Keith Swanson

Keith Swanson Email and Phone Number

Cyber Information Security Officer | Strategic Program Management Solutions | MBA, CISSP, ISSM, CFE @ Swan Management Group (SMG)
Keith Swanson's Location
Greater Orlando, United States, United States
Keith Swanson's Contact Details

Keith Swanson personal email

n/a

Keith Swanson phone numbers

About Keith Swanson

Driving Confidentiality, Integrity, and Availability of Enterprise Information SystemsSecurity leader with 20 years of expertise in optimizing enterprise cybersecurity for global Fortune 500 companies. Dynamic Program Manager with experience in designing and implementing enterprise-wide cyber risk security Risk Management Framework (RMF) strategies. Expertise in cyber risk management, regulatory compliance, data management/security, data warehousing and big data environments. Dedicated to creating and maintaining enterprise information security management programs to leverage technology to safeguard information assets are data. A visionary who translates evolving industry risks into ambitious technology roadmaps and robust security programs. Excels at consistently synergizing people, processes, and technology around proactive defense. Committed to maintaining an organization’s information differential through security frameworks of practices, controls assessment, and processes designed to secure competitive advantage. Drive corporate culture to adopt high standards and perspective that fosters cyber risk identification and mitigation techniques, and a commitment to transparency and learning that helps build a strong risk culture and reputation. Articulates information security risks to enable solutions that balance information security, risk, business agility, and reduce residual risk of enterprise. Specialties: Cyber Security Threat & Vulnerability ManagementIT Security Strategy, Policies, Standards, & GuidelinesInformation Security Compliance Metrics & Reporting Technical Security Risk Assessments Program and Project Management Risk ManagementSOX, SSAE-16, SOC1, SOC2FISMA NIST 800 FEDRAMPSecurity AssessmentsCertification & AccreditationBusiness Disaster Recovery and Continuity PlansIT Governance & Best Practices Security Tools & TechnologiesPolicy Management & DevelopmentSystems Analysis and Design Cyber Security Risk Management DoD Experience Third Party Vendor ManagementPolicy Management & DevelopmentInformation Assurance Technical (IAT)Information Assurance Management (IAM)ISO 27001 Framework and ImplementationStandards Audit Multi and Two Factor Authentication (MFA / 2FA)Unix and Linux AdministrationTechnical ReportSystem ConfigurationApplication Risk ManagementNetwork SecurityCertification & AccreditationOperational PlanningIncident Response PlansIT Audit Risk ManagementOperational Technology (OT / ICS / SCADA)Microsoft Office (O365)Contingency PlansActive DoD Top Secret (TS/SCI) Security Clearance

Keith Swanson's Current Company Details
Swan Management Group (SMG)

Swan Management Group (Smg)

