Summary
Overview
Work History
Education
Skills
Certification
Security Clearance
Timeline
Generic

ERNEST WILLIAMS

La Mesa,CA

Summary

Information Security Professional with 13 years of DoD IT experience in Navy environments, spanning system administration, engineering, and cybersecurity. Experienced in planning and executing audits, assessing security controls, and ensuring compliance with federal regulations. Seeking to apply my expertise at Sempra while transitioning my DoD IT experience into a new capacity.

Overview

14
14
years of professional experience
1
1
Certification

Work History

Information Assurance Engineer III (Contractor)

Joint Tactics and Technologies
09.2022 - Current
  • Managed the implementation of Risk Management Framework (RMF) processes, including Authorization to Operate (ATO), Interim Authority to Test (IATT), Conditional Authorization Requests (CAR), High Risk Reviews (HRR), and annual security reviews for systems assigned.
  • Oversaw the development of accreditation deliverables, included Security Plans (SP), Security Assessment Plans (SAP), and Plans of Action & Milestones (POA&Ms), ensuring the timely approval of accreditations
  • Collaborated with stakeholders to complete comprehensive vulnerability assessments and provided actionable insights and remediation strategies that enhanced system security and mitigate risks
  • Develop audit scopes, risk assessments, and control matrices for cybersecurity audits.

Senior Cybersecurity Risk Specialist (Contractor)

Booz Allen Hamilton
02.2022 - 09.2022
  • Coordinated daily operations and effectiveness of classified security programs, delivered cybersecurity governance consulting and technical expertise in alignment with organizational objectives
  • Evaluated cybersecurity technical approaches to support design and development of new systems, ensuring security was incorporated through systems development lifecycle
  • Created comprehensive reference guides on information security processes, policies, and risk metrics to empower staff and streamline adherence to security protocols
  • Continuously monitored and evaluated business needs against security risks, recommending strategic enhancements to bolster system security and resilience

Cybersecurity Engineer (Contractor)

La Jolla Logic
11.2019 - 02.2022
  • Served as A&A lead for multiple systems under NAVWAR and NAVIFOR, providing day-to-day support for RMF Assess and Authorize (A&A) processes
  • Orchestrated accreditation efforts for 3 systems and site including IATT and ATO, ensuring compliance with integrated master schedule (IMS) deadlines
  • Developed and refined key security artifacts: System Categorization Forms, Hardware Software list, Data flow diagrams, Security Plans, SAP, SAR, and POA&M
  • Collaborated with system owners to align A&A packages with DoD guidance, delivering tailored consulting support
  • Conducted vulnerability assessments, documenting findings and remediation steps to enhance overall system security posture

Information Systems Security Engineer (Contractor)

Naval Medical Center San Diego (B.E.A.T LLC)
08.2018 - 04.2019
  • Ensured A&A and IA compliance for Health IT devices and Platform IT systems, aligning with DoD and DHA policies
  • Led the development and submission of 10+ RMF packages, ensuring adherence to regulatory requirements
  • Conducted comprehensive Vulnerability Assessments using Assured Compliance Assessment Solution (ACAS) and Secure Compliance Automation Protocol (SCAP), effectively communicating compliance status to stakeholders
  • Compiled and managed critical security documentation per medical device assigned, including Network Architecture Diagrams and Privacy Impact Analyses (PIA), to populate in the Enterprise Mission Assurance Support System (eMASS)
  • Performed routine system audits using Windows Active Directory to validate user account management, enhancing organizational security and accountability

Information Systems Technician / Information Assurance/Computer Network Defense Engineer

U.S. Navy
07.2011 - 03.2018
  • Served as an Information Systems Technician and CND engineer kept Navy Afloat and Shore IT systems and networks operational and secure
  • Conducted thorough system vulnerability remediation and patching, maintaining high-quality service and availability standards for IT systems
  • Validated over 1200 security configurations of Windows, Linux operating systems, Cisco routers, switches, intrusion detection systems with DISA Security Technical Implementation Guidelines (STIGs), contributing to the organization's Authorization to Operate (ATO) and passing score the Command Cyber readiness inspection (CCRI)
  • Remediated high-visibility vulnerabilities identified in weekly vulnerability scan results for both unclassified and classified environments
  • Implemented security controls, including access controls, user permissions, and encryption protocols, ensuring the confidentiality, integrity, and availability of sensitive data
  • Utilized Windows Active Directory for user account management, including account creation, deletion, and group assignments
  • Responded to security incidents, and documented findings to support audits, inspections, and compliance reporting
  • Administered and maintained network infrastructure, including firewalls, routers, switches, and intrusion detection systems, responsible to protect against unauthorized access and cyber threats
  • Stayed abreast of emerging cybersecurity threats and industry trends, proactively recommending and implementing security enhancements for Navy IT infrastructure

Education

Bachelor of Science - Cybersecurity

National University
San Diego, CA
01.2024

Skills

  • NIST 800 Series Familiarity
  • FISMA Adherence
  • Disaster Recovery Planning
  • Security Control Evaluation
  • Cloud Technologies (SaaS, PaaS, Cloud-native)
  • Azure Active Directory
  • Microsoft Defender
  • Sentinel
  • Static & Dynamic Application Security Testing (SAST/DAST)
  • Tenable Nessus
  • STIG Viewer & SCAP Compliance Checker
  • IT Service Management (ITSM) Tools (Remedy, ServiceNow)

Certification

  • ISC2 Certified Information System Security Professional (CISSP)
  • CompTIA Security + CE, COMP001020626942
  • CompTIA Linux +
  • Microsoft Certified Professional (MCP)

Security Clearance

Active Security Clearance

Timeline

Information Assurance Engineer III (Contractor)

Joint Tactics and Technologies
09.2022 - Current

Senior Cybersecurity Risk Specialist (Contractor)

Booz Allen Hamilton
02.2022 - 09.2022

Cybersecurity Engineer (Contractor)

La Jolla Logic
11.2019 - 02.2022

Information Systems Security Engineer (Contractor)

Naval Medical Center San Diego (B.E.A.T LLC)
08.2018 - 04.2019

Information Systems Technician / Information Assurance/Computer Network Defense Engineer

U.S. Navy
07.2011 - 03.2018
  • ISC2 Certified Information System Security Professional (CISSP)
  • CompTIA Security + CE, COMP001020626942
  • CompTIA Linux +
  • Microsoft Certified Professional (MCP)

Bachelor of Science - Cybersecurity

National University

Similar Profiles

  • Kody Marcelli

    Kody MarcelliKody Marcelli

    Tree Trimmer/General Laborer at Tree TacticsTree Trimmer/General Laborer at Tree Tactics

    View Profile
  • Porter McConnell

    Porter McConnellPorter McConnell

    Director of Operations at Tilted Tactics LLCDirector of Operations at Tilted Tactics LLC

    View Profile
  • Summer Hart

    Summer HartSummer Hart

    Behavior Technician at Speech TacticsBehavior Technician at Speech Tactics

    View Profile
ERNEST WILLIAMS