Robert Larson

NIWC LANT:

• Preparing, implementing, and ensuring compliance with cybersecurity policy, to include full Assessment and Authorization requirements.
• Planning, implementing, upgrading, and monitoring cybersecurity measures to improve cyber defense and maintain a cyber-resilient network.
• Assessing cybersecurity vulnerabilities for risks and proposing/implementing remediation actions or risk mitigation strategies.
• Ensuring appropriate security controls are in place that will safeguard digital files and electronic infrastructures.
• Conducts security audits on IT infrastructure and managing appropriate scans and STIG checklists.
• Create and managed Assured Compliance Assessment Solution (ACAS) policies to ensure all scans contain required plug-ins and are successfully credentialed.
• Conduct thorough ACAS scans, analyze findings, and communicate actionable insights to the
• Provide mentorship and guidance to junior staff on eMASS use and RMF processes, fostering a strong understanding of risk management and security control implementation.
• Mentor and provide technical guidance to junior and mid-level ISSEs, fostering a collaborative environment focused on continuous improvement and professional growth
• Acted as the technical subject matter expert in cybersecurity, providing strategic guidance on threat mitigation, risk management, and security architecture.
• Collaborate with project managers on Naval systems to define technical requirements, set priorities, and ensure deliverables were met on time and within budget.
• Spearhead the adoption of new cybersecurity technologies, tools, and frameworks, enhancing the security posture of the organization. i.e Naval Rapid Assess and Incorporate Software Engineering (example: RAISE 2.0, STIG Manager).
• Provide information for detailed technical documentation, including system architecture diagrams, deployment procedures, and security protocols.
• Assist in the development and enforcement of security policies, procedures, and standards to ensure compliance with regulatory requirements (e.g., NIST, FISMA).
• Coordinate with cross-functional teams to integrate cybersecurity best practices into all stages of development, from design to deployment, ensuring secure product delivery.
• Implement and maintain the security controls for both physical and virtual servers, including patch management, firewalls, and intrusion prevention systems.
• Administer secure backup and recovery processes to ensure business continuity, including off-site storage, encryption, and disaster recovery planning.
• Collaborate with network and development teams to ensure integration of cybersecurity best practices in server configurations and patching cycles.
• -ead the implementation and enforcement of STIGs across Fleet Application System (FAS) server environments, ensuring compliance with DISA guidelines and improving overall security posture.
• Conduct regular audits and reviews of server configurations to ensure STIG compliance, mitigating security risks and identifying areas for continuous improvement.
• Developed and implemented custom SQL scripts and automation tools to streamline the deployment of STIG-compliant server configurations, reducing manual effort and improving efficiency.
• Manage the process of tracking and remediating STIG findings for the Fleet Application Server (FAS) servers, ensuring that all critical security vulnerabilities were addressed in a timely manner to maintain accreditation.
• Provide guidance and training on STIG compliance to fellow security engineers, enhancing team understanding of security requirements and their role in maintaining secure environments.
• Led periodic STIG compliance assessments for servers, generating reports and working with stakeholders to prioritize remediation efforts based on risk assessments.
• Conduct security assessments and manage the full RMF process for standalone and cloud server environments, ensuring all security controls were implemented, tested, and verified for system accreditation in tight deadlines.
• Work closely with senior program office personnel to ensure servers met all RMF requirements for accreditation, addressing any deficiencies and aligning with federal security regulations.
• Coordinate with various teams to collect evidence for RMF assessments, ensuring that server configurations, patches, and hardening measures were documented and aligned with regulatory standards.

