Mark A. Jones
Suitland, MD *****
Phone: 202-***-****
Email: *****@*****.***
Clearance Level: TS/SCI/CI POLY
EXECUTIVE SUMMARY
Detail-oriented and highly skilled Cyber Security System Engineer with over ten years of experience in designing, implementing, and managing cybersecurity solutions across diverse technical environments. Proven ability to build secure systems, enhance operational efficiency, and lead teams in high-stakes environments. Recognized for delivering innovative security frameworks that meet compliance requirements while anticipating the evolving cyber threat landscape.
CORE COMPETENCIES
Cybersecurity Engineering & Architecture
Security Control Assessments & Authorization
Risk Management Framework (RMF) Implementation
Advanced Vulnerability Management & Threat Analysis
Security Software Development Lifecycle (SecSDLC)
System Hardening & Configuration Management
Cloud Security Solutions (AWS, Azure, O365)
Incident Response & Forensic Analysis
Cross-Domain Solutions (Forcepoint / AFRL)
CERTIFICATIONS
CompTIA Advanced Security Practitioner (CASP)+
Pursuing: Security+, Microsoft Certifications
PROFESSIONAL EXPERIENCE
Security Control Assessor / System Security Engineer
GovCIO – DHS, Washington DC
Sept 2019 – Present
- Lead end-to-end cybersecurity assessments and engineering solutions for cross-domain information systems using RMF, ensuring secure and compliant operations.
- Collaborate with ISSOs to evaluate systems' confidentiality, integrity, and availability, leading to enhanced overall security frameworks.
- Drive the design and implementation of continuous monitoring strategies, successfully navigating multiple systems through Authority to Operate (ATO) processes.
-Help address challenges to ensure customers disparate legacy systems are compliant with current cybersecurity policy and support the Project Manager’s management plan and provide inputs to update the plan when necessary.
- Produce detailed technical reports and executive summaries, improving senior leadership's ability to make informed strategic decisions.
Information System Security Officer / System Security Engineer
Zermount Inc – DHS/USSS, Washington DC
Oct 2017 – Aug 2019
-Led the development and engineering of Security Authorization documents (SSP, POA&M, Risk Assessments) for federal information systems.
- Conducted extensive vulnerability analyses and risk assessments using industry best practices to fortify network architectures against cyber threats.
- Engineered advanced security protocols by integrating Group Policies (GPOs) and securing hardware/software configurations.
- Actively engaged in the Request for Change (RFC) and Configuration Control Board (CCB) review process for upcoming system implementations within the US Secret Service (USSS) programs.
Information System Security Officer
Criterion Systems – SBA, Washington DC Oct 2016 – Oct 2017
- Managed comprehensive cybersecurity engineering processes for high-profile government systems, ensuring FedRAMP compliance and real-time monitoring.
-Develop a variety of Security Authorization deliverables including System Security Plans, Security Assessment Reports, Risk Assessment Reports, Privacy Impact Assessments (PIA), Annual Assessments, Contingency Plans, FIPS 199 Security Categorizations, Plan of Action and Milestones (POA&M), etc.
- Designed and implemented virtualized testing environments to improve pre-assessment readiness, enhancing the overall security posture.
- Conducted extensive vulnerability analyses and risk assessments using industry best practices to fortify network architectures against cyber threats.
Information System Security Officer
VOR Technology – Ft. Meade Army Base, MD
Feb 2016 – July 2016
- Conducted thorough risk analyses and vulnerability assessments, improving security measures for mission-critical systems.
- Authored technical security documentation and ensured compliance with RMF and relevant security standards.
-Requested required information for system vulnerability scans in accordance to establish policy.
-Assessed and mitigated system security threats/risks throughout the program life.
cycle; determined/analyzed and decomposed security requirements at the
level of detail that can be implemented and tested.
IA Analyst / Desktop Support
McKean Defense Group – Naval Surface Warfare Center, MD
Aug 2015 – Feb 2016
- Trained personnel on security best practices, enhancing system protection and operational efficiency through strategic initiatives.
- Led risk assessments and implemented security measures to safeguard against unauthorized access, preserving system integrity.
-Monitor the use of data files and regulate access to safeguard information in computer files.
Senior System Specialist
ManTech International Corporation – JBAB Air Force Base, Washington DC
Oct 2009 – Oct 2014
- Oversaw comprehensive network security analysis and compliance initiatives (NIST, RMF), advising leadership on effective vulnerability mitigation strategies.
-Maintain file servers, network access, document, analyze and troubleshoot system anomalies to ensure optimum equipment performance.
-Evaluate IT threats and vulnerabilities to determine whether additional safeguards are needed.
- Ensured the proper declassification and handling of secure system memory and media, significantly enhancing operational compliance.
EDUCATION
- Massachusetts Institute of Technology (MIT)
No Code AI and Machine Learning June 2023 – Sept 2023
- TESST Technology College
Networking Technology June 2004 GPA: 3.7
Award: Student of the Year
TECHNICAL SKILLS
-Cybersecurity Tools
-RSA Archer, Xacta 360, ACAS Security Center, Qualys, Nessus, CSAM
-Cloud & Network: AWS, Azure, O365, TCP/IP, HTTP, DNS, SSL/TLS
-Operating Systems: Microsoft Windows, Linux, Apple OS
-Languages & Frameworks: SQL, Hibernate
- Specialties: Risk Assessment, Vulnerability Management, Authentication & Access Control, Regulatory Compliance