Summary
Overview
Work History
Education
Skills
Additional Information
Clearance
Timeline
Generic

JANICE BAILEY

Summary

Experienced Cybersecurity Professional with over 25 years of expertise in Information Security, Information Assurance, and Technical Support, with a strong focus on the Assessment and Authorization (A&A) process. Extensive experience as an Information System Security Engineer (ISSE), guiding systems through compliance and ensuring adherence to rigorous security standards. Passionate about advancing in roles centered on Cyber Security, Vulnerability Scanning and Analysis, Intrusion Detection and Response, and DevSecOps. Committed to safeguarding critical systems and data through strategic, analytical, and innovative security practices.

Overview

26
26
years of professional experience

Work History

INFORMATION SYSTEM SECURITY ENGINEER

VMWare/Broadcom
02.2021 - Current
  • Conduct security evaluations of Pivotal Cloud Foundry in preparation for ATO submission, ensuring compliance with NIST 800-53 Rev 4 controls
  • Develop security documentation and artifacts to support system compliance and successful A&A processes
  • Evaluate and address NIST 800-53 controls in the XACTA system, ensuring robust security measures are in place
  • Implement robust security measures in cloud infrastructure, significantly reducing vulnerability risks, using tools and scripts developed in Golang and Python
  • Integrate technology into AWS, enhancing cloud-based network operations and ensuring secure system performance
  • Led Git migration and upgraded Concourse pipelines, optimizing CI/CD processes for improved security and faster feature delivery, with automation enhancements in Golang
  • Utilize Docker for isolated testing environments, streamlining development, deployment processes, and enhancing security during software development through custom Python scripts
  • Tested and implemented cyber deception tools, enhancing threat detection and response capabilities
  • Reviewed system requirements, ensuring alignment with security standards and operational needs
  • Developed comprehensive security documentation, meeting stringent regulatory requirements
  • Streamlined Splunk administration, integrating security tools into agency systems for more efficient threat monitoring and rapid incident response
  • Spearheaded integration of cutting-edge security technologies into Amazon Web Services, establishing a resilient cloud-based network infrastructure

SENIOR SYSTEMS ENGINEER

Full Suite Solutions
07.2019 - 02.2021
  • Conduct security evaluations of Pivotal Cloud Foundry in preparation for ATO submission, ensuring compliance with NIST 800-53 Rev 4 controls
  • Develop security documentation and artifacts to support system compliance and successful A&A processes
  • Evaluate and address NIST 800-53 controls in the XACTA system, ensuring robust security measures are in place
  • Implement robust security measures in cloud infrastructure, significantly reducing vulnerability risks, using tools and scripts developed in Golang and Python
  • Integrate technology into AWS, enhancing cloud-based network operations and ensuring secure system performance
  • Led Git migration and upgraded Concourse pipelines, optimizing CI/CD processes for improved security and faster feature delivery, with automation enhancements in Golang
  • Utilize Docker for isolated testing environments, streamlining development, deployment processes, and enhancing security during software development through custom Python scripts
  • Tested and implemented cyber deception tools, enhancing threat detection and response capabilities
  • Reviewed system requirements, ensuring alignment with security standards and operational needs
  • Developed comprehensive security documentation, meeting stringent regulatory requirements
  • Streamlined Splunk administration, integrating security tools into agency systems for more efficient threat monitoring and rapid incident response
  • Spearheaded integration of cutting-edge security technologies into Amazon Web Services, establishing a resilient cloud-based network infrastructure

