COMMAND/ORGANIZATION: U.S. Army Information Systems Engineering Command (USAISEC)
TITLE: Computer scientist
YEARS OF SERVICE IN WORKFORCE: 6
DAWIA CERTIFICATIONS: Practitioner in engineering and technical management
EDUCATION: Master of Engineering in systems engineering, Naval Postgraduate School,
B.S. in computer science, University of Arizona
AWARDS: Army Civilian Service Achievement Medal – Fort Huachuca Civilian of the Quarter (April-June 2022), Civilian Service Achievement Medal – USAISEC Employee of the Quarter (Jan.-March 2022), CECOM Commanders Coin of Excellence (2021), USAISEC Certificate of Achievement – Employee of the Month (Nov. 2021)
by Cheryl Marino
From a young age, Savanna Shilt knew she wanted to serve her country as an Army civilian in cybersecurity protecting networks from cyber criminals. Today, she’s doing just that.
As a computer scientist for the U.S. Army Information Systems Engineering Command (USAISEC), Shilt performs security control assessment validations (SCA-Vs) for numerous Army networks and systems including large enterprise networks, tactical aviation systems and small closed network systems. All Army systems go through an accreditation process that evaluates the security posture to ensure the system is secure enough to be in use. Shilt performs security validations using the Risk Management Framework (RMF) policies and processes by assessing the Army information systems configuration settings, technical documentation and personnel knowledge of security policies.
“I am proud to keep the Army safe from adversarial cyberattacks and insider threats. Beyond that, the satisfaction that I get every day is helping Army information system program managers and their teams improve their system security and better their understanding of Army cybersecurity policies and cyber risks and severity,” she said. “It’s satisfying to see a program grow. Over the years I have seen systems transform and greatly improve their security posture and just knowing this was accomplished because of my support gives me a great intrinsic reward.”
Shilts’s first exposure to the civilian workforce was as a college student when she was selected for two summer internships with the U.S. Army Intelligence Center of Excellence. Upon completion of her computer science degree at the University of Arizona, she began her career as a computer scientist recent graduate intern within the cybersecurity group of USAISEC.
As an intern, Shilt completed all required engineering training for her position within the Army Acquisition Workforce (AAW) and continued her work with USAISEC as a cybersecurity professional performing security control assessment validations for Army enterprise and tactical networks.
“I am grateful for the opportunities that are provided to the Army Acquisition Workforce including leader development programs and education opportunities above and beyond the knowledge provided from required training,” she said. “Thanks to the AAW programs, I was afforded the opportunity to attend the Inspiring and Developing Excellence in Acquisition Leaders (IDEAL) program as well as earn my master’s degree through the Naval Postgraduate School Systems Engineering (MSSE) educational program.”
Shilt graduated from the Naval Postgraduate School (NPS) Master of Science in systems engineering program in September 2021. “This was a two-year master’s program provided online through NPS and sponsored and paid for by the DACM [Army Director for Acquisition Career Management] Office. I learned a tremendous amount from my studies at NPS, like systems engineering from a Department of Defense perspective. Not only did this program teach me about the theory and practices of systems engineering, but how it falls into the DOD acquisition process and how it relates to my career in the Army through real world scenarios,” she said. “I would definitely recommend the program to anyone who is highly motivated, organized, and has the time. It is a great opportunity to earn a master’s degree that directly relates to the DOD.”
So far, she said the most important part of her career has been creating a process and a checklist for performing security control assessment validations and a training program for the RMF validation process.
“I am a very processes-oriented person and I love a checklist to ensure I stay on track,” she said. “I noticed there was no real process in place for conducting SCA-Vs within my organization. Even though all the deliverables required were the same, each team performed validations differently and nothing was documented. I took the time to analyze the National Institute of Standards and Technology documentation on RMF as well as the processes used by different teams within my organization. From my analysis I created a step-by-step process, a checklist of deliverables required and included helpful resources provided in a formal memo that was disseminated to my command.”
Along with the memo, Shilt created some related training and slides to explain the process, which she presented to the cybersecurity group. “This process helped cybersecurity and provided guidance to new hires that was not in place when I started. The process has been used for six years now to help with on-the-job training—I began my career only seven years ago and I look forward to what is to come in the future.”
Shilt is a firm advocate of learning new skills to better one’s self beyond the required training. “Our world is constantly changing and you want to be ahead of the curve,” she said. “You never know when an opportunity will come about where your knowledge and skills will make a huge difference. I pride myself on being a lifetime learner and an expert in my field, and I encourage junior personnel to do the same.”
In addition to staying ahead of the curve, Shilt stressed the importance of having good people skills. “Being in the tech field, these skills are often put on the backburner. I work with so many different customers and administrators on a daily basis and building relationships and being able to communicate is very important. This has helped me to prosper in my career field.”
Shilt said those outside of work don’t realize the lengths the Army goes to secure their systems and prevent cyberattacks and insider threats, ensuring our nation and our warfighters are kept safe. “People are always surprised at how much policy and documentation is involved. They often underestimate how resourceful cyber criminals are and the great lengths they will go to gain access to our nation’s information.”
What people also might be surprised to learn is that outside of work, Shilt is a dance instructor, coach and entertainer. “I teach dance two nights a week to girls ages nine through eighteen, as well as additional lessons for dance solos. The styles I teach are lyrical and jazz, but I am formerly trained in over 10 styles and I have been dancing for 25 years,” she said. “I also enjoy singing for performances in my community when opportunities arise. Dance and entertaining don’t have much correlation to my work, but they are my creative outlet. I am a nerd in my day job and a creative at night.”
Shilt’s observation both in and outside of work is to “expect change and adapt,” especially in the cybersecurity field. “The technology is always changing and improving, and adversary threats continue to grow,” she said. “We must expect change, welcome it and adapt to it. I am a firm believer in lifetime learning, consistently bettering myself and trying to stay a step ahead of our enemies. The more willing you are to adapt to change, the more prosperous you’ll be.”
“Faces of the Force” is an online series highlighting members of the Army Acquisition Workforce through the power of individual stories. Profiles are produced by the U.S. Army Acquisition Support Center Communication and Support Branch, working closely with public affairs officers to feature Soldiers and civilians serving in various AL&T disciplines. For more information, or to nominate someone, please go to https://asc.army.mil/web/publications/army-alt-submissions/.