Director, Grc - Public Sector
CurrentLeads Cybersecurity Governance & Risk efforts for Socure’s Public Sector SaaS identity verification platform.Key Accomplishments:Led cross-functional efforts to identify all requirements for a new system and obtain StateRAMP Authorization Developed the System Security Plan and all associated procedure and other documentation required for FedRAMP Moderate AuthorizationNegotiated security terms for over a dozen public sector contractsObtained and maintain the Kantara IAL2 certification against NIST SP 800-63 Digital Identity GuidelinesConducted a gap assessment between FedRAMP Moderate NIST SP 800-53 rev 4 and rev 5 requirements determining the impact on the operations of Socure’s ID+ solutionSuccessfully led cross-functional efforts for third party assessment organization (3PAO) assessment against FedRAMP Moderate requirements leading to a FedRAMP In Process designation Led an effort to facilitate an assessment and identify requirements to migrate an existing system to meet NIST SP 800-171 and obtain a GSA Authorization to Operate (ATO)