Cornelius A Johnson
Beltsville,MD
Summary
Goal-oriented IT professional with significant success in planning, analyzing and implementing of security plans and initiatives. Excel in developing comprehensive, secure network designs and systems.
Overview
14
14
years of professional experience
1
1
Certification
Work History
Information System Security Manager Support
Sentar, Inc
Huntsville, AL
10.2023 - Current
- Coordinate with various stakeholders, e.g., Security Engineers, Network Administrators, System Administrators, Chief Information Officers (CIOs), Information Assurance Managers (IAMs) / Information Systems Security Managers (ISSMs), certification authorities (and representatives), accreditation authorities (and representatives), program managers, vendors, etc., necessary to properly identify, document, mitigate, and manage risk attributed to the target system, network, and/or application.
- Identify, develop (directly or in coordination with applicable experts), and incorporate common artifacts found in RMF authorization packages, e.g., system architecture and boundaries, hardware and software inventories, policies and procedures, risk assessment reports, POA&Ms, data flows, PPSM accounting, and other necessary system, network, and application documentation.
- Apply knowledge and experience in identifying, assessing, and documenting compliance against applicable DoD
- Information Assurance (IA) security controls (technical, management, operational), Service (e.g., Army) regulations, etc., within the RMF package.
- Apply knowledge of, and ability to use, applicable compliance and authorization reporting environments (e.g., eMASS, CMRS) to document the progress of RMF risk assessments.
- Conduct root cause analysis for inconsistencies or shortfalls in system cybersecurity posture.
- Utilize vulnerability scanning and assessment tool results (e.g., ACAS/Nessus/STIG Viewer/SCAP) necessary to identify and document compliance while providing cybersecurity recommendations based on organizational requirements.
- Analyze Host-Based Security System (HBSS) and/or Endpoint Security Solution (ESS) output and configurations.
- Coordinate with system POCs, review authorization boundary diagrams, architecture/data flow diagrams, hardware/software inventories, IP address/subnet assignments, Med-COI Zone taxonomy, and other artifacts.
- Utilize compliance and authorization reporting environments (e.g., eMASS, CMRS, COAMS, Tanium, and Phoenix) and coordinate with system POCs to explain compliance requirements, assist in reaching compliance, and provide training.
- Develop meeting agendas/briefings and lead/attend and speak in meetings with stakeholders to discuss status of efforts.
- Apply NIST, DoD, and DHA security requirements to include NIST SP 800-53 controls, DISA Security Technical Implementation Guides (STIGs), and Security Requirements Guides (SRGs).
Information System Security Officer
Sekon Enterprise, Inc.
Reston, VA
07.2022 - 08.2023
- Supporting the U.S. Department of Defense (DoD), Defense Health Agency (DHA), Program Executive Office (PEO), Defense Healthcare Management Systems (DHMS), Defense Medical Information Exchange (DMIX)
- Review existing PEO Cybersecurity policies and recommend changes, additions, and/or improvements to the PEO Cybersecurity Lead
- Assist with Risk Management Framework Assessment and Authorization actions for assigned systems
- Notify ISSM when changes occur that might affect the authorization determination of the Information System(s)
- Enter system information into the Enterprise Mission Assurance Support Service (eMASS)
- Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM prior to change
- Provide peer review and comment on documents prepared by the PEO Cyber Team for the client
- Coordinate with the Testing Infrastructure (TI) Team to discuss policies or Security Controls
- Execute the cyber security portion of the self-inspection, to include security coordination and review of system assessment plans
- Support Cybersecurity functions such as Configuration Management, Incident Response, Contingency Planning, Disaster Recovery
- Utilize scanning tools (ACAS, Fortify), evaluate results, and determine remediation steps
- Prepare reports on the status of security safeguards applies to computer systems
- Write POA&Ms, including detailed justification for program-required, non-compliant items, and manage POAM&Ms using eMASS and JAZZ LMT
Information Security Analyst
Intellidyne, LLC
Falls Church, VA
03.2019 - 07.2022
- Supporting the U.S. Department of Defense (DoD), Defense Health Agency (DHA), Program Executive Office (PEO), Defense Healthcare Management Systems (DHMS), Defense Medical Information Exchange (DMIX).
