Sean Mcgurn, Ms, Mba Email & Phone Number

Washington, DC, US

Leesburg, VA, US

• NIH National Heart, Lung, and Blood Institute (NHLBI)-Program Manager for NIH RECOVER Cybersecurity Program
• Chartered and managed two Cybersecurity Programs that encompassed Cybersecurity Policy and Security Operations oversight for 20+ extramural research organizations supporting the RECOVER initiative (Long COVID Research).
• Managed FedRAMP Assessment and Authorization (A&A) sponsorship and compliance for three (3) FedRAMP authorized Cloud Service Providers. Previously served as Technical Lead on the following projects:-NIH National Heart.
• Research and development of Cybersecurity Compliance Framework for NIH COVID RECOVER biomedical research organizations.-Global Technology Organizations (Commercial)-
• Conducted security and risk assessments of organization information security program based on NIST standards (i.e., NIST CSF) and commercial industry compliance frameworks.
• Developed and implemented secure computing workspace based on Microsoft 365 GCC High and Azure GovCloud in DFARS compliance with NIST SP 800-171 and Cybersecurity Maturity Model Certification (CMMC) 2.0.-Mergers &.

Washington, District Of Columbia, US

• Supported Privacy Subject Matter Experts (SME) with the Center for Consumer Information and Insurance Oversight (CCIIO), Center for Medicaid and CHIP Services (CMCS), Office of Communications (OC), and Center for.
• Conducted privacy reviews of final Authority to Operate (ATO) packages and Privacy Impact Assessments (PIA).
• Supporting the Privacy SME in advising Cyber Risk Advisors (CRA) on privacy related items, such as Interconnection Security Agreements, Information Exchange Agreements, Computer Matching Agreements (CMA), and various.
• Supported the renewal of eight (8) marketplace CMAs critical to eligibility determinations critical to the foundation of the ACA.

Vienna, Virginia, US

• Led the NIH Information Security Program A&A Team in the management of the NIH eGRC tool (Trusted Agent) in association with A&A related processes, notably the NIST SP 800-37 RMF.
• Supported each of the seven steps of the RMF, including the remediation of findings and their associated Plan of Action and Milestones (POA&M) weaknesses as noted in security control assessments.
• Developed NIH system A&A packages (i.e., System Security Plan) in alignment with enterprise policy.
• Managed the risk assessment and waiver process.

GB

• Served on the OMB A-123 Information Security Audit Support team for the internal audit contractor for the Office of the Chief Information Office (OCIO).
• Served as an audit weakness remediation, FISMA compliance, and eGRC tool subject matter expert.
• Supported ad-hoc risk assessments, technology research, and the providing of information security guidance.

• Served on the policy and information security subject matter expertise team for the primary contractor supporting the information security program for the CMS.
• Conducted management review of ATO packages.
• Developed security authorization metrics and a continuous monitoring dashboard for the CMS enterprise-wide security authorization summary with graded criteria.
• Developed tools and tracking systems in Microsoft Access and Excel for deliverables, tasks, and other items. Reporting tools were successfully distributed and utilized in both internal management and Federal staff.
• Developed the electronic signature standard, directive, and procedure.

Arlington, VA, US

• Supported the Cybersecurity Program Support (CPS) Team, which specialized in assisting and supporting operations relating to the security and privacy operations in HHS.
• Developed and facilitated responses to inquiries related to the operational and procedural aspects of HHS Department-level and Office of the Secretary-level requirements, regulations, and policies (i.e., Policy Help.
• Supported development and implementation of mobile device policies, and IT rules of behavior policies.

I participated in a research group dedicated to analyzing the gray area in cyber-law enforcement in topics, such as attribution, ethical dilemmas, cyber-attack preparedness and response, and the application of now-archaic telecommunication laws on modern broadband services. Other points of emphasis in this research were the planning for implementation of.

US

• Supported the transition of physical case archives to soft copy in a newly developed database, observed state prosecution trials and various court proceedings, and supported case managers within the Anne Arundel County.

• Assisted an Annapolis Realtor with social media marketing and computer networking. Gained experience in customer service and marketing through the use of visual tours, area video tours, photo editing, property.
• Utilized Adobe Photoshop and other graphic design software to detail, edit, and improve pictures of interior and exterior residential settings.

I founded a collegiate Greek fraternity chapter in accordance with the ideals of its national headquarters. I participated in the executive council for a year and saw membership grow from 5 members to 60+ members. I created and maintained a club website with full social networking profile support and storefront functionality. As part of my duties on the.

Master Of Business Administration (M.B.A.)

Master Of Science (M.S.), Cybersecurity Policy

Bachelor Of Arts (B.A.), Ancient Mediterranean History

Associate Of Arts (A.A.), Transfer Studies (General)