Chuck Mcgann

Chuck Mcgann Email and Phone Number

Master Instructor (C|CISO) - Contractor @ EC-Council
albuquerque, new mexico, united states
Chuck Mcgann's Location
Raleigh, North Carolina, United States, United States
Chuck Mcgann's Contact Details
About Chuck Mcgann

I deliver Cyber Security expertise, insight and support to Federal Agencies & Large Commercial Enterprises under pressure to address increasing cybersecurity threats and challenges, with a current focus on SME leadership and direction for NIST compliance.My functional expertise in compliance includes: SOX compliance strategies, Firewall policy strategies and guidelines, hardening standards, metrics/reporting, Identity/Access Management and CA/PKI operations and support.SPECIALTIES: Cybersecurity Strategist, Security Solutions Architect, Risk Management Framework, Incident Response, Information Assurance, CISSP, CISM, IAM, Incident Response Team Creation, Incident Response Operations, Cyber Intrusion Prevention, Cyber Intrusion Detection, Cybersecurity Tools, CISO Management, Endpoint Protection, Security Awareness, PCI, PCI/DSS, Data Loss Prevention, FedRAMP, Security Analytics.

Chuck Mcgann's Current Company Details
EC-Council

Ec-Council

View
Master Instructor (C|CISO) - Contractor
albuquerque, new mexico, united states
Website:
eccouncil.org
Employees:
813
Chuck Mcgann Work Experience Details
  • Ec-Council
    Ec-Council Certified Chief Information Security Officer (C|Ciso) Master Instructor - Contractor
    Ec-Council Jun 2017 - Present
    Albuquerque, New Mexico Area
    Educating CISOs and aspiring CISOs move from isolated technology functions into the mainstream business leadership teams. In order to be considered integral to the business you must be engaged in the business - technology is a tool, and your experience and intelligence help you leverage this for business value. A CISO touches every aspect of the business - Risk Identification and Management is your contribution to overall success. We focus on 5 domains relevant to integrating the CISO core functions as they relate to business risk and operations - from Governance to Budgeting and Finance.
    View
  • Learning Tree International
    Instructor
    Learning Tree International Nov 2017 - Present
    Raleigh-Durham, North Carolina Area
    Provide SME on Risk And Vulnerability Management for commercial and government clients. Training venues include customer site, Learning Tree Education centers and remote on-line instructor led education courses.
    View
  • Aligned Technology Group
    Senior Security Advisor
    Aligned Technology Group May 2022 - Present
    Raleigh Nc
    Provide support for contract efforts regarding Cybersecurity dependent business environments. Cybersecurity policy, processes, and procedures related to mission success are a strong suit.
    View
  • Mcgann Consulting Group
    Cyber Security Consultant | Gap Analysis, Nist Sp800-171 Compliance Sme, Large-Scale Environments
    Mcgann Consulting Group 2017 - Present
    Washington D.C. Metro Area
    I launched my consulting group in early 2017 to deliver Cyber Security expertise, insight and support to large commercial enterprises under pressure to meet the year-end deadline for the NIST SP800-171 compliance requirement for handling Controlled Unclassified Information (CUI). Failure to meet the NIST SP800-171 compliance deadline can have significant financial and contractual impacts for government contractors. I successfully provide SME leadership and direction for NIST SP800-171 compliance in the following areas: ► Developing Policies► Process and Procedures for Incident Response► Audit & Accountability► Multi-Factor Authentication Solutions► Collaboration on Configuration Management► Media Protection► Existing Security Capability Review ► Gap Analysis and COTS Product Reviews for Potential Implementation In addition, I am often retained to deliver SME support in pursuit of multi-million dollar contracts via Government Agency Security Program RFPs. Activities include proposal team review support, overall program compliance assessments to agency needs, and current tool-set evaluations with gap analysis support for a large-scale environment with a heterogeneous infrastructure meeting NIST requirements. As a featured speaker at national and global Cyber Security conferences, I am typically invited to provide insights on pressing issues facing the Cybersecurity community. One of the hottest topics this year is "How to Prepare For and Meet the NIST SP800-171 Compliance Requirements Before the 2017 Deadline".
  • (Isc)²
    U.S. Government Advisory Council Member & Former Co-Chair Government Advisory Board On Cybersecurity
    (Isc)² May 2009 - Nov 2019
    Washington D.C. Metro Area
    The U.S. Government Advisory Council (USGAC) is a dedicated forum of 20 information security thought leaders who continuously discuss challenges faced by cyber security professionals. They also propose solutions on how best to evolve (ISC)2 resources, education and certification programs to help meet those challenges. The Council reviews policy and/or initiatives that improve the professionalism and cybersecurity expertise of the government workforce. I was originally nominated by sitting Board Members to join the Board due to my expertise in securing large scale infrastructures against cyber threats and attacks. In 2012 I was elected to serve as co-chair of the Government Advisory Board.When I left federal service in 2014 I was asked to continue as a board member based on my previous contributions and areas of expertise. Today I contribute to the organization by:► Delivering specific advice and guidance on skills needed to ensure a technically adapt and experienced cybersecurity support resources and vendors where appropriate. ► Creating non-binding recommendations to the senior executive staff of (ISC)2 on how to support continued improvement of professional certification programs offered to the government cybersecurity workforce. ► Supporting the cybersecurity profession through Whitepapers, conference presentations, opinion pieces and interviews extolling the values of education, certification, technical expertise and leadership.
    View
  • (Isc)2
    Co-Chair, Government Advisory Board On Cybersecurity (Gabcs) & Leadership Awards Judge
    (Isc)2 Sep 2012 - Nov 2014
    Washington D.C. Metro Area
