Summary
Overview
Work History
Education
Skills
Accomplishments
Certification
Timeline
Generic

MARSHA CROSBY

Fairfax,VA

Summary

Program management professional with proven track record in leading cross-functional teams and driving project success. Skilled in strategic planning, risk management, and resource allocation. Known for adaptability, problem-solving, and fostering collaboration to achieve results. Proficient in optimizing processes and aligning initiatives with organizational objectives.

Overview

11
11
years of professional experience
1
1
Certification

Work History

Information Systems Manager

CISC, Information System Security Management Consulting
10.2024 - Current
  • I am eagerly enhancing my cybersecurity expertise by pursuing the Certified Information Systems Security Professional (CISSP) certification. This esteemed certification will enable me to thoroughly explore current trends and best practices in the realm of security management, risk assessment, and information protection. By acquiring in-depth knowledge in these critical areas, I aim to unlock a range of promising future opportunities and significantly advance my career prospects within the dynamic field of cybersecurity.

Onsite Contract Support Program Manager

Chickasaw Nation Industries & Chenega Decision Sciences
07.2017 - 09.2024
  • Exhibited strong leadership in guiding cross-functional teams and promoting continuous improvement.
  • Supervised a team of 15 cybersecurity professionals, including cybersecurity engineers, information system security officers, and security control validators.
  • Managed contract negotiations and budget, aligning resources with organizational goals.
  • Utilized innovative project management processes to define and execute complex cybersecurity projects efficiently, ensuring alignment with strategic objectives.
  • Established performance metrics and meticulously monitored progress against strategic targets, delivering high-quality results that drive continuous improvement.
  • Collaborated with team members and Cybersecurity Branch Managers to address technical, financial, and operational concerns, maintaining seamless operations across various platforms. Boosted compliance by 25% through targeted staff training programs.
  • Additionally, a 40% reduction in incident response time was achieved by implementing advanced automated security monitoring tools, significantly enhancing overall operational efficiency.

Senior Information System Security Manager

Chickasaw Nation Industries & Chenega Decision Sciences
07.2017 - 09.2024
  • Managed four financial systems with 163 applications and 261 FISCAM controls, ensuring strong oversight and accountability.
  • Monitored the RMF implementation for the assigned system throughout its life cycle. Developed and improved documentation to ensure compliance with NIST 800-53 standards. This included creating System Security Plans (SSPs), Standard Operating Procedures (SOPs), Plans of Action and Milestones (POA&Ms), and Security Assessment Reports (SARs). All documentation was stored in the Enterprise Mission Assurance Support Service (eMASS) database.
  • Advised senior management on risk levels and the system's security posture by conducting quarterly internal security and risk assessments to ensure that the security controls were properly implemented, documented, and approved as required.
  • Ensured compliance with applicable security policies, standards, and regulations to maintain the security authorization status for each system.
  • Collaborated with the Privacy Act Officer to create Privacy's SOP incorporating privacy considerations into RMF execution, ensuring compliance with OMB A-130 and FISMA.
  • Assisted the Privacy Officer with compiling and validating FISMA reporting metrics for all designated systems prior to submission.
  • Achieved 100% compliance with Cyber Security Service Provider's network services and support requirements.
  • Teamed up with the Incident Response Team to dive deep into security incidents, uncovering vital insights that could shape our approach to future challenges.
  • Developed Joint Knowledge Online (JKO) instantiation for tracking annual security awareness training compliance for Agency-funded personnel.
  • Assisted the Agency Talent Management Office in launching a new learning management system for civilian and military personnel, ensuring compliance with DOD's annual security training mandates.

Senior Cybersecurity Engineer & USMC (Quantico) Validator

Sentar
12.2014 - 07.2017
  • Analyzed security policies meticulously and tracked compliance metrics, measuring and reporting on 60% of critical performance indicators as an integral part of the assessment team.
  • Obtained Authority to Operate (ATO) for eleven critical systems within twelve months, ensuring continuous operational capability and resilience. The ATO documentation follows NIST 800-53 standards and is stored in eMASS.
  • Provided senior management with bi-monthly comprehensive briefs on A&A package statuses, delivering critical insights that informed strategic decision-making processes effectively.
  • Collaborated extensively with cross-functional teams to craft comprehensive cybersecurity policies and procedures that significantly bolstered organizational readiness and resilience.

Education

Master's - Information Technology, Assurance & Security

American InterContinental University
Schaumburg, ILL
09.2015

Bachelor of Arts - Organizational Management

Ashford University
Clinton, IA
12.2008

Skills

  • Adaptability
  • Communication
  • Critical Thinking
  • Leadership
  • Problem-Solving
  • Teamwork
  • Time Management
  • Security Awareness Training
  • Work Ethnics
  • Cybersecurity (NIST 800-53)
  • Risk Management
  • Project Management
  • EMASS
  • Performance Management
  • Regulatory Compliance

Accomplishments

  • Achieved 100% compliance with network services and support requirements established by the Cyber Security Service Provider with accuracy and efficiency., as outlined in their Service Level Agreements.
  • Increased compliance adherence by 40% through the development and execution of targeted training programs for staff members, fostering a culture of accountability.
  • Supervised team of 15 staff members.

Certification

  • ISC2 Certified Governance, Risk, & Compliance (CGRC) (formerly known as the Certified Authorization Professional (CAP), Expiration Date: March 2026
  • IA2 CNSS 4016-Immediate (Risk Analyst Immediate)
  • ISC2 CISSP Certification Training In-Process (CISSP exam scheduled October 2025)

Timeline

Information Systems Manager

CISC, Information System Security Management Consulting
10.2024 - Current

Onsite Contract Support Program Manager

Chickasaw Nation Industries & Chenega Decision Sciences
07.2017 - 09.2024

Senior Information System Security Manager

Chickasaw Nation Industries & Chenega Decision Sciences
07.2017 - 09.2024

Senior Cybersecurity Engineer & USMC (Quantico) Validator

Sentar
12.2014 - 07.2017

Master's - Information Technology, Assurance & Security

American InterContinental University

Bachelor of Arts - Organizational Management

Ashford University

Similar Profiles

  • MINGJIE TAN

    MINGJIE TANMINGJIE TAN

    Volunteer at Chinese Information and Service Center (CISC)Volunteer at Chinese Information and Service Center (CISC)

  • Garry McSweeney

    Garry McSweeneyGarry McSweeney

    Principal Consultant at Compass Management Consulting / Information Services Group (ISG)Principal Consultant at Compass Management Consulting / Information Services Group (ISG)

  • Harshada Phatak

    Harshada PhatakHarshada Phatak

    PAMAC Finserve Pvt. Ltd. at Management Information System ExecutivePAMAC Finserve Pvt. Ltd. at Management Information System Executive

  • Eric Kambach

    Eric KambachEric Kambach

    Wine Supervisor at Total Wine & MoreWine Supervisor at Total Wine & More

  • Celine Liu

    Celine LiuCeline Liu

    Volunteer at Oakton RoboticsVolunteer at Oakton Robotics

CREATE PROFILE