Charles Vann

• Lead cybersecurity oversight for 20+ classified Navy systems at NIWC Pacific, executing end-to-end RMF processes and ensuring full lifecycle compliance.
• Reduced vulnerabilities by 30% via proactive risk analysis, STIG enforcement, and automated monitoring strategies in AWS/Azure environments.
• Authored critical documentation: SSPs, POA&Ms, RARs, and SOPs; maintained 100% eMASS compliance.
• Directed and mentored a cybersecurity team of 10+, embedding best practices and ensuring audit readiness.
• Facilitated multiple DoD audits, exceeding inspection thresholds and minimizing operational risk.
• Contributed towards reducing overall enterprise risk by consistently analyzing and refining the organization''s risk appetite and tolerance levels.
• Collaborated with IT teams to integrate security best practices into system development and operations.

Key Tools: eMASS, ACAS, Azure, AWS, DISA STIGs, RMF, Remedy

• Led vulnerability remediation across DoDIN networks, reducing security incidents by 40% through continuous monitoring and compliance validation.
• Delivered PKI and STIG configuration guidance, aligning Navy systems with IAVM and FISMA mandates.
• Spearheaded VRAM remediation, IAVM tracking, and FISMA reporting for mission-critical RDT&E networks.
• Partnered with ISSMs, PMs, and technical leads to implement tailored cyber strategies across network enclaves.
• Improved operational efficiency by streamlining processes and implementing best practices in management analysis.
• Developed comprehensive reports, providing valuable insights into business performance and aiding in strategic planning efforts.

Key Tools: VRAM, ACAS, STIGs, IAVM, FISMA, PKI

• Delivered RMF compliance and NQV certification for Navy C4I ship integration projects across NIPR/SIPR.
• Managed ATO timelines, vulnerability scans, and cyber certification milestones ahead of major sea trials.
• Performed eMASS submissions, STIG enforcement, and tailored training for fleet cybersecurity awareness.
• Conducted on-site assessments, creating actionable POA&Ms and validating system controls against NAVWAR standards.
• Collaborated with IT teams to integrate security measures into the development and deployment of new applications.
• Conducted security audits to identify vulnerabilities.

Key Tools: eMASS, ACAS, VRAM, RMF, DISA STIGs

• Led cybersecurity sustainment for post-maintenance shipboard and shore systems under NAVWAR programs.
• Supported RMF and cyber readiness for ATO achievement; conducted STIG/SRG assessments.
• Provided cyber training to ship crews and site teams, improving long-term security self-assessment capabilities.
• Guided procurement and system lifecycle upgrades with DoD cybersecurity integration.
• Mentored junior consultants, helping them enhance their skills and contribute more effectively to projects.
• Delivered high-quality solutions for clients through comprehensive research and analysis of industry trends.

• Led vulnerability detection via ACAS/SCAP, enforced STIG compliance, and managed POA&M resolution.
• Supported RMF by tracking OPDRs, IAVMs, and Navy directives.
• Administered user access, performed Tier II support, and managed Navy DRMO asset lifecycle.
• Configured hardware, devices, and software to set up work stations for employees.
• Managed hardware and software inventory, ensuring timely updates and replacements as needed.

• Provided Tier I support for NMCI systems; resolved escalated technical and compliance issues using SM7.
• Maintained Navy network compliance by monitoring and adjusting non-compliant configurations.
• Provided basic end-user troubleshooting and desktop support.
• Installed, modified, and repaired software and hardware to resolve technical issues.