Summary
Overview
Work History
Education
Skills
Certifications/Clearance
Timeline
Generic

HELENA CHESTNUT

San Antonio,TX

Summary

Seasoned ISSO with 6+ years of experience in system security safeguards with adherence to FISMA and NIST Special Publications. Proficient in risk assessment and management, vulnerabilities management, Risk Management Framework (RMF), Assessment and Authorization. Experienced IT Professional that would like to have a position within a growth-oriented, forward-thinking organization where I can help achieve its objectives by utilizing my experience, skills, and education to the fullest extent.

Overview

13
13
years of professional experience

Work History

Information Systems Security Officer (ISSO)

B.E.A.T. LLC / DHA
San Antonio, TX
12.2020 - Current
  • Provide support for a program, organization, system, or enclaves information assurance program
  • Provide support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies
  • Maintain operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed
  • Assist with the management of security aspects of the information system and perform day-to-day security operations of the system
  • Evaluate security solutions to ensure they meet security requirements for processing classified information
  • Perform vulnerability/risk assessment analysis to support certification and accreditation
  • Provide configuration management (CM) for information system security software, hardware, and firmware; manage changes to system and assess the security impact of those changes
  • Prepare and review documentation to include Systems Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs)
  • Support security authorization activities in compliance with NSA/CSS Information System Certification and Accreditation Process (NISCAP) and DoD Information Assurance Certification and Accreditation Process (DIACAP).
  • Perform duties as the alternate Information Systems Security Manager (ISSM).
  • Coordinate and conduct event collection, log management, event management, compliance automation, and identity monitoring activities.
  • Analyze data collected by the event monitoring system(s), identifying results that dictate immediate corrective action, trends that drive prompt action and areas that require continued monitoring and/or further analysis.
  • Maintain awareness of current security trends and threats, respond to reported incidents to conclusion, and provide awareness to system users.
  • Coordinate IT security matters such as incident response, intrusion detection management, and IT Security advisories.

RMF Analyst

BOOZ ALLEN HAMILTON
San Antonio, TX
09.2020 - 12.2020
  • Experience with the DoD Risk Management Framework for DoD IT
  • Risk management framework (RMF) using NIST 800-37 as a guide, assessments, and continuous monitoring: performed RMF assessment included initiating meetings with various system owners and information system security officers (Isso), providing guidance of evidence needed for security controls, and documenting findings of the assessment.
  • Security documentation: perform updates to system security plans (SSP) using NIST 800-18 as a guide to developing SSP, risk assessments, and incident response plans, create change control procedures, and the draft, review, update plans of action and milestones (POAMS).
  • POAM remediation: performed evaluation of policies, procedures, security scan results, and system settings in order to address controls that were deemed insufficient during certification and accreditation (CA), RMF, continuous monitoring, and Fiscal audits.
  • Expertise in national institute of standards and technology special publication (NIST SP) documentation: performed assessments, POAM remediation, and document creation.
  • Support a client with risk management framework analysis and accreditation of protection program networked systems, including E-911, intrusion detection systems (IDS), land-mobile radio (LMR), and Computer-Aided Dispatch (CAD) to meet Federal Information Security Management Act (FISMA) requirements.
  • Act as a member of a larger mission assurance team, including reviewing installation, headquarters, and technical requirements, identifying and gathering necessary artifacts, and coordinating system accreditation status with system owners.
  • Respond to changing command priorities and expectations for system accreditation.
  • Evaluate the security control assessment of the technical, management, and operational controls for the operating information systems. To guarantee the controls are implemented correctly and producing the desired outcome.
  • Ensure that all IT systems are operating, using, maintaining and disposing of in accordance with internal security policies and procedures.

ACAS Administrator

PGTEK/DISA
Montgomery, AL
08.2019 - 09.2020
  • Agent migrations which requires access to ACAS security centers
  • Operate and maintain DISA approved security scanners to plan, create, manage, and retire scheduled or ADHOC scans and scan groups for new and existing workloads across isolated environments, NIPRNet, and SIPRNet in IAW all active DoD and DISA policies and procedures
  • Maintain and ensure scans, accounts, and configurations are set IAW best practice guides and DISA privileged access policies and procedures
  • Communicate, resolve, revalidate, and prevent scan failures with all stakeholders IAW DISA policies and procedures
  • Test, evaluate, and validate endpoint scanning tools and configurations to DISAFIRST and other applicable endpoints
  • Maintain mission partner PoC information, Internet Protocol (IP) ranges, and DITPR lists