View
Cyber Information Security Officer | Strategic Program Management Solutions | MBA, CISSP, ISSM, CFE
Keith Swanson Work Experience Details
  • Swan Management Group (Smg)
    Strategic Program Management Solutions | Lead Cyber Information Security Officer
    Swan Management Group (Smg) Jul 2007 - Present
    Washington, District Of Columbia, Us
    Implement strategy between operational management and strategic management to increase security risk appetite profile and bring value to projects while improving business competitive advantage through threat modeling and risk modeling. Provide IT cyber risks and controls guidance as independent oversight subject matter expertise for enterprise cyber risk appetite employing proactive and reactive analytical review approach. Partner with defense in depth support including first, second, and third lines of defense to identify, measure, monitor, report and manage IT cyber risks. Utilize multiple vendor Cyber Security Assessment and Management (CSAM) tools and techniques to monitor and assess potential internal and external threats and vulnerabilities to identify emerging risks. NIST CSF cybersecurity framework general IT security controls and tailoring for specific medium and high category protections and Critical Security Controls (CIS) and CIS Benchmarks for best practices for IT system security and data protection of mission critical data.
    View
  • Admiral Construction
    Senior Cyber Security Manager
    Admiral Construction Aug 2023 - Dec 2023
    Technical Program Manager leading client’s Information Cyber Risk Security implementation upgrade program. Worked directly with the executive stakeholders in Information Technology, Manufacturing, and Research and Development. Created Initial Roadmap and performed capability gap assessment to identify, documented, and improved security vulnerabilities of corporate application functions on enterprise IT domain devices. • Created Enterprise IT technology infrastructure cybersecurity strategy for Identity Access Management (IAM) access to privileged resources, product/service development, and corporate application functions .• RMF A&A risk assessment of the Frame, Assess, Respond, and Monitor packages processes for ATO FCL Defense Counterintelligence and Security Agency (DCSA) clearance for contractor roles and responsibilities.• Performed cyber risk assessment and measurement of on-premises and cloud applications, infrastructure components, and database management systems utilizing Privileged Access Management (PAM) management tools • Deliver weekly and monthly key metrics related to projects, status reports to stakeholders and senior management.• Conducted annual CUI training for compliance with CUI Notice 2020-01 and DODI 5200 • Identify and prioritize NIST SP 800-171 IT Security controls and guidelines for business objectives • Conduct Vulnerability Scanning, Penetration Testing, Zero Trust Architecture Testing, and Automated Code Review.• Developed Identity and Access Management (IAM), Privileged Access Management (PAM) and Information Security Controls for existing Microsoft Azure Active Directory architecture and upgrade to Microsoft Entra ID. • Monitor and report on key performance indicators (KPIs) related to IT Security and briefed executive staff• Performed risk assessment and measurement of cloud applications supporting risk compliance for analysis to ensure mitigating controls and action plans were implemented to mitigate threats.
  • Cnhi Industrial
    Senior Cyber Security Program Manager (Sme)
    Cnhi Industrial Jan 2023 - Aug 2023
    Technical Program Manager leading client’s Information Cyber Risk Security Vulnerability Remediation and Architecture Program. Worked directly with CISO/C-Suite stakeholders and across functional teams. Developed Roadmap and performed capability assessment to identified, documented, and improved security vulnerabilities of Java based corporate application functions. • Developed remediation strategy to effectively remove 85% of all vulnerabilities.• Identified 500 corporate function applications and associated System Configuration utilizing software. • Utilized Nessus, CrowdStrike and Rapid7 CSAM tools for vulnerabilities removal and verification. • Performed risk assessment and measurement of on premises and cloud applications, infrastructure components, and database management systems utilizing Java and insecure applications thru API and cloud applications.• CrowdStrike and Rapid7 Cyber Security Assessment and Management (CSAM) tools evaluation of vulnerabilities.• Deliver weekly and monthly key metrics related to projects, status reports to stakeholders and senior management.• Verified compliance Cybersecurity Vulnerability Alerts (IAVA), and CVE remediation requirements of complex computer system prior to fielding back into network environment.• Create and execute project plan work breakdown structure (WBS) plans and update to meet changing requirements. • Utilize multiple software development life cycle (SDLC) methodologies for SaaS applications.• Microsoft Azure Active Directory (AD) infrastructure integration remediation of Identity and access management (IAM) and Privileged Access Management (PAM) to resolve role based access control SSO federated network logons.• Lead Two Factor Authentication (2FA) integration to implement Multi-Factor Authentication (MFA) utilizing Microsoft Azure and OKTA. Implement strong authentication to prevent Intellectual Property (IP) data breaches.• Implement Zero Trust Architecture for information system changes.
  • Us Navy
    Lieutenant Commander (Lcdr)/Information Warfare Intelligence Operations Officer
    Us Navy Nov 1983 - Dec 2022
    Washington, Dc, Us
    Information Cyber Security Intelligence Officer (1815, Active Reserves). 35 years of experience in the roles, missions, and functions of National SIGINT Systems. Comprehensive understanding of Cyber Security, Information Warfare and SIGINT elements including Communications Intelligence (COMINT), Electronic Intelligence (ELINT), and Foreign Instruments Signals Intelligence (FISINT).
    View
  • Campusworks, Inc.
    Chief Information Security Officer
    Campusworks, Inc. Jul 2021 - Oct 2022
    Sarasota, Florida, Us
    Responsible for overseeing all aspects of Cyber Security application deployment, data privacy, compliance, and security at multiple Higher Education institutions. Create and manage security, compliance, and data privacy programs by developing, deploying, documenting, implementing organizational change management. Build and manage strong risk management, control procedures, and incident response support. • Lead team and program to identifying, evaluating, and reporting on information security risks to compliance and regulatory requirements.• Utilized automated CSAM monitoring and incident tracking reporting tools to effectively communicate and manage incidents, defects, data quality issues to perform risk reviews and risk reduction of complex system implementations.• IAM services capabilities, Privileged Access Management (PAM), Active Directory (AD), Azure Cloud Integration• Identity and Access Management (IAM) system deployment configurations for third-party vendor cloud-based services.• Collaborate with stakeholders and executive management to determine organizational cyber risk• Establishing information security risk IT management framework (RMF) programs for Privileged Access Management (PAM) identities in customer identity and access management (CIAM) system. • Facilitates Contingency Plan Incident Response Plan (IRP) and Disaster Incident Response (DIR) Tabletop exercises.• Identify IAM user requirements for assess capabilities and perform gap analyses against baseline • Develop risk metrics to evaluate effectiveness and success of the security and privacy frameworks to ensure solution meets needs of internal and external stakeholders and provide executive leadership with recommended solutions.• Privacy Impact Assessment reporting to established process for investigating and responding to complaints of violations policies and procedures.• Lead privacy and security governance efforts to align privacy and security program with regulatory requirements.
