Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

ROSALIE MBALA

Germantown,MD

Summary

Dynamic Information Assurance Specialist with five years of experience supporting federal information systems through the complete Risk Management Framework (RMF) lifecycle. Proven expertise in developing Authorization to Operate (ATO) packages, conducting comprehensive risk assessments, and implementing continuous monitoring programs in strict adherence to NIST SP 800-53 and NIST 800-171 standards. Strong background in security documentation, vulnerability management, and effective stakeholder coordination enhances the ability to deliver audit-ready artifacts while ensuring systems remain within acceptable risk levels.

Overview

5
5
years of professional experience
1
1
Certification

Work History

Information Assurance Specialist

DeltaahTech Consulting LLC
02.2021 - Current
  • Supported multiple federal systems across the full RMF lifecycle, from system categorization through authorization and continuous monitoring.
  • Led development and maintenance of ATO packages, including SSPs, SAPs, SARs, and POA&Ms, ensuring compliance with NIST SP 800-53.
  • Performed risk assessments and control gap analysis using NIST 800-171 and 800-53, providing practical remediation recommendations.
  • Managed POA&M activities by tracking vulnerabilities, prioritizing remediation, and coordinating with engineering teams to meet SLA timelines.
  • Prepared audit-ready evidence packages, including control implementation artifacts, test results, and compliance documentation.
  • Coordinated with system owners, engineers, and Change Advisory Boards (CAB) to evaluate system changes and maintain compliance posture.
  • Supported continuous monitoring by reviewing vulnerability scan results (e.g., Nessus, STIGs), analyzing findings, and updating security documentation.
  • Delivered security briefings to stakeholders and leadership, clearly communicating system risk posture and mitigation strategies.
  • Contributed to the development and maintenance of supporting documentation, including Contingency Plans, Incident Response Plans, and Privacy Impact Assessments.

Education

Bachelor of Science - Computer Science

University of Buea
WES

Skills

  • Risk Management Framework (RMF) & ATO Lifecycle Support
  • Continuous Monitoring & Compliance Management
  • Security Documentation & ATO Packages: SSPs, SAPs, SARs, POA&Ms, CP, IRP, CMP, ACP, PIA, FIPS 199, SCTM, ISA, MOU/MOA
  • NIST SP 800-53 Rev 4 & Rev 5, NIST 800-171, FISMA FedRAMP
  • Vulnerability Management & Risk Analysis
  • Audit Readiness & Security Assessments
  • Tools: eMASS, CSAM, Nessus, Splunk, RSA Archer, ServiceNow GRC
  • Stakeholder Coordination & Security Briefings
  • Technical Writing & Policy Development

Certification

  • CompTIA Security+
  • PMP – Project Management Professional
  • CRISC – In Progress

Timeline

Information Assurance Specialist

DeltaahTech Consulting LLC
02.2021 - Current

Bachelor of Science - Computer Science

University of Buea