I am a CompTIA Security+ certified cybersecurity engineer from Northern Virginia with over 2 years of experience in the cybersecurity and information systems.
I'm a cybersecurity engineer with two years of professional experience — one year as a Systems Engineer and another as an Information Systems Security Engineer (ISSE) supporting government projects. My current work focuses heavily on policy and risk management, but I’m looking to pivot into a more technical, hands-on role. I'm especially interested in cloud security, incident response, and DevSecOps. I enjoy solving complex problems, working with infrastructure, and staying up to date with emerging security tools and practices. I'm currently building my technical skills through labs, certifications, and personal projects. My goal is to bring a strong foundation in cybersecurity and compliance into a more operational role where I can make a real impact on system and application security.
HTML, CSS, Bootstrap, JavaScript, React Js, Python, SQL, ASP.NET
Virginia Tech - B.S. in Business Information Technology; concentration in Cybersecurity
Active Secret Clearance, IAT Level II Certification: CompTIA Security+
Below are the organizations that have shaped my professional journey, providing opportunities to grow, tackle challenging problems, and deepen my expertise in cybersecurity and technology.
Supported RMF Assess Only activities for U.S. Navy systems under Team Submarine, including security control assessments, risk analysis, and classified incident response. Managed multiple eMASS packages, developed full RMF documentation sets per DoDI 8510.01, and collaborated with cross-functional teams to integrate security throughout the system lifecycle. Led continuous monitoring efforts and coordinated with agencies like NAVSEA and NCIS on spillage remediation and compliance.
Designed, developed, and deployed an AI-powered healthcare application that streamlined clinical workflows, saving an average of 5 minutes per patient encounter and enhancing revenue potential for healthcare organizations. Managed the full-stack infrastructure on AWS, configured secure web servers with IIS and Nginx, and documented DevOps processes for reliable CI/CD. Led client demos, created user-focused materials, and conducted a CMMI internal audit to ensure compliance across technical and organizational practices.
Collaborated with the CISO to assess security controls and ensure compliance with CMS Acceptable Risk Safeguards (ARS) based on NIST 800-53. Monitored AWS-based Windows and Linux servers, investigated security alerts from AWS Security Hub, and supported incident response efforts. Completed secure decommissioning of on-premise servers during cloud migration and maintained operational efficiency through Jira-based change management.
Developed a Python and SQL-based analytics report to highlight top-funded contractors in the Army STTR Program, supporting business development efforts. Conducted in-depth research using Scopus, collaborated with lead analysts on teleworking solutions for a federal agency within the Intelligence Community, and contributed to policy development by gathering client requirements during stakeholder meetings.
I am a CompTIA Security+ certified cybersecurity engineer from Northern Virginia with over 2 years of experience in the cybersecurity and information systems.
Actively Pursuing
March 2024
September 2023
January 2023
© 2025 Bilguun Galmunkh. All rights reserved.