Christopher Headley
Bryans Road
Summary
Seasoned Security Control Assessor with background in conducting comprehensive assessments of management, operational, and technical security controls. Strong understanding of federal regulations, including FISMA and NIST standards. Demonstrated skill set includes critical thinking, problem-solving and clear communication. Previous work has resulted in improved security postures for diverse organizations through rigorous assessment processes and tailored recommendations.
Overview
10
10
years of professional experience
2009
2009
years of post-secondary education
1
1
Certification
Work History
Security control Assessor
Harmonia Holdings Group LLC
Blacksburg
10.2023 - Current
- Assess and test security controls to ensure they function as intended and effectively mitigate identified risks.
- Reviewed and analyzed security policies for effectiveness and compliance.
- Created detailed documentation about the results of each assessment conducted.
- Developed detailed reports outlining findings from security control assessments and provided recommendations for mitigating identified risks.
- Analyze security policies, procedures, system configurations, network diagrams, and previous assessments.
- Conduct interviews with system administrators, developers, and security personnel to understand operational practices and control implementation.
Information System Security Officer (ISSO)
TIAG Inc.
Fort Belvoir
03.2018 - 09.2023
- Ensure accurate identification, documentation, and resolution of POA&Ms within expected timelines, maintaining timely entries in eMASS.
- Provide comprehensive support for system interconnections, including maintaining and updating Interconnection Security Agreements (ISAs).
- Participate in security authorization and assessment processes for FISMA systems, including Risk Assessment (RA) and Contingency Planning (CP).
- Conduct in-depth log reviews and security control assessments to improve system security posture and maintain compliance with government mandates.
- Support System and Information Integrity (SI) and Flaw Remediation processes, ensuring ongoing compliance and system integrity.
IT Security Analyst
Knight Point Systems
Reston
04.2016 - 02.2018
- Assessed system compliance against NIST 800-53 controls, DoD, and DHA security requirements, including DISA STIGs and SRGs, ensuring adherence to stringent security standards.
- Reviewed authorization and assurance documents to evaluate risk levels, confirming they remained within acceptable limits for applications, systems, and networks.
- Developed and analyzed DHS information system security plans in alignment with DHS Sensitive Systems Policy Directive 4300a, supporting the maintenance of Authorization to Operate (ATO) for each system.
- Monitored network security systems for potential vulnerabilities and threats.
Education
Bachelor of Arts - Digital Media Communications
Robert Morris University
Pittsburgh, PASkills
- Cybersecurity
- RMF
- EMASS
- SDLC
- NIST Standards
- Siem
- Information Security
- Risk Management
- Fips
- Compliance Management
- DoD Experience
- Communication Skills
- Organizational Skills
- Vulnerability Management
- Project Management
- Iso 27001
- Service Now
- Cloud Security
- Risk Assessment
- Technical Writing
- Security control assessment
Certification
- CompTIA Security+
Timeline
Security control Assessor
Harmonia Holdings Group LLC
10.2023 - Current
Information System Security Officer (ISSO)
TIAG Inc.
03.2018 - 09.2023
IT Security Analyst
Knight Point Systems
04.2016 - 02.2018
Bachelor of Arts - Digital Media Communications
Robert Morris University