Karen Friend

Information System Security Officer Alternate


As the lead of CBIIT’s Security Compliance Team, Ms. Karen Friend is dedicated to information technology and information security services. In her role as alternate information system security officer, Ms. Friend's responsibilities include information assurance for enterprise systems (under the Federal Information Security Management Act), security assessment and authorization, policy, compliance and oversight of testing protocols, continuous monitoring, and quality assurance. Holding a ISC2 CSSLP (Certified Secure Software Lifecycle) certification, as well as being SysAdmin, Audit, Network, and Security (SANS) Global Information Assurance Certification Security Essentials Certification (GSEC) Gold certified, she leads the security compliance team in their efforts to support NCI by applying a layered approach to the application of protocols, policies, and compliance procedures.


  • IT Security