    View
  • Ibm
    Senior Cyber Security Technical Program Manager
    Ibm Aug 2021 - Jan 2022
    Armonk, New York, Ny, Us
    Technical Program Manager providing development support and leading the client’s overall Information Cyber Risk Security Program portfolio, planning, outreach initiatives, and execution process. Identified, documented, and improved the security of applications, server and network configuration and controls across a range of diverse systems and processes. • Developed cybersecurity services, and risk mitigation multi-year roadmap to reduce programs deliverables by 10%. • Designed SSO architecture to support 300+ applications identity-as-a-service (IDaaS) for on-premises hybrid IAM• Implemented Multi-factor Authentication (MFA) for Linux / Windows utilizing Duo security integrating to protect SSH logins to protect Privileged Access Management (PAM) accounts and resources.• Developed application requirements impact assessment risk profiles based on risk categories, system location, revenue impact, lines of business, and Critical systems information configurations. • Ability to foster a culture of collaboration, accountability, and continuous learning.• Developed processes to update existing processes and procedures for execution and monitoring of risk assessments.• Created standard templates and processes for information security risk capability assessments to align with NIST SP 800 Risk Management Framework (RMF) and Cyber Security Framework (CSF) to advise best practices.• Development consolidation of 1000+ applications to manage and mitigate control risk events during project life cycle. • Problem solver who can lead team through crisis situations through rational approach, mature judgment, and clear coordination of tasks• Identify issues and escalate to appropriate stakeholders as needed, following through to resolution.• Adept at socializing, interacting, and communicating agile project plan methodologies objectives, timelines, deliverables, risks, issues and budget information to executive leadership project teams accordingly.
    View
  • Rutgers University
    Information Systems Security Manager (Issm) Sme
    Rutgers University Mar 2020 - Nov 2020
    New Brunswick, Nj, Us
    Information Systems Security Program Manager for the New Jersey Education to Earnings Data System (NJEEDS) providing support and leading the client’s GRC Information Security Program and outreach initiatives Served as the lead in identifying, documenting, and improving the security of applications, server and network configuration and controls across a range of diverse systems and processes utilizing frameworks and regulations as a reference; for example: FISMA, HIPAA, NIST Cybersecurity Framework and HITRUST.
    View
  • Mantech
    Lead Cyber Security Technical Program Manager
    Mantech Mar 2017 - Aug 2019
    Herndon, Virginia, Us
    Lead implementation of enterprise wide Cyber Security Risk Management Program based on FISMA and NIST 800-53 Standards for Information Technology and Industrial Control Systems for Port Authority of New York and New Jersey. Implemented security program policies, procedures, and standards utilizing ISO 27001 for 40+ departments and over 100 locations. Collaborated with engineering and developers for implementation requirements and adherence to NIST Cyber Security Framework security concerns for network and application projects. Presented Information Security topics for business specific issues to Board of Directors, senior leadership, department heads and the external government agencies.
    View
  • Cushman & Wakefield
    Global Director It Security And Risk Management
    Cushman & Wakefield Mar 2015 - Apr 2017
    Chicago, Il, Us
    Accountable for IT Security and Risk Management and Client Application Security Programs. Lead alignment and execution of ISO 27001, SSAE-16 SOC1/SOC2, and Sarbanes Oxley (SOX) audit certification program for client facing applications. Maintain risk awareness of services and systems used for providing technology services to clients, and executing controls appropriate for ISO 27001, SSAE-16, and SOX. Direct and develop risk assessment methodology for selecting applicable security controls. Executing Security Program policies and policy update leading compliance, privacy, and governance to enhance information security strategic programs.
    View
  • Mantech International Corporation
    Senior Cyber Security Technical Program Manager
    Mantech International Corporation Jul 2013 - Jan 2015
    Herndon, Virginia, Us
    Spearheading the development and implementation of a comprehensive risk management and security management program. Establishing Cyber Security Risk Management Program based on FISMA and NIST 800 Standards for Information Technology and Industrial Control Systems for the Port Authority of New York and New Jersey (PANYNJ).
    View
  • Computer Network Total Care, Inc.
    Security, Risk And Compliance Technical Program Manager
    Computer Network Total Care, Inc. Mar 2012 - Jul 2013
    Directed Managed Services Division and Governance, Risk, and Compliance issues. Define security, infrastructure, audit, data loss prevention, and track and quantify metrics for management risk reporting. Directed all risk management, architectural infrastructure reviews, and process improvements to maintain a secure environment for IT infrastructure, systems, applications and data. Oversee Business Continuity Disaster Recovery and cloud services.
  • Booz Allen Hamilton
    Technical Program Manager
    Booz Allen Hamilton Nov 2006 - Mar 2012
    Mclean, Va, Us
    Direct the development, design, and systems integration of US Army Communications Electronics RD&E Center (CERDEC) prototype for Improvised Explosive Device (IED) detection platform used in forward deployed wartime efforts. Defined roles, created work plans, and coordinated tactical aspects of projects. Clarified project scope and administered quality assurance reviews to minimize risk exposure on projects and ensure profitability and customer satisfaction as outlined.
    View
  • National Security Agency
    Forensic Information Security Manager
    National Security Agency Feb 2008 - Sep 2010
    Ft. Meade, Md, Us
    Mobilized for Operation Enduring Freedom into the United States Navy. Lieutenant Commander - Information Warfare Officer (O4). Identifying security risks, threats, and weaknesses to classified networks and systems through complex engineering audit analysis and vulnerability scans within large multi-platform enterprise environment. Led information security assessments, data exfiltration investigations, network forensics, and use established security and forensic tools to investigative Malware infections.
    View
  • Bae Systems/Fbi
    Northeast Regional Technical Program Manager
    Bae Systems/Fbi Oct 2001 - Nov 2006
    London, Gb
    Technical Program Manager for high profile complex large-scale FBI projects in support of Counter Terrorism Collection efforts. Directed all vendor relations, field service teams, internal software development initiatives, and service level agreements throughout the Northeast United States. Manage 34 field offices and schedule assignments of Linux, Windows, and UNIX System Administrator activities for remote office operations.
    View

