Jeffrey S. Hahn, ITIL, CASP Ce, Security+ Ce
Washington D.C.,District Of Columbia (DC)
Summary
Cyber Security professional with DoD hands-on experience in the delivery of exemplary customer service and support on both NIPRNet and SIPRNet. Experienced with the RMF Framework process, RMF work flow, DoD IAVA, and STIG compliance. DoD 8570 IAT level III certified. Currently searching for an ISSO position where I can best utilize my training, certifications and technical skill sets.
Overview
9
9
years of professional experience
1
1
Certification
Work History
ISSE, Information Systems Security Engineer
TIAG
Reston, Virginia
07.2021 - Current
- Assisted the Navy RMF process through steps 0-6 via EMASS
- Updated HW/SW list
- Verified network topology veracity
- Implemented controls, categorized systems, and played various roles such as NQV, Navy Qualified Validator and assisted other packages as an ISSO
- Verified STIG configurations via Vulnerator and STIG viewer
ISSE/NQV
General Dynamics Information Technology
Quantico, Virginia
10.2019 - 07.2021
- ISSE/ (Information Security Engineer)/ NQV (Navy Qualified Validator) role
- Responsible for preparing a RMF package utilizing eMASS through all steps
- Responsible for categorizing, security control selection, and implementation of controls
- Requested Tier 1-2 controls
- Performed security assessor roles validating control compliance
- Implementing/Assessing NIST 800-53 controls
- Analyzed STIGs for CAT I findings, comments and missing information through tools such as STIG viewer and Vulnerator
- Updated HW/SW lists through service tickets and ensured the diagram matches
- Resolved ATO stipulations
Cyber Security Engineer A/A SCA-V
C4 Planning Solutions
Doral, Florida (FL)
02.2019 - 10.2019
- • Validated control compliance for USSOUTHERNCOMMAND cyber security packages to include BICES, CENTRIXS, and numerous other DoD systems and sites.
• Review STIGS and IAVAS to ensure cyber security compliance
• Updated / created processes and procedures; implemented best practices
• Supported the government ISSM/ISSO in policy development
• Reviewed the System Security Plan (SSP) before A/A process commences for package acceptability and required documentation such as system categorization form, PPSM registration, DITPR ID, and numerous other elements of a compliant security package.
• Verified HW/SW compliance through network topologies and lists.
• Reviewed the maintenance of security-related artifacts, such as the SSP and recommended compelling evidence.
• Input test results, artifacts, POA&M entries, implementation plans and other content into eMASS
• Supported SCA-V system assessment planning, review and follow-up activities
• Worked through all six steps of the RMF process
• Used CMRS to pull STIG reports
• Aided with the creation of ATO, SCA-V memos.
• Helped train staff on emerging and current technologies and methodologies.
• Recommended package ATO through risk compliance risk acceptance rate for Authorizing Official.
• Traveled to U.S. Navy Base, Guantanamo Bay, Cuba to provide Command Cyber Readiness Inspection (CCRI) support and assistance
Information Assurance Analyst Senior
Alion Science & Technology
Washington, D.C.
08.2018 - 02.2019
- Assist the Technical Director and Training System Software Analyst with all actions required to ensure systems achieve and maintain Authority to Operate (ATO). Involved in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines and procedures as well as conducting vulnerability audits and assessments
- Work with Project Managers to track the progress and status of system accreditation packages to include tracking hardware and software assets throughout the Risk Management Framework, (RMF)
- Determine systems' reporting requirements and vulnerabilities and ensure that they are correctly maintained in various IT processes and databases to include DIACAP, RMF, VRAM, eMASS, etc
- Maintained IAVA and STIG compliance by corresponding to various on site ISSES
- Produced detailed reports regarding Cybersecurity package progression in the RMF process and risk to the ATO. Addressed current risk and provided mitigation consultation
- Assisted the package throughout the package approval chain providing support to the ISSE, ISSM and ISO
- Researched policy and RDT&E guidance to apply to the organization such as ZONE D networks and N/A controls to be inherited from the site enclave package
- Underwent NAVY Validator training and achieved DoN Assessment skills as well as familiarity to tools such as ACAS, NESSUS and Security Center to achieve A&A
- Maintained FISMA compliance through DITPR-DON/DADMS
- Maintained organization Taskers, Point of Contact lists and Action items
Cyber Security Analyst
DELTA Resources, Inc.
