Martin Southerland
Alma,AR
Summary
Served 10 years in the Colorado and Arkansas Air National Guard. Seasoned Senior Information Security Analyst with B.S. in Criminal Justice with concentration in Cybersecurity and Cybercrime and a robust background in Risk Management Framework and Policy Development. Experienced in both DoD and commercial industries. Worked independently and as part of a team at SAIC, Mantech, PeopleTec, and Raytheon to enhance the security posture of critical infrastructure at NORAD, DHA, and ARSTRAT. These efforts included vulnerability assessment, system hardening, POAMs, and system engineering. Spearheaded security compliance initiatives at Arkansas Blue Cross and Blue Shield, enhancing data integrity through rigorous policy enforcement and strategic vulnerability assessments. Expert in security initiatives and proactive in cybersecurity incident response, demonstrating strong leadership and analytical acumen.
Overview
12
12
years of professional experience
1
1
Certification
Work History
Senior Information Security Analyst
Arkansas Blue Cross and Blue Shield
11.2021 - Current
- Ensure enterprise stays compliant with controls related to the cyber security framework
- Provides guidance and policy expertise for data security, data classification, data storage, data transmission, and data life-cycle
- Setting policy and enforcement on security standards
- Conduct usage audits and verify the removal of retired and stale accounts
- Manage software and application compliance and ensure that unauthorized software and application are not on enterprise assets
- Conduct entitlement reviews of users and groups to ascertain that appropriate personnel have access to enterprise data
- Provide guidance in the evaluation and assessment of Policy Exception Requests (PERs)
- Ensure a secure baseline through benchmark and vulnerability assessments
- Conduct security investigations related to security incidents and legal requests within the enterprise
- Lead the Enterprise Information System Compliance team in daily huddles to ensure timeliness and accuracy of security related tasks
- Deliver artifacts related to Hitrust security controls
- Develop processes and procedures for security programs.
Information System Security Officer (ISSO)
Mantech/SAIC
02.2021 - 11.2021
- Provide subject matter expertise in all cyber security initiatives
- Ensure compliance with data security policies and relevant legal and regulatory requirements in accordance with Defense Health Agency (DHA) directives and applicable Risk Management Framework (RMF) requirements
- Ensure compliance with MTF cyber security program implementation plan, and DHA management policies
- Support and coordinate workflow, activity, and documentation necessary to achieve successful RMF (Risk Management Framework) Assessment & Authorization (A&A)
- Identify, develop, and incorporate artifacts found in an RMF A&A package, e.g., system architecture and authorization boundaries, hardware and software inventories, risk assessment reports, Plan of Action and Milestones (POA&Ms), data flows, and other necessary system documentation
- Evaluate and provide input to systems security controls in eMASS, using Control Correlation Identifiers (CCIs) from the Assessment Procedure (AP) List
Cybersecurity Analyst
PeopleTec
01.2020 - 01.2021
- Develop processes to support IA (Information Assurance) updates to Army Cyber Mission systems and network
- Review quarterly IA scan results and other information to maintain security posture
- Update POA&Ms (Plan of Action & Milestones) for systems that have gone through the DoD (Department of Defense) RMF (Risk Management Framework) process
- Participate in milestone reviews to ensure IA compliance
- Develop and maintain RMF authorization schedules and schedule milestones
- Implement and execute necessary eMASS (Enterprise Mission Assurance Support Service) entries and updates in support of RMF and RMF/IA packages
- Maintain system security plans, policies and procedures IAW DoD and Army RMF guidelines
- Ensure that all directed applications comply and support the Army's Information Assurance Vulnerability Management (IAVM) program notification and correction processes
Sr. Cyber Engineer/Program Protection Specialist
Raytheon
07.2016 - 01.2020
- Performing cyber hygiene activities to ensure system security controls are operating and monitoring mission integrity
- Assessing known systems vulnerabilities and verifying system hardening and patching activities to ensure compliance with the most current applicable Security Technical Implementation Guides (STIGs)/Security Requirements Guides (SRGs)
- Performing analysis on cybersecurity collected data and test results, identifying and implementing cybersecurity design, and preparing and maintaining engineering and security related documentation
- Performing Assured Compliance Assessment Solution (ACAS) vulnerability assessment scan results and providing recommendations to other Cyber Security personnel
- Provide system administration, situational analysis, impact assessment, and issue resolution of North American Aerospace Defense (NORAD) Cheyenne Mountain Complex - Integrated Tactical Warning/Attack Assessment (NCMC- ITW/AA) and Space Support Contract (NISSC) covered systems
- Monitor network architecture and services; resolving issues as they arise
- Assist users in accessing and using NISSC covered systems
- Monitor and service incoming/outgoing messages related to air, missile, and space defense systems
Systems Administrator
CACI
01.2013 - 07.2016
- Ensure enterprise stays compliant with controls related to the cyber security framework
- Provides guidance and policy expertise for data security, data classification, data storage, data transmission, and data life-cycle
- Setting policy and enforcement on security standards
- Conduct usage audits and verify the removal of retired and stale accounts
- Manage software and application compliance and ensure that unauthorized software and application are not on enterprise assets
- Conduct entitlement reviews of users and groups to ascertain that appropriate personnel have access to enterprise data
- Provide guidance in the evaluation and assessment of Policy Exception Requests (PERs)
- Ensure a secure baseline through benchmark and vulnerability assessments
- Conduct security investigations related to security incidents and legal requests within the enterprise
- Lead the Enterprise Information System Compliance team in daily huddles to ensure timeliness and accuracy of security related tasks
- Deliver artifacts related to Hitrust security controls
- Develop processes and procedures for security programs.
Education
Bachelor Of Science - Criminal Justice, Cybercrime And Cybersecurity
Colorado Technical University
Colorado Springs, CO12.2018
Skills
Risk Management Framework
Policy and Procedure
ACAS
EDiscovery
TS/SCI Clearance (last
adjudicated August 2018)
Security CE
eDiscovery
Plan of Actions & Milestones
(POA&M)
EMASS
ServiceNow
Tenable Nessus
ISSO
Hitrust CSF Certified Practitioner
Certification
CompTIA Security+ CE
Timeline
Senior Information Security Analyst
Arkansas Blue Cross and Blue Shield
11.2021 - Current
Information System Security Officer (ISSO)
Mantech/SAIC
02.2021 - 11.2021
Cybersecurity Analyst
PeopleTec
01.2020 - 01.2021
Sr. Cyber Engineer/Program Protection Specialist
Raytheon
07.2016 - 01.2020
Systems Administrator
CACI
01.2013 - 07.2016
Bachelor Of Science - Criminal Justice, Cybercrime And Cybersecurity
Colorado Technical University
Similar Profiles
Jataia GoodmanJataia Goodman
Customer Service Representative- Remote at Arkansas Blue Cross And Blue ShieldCustomer Service Representative- Remote at Arkansas Blue Cross And Blue Shield
Tracy CastleberryTracy Castleberry
Senior Product Owner at Arkansas Blue Cross Blue ShieldSenior Product Owner at Arkansas Blue Cross Blue Shield
Sandra HillSandra Hill
Production Control Supervisor/Lead at Arkansas Blue Cross And Blue ShieldProduction Control Supervisor/Lead at Arkansas Blue Cross And Blue Shield
Cayla BenhamCayla Benham
Business Analyst Senior at Arkansas Blue Cross and Blue ShieldBusiness Analyst Senior at Arkansas Blue Cross and Blue Shield
Kobe SmithKobe Smith
Medium Duty Tow Truck Driver at Alma Auto TowingMedium Duty Tow Truck Driver at Alma Auto Towing