- Work closely with team members to deliver project requirements, develop solutions and meet deadlines.
- Work with System/Network Administrators and other associates to ensure secure implementation of applications and networks.
- Perform scans, evaluate results, and determine remediation steps.
- Identify areas of applications for regression testing following software updates, system changes or functionality changes to avoid unnecessary downtime and recoding.
- Assist with the development of processes and procedures to improve incident response times, analysis of incidents and overall security operation functions.
- Analyze system risk to identify and implement appropriate security countermeasures.
- Implement plans to secure computer files against breach, destruction or accidental modification.
- Update virus protection systems based on computer virus reports.
- Analyze security procedure violations and developed plans to prevent recurrence.
- Implement company policies, technical procedures and standards for preserving integrity and security.
- Execute scripts to communicate with back-end servers and provide real-time updates.
Information Technology Specialist
Trinity Wiring and Security Solutions
Manassas, VA
09.2010 - 03.2019
- Provided technical support for users and ensured proper maintenance of workstations, printers and peripherals.
- Tested performance, functionality and security of network systems, individual workstations and peripheral devices.
- Responded to user service requests and expediently resolved trouble tickets to maximize system uptime.
- Deployed new work stations and printers, installed operating systems, applications and drivers, and configured network properties and hardware.
- Supported disaster recovery plans, performed regular backups and created images of workstations prior to upgrades.
- Supported desktop and laptop users with issues related to Microsoft, Adobe, Symantec and other deployed software.
- Researched, documented and escalated support cases to higher levels of support when unable to resolve issues using available resources.
- Disassembled computer systems to troubleshoot and resolve hardware issues.
- Investigated technical issues using knowledge base and personal experience to complete timely resolutions.
Education
Bachelor of Science - Computer Information Systems
Strayer University
Associate of Science - Computer Networking Technology
Computer Learning Center
Skills
- Anti-Virus tools (Norton, McAfee, Bitdefender)
- Windows (8,10)
- Network and System
- Security Authentication and Access Control
- Active Directory and GPO Administration
- BMC Remedy ITSM
- Service Now
- STIGs
- eMASS
- Vulnerability Assessment Scanning Tools (Nessus, Wireshark, ACAS)
- MS Office Suite
- SIEM
- CSAM
- SCCM
- RMF Framework
- SCAP
- POA&M
Certification
- CompTIA Advanced Security Practitioner (CASP+)
- EC-Council Certified Ethical Hacker (CEH)
- CompTIA Cyber Security Analyst (CySA+)
- CompTIA Security+
- CompTIA Network+
- Certified Information System Security Professional (CISSP), In Progress
- Certified Information Security Manager (CISM), In Progress
Security Clearance
- Secret
Timeline
Information System Security Manager Support
Sentar, Inc
10.2023 - Current
Information System Security Officer
Sekon Enterprise, Inc.
07.2022 - 08.2023
Information Security Analyst
Intellidyne, LLC
03.2019 - 07.2022
Information Technology Specialist
Trinity Wiring and Security Solutions
09.2010 - 03.2019
Bachelor of Science - Computer Information Systems
Strayer University
Associate of Science - Computer Networking Technology
Computer Learning Center
Similar Profiles
Jason SleddJason Sledd
Sr. Manager - Pricing and Proposal Management at Sentar, IncSr. Manager - Pricing and Proposal Management at Sentar, Inc
Trenton PattersonTrenton Patterson
ISSO at SentarISSO at Sentar
Kimberly HarrisKimberly Harris
Security Clerk at SentarSecurity Clerk at Sentar
Claudia Nataly HernandezClaudia Nataly Hernandez
Receptionist at Emaids CleaningReceptionist at Emaids Cleaning
Kehinde AkinyaKehinde Akinya
IT Support at The Arc of PGIT Support at The Arc of PG