    The GABCS provides a dedicated forum where a diverse group of 20 Information Security thought leaders discuss the daily, ever-changing challenges faced by Government Information Security professionals and propose solutions on how best to evolve (ISC)2 resources, education and certification programs to help meet those challenges.My leadership duties included:-- Setting agendas and selecting speakers for Quarterly meetings-- Evaluating new projects to support the advancement of Cybersecurity-- Working closely with (ISC)2 leadership on board membership and direction-- Designing and delivering a Cyber Security presentation at yearly conferences-- Maintaining (ISC)2 credentials and mentoring those interested in Cybersecurity careers-- Supporting the process of credentialing resources to meet federal position description requirements
    View
  • Salient Crgt
    Chief Cyber Strategist & Director | Cyber Security Center For Innovation & Growth, Fed Civ And Comm
    Salient Crgt Dec 2014 - Jan 2017
    Washington D.C. Metro Area
    CRGT Inc. was a $170 million B2G IT management consulting firm serving Civilian and Defense federal agencies. Acquired by Salient in 2015, it offers expertise in Agile/DevOps Development, Big Data Analytics, CyberSecurity and Mobility services that can be integrated to create a SMAC-based operating environment. I was recruited to assist in developing Federal Civilian Agency Cybersecurity Protection offerings, leveraging CRGT's experience and capabilities utilized in DoD and the Intel environments. In addition to reporting to the COO and the Center for Innovation and Growth, I interfaced with Salient CRGT's Business Unit leaders to establish growth strategies and targets. I was responsible for:-- Supporting all business units with forward-reaching Cyber Security solutions and thought leadership -- Managing an engineering team supporting clients with IPv6 network protocols-- Interfacing with Federal Civilian Agencies to leverage existing solutions for DOD and Intelligence Community environments where best value is critical. In this role I successfully:► Presented Salient CRGT capabilities to increase exposure for overall business growth and recognition► Provided cross-functional support for business opportunities where security capability is a differentiator► Evaluated emerging technologies and vendors and explored potential partnerships for increasing existing and planned agency support needs► Oversaw, evaluated and provided input for RFI/RFP requests from organizations seeking services and support in Cyber Security initiatives at the federal and state agency level► Assessed existing Cyber Security solutions for validity and value-add providing feedback for updates/changes and redesign based on changing requirements and technologies► Evaluated Request for Proposals and Statements of Work against security needs/capabilities and assigned resources to support engineering and implementation activities to ensure success.
    View
  • Gtra Government Technology Research Alliance
    Technology Advisory Board Member | Cybersecurity & Technology Reviews For Federal Agencies
    Gtra Government Technology Research Alliance 2012 - 2015
    Washington D.C. Metro Area
    I was nominated by GTRA's co-founder to join this board. Evaluating technology offerings as it relates to the needs of the Federal Agencies.During this period I successfully:► Addressed requests every quarter from the Federal Cybersecurity Community► Spoke at two of GTRA's annual conferences widely attended by Federal Agencies as well government contractors and technology providers.
    View
  • Gtra Government Technology Research Alliance
    Advisory Board Member
    Gtra Government Technology Research Alliance 2012 - 2014
    Identify and evaluate technologies supporting federal initiatives that provided the most robust integrated solution capabilities and strategize the implementation with existing products for enhanced cyber security capability.
    View
  • United States Postal Service
    Corporate Information Security Officer (Ciso)
    United States Postal Service Sep 2009 - Nov 2014
    Washington Dc/Raleigh Nc
    The US Postal Service has the 10th largest infrastructure globally. With $67B annual revenue it's a constant target for hackers and cyber threats. After a series of career promotions, I was selected for the USPS Corporate Information Security Officer role based on my technical expertise and experience in the aggressive threat environment. Reporting to the CIO, I had wide-reaching responsibility for:-- All security issues related to cyber and physical computing infrastructure as well as hard-copy documents -- Security operations in a large-scale environment of over 500k employees, 90k contractors, 34k offices and 360k active IP addresses.-- Managers of all functional security areas: IDS/IPS, Security Compliance Monitoring, CIRT, Security Policy, Vulnerability Assessments, PCI and SOX Compliance, Firewall Policy, Hardening Standards, Metrics/Reporting and CA/PKI support.-- Liaison role with the Office of Inspector General, the Department of Homeland Security and the Postal Inspection Service on all Internal & External Investigations, Threat Assessments, Corporate Electronic Asset Protection and Technology Architecture Guidance. In this role I successfully: ► Launched a world-class Information Security Program to protect the Postal Service’s brand image and ensure that tech resources operated in a secure and trusted manner to promote customer trust. ► Protected $16B in card transactions by launching Payment Card Industry compliance monitoring plus mitigation strategies and compliance remediation activities to support PCI/DSS requirements. ► Applied the Data Loss Prevention system capability to detect and reduce physical threats to employees and sexual harassment activity► Developed Board Level Security Posture reporting metrics for the USPS Board of Governors to advise on potential threats to business operations.► Integrated Security Awareness Training for 2600► Earned Lean Six Sigma Certification, reducing fraud costs by 74%
    View
  • United States Postal Service
    Manager, National Information Systems Security | Corporate Information Security Services
    United States Postal Service Apr 2006 - Sep 2009
    Raleigh-Durham, North Carolina Area
