Click Here for the PDF Version.

Vitals:

• Phone: +1 850 691 9708
• Email: justin@initcyber.com
• Location: Atlanta, GA
• Website: www.initcyber.com
• LinkedIn: imjustinjohnson
• GitHub: initcyber

Senior Information Assurance Analyst

Highly accomplished Senior Information Assurance Analyst with 10+ years of experience in cybersecurity and IT management. Proven track record of delivering exceptional results, leading teams, and implementing best practices in compliance and risk management. Skilled in Zero Trust architecture, NIST RMF, and regulatory compliance. Proficient in cloud security, vulnerability scanning, and governance frameworks.

Education

Western Governors University, MBA in MBA - IT Management

• Aug 2024 – May 2025
• Masters of Business Administration - In Progress

Colorado State University-Global Campus, B.Sc in Cyber Security

• Aug 2016 – May 2018
• 4.0 GPA
• Magna Cum Laude

Florida State University, B.Sc in Criminology

• Aug 2007 – May 2011
• 3.7 GPA

Experience

SeKON, Lead ISSE / Compliance Management

• Aug 2020 – present
• Rosslyn, VA
• Led a team of three (3) Information Systems Security Engineers, improving processes and reporting daily to Government Leadership.
• Reviewed CISA and DISA guidance, providing recommendations for implementing best practices within the Cyber team.
• Analyzed Executive Orders and OMB policies to offer insights on topics like Zero Trust (NIST 800-207) and NIST RMF Revision 5.
• Coordinated with the government on annual reviews, risk assessments, and impact assessments for ATO efforts.
• Developed and managed policies, procedures, and guidelines for compliance with NIST RMF and regulatory requirements.
• Automated weekly vulnerability scanning from ACAS into eMASS through the use of DISA’s CMRS dashboard, reducing manual workload by 60%
• Developed Splunk Dashboards for monitoring RMF 800-53 controls.
• Reviewed and updated Security Packages with ISSOs and recommended STIG/SRG changes for annual reviews and ATO events. Conducted SCAP scans and STIG Checklists for information systems.
• Converted five (5) Systems of Record from ATO-C (restricted) to Full ATO’s in less than 6 months, ahead of schedule.
• Managed configuration, change requests, and POA&M activities.
• Assisted in crafting policy-driven responses to technical RFPs (Requests for Proposal) and RFQs (Requests for Quotation), ensuring compliance with government regulations.
• Contributed to the development of winning proposals, successfully bidding on numerous government contracts.

Georgia Tech Research Institute, Information Systems Security Officer

• Nov 2018 – Aug 2020
• Atlanta, GA
• Implemented the Risk Management Framework (RMF), NIST SP 800-37, JSIG, and other relevant compliance documents.
• Developed Security Documentation for Information Systems, including SCTM, SSP/SAP, Contingency Plans, RAR, Continuous Monitoring, and POAM, while maintaining system design throughout the lifecycle.
• Conducted weekly vulnerability scans using Nessus and Splunk, with monthly patching of Nessus scanners.
• Delivered weekly and annual cyber-security training for technical and non-technical personnel.

Mount Vernon Towers, IT Technician

• July 2018 – Nov 2018
• Atlanta, GA
• Redesigned company network to enhance data efficiency and reduce costs by integrating external services.
• Established testing and hardening practices for network and physical security.
• Assisted residents and employees with daily IT issues and new technologies.
• Managed wireless and wired networks, VPN, and IP/POT telephones.

Bay County Sheriff’s Office, Corporal, Field Services Division

• July 2013 – July 2018
• Panama City, FL
• Supervised and led multiple patrol deputies.

Current Certifications

CISSP, ISC(2)

AWS Solutions Architect Associate, Amazon Web Services

Azure Fundamentals, Microsoft

Office 365 Fundamentals, Microsoft

Security Compliance and Identity Fundamentals, Microsoft

Security+, CompTIA

Network+, CompTIA

A+, CompTIA

Projects

Hybrid Cloud Homelab

• github.com/initcyber/homelab
• Currently designing and implementing a hybrid cloud homelab as a testing environment for Proof of Concept (PoC) ideas.
• Utilizes several logging and monitoring solutions such as Splunk and Wazuh.
• CI/CD Pipelines for automation with Github Actions.
• Integrated security tools for streamline development and testing processes.

Technologies

• Languages: Python, Powershell, Bash, Git
• Technologies: Cloud (AWS, Azure, GCP, Oracle) VMware, KVM, Hyper-V
• Tools: Ansible, Terraform, Splunk, Wazuh, Nessus, VMware, AWS, Azure, Docker, Splunk, ELK, Nessus,
• Regulatory Compliance: NIST 800-37/800-53/800-171, Zero Trust (800-207), HIPAA, JSIG, NIST Cybersecurity Framework