Download PDF

Andrew Williams

Information Management, Cyber Security, Risk Management, Systems Advisor


25 Years of increasing responsibility in the military with exceptional results experience includes, but not limited to: enterprise systems management, strategic operational planning, project management, quality assurance management, budget and managerial accounting, implementing enterprise resource planning (ERP), organizational and small team leadership.  Expert knowledge in military tactical cyber systems and network security policies.

Work experience

May 2015Present

Information Technology Specialist (INFOSEC) GS-221

Department of Navy, Navy Facilities Command (NAVFAC)

Serves as an Information Security Support Engineer (ISSE) for Navy Facility Command, Information Technology Center. Plans and conducts certification and accreditation (C&A) activities for enterprise systems and network applications for the command. Advises IT Program Managers (ITPM) on DoD Information Assurance policies and Risk Management Framework (RMF) of assigned business applications and systems. Assist in effort to maintain Authority to Operate. Conducts annual reviews of IT business systems and applications. Presents formal and informal briefings to ITPM and higher management on assigned applications and business systems.

Applies solutions to resolve issues and ensures protection of information systems (IS) by utilizing policies, procedures, and implementation strategies in accordance with DoD regulation. Creates, updates, and prepares C&A plans, hardware, server, software, database lists, Risk Assessment Reports, Cyber Incident Response Plans, and validation reports in support of DoD Information Assurance Certification and Accreditation Program (DIACAP) / Risk Management Framework (RMF). Updates Plan of Actions and Milestones (POA&M) and artifacts in eMASS (Enterprise Mission Assurance Support Service). Provides information assurance technical guidance to ITPM for the design, coding, testing, and debugging process for assigned applications and business systems.

Aug 2014May 2015


Defense Information Systems Agency,  Fort Meade Maryland

Assistant Program Manager for Multinational Information Systems, Defense Information Systems Agency (DISA). Advises a combined government-civilian and contractor team on matters relating to a worldwide enterprise network called the Combined Federated Battle Laboratories Network (CBFLNet). Oversees new and emerging information technologies used for the Combined Federated Battle Laboratories Network.  Advises and supports network application testing during all phases by interpreting DoD regulation and Information Assurance policy to ensure information is addressed during engineering and system implementation. Presents formal and informal briefings to higher management on assigned projects as part of the assessment process. Applies solution to solve issues and ensures protection of information systems by utilizing policies, procedures, and implementation strategies in accordance with DoD regulation. Oversees network operations activities such as software installation, testing, and administration of standard security products.

Feb 2012Jul 2014


Office of the Program Manager Saudi Arabian National Guard (OPM-SANG), Riyadh Saudi Arabia

For two years, provided expert advice to Saudi Arabian Brigadier Generals and their Senior Staff Officers on matters pertaining to information assurance, network architecture, plans, operations, special projects, and future cyber security initiatives. Advised decision making authorities on establishing program goals to set priorities in order to support the cyber security mission. Ensured policies and procedures were implemented in accordance with industry standard and organization strategy.  As the Subject Mater Expert (SME), advised on identifying vulnerabilities and mitigating risks for unclassified and classified information systems.

Reviewed and managed Certification and Accreditation (C&A) packages. Evaluated access controls to ensure prevention and detection of unauthorized access. Provided independent assessments for the Director of Information Center. Identified systems requiring Certification and Accreditation (C&A) packages and assisted with management and oversight activities.

As an extra duty, served as a Contracting Officer Representative (COR). Managed Foreign Military Sales Cases (FMS Cases) valued in excess of three million dollars. Applied solutions to solve complicated problems. Prepared formal and informal briefings to higher management on assigned projects as part of the assessment process. Successfully managed other information technology projects valued in excess of $40 million dollars. Coordinated with contractors and local vendors in support of the Saudi Arabian National Guard's Command and General Staff College (CGSC) and also their first military aviation facility.

Assisted the Director of the Information Center with supervising a workforce of 104 automation and telecommunication technicians operating within budget of $197 million. Provided high level strategic guidance and expert advice in order to modernize the Saudi Military's classified and unclassified network infrastructures throughout the Kingdom of Saudi Arabia. Conducted several site surveys to ensure the network infrastructures were in compliance with contracts and network security standards.  Drafted Standard Operation Procedures (SOPs), Information Assurance Policies, Statements of Work (SOW), and Memorandums of Agreements (MOAs) for information technology contracts, and wrote several Quality Assurance Surveillance Plans (QASPs) for special projects. 

Led work groups and Project Management Teams during Enterprise Resource Planning (ERP)implementation to resolve issues with logistics and knowledge management.  Analyzed requirements and developed IT security standards; policies and procedures. Continuously corrected problems, identified, and analyze threats and vulnerabilities. Received the Saudi Arabian award for excellence and exceptional service from the Ministry of the National Guard. Increased productivity and Continuity Of Operations (COOP plan) by developing a more efficient data storage recovery concept across Riyadh, Jeddah, and Dammam. 

