Dynamic Information Assurance Specialist with five years of experience supporting federal information systems through the complete Risk Management Framework (RMF) lifecycle. Proven expertise in developing Authorization to Operate (ATO) packages, conducting comprehensive risk assessments, and implementing continuous monitoring programs in strict adherence to NIST SP 800-53 and NIST 800-171 standards. Strong background in security documentation, vulnerability management, and effective stakeholder coordination enhances the ability to deliver audit-ready artifacts while ensuring systems remain within acceptable risk levels.
Overview
5
5
years of professional experience
1
1
Certification
Work History
Information Assurance Specialist
DeltaahTech Consulting LLC
02.2021 - Current
Supported multiple federal systems across the full RMF lifecycle, from system categorization through authorization and continuous monitoring.
Led development and maintenance of ATO packages, including SSPs, SAPs, SARs, and POA&Ms, ensuring compliance with NIST SP 800-53.
Performed risk assessments and control gap analysis using NIST 800-171 and 800-53, providing practical remediation recommendations.
Managed POA&M activities by tracking vulnerabilities, prioritizing remediation, and coordinating with engineering teams to meet SLA timelines.
Prepared audit-ready evidence packages, including control implementation artifacts, test results, and compliance documentation.
Coordinated with system owners, engineers, and Change Advisory Boards (CAB) to evaluate system changes and maintain compliance posture.
Supported continuous monitoring by reviewing vulnerability scan results (e.g., Nessus, STIGs), analyzing findings, and updating security documentation.
Delivered security briefings to stakeholders and leadership, clearly communicating system risk posture and mitigation strategies.
Contributed to the development and maintenance of supporting documentation, including Contingency Plans, Incident Response Plans, and Privacy Impact Assessments.
Education
Bachelor of Science - Computer Science
University of Buea
WES
Skills
Risk Management Framework (RMF) & ATO Lifecycle Support
Continuous Monitoring & Compliance Management
Security Documentation & ATO Packages: SSPs, SAPs, SARs, POA&Ms, CP, IRP, CMP, ACP, PIA, FIPS 199, SCTM, ISA, MOU/MOA
Information Assurance Security Specialist (RMF / ATO Support Lead) at OBXtek Inc.Information Assurance Security Specialist (RMF / ATO Support Lead) at OBXtek Inc.
Information Security Analyst (RMF / GRC) at Armavel → Sprezzatura → Department of Veterans AffairsInformation Security Analyst (RMF / GRC) at Armavel → Sprezzatura → Department of Veterans Affairs