Keith Swanson Skills

Security Program Management Information Security Information Assurance Computer Security Management Security Clearance Integration Information Security Management Strategy Dod Project Management Cross Functional Team Leadership Strategic Planning Project Planning Process Improvement Team Leadership Business Process Improvement Military Sigint Iso 27001 Operations Management It Security Best Practices Finance Intelligence Community Brand Management Information Security Consultancy It Infrastructure Management Mission Critical It Security Assessments Security Policy Development Computer Forensics Data Recovery Cyber Operations Compliance Management Threat And Vulnerability Management Corporate Strategy Formulation Cyber Security It Audit Corporate Security Signals Intelligence Cyber Warfare It Grc Network Centric Warfare Corporate Governance P&l Management Information Warfare Jcids Nist 800 53 Fisma

Keith Swanson Education Details

  • Unc Kenan-Flagler Business School
    Unc Kenan-Flagler Business School
    Global Business Degree
  • University Of South Florida
    University Of South Florida
    Computer Engineering
  • Edison State Community College
    Edison State Community College
    Mathmatics

Frequently Asked Questions about Keith Swanson

What company does Keith Swanson work for?

Keith Swanson works for Swan Management Group (Smg)

What is Keith Swanson's role at the current company?

Keith Swanson's current role is Cyber Information Security Officer | Strategic Program Management Solutions | MBA, CISSP, ISSM, CFE.

What is Keith Swanson's email address?

Keith Swanson's email address is ke****@****avy.mil

What is Keith Swanson's direct phone number?

Keith Swanson's direct phone number is 1 212-841*****

What schools did Keith Swanson attend?

Keith Swanson attended Unc Kenan-Flagler Business School, University Of South Florida, Edison State Community College.

What skills is Keith Swanson known for?

Keith Swanson has skills like Security, Program Management, Information Security, Information Assurance, Computer Security, Management, Security Clearance, Integration, Information Security Management, Strategy, Dod, Project Management.

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.