| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Beaverton, OR Street Address PHONE NUMBER AVAILABLE EMAIL AVAILABLELinkedIn: LINKEDIN LINK AVAILABLEPROFESSIONAL SUMMARYDynamic cybersecurity leader with extensive experience in the utilities industry and DoD, specializing in Information Assurance, Compliance Management, and Technology Lifecycle Management. Proven ability to improve cybersecurity posture and lead cross-functional teams to achieve regulatory compliance and operational excellence. Proficient in NERC/CIP, ISO 27001, SOC 1 & 2, NYDFS, CIS Controls, and NIST 800.53 compliance standards. Expertise in vulnerability management, risk mitigation, and incident response. Awaiting CISSP certification, currently a Certified Scrum Product Owner (CSPO).CORE SKILLSRegulatory Compliance: NERC/CIP, CIS Controls, NIST 800.53, ISO 27001, SOC 1 & 2Security Program Design & ImplementationVulnerability & Compliance ManagementSIEM (Security Information and Event Management) ManagementIncident Response & Disaster Recovery PlanningNetwork SecurityLeadership Development & Relationship ManagementCERTIFICATIONSCertified Scrum Product Owner (CSPO) CurrentCisco Certified Network Associate (CCNA) ExpiredGIAC Security Essentials Certification (GSEC) ExpiredWORK EXPERIENCEElyon International, Vancouver, WACybersecurity Compliance Analyst March 2024 - October 2024Remediated a backlog of open findings for compliance standards, including ISO 27001, NYDFS, SOC1, and SOC 2.Successfully closed 70 findings and brought 40 current within six months by collaborating with cross-functional teams to create roadmaps, implement technology, and build policies.Developed strategic solutions to mitigate compliance risks and streamline audit preparation.Percipio Consulting Group, Portland, ORSenior Manager, Cybersecurity January 2021 - November 2023Led a cross-functional team to develop a CIS-based cybersecurity program, improving compliance from 2 to 14 of the 18 CIS controls over 24 months.Created program documentation including Policies, Standards, and Guidelines for all CIS Controls.Developed testing methodologies to validate the implementation of new controls, ensuring audit readiness.Led governance meetings with senior leadership, presenting scorecards to report progress and compliance levels.Identified key areas for compliance improvement and created a prioritized roadmap for audit preparation.Portland General Electric, Portland, ORManager, Cyber Security Operations September 2018 - March 2020Managed and expanded the Security Operations (SecOps) team, achieving CMMI Level 3 maturity in six months from CMMI 1 by implementing strategic initiatives in Digital Forensics and Threat Intelligence.Led process improvements that reduced vulnerabilities, enhanced visibility, and ensured adherence to asset/software management and user access rules.Oversaw daily operations, including training, vulnerability management, change and risk management, and incident response.Achieved a 65% reduction in the vulnerability footprint, exceeding targets by 15%.Founded and led the Digital Forensics and Threat Intelligence teams.Managed cybersecurity threat response, incident response, and disaster recovery for the enterprise.Portland General Electric, Portland, ORManager, Energy Information Technology October 2016 - September 2018Managed a cross-functional team of Windows, Cisco Network, and Unix administrators, supporting Utility Critical Infrastructure Systems.Reduced NERC/CIP audit findings from 22 to 3, avoiding significant fines by improving IT CIP compliance.Piloted the use of automation and AI to track compliance and enhance the ability to self-report audit findings.Managed zero-downtime upgrades for critical software and hardware systems.Portland General Electric, Portland, ORSupervisor, Energy Information Technology January 2015 - October 2016Developed NERC/CIP compliance documentation and enhanced operational capabilities in Windows and Unix environments.Created Security Playbooks for incident response based on Cyber Kill Chain analysis.Knowledge Universe, Portland, ORSenior Network Engineer March 2013 - January 2015Managed data center operations, network infrastructure, firewall configurations, and led Change Management processes.Fleet Numerical Meteorology and Oceanography Center (FNMOC), Monterey, CANetwork Security Officer November 2008 - March 2013Managed two separate Cisco networks for classified and unclassified systems, ensuring adherence to DoD network security standards.Led multiple annual DISA audits of network security for the command.Updated core switching, load balancing, SIEM integration, and high availability capabilities to ensure network resilience.EDUCATIONMaster of Science (MS) in Information Technology ManagementUS Naval Postgraduate School, Monterey, CABachelor of Science (BS) in Computer Science, Cum LaudeCalifornia State University Monterey Bay, Monterey, CALEADERSHIP & COMMUNITY INVOLVEMENTFounder/Owner, Not One Hungry Child Hauling: Launched a company to support local charities and eliminate student lunch debt in Beaverton School District.Bikers Against Child Abuse (BACA) Organizer: Orchestrated annual 100-mile motorcycle rides, raising over $60,000 in five years for child abuse prevention.Diversity & Inclusion Advocate: Active member of the Advisory Council on Diversity & Inclusion, promoting workplace diversity and equity initiatives. |
