Self-motivated Insider Risk Coordinator brings proven leadership, organizational, and customer relations skills. Independently solves problems and keeps teams on task to handle diverse business requirements: history of retaining clients and talented staff.
· Led and managed personnel and daily operations for approximately 1.5 years in the absence of leadership; Played an integral role in transitioning the insider threat program and its focus from the Office of Counterintelligence to the new Insider Risk Management Office (IRMO).
· Develop partnerships across the Department to generate operational and program management opportunities to enhance the insider threat program mission and capabilities;
· Established and lead a weekly working group comprised of members from the OCI, Office of Inspector General (OIG), and the Personnel Security Office (PSO) to discuss new and ongoing information that may indicate an insider risk.
· Facilitate or lead a monthly insider risk meeting comprised of leadership from the OCI, OIG, PSO, Office of General Counsel, and Human Capital Office to discuss elevated insider risk concerns.
· Maintain partnerships with seven bureau insider risk offices to collaborate and support program maturity through information sharing, training opportunities, and to establish coordination expectations.
· Provide senior-level guidance and recommendations on insider threat-related issues that affect planning, guidance and directives, methods for enhancing efficiency, and evaluating major Treasury and interagency projects.
· Assist the director in promoting team building, eliminating process inefficiencies, and supporting the professional development of staff through informal training and mentorship.
· Assist the director in representing the Department in various internal and interagency working groups responsible for developing strategies and operations related to the specific areas of responsibility of IRMO.
· Improve team productivity with regular communication and progress updates, fostering a collaborative work environment between IRMO analysts and engineers and with our partners and stakeholders.
· Process intake activities, requests for assessments, and send referrals to and from internal and external offices and agencies. Maintain status updates and collaborate on additional information with partners and stakeholders through disposition.
· Enhance operational workflows by employing a continuous process improvement process within IRMO and with our partners and stakeholders.
· Gather, document, and organize resources to support operations and for learning opportunities to be used by my office, and by our stakeholders and bureaus.
· Guide, assist, and advise analysts on select projects to support successful completion and instill implementation processes, such as developing internal workflows and developing the IRMO risk indicators framework with our partners.
· Enhance customer satisfaction by responding promptly to inquiries and addressing concerns professionally. Consistently balancing IRMO capabilities and services with customer needs.
· Collaborate with leadership and bureau offices to develop strategic plans aligning with overall program objectives, fostering a unified approach toward shared goals.
· Coordinate cross-functional teams, resulting in more effective and efficient project execution and enhanced outcomes.
· Lead or assist in hiring efforts by coordinating and conducting interviews and managing onboarding activities for select new hires.
· Enhanced team communication by implementing weekly case meetings to share operational knowledge, lessons learned, and opportunities for critical thinking and program improvement.
· Oversee some Information Technology efforts to maintain or deploy mission-essential hardware and or software that involves multiple stakeholders.
· Promote and maintain an open-door policy for feedback and concerns with all our customers to ensure continuous improvement.
· Resolve issues through active listening and open-ended questioning within our team and for our stakeholders and customers, escalating significant problems to leadership.
· Coordinate with senior analysts on select tasking for analysts based on their subject matter expertise and workloads.
· Advise, coach, teach, train, and help develop staff to improve their performance and professional growth opportunities.
· Led and managed a four-person engineering team that maintained all aspects of the Coast Guard (CG) Insider Threat Program's (ITP) information technology (IT) infrastructure; delivered technical capabilities and services to detect and mitigate insider threats to CG and U.S. national security.
· Collaborated with team members to identify new technologies, technical gaps, training, and other mission-critical areas to ensure continuous improvement and advancement of offerings and performance.
· Conducted market research and managed the acquisition of CG ITP hardware and software, saving the CG approximately $200K.
· Coordinated with the Defense Intelligence Agency (DIA), National Geospatial Agency (NGA), and other government insider threat programs on various technical efforts, such as improving user activity monitoring (UAM) capabilities, sharing information across different agencies, and establishing a periodic, multi-agency professional exchange meeting.
