Tami Scriven
Raleigh
Summary
Dedicated Cybersecurity Engineer with extensive expertise in system design, testing and evaluation, and RMF compliance for mission-critical defense programs. Proficient in developing and executing comprehensive cybersecurity test cases, assessing DISA STIG and NIST 800-53 controls, and producing essential authorization artifacts, including SSP, SCTM, and RMF control responses. Demonstrated hands-on experience with a range of security tools such as Splunk, Trellix ENS/ePO, Nexpose, and XACTA, complemented by strong documentation skills and effective collaboration across engineering and testing teams. Committed to enhancing security postures through innovative solutions and rigorous compliance practices.
Overview
13
13
years of professional experience
1
1
Certification
Work History
Cybersecurity Engineer
Oneida Technical Solutions
09.2024 - Current
- Supported design, installation, configuration, and validation of cybersecurity tooling for a Foreign Military Sales (FMS) Air Operations Center across PDR, CDR, and System Acceptance Testing (SAT) phases.
- Installed, configured, and validated Rapid7 Nexpose, Trellix ENS/ePO, and Splunk Enterprise to support vulnerability management, endpoint security, and security monitoring requirements.
- Developed and executed cybersecurity test cases mapped to NIST SP 800-53 controls and SRD requirements, providing objective evidence for system acceptance and accreditation.
- Performed DISA STIG compliance validation for Windows and Linux systems using STIG Viewer and DISA SCAP Compliance Checker, documenting findings and remediation status.
- Authored and maintained SSP sections, Security Controls Traceability Matrix (SCTM), and RMF control responses, supporting assessor review and authorization readiness.
- Supported development of cybersecurity operator and training materials by translating RMF controls, test results, and tool configurations into clear technical guidance for system users.
Cybersecurity Engineer
Builders Mutual
06.2023 - 09.2024
- Strengthened server defenses by configuring CrowdStrike for continuous security monitoring, resulting in a decrease in unauthorized access incidents.
- Managed and secured endpoint devices utilizing Microsoft Defender for Endpoint, resulting in a 25% faster threat detection and response rate.
- Implemented data protection and DLP strategies using Microsoft Purview, ensuring compliance with corporate data governance standards.
- Orchestrated cybersecurity awareness training and phishing campaigns to bolster employee knowledge and responsiveness, leading to a 40% decrease in successful phishing attempts and 35% increase in email reporting.
- Developed and implemented comprehensive cybersecurity policies, reducing security incidents and increasing compliance within the first 6 months, utilizing ISO 27001 and CIS frameworks.
- Conducted weekly vulnerability scans using Microsoft Defender Vulnerability Management and Kace, identifying and addressing critical security risks to reduce overall system vulnerabilities by 45% within 6 months.
Cybersecurity Engineer
Kaztronix, USARC
04.2022 - 06.2023
- Conducted cybersecurity assessments aligning with United States Army Reserve Command RMF, DoD Risk Management Framework 8510.01, NIST 800-53, and SP Rev 4, utilizing security protocols and frameworks.
- Led design and maintenance of Endpoint Security for 70,000 systems across 50 states and US territories, utilizing Trellix Agent and ACAS client.
- Conducted monthly DISA STIG compliance evaluations for ESS, Trellix, Windows, and Linux utilizing STIG Viewer and DISA SCAP Compliance Checker tools; facilitated seamless eMASS submissions.
- Executed weekly security scans using Trellix ePO and ACAS, identifying vulnerabilities and threats, and enhancing server performance.
- Conducted regular updates and reviews of Contingency Plans, System Security Plans (SSP), Network Diagrams, and MOU/SLAs, adhering to strict cybersecurity compliance standards.
Information Systems Security Engineer (ISSE)
Lockheed Martin
02.2019 - 01.2022
- Transitioned from HBSS to ESS for over 1,000 servers and workstations employing McAfee ePolicy Orchestrator (ePO), McAfee Agent, and Endpoint Security.
- Facilitated the regular transfer of updated artifacts to eMASS by holding consistent alignment meetings with ISSO/ISSMs, enhancing overall data integrity and security compliance rates.
- Triumphed in obtaining ATO certifications across three different locations through diligent DCSA evaluations and thorough artifact verifications uploaded to eMASS.
- Ensured security hardening of IT infrastructure by performing consistent monthly STIG checks on Dell/Cisco switches, Microsoft Office suites, Unix/Linux systems, Windows 10, Server 2016/2019, and other network devices.
- Established collaborative configuration management processes, ensuring timely security updates with no impact on Agile development cycles.
- Developed and implemented security policies to safeguard sensitive information and critical infrastructure.
Systems Engineer
U.S. Army
06.2013 - 02.2019
- Migrated 250 Windows 7 workstations and over 50 Windows Server 2008/2012 servers to Windows 10 and Windows Server 2019, reducing security vulnerabilities by 50%.
- Optimized patch management workflow by integrating updated policies for change control, scheduling regular updates, and using automation tools such as SCCM and Ansible, improving compliance rates to 95%.
- Maintained a DOD STIG compliant VMware environment while also conducting patch management on 10 ESXi hosts, 550 vSphere Clients, and 300 vCenter Servers for 2 data centers.
- Led the Tier 2 Help Desk team in closing over 1,200 tickets annually across 4 sites and 4 different states using Service Central ticketing system.
- Proposed and implemented cost-saving plans such as automation of user account creations in Active Directory and automation of group policies via SCCM, which saved the team an average of 20 hours on a weekly basis.
Education
Master of Science - Cyber Security
Western Governors University
Salt Lake City, UT12-2026
Bachelor of Science - Network Operations And Security
Western Governors University
Salt Lake City, UT01.2024
Skills
- Security information and event management
- Security auditing
- Compliance management
- Vulnerability assessment
- Security policy development
- Data loss prevention
- Security information and event management
Certification
- AWS Certified Cloud Practitioner, Amazon AWS, 2024
- AWS Certified SysOps Administrator Assoc., Amazon AWS, 2024
- CCNA 200-301, Cisco, 2023
- LPI Linux Essentials, LPI, 2023
- ITIL V4 Foundation, 2023
- CompTIA A+, CompTIA, 2022
- CompTIA Network+, CompTIA, 2022
- CompTIA Security+, CompTIA, 2022
- CompTIA Project+, CompTIA, 2022
- MTA Networking Fundamentals, Microsoft, 2019
Timeline
Cybersecurity Engineer
Oneida Technical Solutions
09.2024 - Current
Cybersecurity Engineer
Builders Mutual
06.2023 - 09.2024
Cybersecurity Engineer
Kaztronix, USARC
04.2022 - 06.2023
Information Systems Security Engineer (ISSE)
Lockheed Martin
02.2019 - 01.2022
Systems Engineer
U.S. Army
06.2013 - 02.2019
Master of Science - Cyber Security
Western Governors University
Bachelor of Science - Network Operations And Security
Western Governors University