Yayleen Fernandez
Warwick,RI
Summary
Cybersecurity and compliance professional supporting RMF, FedRAMP, and secure SaaS deployments across federal, public sector, and commercial environments. Experienced with NIST 800-53, DISA STIGs, RMF, and FedRAMP, guiding cross-functional teams to implement compliant systems, manage risk, and operationalize vulnerability remediation. Skilled in strategic planning, risk oversight, and KPI-driven delivery, consistently achieving project milestones and enhancing collaboration across cross-functional teams. Expert in creating effective documentation, and building trust through proactive engagement.
Overview
20
20
years of professional experience
1
1
Certification
Work History
Technical Implementations Manager
Second Front Systems
02.2024 - 12.2024
- Led secure onboarding of 20+ cloud-based applications through CTF authorization, applying NIST 800-53 controls, applicable DISA STIGs, and DoD Cloud Computing SRG requirements within a PaaS environment.
- Ensured secure application deployment by reviewing DAST/SAST results with stakeholders, and verifying adherence to OWASP Top Ten security practices.
- Led end-to-end customer engagement cadence during the implementation phase, including project kickoffs, architecture and topology reviews, and requirements sessions to validate approved container services, and support informed risk decisions.
- Conducted Agile sprint planning in support of security and compliance deliverables per application, improving delivery velocity by 25%, while maintaining alignment with authorization timelines.
- Managed the onboarding of the first AI application into Game Warden within the AWS Commercial environment, establishing secure cloud implementation practices, and setting a precedent for compliant AI deployments.
- Partnered with PM peers to configure the company’s project management tool and build tailored project plan templates that standardized scope, schedule, change tracking, and resource-level forecasting across all projects.
Lead, Federal Customer Management
Devo Technology
06.2020 - 01.2024
- Contributed to IL5 ATO authorization activities by validating NIST SP 800-53 control compliance and producing security artifacts such as PPSM documentation, ACAS, and SCAP scan results/evidence, POA&Ms, system baselines, and architectural and data flow diagrams.
- Reviewed results from SCAP scans to verify system compliance against CIS Benchmarks, identifying gaps, and supporting remediation efforts.
- Oversaw secure sustainment operations for a $10M DoD program, leveraging ACAS scans to continuously monitor system compliance, identify vulnerabilities, and maintain availability and SLA performance.
- Reviewed system changes, defects, and feature updates through formal change control, assessing security impact, and supporting risk-informed release decisions.
- Prepared and delivered executive and government security briefings, reporting on compliance status, risk posture, operational metrics, and security-impacting roadmap initiatives.
- Led secure SaaS implementations for private and public sector environments, ensuring security requirements, compliance controls, and risk considerations were integrated throughout deployment lifecycles.
- Utilized the DISA STIG Viewer to assess applicable Linux STIGs, and advised engineering teams on required application changes to reduce vulnerabilities and harden systems.
Deployment/Design Engineer
Abacus Technologies
05.2019 - 06.2020
- Served as Scrum Master and Product Owner for the Air Force Cyber 12N12 initiative, leading the consolidation of SOC tools to improve usability, security monitoring, and mission readiness.
- Co-authored secure system designs and technical documentation for scalable, resilient infrastructure, incorporating applicable NIST 800-53 control families to meet compliance requirements, and strengthen system security posture.
- Performed market and vendor research to support PMO cybersecurity initiatives, evaluating solutions, industry trends, and cost drivers to inform secure procurement and contract decisions.
- Supported PMO contract activities by reviewing RFIs and assessing technical requirements, ensuring alignment with security standards, compliance controls, and acquisition planning in support of the Air Force Cyberspace Defense Weapon System.
(Concurrent) Cyber Systems Operations Specialist
RI Air National Guard
North Kingstown, Rhode Island
01.2005 - 08.2019
- Supervised and developed a team of seven Airmen to maintain and operate Air Force Cyberspace Defense Systems, ensuring continuous system availability, operational reliability, and adherence to cybersecurity standards.
- Managed end-to-end project to expand secure-area user stations from 24 to 75, including asset procurement, secure configuration, and build-out of training workstations to support increased operational demand, while maintaining compliance controls.
- Provided data-driven analysis to inform strategic planning, improving infrastructure prioritization, and enhancing intrusion detection workflows aligned with cybersecurity best practices.
- Managed and maintained an IT asset portfolio valued at $5.7M, overseeing inventory accuracy, lifecycle upgrades, and security readiness of all hardware and systems.
- Developed and implemented SOPs standardizing IT ticketing (ARC/Remedy) and asset management workflows, improving process consistency, reducing delays, and strengthening operational security posture.
- Oversaw cybersecurity governance as the unit ISSO and Cybersecurity Liaison, managing RMF documentation, enforcing IA policies, coordinating user access compliance, and supporting system authorization requests.
- Managed multiple compliance and operational programs (QA, Corrosion Control, ESD), ensuring adherence to safety, regulatory, and cybersecurity standards.
Information Technology Specialist (Network)
102 Cyber Operations Sq., USAF
08.2015 - 05.2019
- Coordinated with internal stakeholders and external vendors to deliver mission-critical upgrades to SCIF power, HVAC, cyber system infrastructure, fiber cabling, and SOC operator stations, ensuring minimal downtime.
- Implemented and enforced NIST SP 800-53 controls, enhancing the cybersecurity posture of classified and unclassified networks.
- Trained 70+ personnel on secure system operations, boosting team readiness and compliance.
- Managed IT and cyber assets to ensure lifecycle accountability and audit compliance.
- Planned and executed infrastructure refresh cycles, managing budgets, and forecasting to ensure the timely replacement of mission-critical IT assets.
Education
Some College (No Degree) - Cloud Computing
Western Governors University
Salt Lake City, UTSkills
- Agile, Waterfall, and Kanban project and program management
- SaaS product implementations: DoD impact levels (IL2–IL6), FedRAMP, and commercial environments
- Cloud platforms: AWS, Google Cloud Platform (GCP)
- Strategic planning and change management
- Stakeholder and vendor management
- KPI and metrics-driven delivery
- Risk, compliance, and security oversight
- Enterprise software deployment
- Resource allocation
- Tools and platforms: Jira, Confluence, GitLab, Hive, Salesforce, Gainsight, Microsoft Office Suite, Google Suite, SIEM, SOAR, and other project management tools
- SDLC (Software Development Life Cycle)
- Effective verbal and written communication
- Training, development, and delivery
- Performance reporting
- Expense tracking
- Complex Problem-solving
- Dependency tracking
- Sprint management
Certification
- Professional Scrum Master (PSM I)
- Google Project Management: Professional Certificate
- CompTIA Security+
- LEAN Six Sigma Yellow Belt
- DoD Top Secret SCI Clearance
- Project Management Professional (PMP) Candidate-PMI
- Certified Responsible AI Leader (CRAIL) Certification
Languages
English
Native/ Bilingual
Spanish
Native/ Bilingual
Timeline
Technical Implementations Manager
Second Front Systems
02.2024 - 12.2024
Lead, Federal Customer Management
Devo Technology
06.2020 - 01.2024
Deployment/Design Engineer
Abacus Technologies
05.2019 - 06.2020
Information Technology Specialist (Network)
102 Cyber Operations Sq., USAF
08.2015 - 05.2019
(Concurrent) Cyber Systems Operations Specialist
RI Air National Guard
01.2005 - 08.2019
Some College (No Degree) - Cloud Computing
Western Governors University