· Responded to internal and external requests and mandates for products and metrics related to CG ITP activities, to include annual activity reports and Cyber Security Service Provider audits.
· Coordinated with DIA, CG Chief Information Office (CGCIO), and vendors to prepare and transition IT assessment and accreditation authorities from DIA to CGCIO; resulted in process efficiency and aligned ITP IT processes with CG requirements.
· Synchronized, deconflicted, and supported efforts with CG Telecommunications and Information Systems Command (TISCOM) engineering and operations divisions to improve program support; ongoing efforts have resulted in quicker response times, proactive notifications, and advancing UAM capabilities across all environments.
· Notified TISCOM and CG Cyber Command (CGCYBER) of CG ITP software deployments, to include tests and updates; established a new deployment notification process with these partners, significantly improving the process by increasing efficiency and timeliness.
· Promoted CG ITP initiatives and partnerships as they pertain to IC efforts to permeate a federated communication environment and incorporate key data sets into insider threat programs by participating in Intelligence Community (IC) Desktop Environment (DTE) and Enterprise Audit (EA) meetings.
· Served as alternate analyst lead by reviewing analyst products and stakeholder requests, assigning cases, assisting with analyst activities, and conducting other functions as necessary.
· Provided in-depth briefings to CG ITP stakeholders and external partners looking to capture lessons learned and best practices for their programs.
· Fulfilled Special Security Officer (SSO) and Command Security Officer duties for CG Counterintelligence Service (CGCIS) and oversaw two assistant SSOs; regularly communicated with the CG Security Center and CG security personnel.
· Assisted previous headquarters insider threat coordinator in the development of insider threat awareness training and briefing slides for the CG ITP.
· Led and manages an eight-person analyst team, consisting of military, civilian, and contract personnel, that analyzed user activity monitoring (UAM) data and provided insider threat analytic services for the CG ITP; identified and responded to indicators of potential insider threats to CG and U.S. national security.
· Managed approval and processing of insider threat referrals, primary and secondary analyst functions, the elevation of events indicative of a potential insider threat, refinement of technical policies, and reporting of technical systems issues.
· Coordinated with insider threat stakeholders to identify “lanes in the road” and opportunities for partnership and information sharing, to include capturing requirements on both sides in support of the insider threat mission.
· Developed processes and procedures for analytic products, documenting courses of action, and establishing a workflow that incorporated the ITP coordinators.
· Instituted weekly team meetings to discuss operations, support, training, and other relevant topics; meetings ensured consistent processes across the analyst team, as well as the sharing of analytic perspectives and techniques.
· Collaborated with CGCYBER and CG-2 Security Office to embed members from both offices within the insider threat division to conduct insider threat analyst duties relevant to their stakeholder interests.
· Leveraged UAM tools and techniques, and instituted direct analyst-to-stakeholder communications to improve insider threat-related activities and support.
· Coordinated with internal and external customers on providing analytic services, the sharing of information, the protection of information, and other relevant insider threat activities.
· Spearheaded an analyst exchange program that allowed ITP analysts an opportunity to connect with and share their experiences, processes, and techniques with other U.S. government agencies, such as DIA and NGA.
· Assisted with the development and implementation of insider threat analyst training; this included briefings from the CGCIS legal representative, CG Investigative Services Threat Management Unit, online training courses, and other resources.
· Conducted insider threat analysis utilizing various technologies and capabilities, including context-building, data gathering, and analysis of findings; documented and reported results.
· Coordinated with Executive branch insider threat partners to ensure CG ITP analysis priorities and plans aligned with best practices and lessons learned.
· Served as alternate technical lead, coordinating and developing enterprise audit analyst tools and identifying appropriate categories of information to capture as a community resource.
· Participated in the CGCIS agent program and conducted briefings and debriefings for CG personnel.
· Assigned as the CGCIS CSO and acted as a conduit for other security officials to report insider threat-related activities; responded to collateral data spills and coordinated with SSOs on other CGCIS related physical security and data concerns.