• Performed Assessment and Authorization (A&A) of 11 systems in accordance with Risk Management Framework (RMF) NIST 800-53r4 Security and Privacy Controls for the Maintenance Figure of Merit (MFOM) systems.
• Responsible for ensuring IA compliance with DoD standards using Security Technical Implementation Guide (STIG), Assured Compliance Assessment Solution (ACAS), Security Content Automation Protocol (SCAP) software, and Evaluate-STIG for MFOM accreditation packages.
• Responsible for developing and maintaining MFOM network security principles, policies, and procedures to encompass all technical and non-technical controls.
• Analyzed security vulnerabilities from ACAS results/STIG testing and provided remediation.
• Conducted thorough vulnerability assessments on military systems, identified gaps, and implemented effective security controls to protect against cyber threats.
• Initiated, completed, and provided after action recommendations for Contingency Plan exercises.
• Works closely with system ISSO to maintain operational security posture.
• Maintained Windows servers by installing necessary patches and packages for security hardening.
• Developed and tracked the POA&Ms while patching for timely closure.
• Developed, reviewed, and update Information Security system policies, System Security Plans (SSP), and security baselines in accordance with NIST, FISMA, NIST SP 800-18, and industry best security practices.
• Experienced managing servers through Amazon's cloud computing platform via Elastic Compute Cloud (EC2).
• Experience in the full RMF A&A process.

• Conducted thorough CCRI audits across multiple organizational units, evaluating adherence to cybersecurity policies and standards.
• Analyzed network configurations and security controls during CCRI audits, identifying vulnerabilities and recommending remediation strategies.
• Facilitated meetings with key stakeholders to communicate CCRI objectives, timelines, and outcomes effectively.
• Managed and configured HBSS (Host-Based Security System) across enterprise networks, ensuring comprehensive endpoint security.
• Conducted regular audits and assessments of HBSS deployments to identify vulnerabilities and optimize security posture.
• Prepared comprehensive audit reports detailing findings, recommendations, and compliance status for senior management and regulatory review.
• Designed and implemented Splunk deployments for log aggregation, analysis, and visualization, enhancing operational intelligence and security monitoring.
• Led the installation, operation, administration, and maintenance of wide area communications networks and information systems supporting tactical, operational, strategic, and sustaining base operations.
• Performed a broad range of tasks formulating, implementing, and insuring adherence to Department of Defense (DOD) and Department of the Army (DA) cyber security policies and procedures.
• Provided comprehensive cybersecurity and computer network security knowledge, using proactive vulnerability management best practices and techniques.
• Provided backup support in highly technical areas related to computer network defense, bandwidth management, Information Assurance Vulnerability Alert (IAVA), and firewall administration.
• Provided input for all Cybersecurity related policies, procedures, and guidance in the form of plans.
• Created, modified, and assessed Cybersecurity Facility Checklists while collaborating with company Information Assurance.
• Utilized the ACAS to monitor systems, detect vulnerabilities, and ensure compliance across our area of operation.
• Performed privileged user account creation, modification, and removal using Active Directory; conducted scans on computers to grant wireless access to support ongoing missions.
• Utilized scanning equipment for wardriving in order to survey and detect rogue wireless access points in buildings located in our area of operation.
• Applied standards, policies, and procedures to analyze and advise senior personnel on systems and security matters; provided direct customer service and support to help resolve security vulnerability issues that cannot be resolved through automated means.
• Conducted training and briefings to ensure baseline information was communicated to staff and tenant departments; designed a digital storage system to keep data organized and easily accessible to employees that needed the information.
• Worked with RMF packages for stand-alone architectures by providing server administration, hardening, and continuous monitoring; provided support for the assessment and compliance of information systems with RMF standards.
• Configured, documented and recorded all controls in DISA's Enterprise Mission Assurance Support Service (eMASS) system.
• Facilitated vulnerability scans of systems, as well as STIG testing.
• Ensured all users met regulation requirements before granting user access to information systems while maintaining required mandatory training to support user access.
• Designed, developed, and recommend integrated security solutions for multiple unclassified and classified systems and projects to foster a secure baseline environment.
• Stayed up-to-date on DISA patch releases, IAVM/IAVAs remediation, and ensuring POA&M items are addressed in a timely manner.
• Instructed internal, company wide CompTIA Security + classes leading to over 150 students getting certified over the span of three years.