Summary
Overview
Work History
Education
Skills
Certification
Security Clearance
Websites
References
Timeline
Generic

Christopher M. Brashar

Sandpoint,ID

Summary

Dynamic Cyber Security Engineer with proven expertise at Insight Global in vulnerability management and compliance auditing. Adept at leading teams and enhancing security policies, I successfully managed over 20 ATOs, ensuring robust risk management frameworks and effective stakeholder engagement. Committed to driving security excellence and continuous improvement in IT environments.

Overview

8
8
years of professional experience
1
1
Certification

Work History

Cyber Security Engineer

Insight Global
Aurora, CO
03.2024 - 09.2024
  • Reviewed and updated system accreditation packages utilizing Archer
  • Performed vulnerability and compliance scans using Tenable Nessus
  • Utilized STIG checklists to verify and document compliance
  • Submitted Deficiency Reports to track deviations from system baselines, and discrepancies
  • Verified implementation of mitigation measures
  • Performed system security checkouts prior to delivery to the customer
  • Utilized and updated automation tools to assist in compliance scanning

Dept. of Energy, Office of Intelligence and Counterintelligence Headquarters Information Systems Security Manager

Kforce
Lakewood, CO
06.2023 - 03.2024
  • ISSM for Headquarters and 9 remote sites
  • Served as an approving member of the Management Review Board.
  • Reviewed and approved System Change Requests.
  • Managed and maintained 20 ATO’s for DOE HQ using Xacta 360.
  • Managed a team of 5 Information System Security Officers.
  • Managed remediation of vulnerabilities for multiple Enterprise IT environments with over 7,000 IT assets
  • Oversaw vulnerability and patch management for the HQ mobile device program.
  • Oversaw the development and maintenance of security policy documentation.
  • Implemented security controls to protect sensitive data from unauthorized access or modification.
  • Oversaw and performed security auditing using Splunk
  • Communicated and coordinated RMF efforts with multiple Site ISSM’s located across the country.
  • Verified site compliance with agency security protocols and and standards.
  • Developed and maintained security policies, procedures, and standards to ensure the confidentiality, integrity, and availability of information systems.

Information System Security Engineer III

Sierra Nevada Corporation
Englewood, CO
07.2021 - 06.2023
  • Played a key role in a proposal that led to contract award for a Navy/Marine Corp system
  • Managed both eMASS and Xacta 360 packages for multiple DoD programs
  • Interfaced with Government Accreditation Authorities to maintain system certification and accreditation
  • Created and modified RMF packages in support of new and current ATO’s
  • Drafted and revised IT security policies, standards, and procedures
  • Conducted Incident Response Training (Tabletop exercises) with key personnel
  • Conducted annual self-assessments of security controls at all locations for multiple programs
  • Maintained the system hardware and software inventory and made appropriate changes as necessary in accordance with program policy.
  • Monitored systems for indications of threats, security breaches or intrusions.
  • Advised government stakeholders and program management on program risk management and provided recommendations.
  • Conducted and submitted Security Impact Analysis to the Authoring Official for review and approval.
  • Installed and configured tenable Nessus scanners on IT networks on both physical assets and virtual assets
  • Implemented DISA STIGs and monitored compliance using SCAP
  • Oversaw and executed program continuous monitoring program
  • Developed and implemented security policies, standards, and procedures to protect company systems from unauthorized access.
  • Provided technical support related to security product installation and use.
  • Reviewed logs generated by various applications and systems for suspicious activity or malicious attacks.
  • Ensured proper patch management for all supported applications by applying patches in a timely manner.
  • Performed periodic vulnerability assessments of the system infrastructure to identify areas of improvement.