Washington D.C., VA
01.2018 - 08.2018
- Information Assurance – includes processes for ensuring that NAVSEA activities and programs implement procedures to ensure the security of information systems and data commensurate with risks as mandated by FISMA, DoD, and DON policies and guidance
- Responsible for reviewing various packages through the RMF framework utilizing tools such as eMASS, Enterprise Mission Assurance Support Service (eMASS)
- Present security findings to senior leadership and address security vulnerabilities and mitigation
- Infrastructure – includes processes to acquire, operate, and retire NAVSEA networks, systems such as WSN-7, 7b, MIPS, ENL, S-IBS and others
- Data Management – includes information resources, such as enterprise data and data on individual desktop computers, laptops and other electronic devices used in the NAVSEA business environment, as well as the applications which store, manipulate, and deliver data.
Enterprise Service Desk Specialist
Hewlett Packard Enterprise DXC Technology
Pentagon, D.C.
06.2017 - 01.2018
- Experience working on both NIPRNet and SIPRNet enclaves
- Integrate multiple information systems in a networked environment, evaluate and resolve customer information system problems, effect required hardware upgrades and repair to maintain mission capability
- Ensure the proper installation and configuration of workstation hardware and software for efficient operation on the network
- Vulnerability management server and workstation patching
- Ensured server and workstation STIG and IAVA compliance
Account Manager
Ferrandino & Son
Audubon, PA
02.2016 - 06.2017
- Identified and qualified customer needs, developed sales strategies and negotiated and closes profitable projects
- Maintained and organized a customer database of clients nationwide developing skills in information technology
- Utilized various SAAS, Software as a Service applications, gaining industry knowledge
- Analyzed processes previously used to send products to customers and uncovered a more efficient method that was positively received by all involved parties
Auxiliary Instructor
Fredericksburg City Schools
Fredericksburg, VA
09.2013 - 02.2016
- Instructed pupils on various subjects including Information Technology, Microsoft office and other courses of study as needed
- Developed lessons plans, schedules and gained valuable presentation skills
Education
Bachelor of Science - Business Administration
The Citadel
2013
Skills
- RMF Risk Management Framework
- RMF work flow process
- eMASS
- DADMS/DITPR-DON
- Cybersecurity package submission
- A&A Assessment and Authorization
- Presentation Skills
- Strong attention to detail
Additional Information
DoD Top Secret
Certification
- CompTIA (CASP) Advanced Security Practitioner DoD 8570 IAT III IAM II
- CompTIA Security+ SYO-401 ce
- NQV (Navy Qualified Validator) Level II
- ITIL v.3 Foundations
DoD Training
DoD Completed Training:
- eMASS ILT and CBT
- DISA RMF Implementing and Assessing ILT
- DISA 32 Hour ACAS CBT
- SPAWAR-RMF-ISSE-201-205
- SPAWAR-RMF-Validator 201-205
- DISA HBSS 32 hour CBT
- Numerous other DoD training
Timeline
ISSE, Information Systems Security Engineer
TIAG
07.2021 - Current
ISSE/NQV
General Dynamics Information Technology
10.2019 - 07.2021
Cyber Security Engineer A/A SCA-V
C4 Planning Solutions
02.2019 - 10.2019
Information Assurance Analyst Senior
Alion Science & Technology
08.2018 - 02.2019
Cyber Security Analyst
DELTA Resources, Inc.
01.2018 - 08.2018
Enterprise Service Desk Specialist
Hewlett Packard Enterprise DXC Technology
06.2017 - 01.2018
Account Manager
Ferrandino & Son
02.2016 - 06.2017
Auxiliary Instructor
Fredericksburg City Schools
09.2013 - 02.2016
Bachelor of Science - Business Administration
The Citadel
Similar Profiles
Julia KarmirisJulia Karmiris
Executive Officer at U.S. Agency for International Development (USAID)Executive Officer at U.S. Agency for International Development (USAID)
Mmamogoshi (Mo) LeballoMmamogoshi (Mo) Leballo
In-Home Nanny at Phindile AtatIn-Home Nanny at Phindile Atat
Andi GarciaAndi Garcia
PCT at American Renal AssociatesPCT at American Renal Associates
Mirabelle Pardinez PagalaMirabelle Pardinez Pagala
Information Systems Security Engineer (ISSE)/ISSO/Cybersecurity Lead at Department of the NavyInformation Systems Security Engineer (ISSE)/ISSO/Cybersecurity Lead at Department of the Navy
PATRICK TAMAKLOEPATRICK TAMAKLOE
INFORMATION SYSTEM SECURITY ANALYST II (ISSE) at HERREN ASSOCIATESINFORMATION SYSTEM SECURITY ANALYST II (ISSE) at HERREN ASSOCIATES