ISSM

Full Suite Solutions
10.2017 - 07.2019
  • Managed security for intelligence systems, ensuring compliance with NIST 800-53 controls
  • Conducted AWS system reviews, identifying vulnerabilities and recommending mitigation strategies
  • Assisted ISSOs in maintaining policy compliance, offering expert advice on security practices
  • Facilitated ATO/ATD projects, leading to improved system security and compliance
  • Collaborated with ISSOs and ISSEs to implement robust security protocols, enhancing cybersecurity practices
  • Spearheaded NIST 800-53 compliance initiatives for intelligence systems, ensuring robust security measures and regulatory adherence
  • Supported Splunk administration, creating accounts and reports, developed 20+ dashboards for NSOC
  • Investigated and analyzed security events for 5,000+ systems, provided remediation suggestions
  • Authored SOPs increasing NSOC productivity, performed incident response using multiple tools
  • Installed server for IOC ingestion, enhanced ticketing system, alerted teams on new threats
  • Investigated malicious emails, analyzed for malware, implemented preventive measures
  • Authored SOPs for NSOC, significantly boosting productivity
  • Coordinated Technical Exchange Meetings with ISSM, fostering a proactive security environment
  • Investigated malicious emails and analyzed for malware, implementing preventive measures
  • Performed incident response using diverse security tools and technologies
  • Conducted vulnerability assessments using Nessus, Appdetective, and NMAP, identifying critical security gaps
  • Facilitated technical exchange meetings with ISSM, ensuring alignment and clarity in security protocols
  • Delivered remediation instructions, aiding in the mitigation of security findings, and enhancing system integrity
  • Created detailed security assessment reports and POA&M items, providing actionable insights for continuous improvement
  • Pioneered new reconnaissance and assessment methodologies, significantly improving the efficiency and accuracy of security evaluations
  • Conducted incident response using Bit 9, FireEye, McAfee ePO, and Nitro, improving threat detection
  • Executed vulnerability scanning with Nessus, identifying critical security gaps
  • Performed web application pentesting, securing web interfaces against breaches
  • Developed SOPs for agency use, standardizing cybersecurity protocols
  • Tested desktop software security using static malware analysis, preventing potential threats
  • Executed comprehensive vulnerability scanning with Nessus, identifying critical security gaps and driving improvements in risk management
  • Monitored and responded to security incidents, minimizing downtime and improving response times
  • Collaborated with CIRT team to investigate and mitigate cyber threats, enhancing security posture
  • Analyzed security logs to identify vulnerabilities, preventing breaches and strengthening defenses
  • Provided incident reports and recommendations, contributing to improved security protocols
  • Implemented advanced threat detection techniques, identifying and mitigating emerging cyber risks
  • Pioneered advanced threat detection techniques, proactively identifying and mitigating emerging cyber risks before escalation to major incidents
  • Conducted vulnerability assessments on servers using Nessus, identifying critical security gaps
  • Authored detailed Security Assessment Reports with actionable recommendations for system improvements
  • Led site visits to assess classified systems, ensuring strict adherence to security protocols
  • Analyzed security vulnerabilities, delivering targeted remediation instructions to reduce system risks
  • Collaborated with cross-functional teams to implement security standards and foster compliance

CYBER SECURITY ENGINEER

Inscope International
04.2016 - 10.2017

RECONNAISSANCE AND ASSESSMENTS TEAM ANALYST

Agile Business Concepts, LLC
09.2015 - 04.2016

CYBER SECURITY ANALYST

GSA / Valiant Solutions
08.2014 - 09.2015

NIGHT SHIFT CYBER SECURITY ANALYST

Langley / Mantech
08.2014 - 04.2015

SECURITY CONTROL ASSESSOR

DHS / Booz Allen and Hamilton
05.2014 - 08.2014

MOBILE SECURITY TESTER

Maryland / Booz Allen and Hamilton
12.2013 - 05.2014

CYBER SECURITY ANALYST

International Monetary Fund/Experis
09.2012 - 12.2013

SOC ANALYST

US Courts/ About Web
10.2011 - 09.2012

VULNERABILITY SCANNING ENGINEER

US Patent and Trade Office/ Missing Link Security (Temp Contract)
08.2011 - 10.2011

CYBER SECURITY ANALYST

NASA and NOAA/ Avaya Government Solutions (Temp Contract)
05.2011 - 08.2011

INFOSEC ENGINEER

GSA/ Computer Technology Associates
02.2010 - 05.2011

DESKTOP OPERATIONS ENGINEER

GSA/ Catapult Technology
01.2007 - 02.2010

TIER 2 CLIENT AND NETWORK SERVICES

GSA/ Computer Science Corporation
02.2003 - 01.2007

HELP DESK ANALYST

Nuclear Regulatory Commission/ Future Technologies, Inc.
09.2001 - 02.2003

INFORMATION MANAGEMENT SPECIALIST

US Senate/ Affiliated Computer Services
12.1998 - 09.2001

Education

AWS CLOUD PRACTITIONER -

Amazon
01.2023

SPLUNK POWER USER CERTIFICATION - undefined

Splunk
01.2016

WEB APPLICATION PENETRATION TESTER - undefined

Infosec Institute/IACRB
01.2015

SECURITY - undefined

CompTIA
01.2010

GIAC PENETRATION TESTER - GPEN - undefined

SANS-GIAC
01.2010

BS - COMPUTER INFORMATION SYSTEMS

Strayer University
01.2008

MICROSOFT CERTIFIED PROFESSIONAL - undefined

Microsoft
01.2005

A - undefined

CompTIA
01.2004

DCSE ASSOCIATE - undefined

Dell
01.2003

CERTIFIED HELP DESK ANALYST - undefined

Help Desk Institute
01.2002

CERTIFIED NOVELL ADMINISTRATOR - undefined

Novell
01.1998

Skills

  • RMF – NIST 800-53
  • CI/CD
  • Docker
  • GitHub
  • Jira
  • Agile
  • Cloud
  • AWS
  • Vulnerability Scanning
  • Intrusion Detection
  • Incident Response
  • Network Monitoring
  • Linux
  • Windows
  • MacOS
  • Git
  • Concourse
  • Splunk
  • Nessus
  • Wireshark
  • FireEye

