Profiles search
Karen Rodgers
Information Security Analyst at PPC
United States
Details
Experience:
Work onsite at the Environmental Protection Agency to provide Information Security compliance oversight for 23 regional and program offices. Develop security awareness training course materials, and update and maintain information security policy and procedures. Research, track and report NIST 800-53 security control assessments trends..Conduct Plan of Action and Milestone reviews.
2013 : Present
PPC
Information Security Analyst
Provide proofreading, copy editing, and content development for book authors in a wide variety of genres, both fiction and non-fiction using Microsoft Word and the track changes feature. See client testamonials at www.critiqueyourbook.com.
2010 :
Critique Editing Services
President and CEO
Worked under contract to the Department of Justice to perform a certification and accreditation (C&A) on the Victim Notification System and the Victim Internet System for the Executive Office of the United States Attorneys. This process included interviewing the system administrators and others who manage and protect the information systems and their information to obtain responses to the NIST 800-53 security controls deemed appropriate for those systems; determining the evidence needed to support the responses, assessing the submitted artifacts, entering the responses and approved artifacts into CSAM, and providing a report of weaknesses and vulnerabilities found based on the assessment.
2013 : 2013
PPC
Information Security Analyst
Worked onsite to assist the ATF system project leads with ensuring that their projects successfully met SLC milestones. Attended Integrated Project Team meetings to review the project schedule for slippage, reminded the project lead of milestones and deliverable dates and bridged any knowledge and functional gaps that occurred within each team. Provided training on the Serena Dimensions versioning tool and coordinated the Configuration Control Board weekly meetings and requests for change (RFCs).
2012 : 2013
PPC
CM Analyst/Config Control Board Adminisrator
Worked onsite under contract to the Health Resources and Services Agency (HRSA) to assist with bringing their 20 systems into compliance with FISMA regulations. Developed, reviewed and updated the agency’s policies and procedures, and reviewed security-related documents for compliance. Assisted this agency’s operating divisions with vulnerability management by performing continuous monitoring in accordance with NIST Risk Management Framework guidelines. Met with government management and technical staff to deliver vulnerability scan results and to provide suggested remediation tasks in order to bring systems into compliance. Recorded the agreed-upon vulnerabilities and remediation tasks as Plans of Action and Milestones (POAMs) in the Trusted Agent FISMA (TAF) tracking and repository tool. Contacted each division’s Information System Security Officer monthly to determine the progress, then recorded the resolution and uploaded supporting artifacts into TAF. Conducted annual security control assessments (assessing one third of the security controls annually) and third year Certification and Accreditations, when required. Provided subject matter expertise to Information System Security Officers regarding process improvements needed to make systems more secure. Assisted with the Security Awareness program by developing/updating new user and annual refresher security awareness training and developed a monthly security awareness newsletter.
2011 : 2012
Senet International
Information Security Analyst
2013 : Present
PPC
Information Security Analyst
Provide proofreading, copy editing, and content development for book authors in a wide variety of genres, both fiction and non-fiction using Microsoft Word and the track changes feature. See client testamonials at www.critiqueyourbook.com.
2010 :
Critique Editing Services
President and CEO
Worked under contract to the Department of Justice to perform a certification and accreditation (C&A) on the Victim Notification System and the Victim Internet System for the Executive Office of the United States Attorneys. This process included interviewing the system administrators and others who manage and protect the information systems and their information to obtain responses to the NIST 800-53 security controls deemed appropriate for those systems; determining the evidence needed to support the responses, assessing the submitted artifacts, entering the responses and approved artifacts into CSAM, and providing a report of weaknesses and vulnerabilities found based on the assessment.
2013 : 2013
PPC
Information Security Analyst
Worked onsite to assist the ATF system project leads with ensuring that their projects successfully met SLC milestones. Attended Integrated Project Team meetings to review the project schedule for slippage, reminded the project lead of milestones and deliverable dates and bridged any knowledge and functional gaps that occurred within each team. Provided training on the Serena Dimensions versioning tool and coordinated the Configuration Control Board weekly meetings and requests for change (RFCs).
2012 : 2013
PPC
CM Analyst/Config Control Board Adminisrator
Worked onsite under contract to the Health Resources and Services Agency (HRSA) to assist with bringing their 20 systems into compliance with FISMA regulations. Developed, reviewed and updated the agency’s policies and procedures, and reviewed security-related documents for compliance. Assisted this agency’s operating divisions with vulnerability management by performing continuous monitoring in accordance with NIST Risk Management Framework guidelines. Met with government management and technical staff to deliver vulnerability scan results and to provide suggested remediation tasks in order to bring systems into compliance. Recorded the agreed-upon vulnerabilities and remediation tasks as Plans of Action and Milestones (POAMs) in the Trusted Agent FISMA (TAF) tracking and repository tool. Contacted each division’s Information System Security Officer monthly to determine the progress, then recorded the resolution and uploaded supporting artifacts into TAF. Conducted annual security control assessments (assessing one third of the security controls annually) and third year Certification and Accreditations, when required. Provided subject matter expertise to Information System Security Officers regarding process improvements needed to make systems more secure. Assisted with the Security Awareness program by developing/updating new user and annual refresher security awareness training and developed a monthly security awareness newsletter.
2011 : 2012
Senet International
Information Security Analyst
Company:
PPC
Years of Experience:
17
Profile Photo
