LARONDA S. LEE
Greensboro,NC
Summary
Experienced Information Technology Manager well-versed in infrastructure, security planning and daily operations management. Forward-thinking and strategic leader with 21 years of experience in Government and Commercial sectors. Recognized for cost-effective system improvements, operational streamlining and positive leadership style. Successful at optimizing security standards, improving planning processes and managing systems implementation. Knowledgeable about disaster recovery planning, roadmapping and team development.
Overview
13
13
years of professional experience
1
1
Certification
Work History
CYBER SECURITY MANAGER
CACI, Inc
02.2019 - Current
- Remotely lead team of security professionals, including Information System Security Engineers (ISSEs) and Information System Security Officers (ISSOs), to successfully manage, track, and oversee all aspects of securing hosted environments and applications.
- Spearheading Authority to Operate (ATO) and/or Authority to Connect (ATC) efforts while making independent recommendations to Government Leads during these processes.
- Create cybersecurity best practice communications to educate staff against known threats and potential vectors of attack.
- Direct in-house cyber security auditing program to detect flaws and weaknesses in applications and AWS GOVCLOUD environment.
- Maintain company-wide compliance with industry standards such as NIST 800-53 rev 4, FISMA, FEDRAMP, HIPPA, Privacy ACT, and NIST CSF.
- Provide regular reporting on cyber security program to Senior Leadership Team, Internal Risk Management, audit committees, and Navy customer.
Risk Management Framework Analyst
Falconwood, Inc
09.2018 - 02.2019
- Served as a Fully Qualified Navy Validator Level III.
- Demonstrated oral and written communication skills to work closely with all levels of personnel involved in IT operations and technical aspects of systems.
- Maintained and updated all Risk Management Framework (RMF) and A&A documentation to ensure the relevancy and currency to include required revisions and updates in eMass.
- Performed audits and validation configurations of network devices based on DISA STIGs, or defining and implementing compensating controls of such STIGs as required to ensure mission execution.
- Conducted risk analysis from vulnerability and compliance scans, pen testing results, and other audit activities.
- Provided security expertise to ensure security controls are implemented and the resulting documentation and artifacts are current.
- Documented assessment activities and results in sufficient detail to enable an external review of all assessment processes, activities, results, and conclusions.
SENIOR CYBER SECURITY ANALYST
SAIC, Inc
08.2016 - 09.2018
- Served as the Information Systems Security Officer (ISSO) for a Navy customer.
- Generated and maintain required IS security documentation including Systems Security Plans (SSP), Information Assurance Standard Operating Procedures (IA SOP), Continuous Monitoring Plans, Security Control Traceability Matrices, Risk Assessments, Plan of Action & Milestones (POA&M), equipment specifications, practices and procedures.
- Maintained Enterprise Mission Assurance Support Service (eMASS) access to effectively manage all security authorizations for systems under their purview.
- Assessed changes to an IS by performing periodic self-inspections, tests and reviews of the IS program to ensure that systems are operating as authorized/accredited and that conditions have not changed.
- Ensured corrective actions were taken for identified findings and vulnerabilities.
CYBER SECURITY ANALYST
TrustedQA, Inc
03.2016 - 08.2016
- Served as an RMF consultant responsible for working with contractors and government customer to prepare systems and applications from DOD Information Assurance Certification and Accreditation Process (DIACAP) to Risk Management Framework.
- Developed and briefed basis of effort (BOE), strategic direction and objectives, white papers, and timelines to leadership in support of the transition.
- Assisted with the sustainability of the current ATO under the DIACAP methodology.
- Provided RMF training and consulting to other Analysts and Engineers supporting the project.
IT Security Specialist III
Enterprise Information Services Inc.
02.2015 - 03.2016
- Served as the Alternate ISSO for the US Coast Guard, Operations Systems Center.
- Performed vulnerability assessments for FINCEN managed assets utilizing an array of vulnerability scanning and reporting tools including; Acunetix v9, AppDetective, Retina, Nessus (ACAS), and HP WebInspect.
- Assist the audit liaison for the IT section of the KPMG financial audits. Responsible for collecting Provided by Client (PBC) requests and validation of provided artifacts to ensure full time compliance. Developed a streamlined process to request, receive, validate, and deliver artifacts from requested parties resulting in 100% on-time deliveries for the FY15 audit cycle.
- Utilize the Xacta IA Manager tool for managing and tracking security authorization progress for FISMA and SAP efforts at FINCEN.
CERTIFICATION AND ACCREDITATION ANALYST
Falconwood, INC
10.2012 - 02.2015
- Served as Certification and Accreditation (C&A) support analyst for Navy Echelon II US Fleet Cyber Command (FCC) client.