    I was promoted into this management position when USPS consolidated both Security Oversight and Security Policy into a single corporate role with increased responsibility. In 2009, Risk Management was also elevated to this group. My peer group included Security Managers of 4 USPS Data Centers that managed access management. In this new corporate role I was responsible for:-- Identifying Potential Compliance Issues coupled with Developing Solutions and/or Compensating Controls for 8 Functional Enterprise Security Team Operations: Incident Response, Vulnerability Assessments, IPS/IDS, Security Event Monitoring, and Risk Management-- Developing a Risk Assessment protocol for use in Business Impact Discussions and ultimate Authorization To Operate (ATO) decisions-- Reporting protocols for agency interaction and information sharing with DHS and USCERTIn this role I successfully:► Realigned USPS Security Policy & Guidelines to meet NIST standards► Managed the incorporation of over 3,000 changes per year in security requirements across the corporate infrastructure for Mail Processing Engineering, Host Computing, the Perimeter Protection Team, and Information Technology Engineering & Architecture► Spearheaded security efforts to segregate Mail processing from the administrative network, reducing threats to both segments by 24%► Building consensus and security awareness for the cohesive program, negotiating a balance between securing the environment and business requirements ► Deployed and security tested Desktop Intrusion Protection on 200,000 systems► Identifying and engineering a Data Loss Prevention capability toolset and integrating it into the enterprise – resulting in a reduction of PII exposure and the identification of PCI data leaks.
    View
  • U.S. Postal Service
    Technical Services Manager - Security | Managing Incident Response Team
    U.S. Postal Service Jan 2002 - Apr 2006
    Raleigh-Durham, North Carolina Area
    I was selected for this opportunity from my peer managers to lead all technical services involved in Information Security, including Network Protection and Firewall Management as well as oversight into the Mail Processing Environment infrastructure. In my prior role I was charged with building an Incident Response Team for a large-scale environment. I was then promoted into this opportunity to manage the team I created.In this role I was responsible for:-- Directing the activities of the Computer Incident Response Team, Security Vulnerability Assessment Team, Configuration Hardening Team, Intrusion Prevention/Detection Team, Monitoring Team, Policies and Procedures, Interface with OIG and Inspection Service organizations in support of cyber-crime activities. -- Identifying potential vendor offerings and investigating how new technologies would replace aging security tools and processes, considering total cost of ownership (TCO)-- Researching, recommending and introducing new security solutions to update the protection of all networks and systems supporting corporate and customer data in the custody of the USPS using the computing infrastructure-- Creating and maintaining a highly skilled group of technical resources to support security operations efforts in securing the corporate infrastructure.
    View
  • U.S. Postal Service
    Distributed Systems Security Specialist | Building Computer Incident Response Teams
    U.S. Postal Service Sep 2000 - Jan 2002
    Raleigh-Durham, North Carolina Area
    I was selected for this opportunity to determine USPS' capability to respond to Information Security threats, attacks and user compromises; to develop Threat Assessment and Response plans; and to identify appropriate staffing and technology requirements that would lead to the protection of the customer as well as employee data and the overall computing environment.In this role I designed, developed and launched a new Computer Incident Response Team capability to include Policy Requirements for Corporate Security Policy, Training Modules for Employee Education, and Configuration Review Capability.As a result, we established 3 new Cyber Protection Groups: -- The Configuration Hardening Team-- The Intrusion Prevention/Detection Team-- The Monitoring Team.Additional responsibilities related to this initiative included: -- Developing Policies & Procedures for corporate acceptance regarding Incident Reporting and Response-- Interfacing with OIG and Inspection Service organizations in support of cyber-crime activities-- Developing standards and procedures for identifying and responding to security incidents that affect the computing environment or hard copy issues where the USPS integrity could be compromised-- Building relationships with the DHS and external business partners for reporting and information sharing of threats and Virus/Malware concerns-- Introducing the USPS Daily Morning Report to show the security posture of the USPS as well as identify the previous 24 hour threat activities that could impact the USPS and it's customers.
    View
  • United States Postal Service
    Business Project Leader
    United States Postal Service Apr 1998 - Sep 2000
    Raleigh-Durham, North Carolina Area
    I was promoted to this position to deliver the technical interface between business stakeholders and developers for solutions that supported customer needs, new business initiatives and internal application enhancements to a heterogeneous technology infrastructure. I supported over 800,000 employees and contractors in a distributed nationwide environment of over 40,000 offices. I also managed 20 project managers in what we might call a PMO today, providing support and management control of over 86 projects in the Marketing and Business Enabling areas.In this role I was responsible for:-- Managing $100M budget across all projects, with SLA responsibility for supporting “high availability” systems-- Recruiting, mentoring and managing solutions developers who supported distributed deployments across desktops, servers and network infrastructures for customer-facing retail and commercial applications -- Leading Business Process Re-engineering to address changing business needs for Marketing, Human Resources and Mail Processing applications, with 5 distributed development centers and 300,000 users.
    View
  • Us Postal Service
    Dscd Program Manager | Application Testing & Certification
    Us Postal Service 1997 - 1998
    Raleigh-Durham, North Carolina Area
    Promoted to Program Manager responsible for the Testing and Certification of 66 applications supporting the Marketing and Enabling portfolios. Applications included Human Resources, Employee Assistance, Benefits, Time and Attendance, Job Bidding and Information Bulletin Board Systems.My Responsibilities included:► Providing development and deployment direction and engineering support to developers on 16 business applications in the Enabling portfolio. ► Business functionality testing and targeted deployment of software using A+EDM and CD delivery systems with appropriate pilot testing and customer acceptance.
    View

