Requests
0
Keep in touch with meI'm using Intch to connect with new people. Use this link to open chat with me via Intch app
Network Power<100 people
Roles
🔥100%
Startup Founder
🧑🔬100%
Engineer
🧨100%
Consulting
Geos
🇬🇧100%
United Kingdom
Work Background
VerizonPrincipal Security Consultant
Sep. 2023 - Sep. 2024Miami, Florida, United States
SpirePrincipal Consultant GRC
Dec. 2022 - Jul. 2023San Francisco Bay AreaDrafted policies for ISO 27001 and NIST 800-171 and consolidated policy information from multiple departments to provide a cohesive global set of policies. ⁃ Spearheaded the development and execution of Plans of Action and Milestones (POA&M) for ISO audits, leading to improved regulatory compliance and mitigation of risks; maintained ISO certification and minimized potential audit findings by 80%. ⁃ Analyzed requirements and advised cross-functional business units relating to ISO 27001, NIST and compliance efforts. ⁃ Create and execute strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors, ISO 27001, ITAR, NIST 800-171 AND FedRAMP. ⁃ Lead the development and implementation of the system-wide risk management function of the information security program to ensure information security risks are identified and monitored.
People Data LabsInformation Systems and Security Operations Manager
Mar. 2021 - Dec. 2022Remote• Orchestrated the establishment and enforcement of robust security measures, aligning with industry best practices; resolved vulnerabilities, responded to incidents, and reduced liability across all risk areas, contributing to $33M in increased sales revenue.
• Led and maintain all security compliance efforts resulting in SOC2 certification with 0 findings and ISO 27001 certification with 1 minor non-conformity.
• Transformed the company’s security controls to be fully compliant with NIST 800-53r5, SOC2, and ISO 27001.
• Spearheaded the compliance and certification project for SOC2 (7 months) and ISO 27001 (11 months). The company achieved ISO 27001 certification and SOC2, type certification from March 2021 to October 2023. • Directed and supervised a team of security professionals, providing guidance and support to ensure adherence to industry best practices; enhanced team performance and achieved a 80% reduction in security ticket resolution time.
• Accelerated the strategies for the governance, risk and compliance functions across the company that support transformation of the security function by implementing more than 200 controls and across 2 standards.
• Introduced the corporate governance framework for cybersecurity risk, including identifying risks and awareness, and provide briefings to senior leaders to advise the risk of 162 critical controls that may affect business or security posture.
• Identified over 162 required controls and develop risk mitigation plans to support all business units.
• Managed, coordinated, and tracked all cybersecurity related external assessments for 2 standards (SOC & ISO) and internal audits including action plans and responses.
• Developed, operated, and maintained a security risk registry with clearly defined owners and timelines for each of 20 risks.
Learn to WinPrincipal Infrastructure Security Consultant
Dec. 2020 - Mar. 2021Las Vegas, Nevada, United States• Scrutinized the latest security trends to maintain the security of the 50 information system.
• Performed a RMF GAP analysis and synthesized operational tasks for over 300 controls from Platform “SDElements” review.
• Documented 19 baseline controls to improve the overall security posture to prepare for a SOC2 and FEDRAMP audit in the future.
• Introduced 24x7 auditing of AWS Infrastructure with Aqua Cloud and prioritized remediation of 500+ controls.
University of Wisconsin-MadisonAdjunct Professor (Lead Instructor)
Nov. 2020 - Mar. 2021Madison, Wisconsin, United StatesTaught Cyber Security courses as a contract adjuct, providing instruction to up to 30 undergraduate students in advanced Cyber Security programs. Teach Using variety of learning modalities and support materials to facilitate learning process and accentuate presentations, including visual, aural and social learning modalities. Course Instruction in Certified Ethical Hacking, Linux, Defense In Depth, CISCO advanced Security Techniques, Cloud Computing, and others
Alpha HealthDirector Of Security
Mar. 2020 - Aug. 2020San Francisco Bay Area• Scrutinized the latest security trends to maintain the security of the 50 information system.
• Performed a RMF GAP analysis and synthesized operational tasks for over 300 controls from Platform “SDElements” review.
• Documented 19 baseline controls to improve the overall security posture to prepare for a SOC2 and FEDRAMP audit in the future.
• Introduced 24x7 auditing of AWS Infrastructure with Aqua Cloud and prioritized remediation of 500+ controls.
B3PartnersPrincipal Infrastructure Security Consultant
Sep. 2019 - Mar. 2020Remote & Client siteIn this role, I wrote NIST 800-53 policies and procedures to assist clients with certification. I developed and implemented security technology to provide baseline controls for all production systems that matched the policies and procedures. The put the project 6 months ahead of schedule. • Directed IT services, counseled executives and collaborated with senior management on strategic planning.
• Created and audited IAM AWS Controls and EC2 hardening strategies.
• Worked closely with infrastructure staff and departmental decision makers to identify, recommend, develop and implement cost-effective technology solutions and policies.
• Managed infrastructure upgrades, analysis and resolution of end user hardware and software issues.
• Facilitated IT enterprise architecture across organization's enterprise transformation programs.
• Engineered Policies and Procedures to comply with NIST 800-53 framework at the moderate level to support
ECPI UniversityAdjunct Instructor - Cyber Security
Feb. 2017 - Mar. 2020ManassasI instructed over 150 students in full spectrum of cybersecurity classes CISCO, Cloud Services, Hacking and Countermeasures. The student pass rate was 99%. I created new cloud based curriculum using AWS Education (Classrooms) and provided input to faculty for improvement to classwork.
BlackboardPrincipal Infrastructure Security Engineer
Apr. 2015 - Aug. 2019Washington D.C. Metro Area• Implemented the FedRAMP reporting systems for audit compliance of over 1000 nodes using 12 reports.
• Wrote 50% of the Blackboard FedRAMP System Security Plan (SSP) and created all alerting and reporting controls required for successful FedRAMP approval.
• Established enterprise patch and vulnerability management system for 22000 nodes using the Tenable suite of products.
• Monitored and analyzed security event data by responding to, prioritizing, and managing security events and managing security incidents from occurrence to closure, in coordination with internal and external resources. • Prototyped Blackboard Gold Master with CIS hardening standards for enterprise systems which affected 12+ AWS Accounts, and over 22000 EC2 images.
• Influenced the CISO in the development of the information security program by tracking and reporting on the effectiveness of information security technology, processes, and policies.
ITT Technical InstituteAdjunct Professor - Cyber Security
Jan. 2014 - Sep. 2016Springfield, VirginiaI instructed over 1000 students in their associates and bachelors programs. I maintained a 99% pass rate of students and provided hundreds of hours of tutoring to assist my students. I developed the first 3d printing and "maker" lab in the school. I acted as the facility of advisor for the school Linux club. I was consistently in the top 10% of instructors with the highest attendance.
Intch is a Professional Networking App for the Future of WorkSee more people like Colin on Intch
300k+ people
130+ countries
AI matching
Get Intch if you'd like to
453430 people
18
Technologist, Project/Program Manager
24
Data Scientist Intern @ Newell Brands
16
Program Manager @ DISH Network
38583 people
16
Startup Product and Operations Strategist @ SmartLogic Strategy LLC
16
Independent Consultant @ N/A
15
Systems Engineer @ Capco Computing