- Responsible for working with FCC proper program management and subordinate commands to prepare C&A documentation submissions for all FCC operational networks and the OCONUS Navy Enterprise Network (ONENET) with NIPRNET and/or SIPRNET connections to the DOD Global Information Grid (GIG) IAW DODI 8510.01 DIACAP
- Developed Standard Operating Procedures (SOPs), checklists, workflow process charts, forms,POC lists, and other documentation needed to support FCC C&A-related functions.
- Performed verification and validation on systems and networks submitting for authorization to connect from the Navy Authorizing Authority and DISA.
- Successful completion of 100% ontime authorizations for ONE-NET circuits.
COMPUTER SECURITY SPECIALIST II
Dynamic Research Corporation
04.2010 - 10.2012
- Served as the Certification and Accreditation Analyst for NATO Headquarters, Supreme Allied Command Transformation (HQ SACT).
- Assisted the Chief Information Assurance Officer (CIAO) in executing and planning efforts for HQ SACT internal and external Computer Information System (CIS) security inspections and Audits.
- Responsible for the certification and accreditation of six NATO subordinate commands throughout the US, Canada, and Europe.
- Collected documentation for reviewing, validating, and presenting to the board for agreement on the authority to operate (ATO).
- Participated and supported the HQ SACT Risk Management by serving as a member of the NATO Security Risk Assessment Group (NSRAG) and the NATO Security Accreditation Board (NSAB).
- Attended quarterly meetings to discuss NATO security policy and procedures, developing new risk assessment tools, accreditations of deployment exercises, and changes within the security postures as they connected to the NATO Secret Wide Area Network (NSWAN).
Education
Master of Science - Cyber Security Operations and Leadership
University of San Diego
San Diego05.2022
Bachelor of Science - Information Systems and Technology
Old Dominion University
Norfolk, VA2012
Associate of Science - Science
Tidewater Community College
Norfolk, VA2010
Associate of Applied Science - Computer Engineering Technology
ECPI College of Technology
Virginia Beach, VA2002
Skills
- Strategy Implementation
- Risk Analysis
- Risk Mitigation Plans
- Change Management Process
- Disaster Recovery Planning
- Continuous Improvement
- Vulnerability Management
- Project Documentation
- Security Processes
- Mitigation Documentation
- Security Standards
- Information Assurance
- Certification and Accreditation
- Computer Network Defense
Accomplishments
- 2023 BEYA STEM Black Engineer of the Year Modern Day Technology Leader Award Recipient
- DOD Top Secret Clearance
- Public Trust Clearance
Certification
GIAC Security Leadership Certification (GSLC), SANS Institute, 2012 Network +, CompTIA, 2009Security +, CompTIA, 2009AWS Cloud Practitioner TrainingAWS Cloud -Advanced Security TrainingCACI Lead People COHORT 2021Trusted Advisor COHORT 2021Diversity, Inclusion, and Belonging 2021Unconscious Bias, 2021Path to Inclusion, 2022
Timeline
CYBER SECURITY MANAGER
CACI, Inc
02.2019 - Current
Risk Management Framework Analyst
Falconwood, Inc
09.2018 - 02.2019
SENIOR CYBER SECURITY ANALYST
SAIC, Inc
08.2016 - 09.2018
CYBER SECURITY ANALYST
TrustedQA, Inc
03.2016 - 08.2016
IT Security Specialist III
Enterprise Information Services Inc.
02.2015 - 03.2016
CERTIFICATION AND ACCREDITATION ANALYST
Falconwood, INC
10.2012 - 02.2015
COMPUTER SECURITY SPECIALIST II
Dynamic Research Corporation
04.2010 - 10.2012
Master of Science - Cyber Security Operations and Leadership
University of San Diego
Bachelor of Science - Information Systems and Technology
Old Dominion University
Associate of Science - Science
Tidewater Community College
Associate of Applied Science - Computer Engineering Technology
ECPI College of Technology
Similar Profiles
Lauren MarescoLauren Maresco
Project Manager at CACI, INCProject Manager at CACI, INC
Dell J. PlunkettDell J. Plunkett
Senior Field Technician at CACI, IncSenior Field Technician at CACI, Inc
Caitlin CarrollCaitlin Carroll
Project Supervisor at CACI, IncProject Supervisor at CACI, Inc
Dominique CaldwellDominique Caldwell
Sr. Social Worker at Forsyth County Department of Social ServicesSr. Social Worker at Forsyth County Department of Social Services
Justin S. McClungJustin S. McClung
Sales Associate at VerizonSales Associate at Verizon