Network Engineer

B&D CONSULTING
Montgomery, AL
09.2018 - 08.2019
  • Administered and prepared programs for IP addresses, developed network resources and trained support personnel to provide Tier I support to end users.
  • Conducted security assessments and made recommendations for disaster recovery, remote access, network appliances, servers and directory services security.
  • Design, build, test, deliver, and maintain networks systems, including work with Cisco, Juniper and Palo Alto.
  • Experience with packet capture and analysis tools, WireShark, TCPDump
  • Experience with routing protocols (BGP, OSPF, VRF, MPLS, EIGRP)
  • Understanding of protocols including: Qos, Cos, RADIUS, TACACS+SNMP DNS, HTTPS, NETFLOW
  • Experience with Access-Control List, Firewall policies, Route Filters and other permission methods
  • Conduct/Coordinate Communication LOB Incident Break-Fix Response
  • Provide Communication LOB reporting to Computing Ecosystem C2
  • Manage ASI & Change process
  • Gather & Analyze Data for Service Improvement
  • Ensured continuity of operations by introducing the automation of monitoring system for 24/7 network systems
  • Analyzed and defined network requirements, configurations, optimization, and support for network servers, routers and switches

System Administrator

Vectrus
Baghdad, Iraq
09.2016 - 06.2018
  • Analyzed and defined network requirements, configurations, optimization, and support for network servers, routers and switches.
  • Configured, managed and evaluated multi-protocol network elements to ensure effective end-to-end communications
  • Daily administration of Exchange 200X servers, Outlook Web Access, and Microsoft SCCM.
  • Managed a Cyber Security and an Information Assurance program, protecting and defending information systems to ensure confidentiality, integrity, and availability.
  • Performed Information Assurance duties that include strategic planning, capital planning, workforce planning, policy/standards development certification requirements, investment analysis and open storage facilities management.

MCC SAP Operator

Hyundai Information Service North America
Montgomery, AL
03.2014 - 09.2016
  • Coordinates the needs of functional departments and establishes priorities for MES requirements gathering, system design and implementation.
  • Review of company documentation including SOPs, SPECs, Batch Sheets and/or Manufacturing Records to assess MES impact.
  • Hardware & Software troubleshooting and updates.

IT Field Technician

GDH Government Services
Montgomery, AL
12.2013 - 04.2014
  • Performed annual service visits and completed preventative maintenance on all systems.
  • Performed troubleshooting and diagnostics of malfunctioning equipment, machinery, tools and components.
  • Served as technical consultant on environmental policies to maintain regulatory compliance.
  • Inspected municipal and industrial facilities for adherence to environmental regulations.

Manager

AFNETOPS Enterprise Service Desk ESD
Montgomery, AL
10.2010 - 05.2013
  • Remotely diagnostics and troubleshooting client workstations.
  • Apply VPN Service Experience with Windows Server 2003, XP, OS X, and MS Office XP/03/07/08, Vista.
  • Provided continued maintenance and development of bug fixes and patch sets for existing web applications.
  • Ensured network, system and data availability and integrity through preventative maintenance and upgrades.
  • Evaluated suppliers by assessing quality, timeliness and compliance of deliveries to maintain tight cost controls and maximize business operational efficiency.

Education

Bachelor of Science - Business Administration

Alabama State University
Montgomery, AL
05.2016

Skills

  • Intrusion Detection
  • Threat Analysis
  • Incident Handling
  • Documentation Vulnerability Assessment
  • Vulnerability Scanning
  • Nessus Risk Management
  • POAM Management
  • Security Control Assessment
  • Active Directory
  • NIST
  • RMF
  • STIGS
  • EMASS

Certifications/Clearance

  • Active Clearance: Secret (T5/SSBI) - May 2020
  • CompTIA Advanced Security Practitioner (CASP)
  • CompTIA Server +
  • CCNA: Routing & Switching
  • ITIL v3
  • DISA ACAS
  • DISA HBSS Admin
  • EMASS Training

Timeline

Information Systems Security Officer (ISSO)

B.E.A.T. LLC / DHA
12.2020 - Current

RMF Analyst

BOOZ ALLEN HAMILTON
09.2020 - 12.2020

ACAS Administrator

PGTEK/DISA
08.2019 - 09.2020

Network Engineer

B&D CONSULTING
09.2018 - 08.2019

System Administrator

Vectrus
09.2016 - 06.2018

MCC SAP Operator

Hyundai Information Service North America
03.2014 - 09.2016

IT Field Technician

GDH Government Services
12.2013 - 04.2014

Manager

AFNETOPS Enterprise Service Desk ESD
10.2010 - 05.2013

Bachelor of Science - Business Administration

Alabama State University

Similar Profiles

CREATE PROFILE
HELENA CHESTNUT