LiveCareer-Resume

security solutions engineer internal security cyber compliance officer resume example with 14+ years of experience

Jessica Claire
  • , , 609 Johnson Ave., 49204, Tulsa, OK 100 Montgomery St. 10th Floor
  • H: (555) 432-1000
  • C:
  • resumesample@example.com
  • Date of Birth:
  • India:
  • :
  • single:
  • :
Summary

Accomplished Cyber Security Executive and Consultant with 17+ years in IT Cybersecurity, Architecture, Policy, Audit, and Compliance management. Provided senior-level expertise on regulatory requirements, including the handling of sensitive information including federal (DoD), healthcare, financial, and customer proprietary operational information. Proven Cybersecurity Program builder and proven project implementer. Excellent history of delivering effective leadership and training to support staff development. Excel in developing comprehensive, secure network designs and systems. Advanced knowledge of audit methodologies, technical systems, applications, and compliance teams. Goal-oriented IT professional with significant success in planning, analyzing and implementing of security plans and initiatives.

Skills
  • Regulatory Framework control evaluation including NIST, RMF, NIST 800-171, CMMC, SOC 2, PCI, HIPAA, and IRS 1075.
  • Policy, Procedure, and Guideline Expert for Cybersecurity Frameworks
  • Regulatory Compliance and Documentation
  • Windows, Linux, and Network System Administrator
  • Cybersecurity Architecture Design SME
  • ZeroTrust Design SME
  • Risk and Vulnerability Management
  • Incident Response Cybersecurity Investigator
  • Application and Network Pentester
  • Cybersecurity Technical and Procedural Tester for networks, operating systems, and applications including NIST 800-115 and PTES.
Experience
Security Solutions Engineer, Internal Security Cyber Compliance Officer, 08/2021 - Current
Zivaro Inc City, STATE,
  • Maintained compliance frameworks, policies and documentation to support audits.
  • Development of program security and coordination of security assessments for SOC, CMMC, and FedRamp
  • Cybersecurity Advisor to internal sales for product and services security
  • Supporting sales on Federal and Commercial implementations of security and infrastructure-based solutions including security risk evaluation and current IT tech-stack/security products
  • Support for IT services in pre-sale and post-sale engineering for security products and services
  • Performed technical assessments and prepared documents as per customer specifications.
  • Incident responses and investigation support for Critical Infrastructure customer.
  • Established internal controls and processes to support compliance through project management and engagement of key stakeholders.
CEO, Owner, Senior Principal Consultant, 10/2008 - 09/2021
IT Federal Services LLC City, STATE,
  • IT Federal Services was run as a Service-Disabled Veteran-Owned Small Business that was full operated by myself and facilitated prime contractors to perform federal work projects.
  • Performed IT Security services with core competencies in the following domains including IT Security Architecture, IT Governance, and IT Risk practices.
  • Performed Federal Regulatory Compliance (NIST, FERC, DIACAP, FedRamp) and Commercial (HIPAA, HITRUST, SOC, PCI).
  • Cloud Services Support including design and implementation of Azure, Google, and AWS system clouds
  • Consultant with Management-level responsibilities for security program development and management support
  • IT security testing - ST&E (Security Test and Evaluation, Business Application Pen Testing (Financial Applications), Network Pen Testing (blackbox and known site testing)
  • IT Architecture, Design, and Code Review – Enterprise systems architecture – Secure System Programs
  • Identified risks and assessed potential impact, consulting with clients to prepare mitigation and remediation plans
  • Applied techniques to analyze requirements, system capabilities and workflows within security testing frameworks and controls
  • Maintained documentation of security documentation including disaster recovery policies and procedures.
  • Investigated information security breaches to identify vulnerabilities and evaluate scope of the system incident.
  • Project list and customer contracts can be supplied if further interest is noted.
GRC Senior Security Analyst / Election System Assessment Program Manager, 02/2018 - 12/2018
AT&T Security Consulting Services City, STATE,
  • Assisted the Texas MSI AT&T Security Group, focusing on Cyber Security Governance Risk and Compliance, working with State-based Agencies with State-based system security assessments
  • Reporting and coordination with state entities for compliance measures needed for Cybersecurity Framework assessments with Texas State Compliance requirements using NIST Cybersecurity Framework
  • Management and delivery of Texas Cybersecurity Framework Assessments including risk management, and compliance services
  • Development of Voting Machine Security Assessment for Secretary of State using subcontractor services
  • The main point of management of subcontractor service with project managers and the coordination of assessment services.
  • Executed risk assessment and data processing system performance tests to verify and configure security settings for data processing and network access.
  • Designed, implemented and maintained security systems and controls.
  • Made recommendations to improve security procedures and systems.
  • Audited networks and security systems to identify vulnerabilities.
Education and Training
Masters: Computer System Security, Expected in
-
Colorado Technical University - Denver, CO,
GPA:
Status -
Bachelor of Science: Information Technology, Expected in
-
Colorado Technical University - ,
GPA:
Status -
Accomplishments
  • 16 years of FISMA based compliance NIST 800-53 and NIST 800-53A (2006-2022)
  • 12 years of Security Testing experience for networks, systems, and applications using various Open Source and Commercial tools including Nessus, Burp Suite, Kali Linux, and such as Fortify SCA (Source Code Analysis)
  • Sub-contractor support to several customers for Federal contracts including the IBC ISSLOB subcontract team member for the DOI Cloud Contract, NOAA High-Performance Computing and NWave, and CMS (Affordable Healthcare Act)
  • Improvement of operational practices to mitigate risk and increase the efficiency of compliance requirements
  • Assessment services of NIH Genome Cloud University of Chicago- ATO approved Nov 2014, Nov 2015, Jan 2016, Nov 2020.
  • Development of Security standards with coordination of EAC (Election Assistance Commission) for voting machine testing - using NIST guidelines for encryption, hardware, and software testing
Certifications
  • CISSP # 107720 ISC2 Awarded 9/5/2007
  • CISA # 0864411 ISACA Awarded 4/5/2008
  • CAP # 107720 ISC2 Awarded 2/1/2008
,

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

Your data is safe with us

Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.

Resume Overview

School Attended

  • Colorado Technical University
  • Colorado Technical University

Job Titles Held:

  • Security Solutions Engineer, Internal Security Cyber Compliance Officer
  • CEO, Owner, Senior Principal Consultant
  • GRC Senior Security Analyst / Election System Assessment Program Manager

Degrees

  • Masters
  • Bachelor of Science

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

*As seen in:As seen in: