan -DRP
  • FedRAMP Compliance
  • Security Control Assessment
  • Vulnerability Management
  • Continuous Monitoring

Certification


  • CISM - Certified Information System Security Manager
  • CompTIA Security+
  • Azure AZ-104 Microsoft Azure Administrator
  • AWS Certified Security - Specialty (In-progress)


Technology Summary


Cloud Services: Microsoft Azure & AWS 

Task Management Tools: CSAM, eMASS, RSA Archer, Xacta

Scans & Audit Tools: Tenable Nessus Scanner, Splunk, Wireshark, AWS Cloud Trail, Azure Monitor

Applications & Tools: JIRA, Rally, Okta, Confluence, Service Now, PeopleSoft, SharePoint; Microsoft word, excel & PowerPoint.









Timeline

Information Systems Security Officer

VersaTech, Inc.
09.2023 - Current

Information Systems Security Officer

FNE Technology
07.2018 - 09.2023

Cloud Support Engineer

Cloud Wide Technology, Inc
04.2014 - 05.2018

Bachelor of Science - Information Technology

Brown Mackie College


  • CISM - Certified Information System Security Manager
  • CompTIA Security+
  • Azure AZ-104 Microsoft Azure Administrator
  • AWS Certified Security - Specialty (In-progress)


Similar Profiles

  • CHANSCHERANI

    CHANSCHERANI CHANSCHERANI null

    Assistant Operations (Procurement/Project) Manager at TIVO TECHNOLOGIES PL /VERSATECH SYSTEMS PLAssistant Operations (Procurement/Project) Manager at TIVO TECHNOLOGIES PL /VERSATECH SYSTEMS PL

    View Profile
  • Antonio Watson

    Antonio WatsonAntonio Watson

    Journeyman Electrician at Versatech Electrical ServicesJourneyman Electrician at Versatech Electrical Services

    View Profile
  • David Donner

    David DonnerDavid Donner

    HVAC Technician at Versatech Mechanical LtdHVAC Technician at Versatech Mechanical Ltd

    View Profile
Aaron Taylor Sr.