FITSI Item Writing Committee

Current FITSI Item Writing Committee members are listed below.

Angel Astor - FITSP-A, CISA, CEH

  Mr. Astor is a Senior Associate in KPMG’s Advisory Services practice with more than 15 years of business experience. He has a strong background across the life cycle of IT audits and project management experience with risk assessment, audit readiness, systems security, data analytics and computer forensics. Angel has three years of experience in Federal Services with a focus on IT Projects. He has served in several teams providing subject matter knowledge and guidance on controls testing for distributed and centralized computer environments with respect to systems security, change management, access control, business continuity and segregation of duties for the application, database and operating systems layers. He has also provided clients with process automation for complex and repetitive tasks.

Karen Goolishian - FITSP-M, ISC2 CISSP/CAP, ISACA CRISC, PMI PMP, Qualified Navy Validator

  Karen Goolishian is an Information Systems Security Manager (ISSM) supporting the Navy, Air Force and Army with Risk Management Framework Assessment and Authorization as well as providing independent verification and validation. She has over 27 years of experience with Information Systems stemming from her time served in the United States Navy as an Oceans Systems Technician. Her career positions have included Database Administrator, System Engineer, Chief IT Systems Engineer, Navy Validator(FQNV/QNV)/ Marine Corps Validator (MCEN), Information Assurance Technical (IAT) and Information Assurance Manager (IAM). Her education consists of a Bachelor of Science Degree in Information Security as well as a Masters of Science in Information Security from American Sentinel University. She has taught ISC2 CISSP and CompTIA Security+ preparation courses as well as IA for Managers.


  Alan Jones offers leadership, management, AppSec, SecDevOps, intrusion detection, IR, forensics, and malware analysis / reverse engineering (RE), penetration testing (PT), static analysis security testing (SAST), dynamic analysis security testing (DAST), computer network operations (CNO), defense (CND), network security, auditing, systems engineering, digital network exploitation, network analysis, IA, C&A / RMF, exploit techniques, kill chain, consulting skills, experience and knowledge. Experience consists of 20+ years in exposure to computers and networks experience supporting the Commercial, Department of Defense (DoD) and Federal Agencies. Subject Matter Expert (SME) in RE, PT / Vulnerability Assessments / Audits, Ethical Hacking, IR, Open Source Research and Intelligence Gathering, Network Analysis, Social Engineering, Wireless Security Assessment, CNO, CND, CERT – CIRT – NOC - SOC - NSOC, Blue / Red Teams, and Independent Verification and Validation (IV&V).

David Lang - FITSP-M


  Originally from Oregon, Mr. Lang served over 20 years in the United States Air Force in the fields of special weapons and special investigations. He retired as a Special Agent-in-Charge with the Air Force Office of Special Investigations (AFOSI) in 1998. From 1998 to 2011 Mr. Lang served in industry security leadership positions to include Senior Technical Manager at General Dynamics AIS and Director of Federal Security at Dell. Mr. Lang became a Navy executive in 2011 and currently serves as the Technical Director and Chief Information Security Officer (CISO) for the Space and Naval Warfare Systems Command's Navy Enterprise Business Solutions Program Management Warfare Office. In his role as the Technical Director he provides technical direction and oversight for a portfolio of Navy enterprise business applications to include the $2 billion dollar Navy Enterprise Resource Planning application, the Navy Standard Labor Data Collection and Distribution Application, the Navy's new Electronic Procurement System, and a number of smaller supporting applications. In his role as CISO he oversees all portfolio risk management, information security, information technology audit, information technology policy, and information technology business processes. Prior to his current position, Mr. Lang served as the Executive Cybersecurity Advisor for the Navy's Insider Threat to Cybersecurity Program. His previous Navy positions include Cybersecurity Technical Coordinator for the Navy support team of the Department of Defense's Joint Information Environment and Director and Chief Security Officer of the Distributed Continuity Integrated Network - Top Secret Program Management Office for the Office of the Under Secretary of Defense for Policy. Mr. Lang holds a Bachelor of Science degree in Liberal Arts from Excelsior College, a Master of Science degree in Management Information Systems from Bowie State University, and a Post Master's Professional degree in Education (Ed.S.) from Nova Southeastern University. Mr. Lang is a Colonel in the Civil Air Patrol (U.S. Air Force Auxiliary), a past commander of Civil Air Patrol's Wyoming Wing, and a recipient of the Civil Air Patrol Distinguished Service Medal.

Dr. Shawn P. Murray - FITSP-A, CISSP, C|CISO, CRISC

  Shawn Murray is President/CEO at Murray Security Services and is assigned to the United States Missile Defense Agency as a Principal Scientist. He is assigned as a Senior Cyber Security Professional and is an officer in the US Civil Air Patrol. His previous assignments include work with the US Army Cyber Command in Europe, US Air Force and with Commercial Industry in various roles in Information Assurance and Cyber Security. He has traveled the globe performing physical and Cyber Security assessments on critical national defense and coalition programs and has prepared reports for the House Armed Services Committee. Dr. Murray has worked with NSA, FBI, CIA and the US Defense and State Departments on various Cyber initiatives and has over 20 years of IT, communications and Cyber Security experience. He has presented as a featured or keynote speaker for many conferences across the globe and enjoys teaching and presenting as a guest lecturer on Cyber Security, business and computer science courses at his Cyber Academy and for several universities. He has several industry recognized certifications to include the C|CISO, CISSP and CRISC. He holds several degrees to include an Applied Doctorate in Computer Science with a concentration in Enterprise Information Systems. Dr. Murray was elected to the International Board of Directors for the Information Systems Security Association in 2016. He is a professional member of IEEE, ACM, ISSA, ISC2 and is a FBI Infragard program partner. He enjoys spending time traveling with his family, researching and collaborating with other professionals in Cyber Security and Cyber Law and volunteers in his community as a Shriner.

