Jesse Bliss

CISSP, CCSP

Greater Tampa Bay Area

About

Meticulous and analytical Information Security professional with 7 years of experience implementing security software, facilitating cybersecurity training, and advising clients on hardware/software acquisition for project development. Driven professional skilled in performing risk analysis, optimizing standard operating procedures (SOP), and managing system configuration. Adept at collaborating with cross-functional teams to meet/exceed project objectives while maintaining compliance with policies and procedures. 2020 and 2024 DCSA Cogswell award recipient. Active Secret Clearance. CompTIA Sec+, ISC2 CISSP and CCSP certified. OSHA 30 and Lean Six Sigma Yellow Belt qualified. Disabled veteran of the U.S. Army with the 82nd ABN DIV.

Experience

  • Classified Systems Engineer at Draper
    Feb 2024 - Present · 2 yrs 6 mos

    Build, configure, and deploy secure information systems and maintain associated hardware/software. Implement controls defined within NIST 800-53 & 800-171 to ensure information confidentiality, integrity, and availability. Configure and utilize SIEM (Splunk) and vulnerability scanner (Nessus) to assess system security compliance and mitigate vulnerabilities. Work closely with ISSO/ISSM in reviewing, certifying, and maintaining information systems in accordance with System Security Plan (SSP) in support of program Authorizations to Operate (ATOs). Provide day-to-day support, maintenance, and upgrades of site IT infrastructure in coordination with corporate IT organization. Interface with senior leadership and project management teams to brief operational status and updates.

  • Aero Simulation, Inc. (On-site)
    • Information System Security Manager
      Jan 2023 - Feb 2024 · 1 yr 2 mos

      Trained incoming ISSOs in IS security policies and procedures, continuous monitoring (ConMon), as well as any required technical knowledge. Managed data risk by monitoring data files, regulating data access, and configuring security software such as antivirus and antimalware programs to ensure Defense Counterintelligence and Security Agency (DSCA) standard compliance. Obtained and maintained authorization to operate (ATO) through creating artifacts, preparing system security plans (SSP), and managing eMASS records in conjunction with DAAPM and NISPOM for continuity of necessary company production. Supported company information assurance (IA) compliance through overseeing relevant security training to allow users to retain information system (IS) access.

    • Information System Security Officer
      Apr 2022 - Jan 2023 · 10 mos

  • Information System Security Manager at Honeywell Aerospace USA
    Feb 2021 - Apr 2022 · 1 yr 3 mos

    Interfaced with internal and external customers and security personnel such as government ISSO/ISSMs, ISSPs, SCAs and program managers. Principal advisor on all matters, technical and otherwise, involving the security of IS. Oversaw the re-design of Honeywell’s information assurance standard operating procedures (IASOP) for smoother and more consistent eMASS submissions. Acted as the information security subject matter expert (SME) when advising hardware and software acquisition for classified programs. Performed routine ConMon to allow ISSOs flexibility to support programs as needed. Selected, tailored, implemented and assisted in validating security controls with respect to security categorizations and applicable guidance such as the JSIG, NIST SP 800-37, and NIST SP 800-53. Defined system security requirements and associated verification methods. Participated in an IS risk assessment during the A&A process and design security countermeasures to mitigate identified risks. Identified and assessed vulnerabilities and susceptibility to life cycle disruptions, hazards, and threats. Provided security considerations to inform systems engineering efforts with the objective to reduce errors, flaws, and weakness that may constitute security vulnerability leading to unacceptable asset loss and consequences. Performed system security analyses in support of decision making, risk management, and engineering trades. Demonstrated through evidence-based reasoning that security claims for the system have been satisfied. Ensured that the implementation of security designs properly mitigate identified threats. Documented system security design features and provide input to implementation plans and standard operating procedures. Reviewed violations of computer security procedures and developed mitigation plans in accordance with latest DAAPM guidelines and requirements.

  • 11B at Florida National Guard
    Jun 2019 - Jul 2021 · 2 yrs 2 mos

  • Information System Security Officer at Securitas Critical Infrastructure Services, Inc.
    Mar 2019 - Feb 2021 · 2 yrs

    Collaborated with Navy, Air Force and other government customer and program personnel to maintain necessary access to information systems by managing employee IS accounts in Active Directory. Performed monthly risk analyses using Open Vulnerability and Assessment Language (OVAL) scans to detect and remediate vulnerabilities on an information system. Deployed updates to operating systems, anti-virus, and additional software monthly to mitigate potential vulnerabilities. Performed monthly compliance checks using SCAP Compliance Checker (SCC) with the most recent benchmarks to ensure system was security compliant. Hardened systems by deploying an approved and current Secure Host Baseline (SHB) and using the latest Security Technical Implementation Guide (STIG) viewer files in order to define security settings as necessary. Enforced the security of workstations by conducting routine security audits which allowed me to identify any potential security concerns and protect classified assets.