Joseph Fugelsang
Charleston,SC
Summary
Experienced Cybersecurity Engineer with demonstrated success in Department of Defense, Government, Technology, and Financial Services sectors. Holds active Top Secret level DoD security clearance, quickly adapts to system changes, and supports mission through data-driven analysis, research-based solutions, and complex problem solving. Strong security background pairs well with a solid work ethic, effective communication, and honed customer service attitude, to formulate creative ideas and implement successful strategies.
Overview
5
5
years of professional experience
1
1
Certification
Work History
A&A RMF Engineer (ISSE)
Resource Management Concepts, Inc.
11.2023 - Current
- Analyzed and assessed information systems to evaluate security posture
- Defined design specifications and developed systems specifications for implementing security controls and Security Technical Implementation Guides (STIGs)
- Performed systems analysis and systems architecture activities to ensure compliance with Department of Defense (DoD) and Department of the Navy (DoN) guidelines
- Integrated systems and software/hardware while ensuring adherence to security requirements and test & evaluation criteria
- Implemented and maintained all STIGs and security controls to achieve and maintain DoN accreditation
- Documented Assessment & Authorization (A&A) requirements and processes in accordance with NIST 800-37 and DoN Risk Management Framework Process Guide v2.0
- Identified and implemented controls for information systems and networks to mitigate risks and vulnerabilities
- Evaluated IT security architectures for development, certification, and accreditation, ensuring alignment with DoD and DoN guidelines
- Successfully achieved and maintained DoN accreditation and ATO for DoN information systems
- Identified and implemented controls to enhance cybersecurity posture, resulting in improved system resilience and reduced vulnerabilities.
Cybersecurity Engineer III
Scientific Research Corporation
11.2022 - 11.2023
- Provided essential engineering and administrative support for a large-scale Navy Network, with a primary focus on Cyber Security sustainment activities, including scanning, patching, and engineering solutions
- Played a pivotal role in network security by offering support, installation, and system administration for Naval networks
- Administered Assured Compliance Assessment Solution (ACAS), Nessus and Security Center, effectively fortifying shore-based networks against cyber threats
- Configured and validated secure system and physical controls, testing security products and systems to detect and mitigate potential vulnerabilities
- Contributed to efforts to validate security controls, verifying Security Technical Implementation Guide (STIG) configurations and meticulously scheduling and executing frequent ACAS scans to ensure continuous network security
- Executed monthly patching requirements, IAVA (Information Assurance Vulnerability Alert) remediation, and EXORDS (Executive Orders), driving comprehensive system security
- Participated actively in the accreditation process and contributed valuable insights to Risk Management Framework (RMF) processes, enhancing overall cybersecurity posture
- Created comprehensive system-level documentation, fostering clear communication and knowledge sharing within the team
- Developed and implemented streamlined vulnerability management procedures, optimizing response times and enhancing overall security posture.
Cybersecurity Test Engineer
Centurum Information Technology
05.2022 - 11.2022
- Responsible for Security Test and Evaluation (ST&E’s) and Independent Verification and Validation (IV&V) audits of Tactical Mobile systems for their compliance against DoD Policy and the Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIG)
- Reviewed and updated Plan of Actions and Milestones (POA&Ms) via the use of enterprise Mission Assurance Support Services (eMASS) to satisfy the processes, procedures, and maintenance of continued security compliance of systems under review
- Conducted technical audits using DISA approved tools such as Security Content Automation Protocol (SCAP), Assured Compliance Assessment Solution (ACAS) and Nessus Vulnerability Scanner
Cyber Information Assurance Engineer
In-Depth Engineering Corporation (Lockheed Martin)
01.2020 - 05.2022
- Developed and delivered hardened Red Hat Enterprise Linux systems to Department of Defense customer, ensuring confidentiality, integrity, and availability of systems, networks, and data
- Administrated secure Red Hat Enterprise Linux systems and assisted in the development and build out of security hardened Red Hat Enterprise Linux 8 systems
- Conducted vulnerability scanning in high-security environments and, as-needed, performed system patching and security hardening in high-security environments
- Completed ACAS vulnerability scans and patched systems accordingly; conducted vulnerability assessments in accordance with SCAP Security Compliance Checker (SCC)
- Assisted in development of program-required security documentation, including items such as security plans, contingency plans, and security test plans and procedures in compliance with IA policy
- Performed security assessments to evaluate compliance with established information assurance policies and regulations according to DoD, NSA, DISA, NIST (800-53) and other IA-related military/Federal requirements
- Partnered and collaborated with the Software, Systems, Integration & Test Engineering (I&T) teams
- Conducted security hardening in accordance with DISA STIGs.
Information Security Intern
Community Bank System
09.2019 - 12.2019
- Assisted with vulnerability scanning and patch management
- Assisted with Active Directory and User Management
- Managed company phishing mailbox
- Conducted phishing and malware investigations.
Education
Master of Science - Cybersecurity
Utica College
Utica, NY08.2019
Skills
- Risk Management Framework
- Assessment and Authorization
- Secure System Development/Hardening
- Windows/Linux Patch Management
- Vulnerability Scanning and Remediation
- Cyber Incident Management
- Agile Development Process (JIRA)
- Performance/Process Improvement
- Red Hat/Windows System Administration
Certification
CompTIA Advanced Security Practitioner (CASP+)
CompTIA Security+
Federal Virtual Training Environment (FedVTE) Windows Security and Linux Administration Course Completion Certificates
DISA Endpoint Security Solutions (ESS) Adminstrator 201
DDISA Endpoint Security Solutions (ESS) Advanced Administrator 301
DISA Endpoint Security Solutions (ESS) Analyst 501
Assured Compliance Assessment Solution (ACAS) Admin v5.22
Timeline
A&A RMF Engineer (ISSE)
Resource Management Concepts, Inc.
11.2023 - Current
Cybersecurity Engineer III
Scientific Research Corporation
11.2022 - 11.2023
Cybersecurity Test Engineer
Centurum Information Technology
05.2022 - 11.2022
Cyber Information Assurance Engineer
In-Depth Engineering Corporation (Lockheed Martin)
01.2020 - 05.2022
Information Security Intern
Community Bank System
09.2019 - 12.2019
Master of Science - Cybersecurity
Utica College
CompTIA Advanced Security Practitioner (CASP+)
CompTIA Security+
Federal Virtual Training Environment (FedVTE) Windows Security and Linux Administration Course Completion Certificates
DISA Endpoint Security Solutions (ESS) Adminstrator 201
DDISA Endpoint Security Solutions (ESS) Advanced Administrator 301
DISA Endpoint Security Solutions (ESS) Analyst 501
Assured Compliance Assessment Solution (ACAS) Admin v5.22
Similar Profiles
Anthony WhitneyAnthony Whitney
Cyber Analyst at Resource Management Concepts Inc.Cyber Analyst at Resource Management Concepts Inc.
Michael WuMichael Wu
Account Manager/Client Representative at Clear Concepts ManagementAccount Manager/Client Representative at Clear Concepts Management
Taylor KertonTaylor Kerton
Business Development Manager at Landscape Concepts ManagementBusiness Development Manager at Landscape Concepts Management