Mark Hallowell

Walla Walla

Summary

Cybersecurity GRC Analyst with 2+ years supporting VA federal information systems through RMF, ATO support, authorization boundary analysis, and system risk assessments. Experienced in NIST 800-53 control assessments, STIG auditing, POA&M management, and CSAM/eMASS documentation. Strong technical writer translating complex architectures into clear risk documentation for ISSOs and AOs.

Overview

years of professional experience

Certification

Work History

Information Security Analyst (RMF / GRC)

Armavel → Sprezzatura → Department of Veterans Affairs

Remote

01.2023 - Current

Performed in-depth technical risk assessments to identify vulnerabilities and ensure compliance with authorization protocols.
Designed comprehensive authorization boundary network and data flow diagrams to enhance security compliance for RMF packages.
Conducted comprehensive assessments of NIST 800-53 controls to ensure compliance and maintain security standards.
Performed comprehensive STIG audits and vulnerability assessments to enhance system security and compliance.
Conducted thorough risk assessments to support ATO decision-making processes for ISSOs and AOs.
Maintained accurate control documentation to ensure compliance within CSAM and EMASS frameworks.
Designed and implemented POA&Ms to ensure effective tracking of remediation activities alongside system owners and engineers.

Engineering Project Coordinator

01.2020 - 01.2023

Managed technical documentation, audits, and change management.
Identified $500K reporting error via Power BI analysis.

Education

Associate of Applied Science - Software Engineering

Walla Walla Community College

Walla Walla, WA

Bachelor of Science - Cybersecurity

Flatiron School

New York, NY

Skills

RMF
ATO Support
Authorization Boundaries
System Risk Assessments
NIST SP 800-53
FISMA
FedRAMP
STIG Auditing
POA&M

CSAM
EMASS
Nessus
CDM
RedSeal
Network / Data Flow Diagrams
Control Assessments
Technical Risk Analysis