Michael C. Kemp
Smyrna
Summary
Accomplished cybersecurity professional at Crest Security Assurance, specializing in DoD RMF lifecycle implementation and adherence to NIST SP 800-53 compliance requirements.
Overview
16
16
years of professional experience
1
1
Certification
Work History
Risk Management Framework (RMF) Task Lead
Crest Security Assurance (CSA)
Smyrna
04.2024 - Current
- Company Overview: Defense Contractor – DCMA Mission Support
- Led a team of cybersecurity professionals—including ISSOs, SCAs, and Audit Readiness Analysts—in support of seven DCMA enterprise systems governed by DoD RMF and DCMA-specific cybersecurity policies.
- Provided strategic guidance and technical oversight for Authorization & Accreditation (A&A) efforts, ensuring timely delivery of complete, compliant security packages aligned with DCMA directives and RMF requirements.
- Maintained continuous Authorization to Operate (ATO) for four DCMA systems by ensuring compliance with over 300 NIST SP 800-53 Rev 5 controls per system, tailored to moderate and high-impact FISMA baselines.
- Executed annual security control assessments (SCA) and led control remediation efforts, achieving 100% submission readiness for Security Assessment Reports (SAR) and Security Plans (SSP).
- Led the successful transition of four DCMA systems from NIST SP 800-53 Rev 4 to Rev 5, performing control gap analysis, implementing new control enhancements, and updating documentation in eMASS—resulting in 75% compliance readiness ahead of ATO renewal deadlines.
- Streamlined security reporting and control implementation tracking in eMASS and DCMA systems of record, maintaining real-time visibility into POA&M progress and control compliance status.
- Defense Contractor – DCMA Mission Support
Senior Cybersecurity Specialist / Program Manager
Tyto Athene / (AT&T GSI)
El Segundo
05.2019 - 04.2024
- Company Overview: Space Force Support
- Served as Project Manager and Cybersecurity Specialist in support of the U.S. Space Command’s Space and Missile Systems Center (SMC) Global Positioning Systems (GPS) Directorate.
- Provided enterprise-level cybersecurity support for the GPS Enterprise, integrating ISCM programs, supporting secure systems engineering, and applying domain expertise across mission systems.
- Acted as a technical advisor on space mission system certification policies, procedures, and reporting, addressing current, emerging, and evolving cybersecurity requirements.
- Led and supported the Cyber Integrated Project Team (IPT), facilitating technical discussions, identifying and mitigating risks, and developing guidance on integrated cybersecurity solutions across GPS programs and projects.
- Conducted risk analyses of system design requirements and recommended cybersecurity strategies for implementing security features across both ground and space systems within the GPS Enterprise.
- Space Force Support
Information System Security Officer (ISSO)
InDyne, Inc.
Vandenberg Space Force Base (SFB)
04.2015 - 05.2019
- Company Overview: Defense Contractor – Space Force Support
- Serve as ISSO and cybersecurity SME for classified and unclassified systems—including NIPRNet and SIPRNet—ensuring compliance with DoDI 8510.01, NIST SP 800-series, and Air Force cybersecurity directives.
- Develop and maintain complete RMF documentation packages, including System Security Plans (SSPs), Security Assessment Reports (SARs), FIPS 199 categorizations, Privacy Threshold Analyses (PTAs), Privacy Impact Assessments (PIAs), Contingency Plans (CPs), and Interconnection Security Agreements (ISAs).
- Remediate POA&M findings through policy analysis, vulnerability scan assessments, system configuration validation, and security procedure updates.
- Review and validate cybersecurity policies, procedures, and artifacts for new and follow-on mission system releases to ensure alignment with evolving DoD and AF requirements.
- Support continuous monitoring and sustainment of system security posture, ensuring confidentiality, integrity, and availability (CIA) through routine assessments, audit log analysis, and compliance tracking.
- Defense Contractor – Space Force Support
Senior IT Security Analyst
InDyne, Inc.
Vandenberg Space Force Base (SFB)
12.2009 - 04.2015
- Company Overview: Defense Contractor – Space Force Support
- Developed system security documentation, including the System Security Plan (SSP), Security CONOPS, Information Systems Continuity Plan (ISCP), Disaster Recovery Plan (DRP), Account Management Plan, Continuity of Operations Plan (COOP), and Audit Log Collection Procedures.
- Produced key artifacts to support Certification & Accreditation (C&A) packages, including hardware and software inventories, room diagrams, accreditation boundary diagrams, IA control assessments, POA&Ms, and security scorecards.
- Supported LTRS C&A activities by reviewing and developing accreditation policies, procedures, and reports in accordance with DIACAP (DoD 8500.2) and Risk Management Framework (RMF) per DoDI 8510.01 and NIST SP 800-30/37.
- Conducted periodic audit reviews of system logs and audit trails to ensure compliance with security policies and protection against internal and external threats.
- Assessed and documented assigned LTRS systems to evaluate security posture and validate adherence to DoD security policies, procedures, and control standards.
- Investigated security violations and breaches; recommended corrective actions and reported findings through formal intrusion reports and summary analysis for leadership.
- Defense Contractor – Space Force Support
Education
B.S. - Computer Information Systems
Fort Valley State University
Fort Valley, GeorgiaSkills
- DoD RMF lifecycle execution
- NIST SP 800-53 compliance
- CNSSI 1253 standards
- FIPS 199 adherence
- DCMA and DoD 520001 guidance
- FISMA compliance
- Information assurance oversight
- Security control assessment
- Continuous monitoring strategies
- EMASS proficiency
- A&A documentation development
- Cyber readiness inspections
- Audit preparation expertise
- Cross-functional leadership
- Resource management
Certification
- AI for Risk Management Framework (RMF) Applications, Vanderbilt University (Coursera), 2025-04-01
- ISC2 Computer Information System Security Professional (CISSP)
- CompTIA Project+
- CompTIA Security+
<Enter your own>
Title: Senior Cybersecurity Lead
Websites
Timeline
Risk Management Framework (RMF) Task Lead
Crest Security Assurance (CSA)
04.2024 - Current
Senior Cybersecurity Specialist / Program Manager
Tyto Athene / (AT&T GSI)
05.2019 - 04.2024
Information System Security Officer (ISSO)
InDyne, Inc.
04.2015 - 05.2019
Senior IT Security Analyst
InDyne, Inc.
12.2009 - 04.2015
B.S. - Computer Information Systems
Fort Valley State University
Similar Profiles
Michael miller GrantMichael miller Grant
Maintenance joiner at CSAMaintenance joiner at CSA
Brennan JonesBrennan Jones
Terminal Superintendent at CSATerminal Superintendent at CSA
Christopher PattersonChristopher Patterson
Video Repair Lead, Retention Supervisor, Customer Service Supervisor at CSAVideo Repair Lead, Retention Supervisor, Customer Service Supervisor at CSA
Whitney BrownWhitney Brown
Registered Nurse II – Women’s Health Outpatient at ChristianaCareRegistered Nurse II – Women’s Health Outpatient at ChristianaCare
Leonard BynumLeonard Bynum
Repossession Agent at Asset Towing And RecoveryRepossession Agent at Asset Towing And Recovery