Charles Williams
Olney,MD
Summary
I'm a CISSP certified computer security professional with 8 years of progressive hands-on experience in the Cyber Security Industry. Demonstrated skills identifying business risks and compliance issues and designing proactive solutions. Background designing and implementing layered network security approaches. Information Security Specialist with passion for aligning security architecture plans and processes with security standards and business goals. Extensive experience developing and testing security framework for cloud-based software. Versed in robust network defense strategies IT professional with experience developing and implementing security solutions in fast-paced environments. Skilled in RMF, NIST, FedRAMP, FIPS, FISMA, ISO, PCI DSS, HIPAA, and GDPR with proven history of delivering exceptional risk management support. Organized and dependable candidate successful at managing multiple priorities with a positive attitude. Willingness to take on added responsibilities to meet team goals.
Overview
11
11
years of professional experience
1
1
Certification
Work History
Information System Security Officer
All Nations Tech, Inc
02.2014 - Current
- Monitored use of data files and regulated access to protect secure information
- Reviewed violations of computer security procedures and developed mitigation plans
- Recommend improvements in security systems and procedures
- Monitored computer virus reports to determine when to update virus protection systems
- Performed risk analyses to identify appropriate security countermeasures
- Conducted security audits to identify vulnerabilities
- Skilled in preparing Authorization Package - SSP, SAR and POA&M
- NIST SP 800-Series, FIPS 199/200, FISMA, FEDRAMP, Risk Management Framework (RMF)
- Developing risk assessment reports
- Worked with the System Owner and security team to assess security controls in updating SAP and rules of engagement (ROE)
- Tested, assessed, and documented clients' IT systems for Assessment and Authorization (A&A) in accordance with NIST Special Publication 800-53A
- Obtained assessment evidence by interviewing personnel, reviewing artifacts, and executing test procedures
- Reviewed data and alerts of IPS, firewalls, and anti-malware technologies
- Worked with the team that Implemented appropriate security controls to mitigate threats, risks and vulnerabilities in the system
- Assessed the security controls and provide continuous monitoring for client information and information systems
- Provided expert analysis and advice on systems and programs related to ITSecurity problems and provide recommendations
- Managed IT Projects throughout the System Development Lifecycle
- Worked on Risk Management Framework (RMF) using NIST SP 800-37 as a guide, in categorizing a system, conduct a kick-off meeting in order to categorize a system according to NIST requirement of low, moderate or high
- Serve as Information Systems Security Officer (ISSO), coordinating, executing, and managing cybersecurity assessment & authorization (A&A) related activities supporting hardware, software, and connectivity capabilities in support of mission and business requirements
- Provide advice and assistance on all things cyber security for customer-acquired development and systems maintenance projects, driving and monitoring system authorization status of segment components, authoring and coordinating related documentation
- Facilitate, perform, and manage actions necessary to maintain system and capability accreditation status consistent with DoDI 8510.01 (Risk Management Framework (RMF) for DoD Information Technology (IT)), including scanning, auditing, and authoring/coordinating security accreditation-related documentation
- Review and advise on security aspects of contracted maintenance deliverables and proposals
- Present system maintenance, authorization status, and potential issues to leadership
- Keep customer leadership aware of any roadblocks, issues, or concerns with system authorization status
- Other duties as assigned
Education
Bachelors of Science - UMD
01.2016
Skills
- Data security
- SIEM tools
- Developing security plans
- Designing security controls
- Implementing security programs
- Attention to Detail
- Agile Methodology
- Risk Management
- Risk Assessment
- Self-Motivated
- Problem-Solving
- Multitasking Abilities
- Analytical and Critical Thinking
- Cultural Awareness
- Office 365
- Network Security
- Vulnerability Management
- SDLC
Certification
CISSP
Timeline
Information System Security Officer
All Nations Tech, Inc
02.2014 - Current
Bachelors of Science - UMD
Similar Profiles
Dan SandbergDan Sandberg
Wholesale Lending Account Executive at Nations Direct MortgageWholesale Lending Account Executive at Nations Direct Mortgage
Bermann DurogeneBermann Durogene
Warehouse Operator at United Nations Peacekeeping OperationsWarehouse Operator at United Nations Peacekeeping Operations
Júlio Soares de CarvalhoJúlio Soares de Carvalho
Intern at United Nations, Department of Economic and Social Affairs (UNDESA)Intern at United Nations, Department of Economic and Social Affairs (UNDESA)
Shannon MaxwellShannon Maxwell
Case Manager/Utilization Review RN at MedStar Montgomery Medical CenterCase Manager/Utilization Review RN at MedStar Montgomery Medical Center
Madeline RoccoMadeline Rocco
Bookstore Sales Associate at Frederick Community CollegeBookstore Sales Associate at Frederick Community College