Cybersecurity Operations Director with over 12 years of successful experience in Cybersecurity Management. Strengths in security team development and relationship building, backed by hands-on experience.
Operations and Technology Management
Enterprise Cybersecurity Management
Collaboration with Cybersecurity/Cloud Vendors
Information Security Governance
Multi-Functional Team Leadership
Oversees five program managers and up to 60 FTE on 12 cybersecurity contracts supporting federal agencies. Plans, organizes and manages cybersecurity programs; monitors and controls performance; manage costs/budgets and responsible for recruiting and retention of cyber personnel. Spearheaded corporate information security program to comply with Cybersecurity Maturity Model Certification (CMMC). Participates in business development and capture activities including identification of opportunities and partners.
Led up to 45 concurrent cybersecurity projects on the Department of Homeland Security (DHS) sponsored, Department of the Interior (DOI) Information Systems Security Line of Business (ISSLoB).
Manage security projects and such as: system deployments; security and risk assessments; FISMA audits; penetration testing; network monitoring and analysis, cloud security
Led up to 59 employees and $17M+ on eight DHS & U.S. Coast Guard (USCG) IT & cybersecurity contracts. Established vulnerability management teams, compliance auditing, and continuous monitoring efforts for USCG enterprise systems.
Participated in technology conferences, workshops and industry days to identify opportunities and partnerships and maintain currency on technology/industry trends. . Identified strategic partners and developed teams; performed capture management on cybersecurity and IT opportunities. Led alignment of corporate capabilities to the NIST Cybersecurity Framework (CSF) to identify corporate cyber strengths and weaknesses.
. Participated in proposal development; developed capture strategies and provided technical input and solutions approach on IT and cybersecurity contracts/task orders.
. Led 30 employees on one-year USCG Cybersecurity Crisis Action Team in execution of DoD Cybersecurity Discipline Implementation Plan.
. Managed security engineering projects in content delivery, endpoint security, vulnerability management, and Public Key Infrastructure to allow the USCG to meet DoD Cybersecurity Sprint requirements.
. Identified enterprise cybersecurity weaknesses and established data collection techniques to meet DoD/USCG reporting standards.
. Provided daily & weekly briefs to USCG CISO/cyber leaders.
. Led DoD and DHS metrics collection, development and refinement; conducted performance and cyber scorecard and compliance reporting.
. Created and presented performance metrics detailing Established USCG Cyber Analytics division to provide greater visibility into networks and system behavior.
. Led up to 25 employees on task order supporting enterprise infrastructure security team.
. Expert knowledge of NIST SP 800 series, DHS 4300 A/B, CNSS and DoD 8500 series directives and DISA STIGS.
. Established vulnerability management and continuous monitoring program for USCG enterprise infrastructure systems.
. Managed security for eight infrastructure asset lines including 1400+ enterprise servers & 470 LAN assets that supported 52,000 users.
. Conducted vulnerability analysis, analyzed vulnerability reports and recommended remediation solutions.
. Spearheaded transition of 25+ enterprise infrastructure systems from DIACAP to RMF.
. Developed continuous monitoring strategies for 25 enterprise systems.
. Developed U.S. Air Force (USAF) cybersecurity/IA policies, procedures, and technical documentation mandated for USAF.
. Provided policy support to USAF cyber/IA managers and incorporated overarching policy in USAF specific system policy.
. Collected incident trends across the USAF to update and formulate USAF cybersecurity/IA policy.
. Recommended and designed policy and standards, and developed risk/security metrics that influenced cyber policy.
. Developed analyses that identified and addressed systemic and emerging USAF cybersecurity risks.
. Provided guidance on risk management and maintained and socialized knowledge of threats and vulnerabilities.
. Developed and maintained relationships with key subject matter experts and stakeholders to assist cybersecurity/IA field offices with latest technical guidance.
. Conducted over 20 “blue team” computer security inspections and performed Site Assistance Visits (SAV).
. Created inspection scoping and planning, prepared in/out-briefs, performed daily hot washes, created inspection and trips reports.
. Provided “reach back” assistance to USAF cybersecurity offices.
. Recommended internal/external compliance solutions and provided assessment and authorization policy direction and interpretations.
. Performed technical briefings to USAF commanders.
Developed cybersecurity/IA training, assessment and authorization policy support and analysis and implementation of National, DoD cybersecurity/IA policies.
Certified Information Systems Security Professional (CISSP)
Certified in Risk and Information Systems Control (CRISC)
Information Systems Security Management Professional (ISSMP)
Project Management Professional (PMP)
Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.
Companies Worked For:
Job Titles Held: