Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

MURVEE C GRAY

Newark

Summary

Secret Security Clearance | DoD Skilled Information Security Analyst, knowledgeable in risk management framework (RMF), systems development life cycle (SDLC), security life cycle, and vulnerabilities management using FISMA, FedRAMP, DoD DISA, and applicable NIST standards. Organized, Solutions-focused, deadline-focused, team oriented, work well independently, or in team providing all facets of computer supports with in-depth knowledge and understanding of numerous software packages and operating systems. A proven project and team lead with aptitude for good customer service, leadership, excellent communication (both oral and written), and presentation skills. Specialized in providing IT security expertise and guidance in support of security assessments and continues monitoring for government and commercial clients.

Overview

8
8
years of professional experience
1
1
Certification

Work History

IT Security Engineer

U.S. Army National Guard
01.2018 - Current
  • Facilitated all Assessment and Authorization (A&A) processes, Security Policies documentation, Vulnerability Management, Incident Reporting, Mitigation, and Continuous Monitoring activities for systems and applications
  • Developed, reviewed, and updated Information Security System Policies, System Security Plans, and Security baselines in accordance with NIST, FISMA, DoD DISA, OMB App
  • III A-130 and industry best security practices
  • Applied appropriate information security control for Federal Information System based on NIST 800-37, SP 800-53, FIPS 199, FIPS 200 and OMB A-130 Appendix III
  • Direct experience with formatting, customizing, and providing feedback for documentation relating to Information Assurance & IT Security Vulnerability
  • Provided security expertise and guidance in support of security assessments
  • Supported A&A (C&A) activities according to the A&A project plan
  • Review, analyze and evaluate business system and user needs, specifically in Authorization and Accreditation (A&A)
  • Perform internal audits of the systems prior to third party audits
  • Reviewed authorization documentation for completeness and accuracy for compliance
  • Facilitated Security Control Assessment (SCA) and Continuous Monitoring Activities
  • Executed examine, interview, and test procedures in accordance with NIST SP 800-53A
  • Ensured cyber security policies are adhered to and that required controls are implemented
  • Validated information system security plans to ensure NIST control requirements are met
  • Authored recommendations associated with findings on how to improve the customer's security posture in accordance with NIST controls
  • Assisted team members with proper artifact collection and detail to clients examples of artifacts that will satisfy assessment requirements
  • Updated and reviewed A&A Packages to include Core Docs, Policy & Procedures, Operations and Maintenance Artifacts, SSP, SAR, FIPS 200, FIPS 199, POA&M, CPTPR, BIA, PTA, PIA, and more
  • Collected Operation and Maintenance artifacts on an ongoing basis so that Security Control Assessment (SCA) is seamless
  • Uploaded supporting docs in the System's Artifact Libraries, Google Docs, Box, eMASS, and CSAM
  • Updated, reviewed, and aligned SSP to the requirements in NIST 800-53; so that assessments can be done against the actual requirements and not ambiguous statements
  • Managed vulnerabilities with the aid of Nessus vulnerability Scanners to detect potential risks on a single, and multiple assets across the enterprise network
  • Reviewed SAR post assessment; created and completed POA&M's milestones to remediate findings and vulnerabilities
  • Monitored security controls post authorization to ensure continuous compliance with the security requirements

IT Security Analyst

Panthergon IT & Cybersecurity Solutions
07.2017 - 01.2018
  • Developed, reviewed, and updated Information Security System Policies, System Security Plans, and Security baselines in accordance with NIST, FISMA, OMB App
  • III A-130 and industry best security practices
  • Applied appropriate information security control for Federal Information System based on NIST 800-37 rev1, SP 800-53, FIPS 199, FIPS 200 and OMB A-130 Appendix III
  • Provided security expertise and guidance in support of security assessments
  • Supported A&A (C&A) activities according to the A&A project plan
  • Reviewed authorization documentation for completeness and accuracy for compliance
  • Facilitated Security Control Assessment (SCA) and Continuous Monitoring Activities
  • Executed examine, interview, and test procedures in accordance with NIST SP 800-53A
  • Ensured cyber security policies are adhered to and that required controls are implemented
  • Validated information system security plans to ensure NIST control requirements are met

Technical Support Crew Member

McDonald's
05.2015 - 08.2017
  • Identified and prioritized needs for enabling platforms and responder teams
  • Worked with the various engineering, operations, infrastructure, and platform teams to resolve problems in a timely and effective manner
  • Developed and implemented processes and procedures to keep templates, standards, and other team artifacts updated and accessible
  • Monitored and analyzed platform and tool features to find new uses and functionality for the tools that teams can use
  • Facilitated communication and collaboration between the responding teams to identifying ways to improve collaboration

Education

High School Diploma -

St George's Technical High School
Middletown, De

Skills

  • TECHNICAL AND SPECIALIZED SKILLS
  • Nessus Vulnerability Scanner, Microsoft Office, Excel, Word, PowerPoint, MS Project, Access, Mac, Microsoft Windows, Linux, VMware, Oracle virtual box, Parallel Virtual Machine, eMASS, CSAM, RSAM, Tripwire, Box, Accellion/WatchDox secured file solution, PCR machine models, RMPS, Remedy, Splunk, Active Directory, ServiceNow, Trend Micro, and more
  • SKILLS
  • Ability to establish and maintain effective working relationships with clients and co-workers
  • Skills in interviewing users to help analyze and resolve issues
  • Strong communication (verbal & written) and presentation skills
  • Strong organizational, analytical and planning skills
  • Ability to read and interpret system security policies, rules and regulations
  • Ability to communicate security and risk-related concepts to both non-technical and technical audiences

Certification

Assessment and Authorization (A&A) IT Security Compliance Vulnerability Assessment Vulnerability Scanning Security Test and Evaluation (ST&E) Certification and Accreditation (C&A) Risk Assessment Systems Development Life Cycle Technical Writing Project Management and Support Languages English

Timeline

IT Security Engineer

U.S. Army National Guard
01.2018 - Current

IT Security Analyst

Panthergon IT & Cybersecurity Solutions
07.2017 - 01.2018

Technical Support Crew Member

McDonald's
05.2015 - 08.2017

High School Diploma -

St George's Technical High School

Similar Profiles

  • Isaiah Miller

    Isaiah MillerIsaiah Miller

    Supply Specialist at U.S. ARMY NATIONAL GUARD, Teaneck National Guard ArmorySupply Specialist at U.S. ARMY NATIONAL GUARD, Teaneck National Guard Armory

  • Jared Hosmer

    Jared HosmerJared Hosmer

    Military Police Officer at U.S. Army National GuardMilitary Police Officer at U.S. Army National Guard

  • Riley Yoder

    Riley YoderRiley Yoder

    11C Indirect Fire Infantry at U.S. Army National Guard-Indiana11C Indirect Fire Infantry at U.S. Army National Guard-Indiana

  • Alexa Sieg

    Alexa SiegAlexa Sieg

    Signal Support Systems Specialist at U.S. Army National GuardSignal Support Systems Specialist at U.S. Army National Guard

  • Maryann Winchester

    Maryann WinchesterMaryann Winchester

    Customer Care Advocate at Bread FinancialCustomer Care Advocate at Bread Financial

CREATE PROFILE
MURVEE C GRAY