Experience

Security Program Management:

CISO for a FedRAMP Authorized Cloud Service Provider.

Information Security System Manager for ISSLoB for Department of Interior (Contractor)

ISSO for Deparment of Ommerce (Contractor)

Performing security assessments and auditing of Federal government information systems.

Frameworks and requirements include:

Federal Government (also applies to Local and State Government and Contracting companies):

NIST Cybersecurity Framework

NIST Risk Management Framework (RMF) - NIST SP-800-37

Security and Privacy Controls for Federal Information Systems and Organizations - NIST SP 800-53

Information System Continuous Monitoring (ISCM) - NIST SP 800-137

Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations - NIST SP 800-171

DoD SRG IL2, DoD SRG IL4, and DoD SRG IL5 - Defense Information Systems Agency (DISA)

Privacy Governance

Privacy Shield as required by Federal Trade Commissioin (FTC)

General Data Protection Regulation (GDPR)

Health Information

Health Information Privacy and Accountability Act (HIPAA) Security Rule - Health and Human Services (HHS)

Health Information Technology for Economic and Clinical Health Act (HITECH) - Health and Human Services (HHS)

Law Enforcement

Criminal Justice Information Services (CJIS) - Federal Bureau of Investigations (FBI)

Certifications

C|CISO - Certified Chief Information Officer - EC Council

The CCISO Certification is an industry-leading program that recognizes the real-world experience necessary to succeed at the highest executive levels of information security.

DoD Directive 8140.1 (8570.01-M)

CSSP Manager

IAM Level I, Level II, and Level III

More…

CISSP-ISSMP - Certified Information System Security Professional - Information System Security Management Professional - (ISC)2

Information Security System Management Professional(ISSMP) is one of certifications offered in the Certified Information Systems Security Professional (CISSP) suite of certifications. The ISSMP certification encompasses areas of security project management and planning. Designing continuity, resiliency and response plans may be one task an ISSMP engages in. Developing and implementing an organization’s security awareness and training initiatives might be another.

DoD Directive 8140.1 (8570.01-M)

CSSP Manager

IAM Level I, Level II, and Level III

IASAE Level I and Level II

IAT Level I, Level II, and Level III

More…

CAP - Certified Authorization Professional - (ISC(2

CAP certification demonstrates expertise within the risk management framework (RMF). The CAP is the only certification under the DoD8570 mandate that aligns with each RMF step. It certifies the advanced technical skills and knowledge to authorize and maintain information systems within the RMF using best practices, policies and procedures established by the cybersecurity experts at (ISC)²

DoD Directive 8140.1 (8570.01-M)

IAM Level I, Level II, and Level III

More…

CISA - Certified Information System Auditor - ISACA

CISA is world-renowned as the standard of achievement for those who audit, control, monitor and assess an organization’s information technology and business systems.

DoD Directive 8140.1 (8570.01-M)

CSSP Auditor

IAT Level I, Level II, and Level III

More…

C|EH - Certified Ethical Hacker - EC Council

The Certified Ethical Hacker (CEH) is a certification program for an information security professional, also referred to as a white-hat hacker, who systematically attempts to inspect network infrastructure with the consent of its owner to find security vulnerabilities which a malicious hacker could potentially exploit. The program helps you assess the security posture of an organization by identifying vulnerabilities in the network and system infrastructure to determine if unauthorized access is possible. The Certified Ethical Hacker program is the most comprehensive Ethical Hacking program in the world.

DoD Directive 8140.1 (8570.01-M)

CSSP Analyst

CSSP Auditor

CSSP Incident Responder

CSSP Infrastructure Support

More…

PMP - Project Management Professional - PMI, Inc

A PMP is a Project Management Professional who has been granted the prestigious PMP certification issued by the Project Management Institute (PMI). The PMI’s standard for project management is contained in the Project Management Body of Knowledge, the PMBOK, whose first edition was released in 1996 and which has recently reached the 6th edition.

Updating the PMBOK guide is a necessary process, which takes place every 4-5 years and is carried out by a highly competent committee of practitioners together with members of ANSI.

More…

ITIL Foundation - AXELOS

ITIL Foundation is a certification, providing general awareness of the key elements, terminology and concepts of ITIL. This module also covers the links between lifecycle stages, the processes used and their contribution to service management practices. ITIL Foundation is for individuals who require a basic understanding of the ITIL framework and how it may be used to enhance the quality of IT service management within an organization. The certification also applies to IT professionals who work within an organization that has adopted ITIL. 

More…