Académique Documents
Professionnel Documents
Culture Documents
Are you flexible to work as needed and scheduled including holidays and weekends? Yes
When is the best time for the manager to reach you? Anytime
Why are you interested in this opportunity? I am looking for remote work that fits within my scope of expertise and
background.
What would your current/previous Manager say about you? I am very agile and a quick learner. I go above and beyond
and also do anything I can to support the team.
What are your career goals? To find a company I can settle into and move away from short contract positions.
Summary
Tracey is security expert having more than 10+ years of experience.
She is responsible for cybersecurity specifications such as Risk Management Framework (RMF), IAVM (Information
Assurance Vulnerability Management), STIGs and other government security specifications and guidelines.
Assists with developing System Security Plans (SSPs) and supporting Assessment and Authorization documentation
Responsible for performing multiple cybersecurity roles (e.g, ISSE, ISSO, ISSM) for Department of Defense (DoD) and
Intelligence Community (IC) programs.
Implemented the information systems security program for assigned programs/systems in compliance with NISPOM Chapter
8, NIST RMF, JAFAN 6/3, DCID 6/3, ICD 503, and JSIG requirements.
Applied cyber security standards including DISA STIGs, RMF security controls, and Draper policies and procedures to
classified computing systems.
Responsible for the preparation, update, and review of IS authorization packages (SSP, POA&M, SCTM, etc.) along with
performing self-inspections to provide security coordination and success of system test plans.
Maintained NextEra Energy power grid protection in many parts of the United States in accordance with government
mandated North American Electric Reliability/Critical Infrastructure Protection (NERC/CIP) guidelines.
Skills and Proficiencies
Skills and Proficiencies: Risk Management Framework (RMF), Joint Special Access Program (SAP) Implementation Guide
(JSIG), DSS Assessment and Authorization Process Manual (DAAPM), Security Content Automation Protocol (SCAP),
Security Technical Implementation Guide (STIG), Windows, Linux, Unix, HPUX, Solaris, Military Counter-Intelligence,
Joint Intelligence Operations, Operations Security (OPSEC), Communication Security (COMSEC), Signals Intelligence
Collection (SIGINT), Electronic Intelligence Collection (ELINT), TS/SCI +CI poly, Microsoft Word, PowerPoint, Excel,
SharePoint, and Administration and Procedural Processes.
Certificates
CompTIA Security+ CE (2019)
Education
Master of Science in Security and Resilience Studies Cyber from Northeastern University, Boston, MA
Bachelor of Science in Business Administration Management of Information Systems
Associate of Science Degree in Information Technology Security from Bunker Hill Community College, Boston, MA
Professional Experience
Confidential Client Jul 2020 – Till date
Senior Advanced Information Assurance Engineer
Responsibilities
Responsible for cybersecurity specifications such as Risk Management Framework (RMF), IAVM (Information Assurance
Vulnerability Management), STIGs and other government security specifications and guidelines.
Assists with developing System Security Plans (SSPs) and supporting Assessment and Authorization documentation
Supports patch management, system hardening, and verification of STIG compliance for OSs (e.g. Windows 2012, Windows
10, and Linux operating systems), COTS applications, and other IA products and IA enabled products.
Conducts security assessments/hardening with such tools as ACAS-NESSUS & SCAP Scans, STIGs, SCC benchmarks, and
Vulnerator
Experienced with XACTA and eMASS risk management and compliance automation tools
The Charles Stark Draper Laboratory Cambridge, MA Feb 2020 – Jun 2020
Cyber Security Analyst
Responsibilities
Responsible for performing multiple cybersecurity roles (e.g, ISSE, ISSO, ISSM) for Department of Defense (DoD) and
Intelligence Community (IC) programs.
Implemented the information systems security program for assigned programs/systems in compliance with NISPOM Chapter
8, NIST RMF, JAFAN 6/3, DCID 6/3, ICD 503, and JSIG requirements.
Applied cyber security standards including DISA STIGs, RMF security controls, and Draper policies and procedures to
classified computing systems.
Assists with preparation and maintenance of security Assessment and Authorization (A&A) documentation (e.g., IA SOP,
SSP, RAR, SCTM).
Performed Continuous Monitoring (ConMon) of security controls, to include audit log review and archive, security updates
and patching, compliance scanning (SCAP), configuration management, account management, vulnerability management,
and control status reporting.