As subject matter expert (SME), was instrumental in developing planning and implementing the enterprise Automated Logistic Supply System (ALSS) costing $97 million dollars.  As a vital member of the organization, was routinely sought out for technical expertise and to participate in planning committees to give insight from an IT perspective.

Aug 2011Feb 2012


HHC 593rd Sustainment Brigade, Joint Base Lewis- Mchord (JBLM), Washington      

Principal advisor to Brigade Commander and Senior Staff Officers on all IT related concepts and knowledge management initiatives. The brigade routinely received commendable ratings for Information Assurance (IA) compliance during inspections from higher organizations.  Implemented Information Assurance (IA) standards across the Brigade which included Domain Name Connection Approval Process, IA tools, incident reporting and response. Monitored compliance with Information Assurance Vulnerability Alerts (IAVA).  Tracked IAVA messages to determine required actions before suspense dates. Managed certification & accreditation (C&A) activities to meet requirements for Authority To Operate (ATO) the network.

Appointed as the Brigade KNOWLEDGE MANAGEMENT OFFICER (KMO) as an extra duty. Led seven subordinate unit Knowledge Management (KM) Officers. Conducted Knowledge Management and Information Assurance (IA) meetings routinely to assist stakeholders with identifying problems; analyzing proposed solutions, and submitting request for network change management.

Developed and organized a life cycle replacement program for hardware and software. Coordinated and planned the information systems architecture for two enterprise combat training exercises. Coordinated efforts for a new portal re-design to resolve information sharing problems to meet future needs of the organization. Presented formal and informal briefings to Commander and his Senior Staff Officers routinely. Performed risk assessments with directorate leaders to identify and mitigate vulnerabilities and threats to ensure the confidentiality, integrity, and availability (CIA) of data in order to defend against unauthorized access to network.

Wrote and enforced Information Assurance (IA) policies and network standard operation procedures throughout the brigade which comprised of 2,500+ personnel. Advised on Local Area Network (LAN) technical matters; implemented and enforced network security. Drafted automation plans and orders; coordinated operations with subordinate organizations.  Managed information technology equipment worth in-excess of two million dollars. Supervised 27 Information Technology (IT) professionals supporting and organization with 2,500+ personnel. Provided exceptional customer service and help desk support throughout the organization.

Jul 2009Jul 2011


Headquarters First Army, Fort Gillem Georgia

Provided Information Technology (IT) expertise for a Three Star Headquarters and two subordinate Training Support Divisions and seven Mobilization Training Centers. Advised Commanding General on all Information Assurance (IA)matters and advised the G6 Directorate and Senior Staff on Local Area Network (LAN) automation policies and technical matters for two years.

Implemented and enforce network security policies and automation plans. Conducted Staff coordination with U.S. Forces Command (FORSCOM) and First Army Divisions. Received impact award for Information Assurance expertise by leading a Force Protection Tiger Team on temporary duty to inspect the Information Assurance security posture of First Army's subordinate units located on seven different installations as a part of FORSCOM's Cyber Force Protection Plan.  Received commendable ratings for maintaining the Army Record Management System.

Reviewed IA work forces responsibilities and ensured workforce was in compliance with DoD 8570.1. Conducted audits of IT systems to ensure applicable laws and regulations were in compliance and operating properly. Oversaw validating the Certificate of Net Worthiness (CoN) process for hardware and software request. Analyzed, tested, and evaluated new software and hardware initiatives for Certificates of Net worthiness (CoN). Managed and monitored the CoN process to identify and mitigate risks and vulnerabilities for all systems and networks.

Reviewed anti-virus update procedures and frequency. Monitored IAVA implementation and update procedures, media storage controls, and procedures for implementation. Conducted work group meetings for appointed Directorate Information Assurance Support Officers (IASOs) in effort to lead directorate teams to create procedures for Continuity of Operation (COOP) Plan in the event of a major crisis.

Developed a plan and established a team for crisis action for incident response. Provided excellent customer service performing the duties of TRUSTED AGENT for CAC pin reset. Managed the Army Training and Certification Tracking System (ATCTS). Provided exceptional information assurance training to directorate IASOs and all organization end-users. Trained directorates to identify potential risk and vulnerabilities in order to mitigate spillage potential to ensure compliance with AR 25-2.  Administered DIACAP (Now Risk Management Framework) process in order to achieve Authority To Operate for both classified and unclassified networks. Wrote Execution Orders and enforced Standard Operation Procedures (SOPs) which resulted in reduce classified information spillage rate in Headquarters First Army by 95%.  Created an IT training plan that increased the number of certified IT professionals from 4 to 29 to meet 8570.1 compliance. Wrote all Tenet Security Plans (TSP) for the Headquarters Base Realignment and Closure with exceptional results.


Aug 2011Nov 2015


Syracuse University

Information Management and also Certificate of Advanced Studies in Information Security Management 

Apr 2000Dec 2001


Webster University

Computer Resources & Information Management

Aug 1987Jul 1992


Alabama A&M University

Political Science; Minor Criminal Justice