Tamarcus Person - FITSP-M, ITILv3, TCNA, C)ISSO, ISCAP


Tamarcus Person currently serves as an Information Assurance Principal Engineer for the Department of Homeland Security (DHS) Office of Biometrics & Identity Management (OBIM). He has over 18+ years of work experience in the Information Technology (IT) and Cybersecurity fields. His primary job duties included coordinating with clients to ensure policy requirements are met, development & enforcement of IT policy/procedures/processes, ensuring operational security, supporting IT/Financial audits, physical security, personnel security, configuration management, acquisitions management, technical writing, patch management, flaw remediation, security assessments, and performing market analysis/research for Commercial-of-the-Shelf (COTS) products. His past roles included serving as a Cloud Service Provider (CSP) Internal Information System Security Officer (ISSO) under Federal Risk and Authorization Management Program (FedRAMP), DHS/FEMA-appointed Alternate ISSO as well as Project Lead/Subject Matter Expert for several Federal clients/contracts such as DHS, Federal Emergency Management Agency (FEMA), Transportation Security Administration (TSA), Internal Revenue Service (IRS), Federal Aviation Administration (FAA), Department of Justice (DoJ), Department of Defense (DoD), Department of State (DoS), Department of Administration (DoA), and National Oceanic and Atmospheric Administration (NOAA). He was born in Weldon, North Carolina and later moved to Washington, D.C. before settling in Silver Spring, Maryland. During this time frame, Mr. Person has volunteered under several programs and mentored a quite extensive list of successful counterparts. Additionally, Mr. Person served in the military as an Intelligence Specialist in the United States Navy.


  Thomas “Tommy” Thompson, Sr. has a comprehensive and diverse career in Information Technology security spanning over 35 years. In 2005, Mr. Thompson provided support to three line offices starting with the NOAA National Ocean Service as a Lead Assessor, then for NOAA OCIO as an Information System Security Officer (ISSO). In 2010, he became the Information Technology Security Officer (ITSO). Later Mr. Thompson joined NWS as an ITSO to Lead an Assessment Team and is now serving NWS Office of Observation as the Information Technology Security Program Manager. Throughout the years, Mr. Thompson has received awards from the NOAA CIO, SOX Institute (IT Governance, Risk Management, Compliance and Controls) Most Valuable Professional Award, Paladin Technologies Employee of the Year, and the D&D Services Pointman Award three years in a row. While attending University of Maryland University of Maryland for Cyber Security and Program Management, Mr. Thompson has obtained professional certifications such as the CISSP, CAP, CRISC, CISM, CISA, CGRCM, CGRCM-IT, CITGP, ITILv3, and FITSP Manager/Auditor. Mr. Thompson served in the U.S. Army as a Military Policeman and Instructor for 6 years reaching the rank of Sargent. He has a beautiful wife, three children and three granddaughters.

Terrel Williams - FITSP-M, CISSP, PMP, CEH, CCNA Security, Security +, ECSA, ITIL

  Terrel Williams currently serves as a Cybersecurity Service Provider for the Department of Defense in the Intelligence Community. He has over 35+ years of experience in Information Technology and Information Assurance. During his 28-year military career he served in various IT Operations and Security roles leading major efforts both nationally and abroad. After military retirement, he assumed a project manager position leading system control and computer network defense watch officers for the United States Cyber Command before accepting a civil service position with the Defense Information Systems Agency. Since then, he has served at numerous other agencies performing both offensive and defensive cyber operations.



Jim Wiggins has over 23 years direct experience in the design, operation, management, and auditing of information technology systems, with the past 18 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses targeted at federal and government contracting clients. Additionally, Jim is the founder and executive director of the Federal IT Security Institute (FITSI). FITSI is a 501c6, non-profit organization that provides a role-based IT security certification program targeted at the federal workforce. Jim is also the executive director of the FITSI Foundation. The FITSI Foundation is 501c3 public charity that runs the Wounded Warrior Cyber Combat Academy (W2CCA). Currently as a contractor, Jim provides education and training support for the Federal Network Resilience Division at DHS and its Continuous Diagnostics and Mitigation program. In 2011, the Federal Information Systems Security Educators’ Association (FISSEA) named him "Educator of the Year" for the impact he continues to make in the federal workforce. In 2019, FCW Named Jim to the "Federal 100" for his work to tirelessly promote cybersecurity education across all branches of the federal government. Jim holds the following IA/IT security certifications: CISSP,ISSEP, CISM, CISA, CySA+, SCNA, SCNP, CAP, IAM, IEM, SSCP, CEH, ECSA, CHFI, LPT, TICSA, CIWSA, Security+, and MCSE: Security and FITSP-M.