Elizabeth Foster - Independent Cybersecurity Consultant at Various Companies - Consulting

Disclaimer: This information was obtained from publicly available sources online and is believed to be accurate at the time of publication. Valimates collects this information with proprietary technology and cannot guarantee the accuracy or completeness of the data. The purpose of the data is to inform the reader about the expertise of the individual and should not be used for any other purpose. Valimates does not have any affiliation with the individual.

Elizabeth Foster Independent Cybersecurity Consultant at Various Companies - Consulting

Claim Profile Update Profile Delete Profile

Elizabeth Foster is an impressive independent cybersecurity consultant with over 15 years of experience in helping organizations achieve and maintain their security posture while adhering to regulatory security frameworks. With her strong background and credentials in security engineering, risk assessment, gap analysis, and system security documentation, Elizabeth is a trusted expert in the field. She has a remarkable record of working with various clients, including federal government, commercial, and non-profit organizations, to provide hands-on security engineering and compliance solutions. Elizabeth's core competencies include compliance and advisory support for CMMC, FedRAMP, and ISO 27001, as well as security analyst and assessment activities. Her mission is to deliver high-quality and effective cybersecurity services that meet the needs and expectations of her clients. With her extensive knowledge and experience, Elizabeth is a valuable asset in the cybersecurity industry.

Note: This summary uses gender-neutral language throughout.

More about this expert

Full name: Elizabeth Foster
Location: Chantilly, Virginia, United States
Title: Independent Cybersecurity Consultant
Company: Various Companies - Consulting
LinkedIn profile: https://www.linkedin.com/in/elizabeth-foster-43b19824/
LinkedIn Connections: 17500
Summary: I am an independent cybersecurity consultant with over 15 years of experience in helping organizations achieve and maintain their security posture while adhering to their regulatory security frameworks. I have a strong background and credentials in security engineering, risk assessment, gap analysis, and system security documentation. My core competencies include compliance and advisory support for CMMC, FedRAMP, and ISO 27001, as well as security analyst and assessment activities. I have worked with various clients, including federal government, commercial, and non-profit organizations, to provide hands-on security engineering and compliance solutions. My mission is to deliver high-quality and effective cybersecurity services that meet the needs and expectations of my clients.
Skills: Computer Security Systems Engineering

Education

Strayer University: a Bachelor's Degree
Attended in 2004
Field of study: Computer Networking

Positions

Various Companies - Consulting: Independent Cybersecurity Consultant
Aug 2011 - Present

* Provide support with FedRAMP with either developing the security documentation for the cloud service provider or assisting the 3PAO with assessments.
*Assist commercial firms with implementing and implementing CMMC, FedRAMP, DFARS, ISO, FISMA, HIPAA, SOC, and NIST SP 800-171 compliance requirements. This includes developing and documenting policies, procedures, system documentation (e.g., incident response, contingency plan, configuration management, system security plan, etc.) and providing security engineering support.
* Assist federal and local government agencies with meeting NIST SP 800-53.
* Assist non-profit, civil agencies and commercial organizations with implementing their organization's security framework by using guidance and requirements from NIST, FISMA, HIPAA, FedRAMP, SOC, etc.
*Evaluate the security design for applications and networks. Work within the team to designs, test, and implements state-of-the-art system security architecture.
* Responsible for conducting security and risk assessment activity.
* Work with clients on accomplishing predefined objectives and strategies as defined in the statement of work.
Argotek: Information System Security Engineer (ISSE)
Jun 2010 - Aug 2011

* Provide security engineering support to ensure security requirements (e.g., CNSSI 1253, ICD 503, DOD 8500 (series) and NIST) are properly deployed into an information system.
*Participate in all phases of the DOD certification & accreditation (C&A) process.
* Participate in configuration management activities. This consists of evaluating system modification to determine potential vulnerabilities and providing risk mitigation strategies and ensuring all security documentation is current.
Various Companies - Consulting: Information Assurance Consultant
Dec 2008 - Jun 2010

*Evaluate and document the security framework for applications and network architecture.
*Evaluate and provide recommendations for the security design for applications and networks.
*Document the existing threat modeling for applications
*Analyze requirements for security aspects of enterprise-wide infrastructures.
* Work within the team to designs, test, and implements state-of-the-art secure operating systems, networks, and database products.
* Responsible for conducting security assessments and monitoring how NIST IA security controls are implemented and maintained.
* Assist federal agencies with determining Federal Information Security Management Act (FISMA) compliance level.
* Assist clients with analyzing, implementing and/or enhancing their information system security policies, standards, and processes.
* Develop various forms of security documentation in support of Risk Management Framework.
* Responsible for managing teams that deploy within the continental United States that conduct a security assessment for federal government agencies.
* Work with clients on accomplishing predefined objectives and strategies as defined in the statement of work.
SNS One: SR System Security Specialist
Jun 2007 - Dec 2008

* Work with US Army program managers, system developers and engineers to define security requirements for systems that will be used to support various government entities. This also includes briefing government representatives on the new technology and the security that will be used.
* Draft enterprise security standards and guidelines for system configuration.
* Responsible for utilizing various security tools (e.g., Retina, SECSCAN, WASSP, DISA Scripts etc) to evaluate the security posture of an information system.
Consulting - Various Companies: Consultant
Apr 2005 - Jun 2007

* Assist organizations with meeting all FISMA compliance requirements.
* Perform network and host based scans using vulnerability assessment tools. These security tools consist of Retina, Harris Stat, Nessus, CIS Benchmark tools, Microsoft Baseline Security Analyzer, DISA Scripts and Gold Disk etc.