Additional Information

TS/SCI with Full Scope Polygraph

Clearance

TS/SCI Full Scope Polygraph

Timeline

INFORMATION SYSTEM SECURITY ENGINEER

VMWare/Broadcom
02.2021 - Current

SENIOR SYSTEMS ENGINEER

Full Suite Solutions
07.2019 - 02.2021

ISSM

Full Suite Solutions
10.2017 - 07.2019

CYBER SECURITY ENGINEER

Inscope International
04.2016 - 10.2017

RECONNAISSANCE AND ASSESSMENTS TEAM ANALYST

Agile Business Concepts, LLC
09.2015 - 04.2016

CYBER SECURITY ANALYST

GSA / Valiant Solutions
08.2014 - 09.2015

NIGHT SHIFT CYBER SECURITY ANALYST

Langley / Mantech
08.2014 - 04.2015

SECURITY CONTROL ASSESSOR

DHS / Booz Allen and Hamilton
05.2014 - 08.2014

MOBILE SECURITY TESTER

Maryland / Booz Allen and Hamilton
12.2013 - 05.2014

CYBER SECURITY ANALYST

International Monetary Fund/Experis
09.2012 - 12.2013

SOC ANALYST

US Courts/ About Web
10.2011 - 09.2012

VULNERABILITY SCANNING ENGINEER

US Patent and Trade Office/ Missing Link Security (Temp Contract)
08.2011 - 10.2011

CYBER SECURITY ANALYST

NASA and NOAA/ Avaya Government Solutions (Temp Contract)
05.2011 - 08.2011

INFOSEC ENGINEER

GSA/ Computer Technology Associates
02.2010 - 05.2011

DESKTOP OPERATIONS ENGINEER

GSA/ Catapult Technology
01.2007 - 02.2010

TIER 2 CLIENT AND NETWORK SERVICES

GSA/ Computer Science Corporation
02.2003 - 01.2007

HELP DESK ANALYST

Nuclear Regulatory Commission/ Future Technologies, Inc.
09.2001 - 02.2003

INFORMATION MANAGEMENT SPECIALIST

US Senate/ Affiliated Computer Services
12.1998 - 09.2001

SPLUNK POWER USER CERTIFICATION - undefined

Splunk

WEB APPLICATION PENETRATION TESTER - undefined

Infosec Institute/IACRB

SECURITY - undefined

CompTIA

GIAC PENETRATION TESTER - GPEN - undefined

SANS-GIAC

BS - COMPUTER INFORMATION SYSTEMS

Strayer University

MICROSOFT CERTIFIED PROFESSIONAL - undefined

Microsoft

A - undefined

CompTIA

DCSE ASSOCIATE - undefined

Dell

CERTIFIED HELP DESK ANALYST - undefined

Help Desk Institute

CERTIFIED NOVELL ADMINISTRATOR - undefined

Novell

AWS CLOUD PRACTITIONER -

Amazon

Similar Profiles

  • Pankuri Mahajan

    Pankuri MahajanPankuri Mahajan

    Solution Architect (Client Service Consultant) at VMware by Broadcom (Broadcom)Solution Architect (Client Service Consultant) at VMware by Broadcom (Broadcom)

  • Komal Kriti

    Komal KritiKomal Kriti

    Technical Support Engineer -2 at VMware Software India Pvt. Ltd. (VMware By Broadcom)Technical Support Engineer -2 at VMware Software India Pvt. Ltd. (VMware By Broadcom)

  • Vitaliy Kazaryan

    Vitaliy KazaryanVitaliy Kazaryan

    Senior Manager, Technical Program Management at VMware/BroadcomSenior Manager, Technical Program Management at VMware/Broadcom

  • Joseph Quinn

    Joseph QuinnJoseph Quinn

    Information System Security Engineer at 1 Sync TechnologiesInformation System Security Engineer at 1 Sync Technologies

  • Samuel Aldrich

    Samuel AldrichSamuel Aldrich

    Senior Information System Security Engineer at VertekalSenior Information System Security Engineer at Vertekal

CREATE PROFILE
JANICE BAILEY