Cybersecurity Engineer
G2, Inc.
NIST Guest Researcher and Contracted Support:Assisted in the development and on-going management of NIST’s Framework for Improving Critical Infrastructure Cybersecurity (NIST CSF) in response to President Obama’s Executive Order (EO) 13636. Managed RFIs, RFCs, workshops, and other public-private collaboration activities. Championed the Presidential Commission on Enhancing National Cybersecurity (EO 13718) by corresponding with industry to gather and provide cybersecurity recommendations to improve national cybersecurity. Furthermore, provided cybersecurity expertise in a variety of areas at NIST’s request including small-medium businesses (SMB), supply chain risk management (SCRM), HIPAA security rule guidance, and more.Commercial Consulting:Traveled internationally to assess and improve organizations’ security programs. Clients have included governments, financial institutions, universities, ports, R&D organizations, and medical providers of all sizes. The assessments often include risk assessments utilizing the NIST Cybersecurity Framework and several other industry leading security standards including ISO27001, CIS critical security controls, and NIST 800-53. Created and implemented various policies and procedures including asset management, security authorization and accreditation (SA&A), incident response, business continuity, and disaster recovery. Created methodologies for technical testing including application vulnerability assessments, network vulnerability assessments, and penetration testing. Supported business development through marketing and branding, creation and delivery of proposals, and opportunity capture activities.