Joshua Michael Hall - Security Analyst | CMMC Compliance Specialist

Professional Summary

Security professional with builder mindset and compliance expertise. 3+ years BUILDING complete security programs for SMB clients in manufacturing, finance, and legal sectors. Founded MSP with zero ransomware incidents across 100+ endpoints. CMMC RP credentialed with CCP exam passed (Tier 3 pending). Rare credential stack: CCP + AWS SAA + CMMC RP. Targeting CISSP within first 6 months of employment. Seeking Junior ISSO, CMMC Compliance Analyst, or GRC Analyst positions at DIB contractors (20-200 employees) with path to Security Manager.

Why DIB Contractors Choose Me

Builder Mindset: 3+ years BUILDING security programs from the ground up for 30+ clients
Rare Credential Stack: CCP + AWS SAA + CMMC RP - uncommon combination for entry-level
Zero Ransomware Track Record: Not a single breach across 100+ managed endpoints over 2+ years
Business Builder: Built $160K MSP from scratch with complete P&L ownership
Called When Others Fail: Became the "last resort" MSP that actually fixed compromised environments

Technical Skills

Compliance & GRC

NIST 800-171, CMMC, gap assessments, SSP development, POA&M management, risk assessment

Security Operations

Policy development, compliance documentation, executive communication, vendor management

Cloud & Infrastructure

AWS (VPC, EC2, S3, CloudFront, Lambda, IAM), WatchGuard/Fortinet firewalls, Microsoft 365/Azure AD

Development & Automation

Python, Ruby, Bash, Git/GitHub, Terraform, Infrastructure automation

Certifications

Current Certifications

✅ CMMC CCP Exam Passed - January 16, 2026 (certification pending Tier 3)
✅ CMMC Registered Practitioner (RP) (December 2025)
✅ AWS Certified Solutions Architect - Associate (November 2025)
✅ CompTIA Security+ CE - DoD 8570 IAT Level II (November 2025)

Post-Hire Targets

🎯 CISSP - Target within first 6 months of employment
🎯 WGU MS Cybersecurity - Employer tuition assistance

Additional Credentials

CompTIA A+ CE (Expires 2026)
CompTIA Project+ (Lifetime)
Google Project Management Certificate (2023)
Amateur Extra Ham Radio License (KI2W)

Professional Experience

Founder & Security Operations Lead

TimothyTek MSP | December 2020 - July 2023 | St. Louis, MO

Security Program Builder:

BUILT complete security programs for 30+ clients from the ground up
Zero ransomware breaches across all fully managed clients (100+ endpoints)
Built MSP to $160K annual revenue with complete P&L responsibility

Security Architecture:

Designed and deployed 11 enterprise firewalls, 33 wireless access points, 8 servers
Implemented enterprise monitoring with coordinated SIEM/SOC
Stabilized multiple compromised environments when called after others failed

Business Leadership:

Executive security advisory to C-suite stakeholders
Zero clients lost to competition with proactive security management
Managed vendor relationships and technology procurement

IT Support Technician

BMA Inc. | October 2020 - May 2021 | St. Louis, MO

Maintained HIPAA-compliant medical infrastructure
Configured WatchGuard firewalls
Administered Active Directory and Microsoft 365

IT Team Lead Contractor

Vanderbilt University Hospital (via Apex Systems) | February - June 2015 | Nashville, TN

Led 11-person team through 5,000+ system deployment
Delivered on time and on budget in HIPAA environment
Managed stakeholder relationships across clinical departments

Additional Experience

Organizational Leadership | 2015-2020

Led organization with 100+ members demonstrating crisis management
Budget management and P&L responsibility
Executive communication and stakeholder coordination
3 consecutive organizations

International Operations | 2006-2013

Led 5 expeditions to Uganda/Ethiopia/Haiti with 3-20+ personnel
Crisis management in austere environments
Cross-cultural team leadership

Infrastructure Portfolio

Cloud Resume - Serverless Architecture

Live: joshuahall.tech | GitHub: federal-cloud-resume

Production serverless architecture demonstrating enterprise security patterns:

Architecture: S3 + CloudFront CDN + API Gateway + Lambda + DynamoDB
Security: IAM least privilege, encryption everywhere, HTTPS enforcement
Features: Custom domain with ACM, atomic visitor counter, real-time API
Compliance: NIST 800-53 control foundations documented

Education

Master of Divinity

Covenant Theological Seminary | 2009-2013

Executive communication and organizational leadership
International missions focus

Bachelor of Arts

Covenant College | 2005-2009

Biblical and Theological Studies
International missions concentration

Technical Training

Launch School Backend Engineering (2023-2025)
Western Governors University - Cloud Computing Coursework (2020-2021)

Target Opportunities

Target: Junior ISSO, CMMC Compliance Analyst, or GRC Analyst at DIB contractors (20-200 employees)

Why I'm Right for Your Organization:

Builder mindset with hands-on security program experience
Rare credential stack: CCP + AWS SAA + CMMC RP
Built $160K MSP from scratch - proven program builder
Zero ransomware incidents across all fully managed clients
CMMC expertise to contribute from day one
CISSP target within first 6 months - committed to growth
Clearance-ready (U.S. Citizen, clean background)

Location: San Antonio (primary) | Huntsville | Remote | Dallas