Cyber Security Architect
Current• Part of Cloud Core Team for Microsoft Azure. Agile methodologies are being established for IaaS and PaaS.• Building and Securing the deployment of Office365, SharePoint, OneDrive.• Assisting in the establishment of the Mobile Center of Excellence.• Assisting in establishing the governance for mobile access.• Assisting with the integration of Microsoft Intune Mobile Access Management (MAM) policies.• Securing users requirements for using mobile native applications.• Assisting in securing our Identity Provider and enabling multi-factor authentication.• Initiated the unification and maturity of the Cyber Security Framework by adopting NIST 800-53 series security controls and the Cloud Security Alliance Cloud Controls. This involved aligning across the organization and cross-referencing various industry regulations, e.g. NEI 08-09, American Water Works Association.• Act as a member of the Risk Ranking team. We collaboratively assess risk of various types of vulnerabilities to determine what the residual risk to the organization is.• Update and establish security policies.• Assisting with the modernization of how sensitive data is handled, protected, and labeled. Automating tagging documents that contain confidential and highly confidential information.• Assist in ensuring Palo Verde Generating Station’s projects are adhering to the security controls, are aware of, and leveraging enterprise resources for securing their technologies.• Assisting in securing the digital transformation of our water treatment facility.• Review, comment, or edit vendor contracts, statement of work agreements, and perform third party risk assessments to ensure the security posture of a business partner aligns with the requirements of our cyber security department.• Provide hours and budget required to IT for security personnel involvement in projects. Projects are measured by level of complexity, must achieved, and determined to be O&M or can be Capitalized.