Chuck Mcgann Skills

Security Information Security Management Vulnerability Assessment Security Policy Security Solutions Architect Information Assurance Risk Management Framework Network Security Cyber Security Incident Response Security Strategist Ciso Nist Security Audits Identity Management Security Awareness Information Technology Information Security Business Continuity Disaster Recovery Fisma Computer Forensics Governance Policy Cissp Computer Security Penetration Testing Government Firewalls Enterprise Software Security Operations Cisa Application Security Vulnerability Management Risk Assessment It Audit Leadership It Management Ips Intrusion Detection Sdlc Privacy Law Cism Cloud Security Vpn Sarbanes Oxley Act Risk Management Pci Risk Analysis It Governance

Chuck Mcgann Education Details

Frequently Asked Questions about Chuck Mcgann

What company does Chuck Mcgann work for?

Chuck Mcgann works for Ec-Council

What is Chuck Mcgann's role at the current company?

Chuck Mcgann's current role is Master Instructor (C|CISO) - Contractor.

What is Chuck Mcgann's email address?

Chuck Mcgann's email address is cm****@****ree.com

What is Chuck Mcgann's direct phone number?

Chuck Mcgann's direct phone number is +191950*****

What schools did Chuck Mcgann attend?

Chuck Mcgann attended Usps Executive Leadership Program, University Of Massachusetts, Amherst, University Of Massachusetts Amherst.

What are some of Chuck Mcgann's interests?

Chuck Mcgann has interest in Social Services, Children, Environment, Education, Science And Technology.

What skills is Chuck Mcgann known for?

Chuck Mcgann has skills like Security, Information Security Management, Vulnerability Assessment, Security Policy, Security Solutions Architect, Information Assurance, Risk Management Framework, Network Security, Cyber Security, Incident Response, Security Strategist, Ciso.

Who are Chuck Mcgann's colleagues?

Chuck Mcgann's colleagues are Prathik Prabhakar, Preeti Srinivasan, Ketaki Keluskar, Yamuna Sham Mathevan, Somavaram Amarnath, Abdul Sami, Joshua Morales, Mba, Clssgb.

Not the Chuck Mcgann you were looking for?

View similar profiles

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.