Information System Security Manager

Aevex Aerospace
Centennial, CO
11.2020 - 07.2021
  • Assisted with the procurement of new 3-year ATO’s and ATC’s for the Gorgon Stare program
  • Submitted Security Impact Analysis documents for changes to system baseline
  • Updated information assurance documentation for the 2021 Period of Performance to include: Hardware/Software List, System Security Plan, Ports, Protocols and Services, Incident Response Plan, Security Control Test Plan, and Continuous Monitoring Plan
  • Performed self-assessment of security controls at CONUS and OCONUS site locations
  • Created and supervised a tabletop Incident Response Exercise
  • Reviewed system scans and worked with the System Administrator to get vulnerabilities mitigated in quarterly IA patching

GCS Information Technology and Mission Assurance Technician

Aevex Aerospace
San Diego, CA
01.2020 - 03.2020
  • Performed installation, configuration, and checkout of software updates for the Block II, MOD I, TCDL Ground Control Stations and UGCS Software
  • Assisted with system setup, startup and preflight
  • Assisted in conducting tests of TCDL and Universal Ground Control systems
  • Performed periodic IA audits as directed by the Information Systems Security Manager (ISSM)
  • Assist troubleshooting of software and hardware problems
  • Performed system administration functions, including but not limited to download/archival of log information, and administration of user accounts
  • Supported repair and replacement of ground equipment

Field Technician

Charter/Spectrum Communications
Post Falls, ID
08.2019 - 01.2020
  • Performed professional installations of cable TV, phone and internet services in residence and business environments
  • Responded to trouble calls to troubleshoot and restore services in home residences
  • Trained to inspect and operate a 27-foot extension ladder and various other safety equipment
  • Operated test equipment to include signal level meters, ohm meters, and handheld computer devices
  • Familiar with various computer systems, smartphones, modems, routers, and wireless devices
  • Educated in the structure and operation of the local area cable network
  • Coordinated system level repairs with maintenance team to ensure quick recovery of customer services

Field Service Technician

Sierra Nevada Corporation
San Diego, CA
07.2017 - 12.2017
  • Performed all duties as Ground Station Operator in addition to onboard aircraft equipment maintenance
  • Performed pre-flight system checks on onboard aircraft computers
  • Troubleshot and resolved system errors during inflight operations
  • Removed and replaced faulted components
  • Maintained data storage raids, to include importing and exporting data
  • Interfaced directly with system engineers and military personnel to ensure maximum system uptime

Ground Station Operator

Merlin Global Services
San Diego, CA
06.2016 - 07.2017
  • Oversaw the installation of system updates and verified proper operation after completion
  • Ensured routine system backups were completed, stored properly, and tested
  • Managed proper storage and access to classified material, to include system account management and physical access
  • Briefed customers RTO/RPO during unplanned system outages
  • Provided onsite support at overseas locations
  • Monitored performance of on-board sensors and collection equipment
  • Identified and corrected system issues that prevented performance of system functions
  • Performed routine security scans for 3 Ground Stations and their associated servers and systems
  • Applied quarterly software upgrades to Ground Station systems

Education

Bachelor of Science Degree - Information Systems and Cybersecurity

ITT Technical Institute
San Diego, CA
06.2016

Skills

  • Vulnerability management
  • Risk management framework
  • Security auditing
  • Policy writing
  • Team leadership
  • Effective communication
  • Vulnerability assessment
  • Endpoint protection
  • Stakeholder engagement
  • Project management
  • Threat analysis
  • Application security
  • Security orchestration, automation, and response
  • Security awareness training
  • Compliance management
  • Policy development
  • Incident response
  • Compliance auditing
  • Policy and control implementation
  • Security event log reviews
  • Identity and Access management
  • Time Management

Certification

Certified Information Systems Security Professional (CISSP), 10/01/22

Security Clearance

Active TS/SCI and Q Security Clearance

References

References available upon request.

Timeline

Cyber Security Engineer

Insight Global
03.2024 - 09.2024

Dept. of Energy, Office of Intelligence and Counterintelligence Headquarters Information Systems Security Manager

Kforce
06.2023 - 03.2024

Information System Security Engineer III

Sierra Nevada Corporation
07.2021 - 06.2023

Information System Security Manager

Aevex Aerospace
11.2020 - 07.2021

GCS Information Technology and Mission Assurance Technician

Aevex Aerospace
01.2020 - 03.2020

Field Technician

Charter/Spectrum Communications
08.2019 - 01.2020

Field Service Technician

Sierra Nevada Corporation
07.2017 - 12.2017

Ground Station Operator

Merlin Global Services
06.2016 - 07.2017

Bachelor of Science Degree - Information Systems and Cybersecurity

ITT Technical Institute

Similar Profiles

CREATE PROFILE
Christopher M. Brashar