SHAQUILLE CALHOUN

• Proposed technical feasibility solutions for new system designs and suggested options for performance improvement of technical components.
• Help DISA (Defense Information Systems Agency) streamlined troubleshooting processes to improve system support and enhance communication between support team and end-users.
• Created flowcharts, diagrams and other documentation.
• Researched software and systems products to determine purchase recommendations.
• Completed software updates and assessed security patches for optimized computer use.
• Collaborated with executive team to define business requirements and systems goals.

· Develop maintain and review security documents supporting the Risk Management Framework (RMF) using NIST SP-800-37 Rev 1 or Rev 2 to obtain ATO (Authorization to Operate)

• Drafted Systems Security Plan (SSP), Contingency Plans (CP), FIPS 199, Privacy Threshold Analysis (PTA), Privacy Impact Assessment (PIA).
• Performed risk analysis to identify appropriate security countermeasures.
• Recommend improvements in systems security and procedures.
• Provided support in selecting security controls for information system.
• Reviewed security controls regarding their adequacy in protecting important information and information system.
• Educated and trained users on information security policies and procedures.
• Leveraged Amazon AWS FedRAMP ATO packages for cloud-based systems to prepare security artifacts for information system to obtain ATO.
• Performed Security Impact Analysis (SIA) for change and configuration management.

• Developed and maintained incident response protocols to mitigate damage and liability during security breaches.
• Drafted audit and testing procedures, Plan of action and milestones (POA&MS), Security Assessment Plan (SAP), and Security Assessment Report (SAR).
• Conduct security controls assessment for information systems using NIST 800-53A Rev 4
• Performed 1/3 Assessments or annual security controls assessment for ongoing authorization.
• Implemented security measures to reduce threats
• Gathered security artifacts/screenshots during system Demos.
• Analyze Tenable Nessus vulnerability scan reports and assist in remediation of vulnerabilities within proper time frames and track remediation.
• Participate in security meetings to provide updates on ongoing security projects.
• Leveraged GRC Tool ServiceNow to keep all important A&A documentations organized.