Nick Waldmann Email & Phone Number

Montgomery, Alabama, US

• Serves as internal information security consultant to a $2B credit union, collaborating with senior leadership to identify and remediate security gaps in infrastructure and strategic projects
• Oversees the implementation of CIS and NIST frameworks to improve the maturity of the cybersecurity program, transforming the focus from compliance to risk & security
• Coordinates with information technology team to ensure effectiveness of secure configuration, vulnerability management, and monitoring controls to ensure protection of members' data
• Selects, oversees, and evaluates the effectiveness of all third-party information security vendors and their products, ensuring secure transmission, processing, and storage of data
• Promotes and facilitates activities and behavior to develop an information security culture across the organization through continuous engagement with over 300 employees
• Communicates overall status of cybersecurity posture to executive management team using definable and measurable metrics informing the current risk landscape

Montgomery, Alabama, US

• Provided enterprise level network and system installations, designs, upgrades, repairs and proactive maintenance services to regional small business customers
• Engineered the virtualization of customer server environments in Hyper-V, providing datacenter-based IaaS with continuous backups and centralized management of systems
• Managed the upgrade of 200+ client systems to Windows 10 spread across 12 companies and 20 locations within a one-month period, guarding against the expenditure of $40,000
• Designed and built workbench test network environment with connections to repair and test 8 personal computers simultaneously, improving efficiency and repair times
• Developed Windows 10 image & answer file solution, streamlining the image deployment process and reducing computer install time from 3 hours to 20 minutes
• Authored and implemented standard operating procedures detailing troubleshooting, repair, and deployment processes for client systems

Burlington, MA, US

• Led a successful remote team in design, development, implementation, and integration of cybersecurity for the Enterprise Resource Planning Common Services (ERP CS)
• Oversaw the RMF process for 5 environments ensuring system architecture and design are functional, secure and in compliance with Air Force cybersecurity requirements
• Agile product owner for cybersecurity, driving engagements between the PMO, systems integrators, and mission partners to ensure requirement prioritization and completion
• Managed drafting and approval of policies, plans, and procedures defining system security, access control, auditing, monitoring, incident response, and security testing
• Supervised vulnerability management program providing assurance systems are secure, evidenced by response to recent critical risks in Log4J, Confluence, Polkit, and Windows
• Defined cybersecurity requirements for the migration to the Oracle Cloud Infrastructure, ensuring proper segmentation of mission partner production and development zones

Burlington, MA, US

• Key member of the Air Force A4 Risk Management Framework (RMF) team, providing independent assessments of information systems security according to RMF standards
• Executed 44 RMF control-level technical risk assessments across 18 logistics information systems, analyzed compelling evidence, and identified vulnerabilities to system security
• Reviewed information system security documentation and procedures, ensuring the legislative intent of applicable laws and regulations for the system were followed
• Prepared Security Assessment Reports (SARs) advising the authorizing official of system risks or vulnerabilities discovered while providing risk mitigation recommendations
• Assessed security requirements for software and hardware ensuring the compliance with appropriate system security configuration guidelines, policies, and procedures
• Provided expert insight into control selection process; integral member of the team that identified 50 minimum baseline and 20 continuous monitoring controls for A4 systems

Burlington, MA, US

• Oversaw cybersecurity for 2 Air Force logistics systems with a combined user base of 15,000 personnel, testing 400+ RMF controls and mitigating vulnerabilities
• Developed & maintained cybersecurity documentation, including system security plans, security assessment plans, and continuous monitoring plans to enforce security policies
• Authored account management plans outlining access control policies and procedures protecting the confidentiality and integrity of sensitive munitions and Privacy Act data
• Drafted contingency and incident response plan identifying responsibilities and procedures for incidents affecting the system tracking movement of personal property
• Maintained assessment & authorization documentation and plans of action in eMASS ensuring the review, tracking, and auditing of security vulnerabilities and risk acceptance
• Coordinated with hosting enclaves to identify responsibility of cybersecurity controls, garnering approval of service level agreements formally documenting control inheritance

Randolph AFB, TX, US

• Administered networked systems, overseeing account creation, security update & patch implementation, and configuration of network services
• Isolated and troubleshot network & system faults and recovered systems from malfunctions ensuring continued availability for customers
• Analyzed vulnerabilities based on latest threat information, taking corrective action to mitigate risks through the application of security policies to defend Air Force information
• Developed, implemented, and enforced information security policies in support of national, DoD, and Air Force policy and directives
• Managed organizational IT equipment accounts verifying proper utilization and asset tracking while remediating any discrepancies
• Provided training and professional development to technicians and users through formal & informal training programs and staff assistance visits

Randolph AFB, TX, US

• Liaison between 30 degree program managers and 110 satellite campuses verifying accuracy of course documents, safeguarding regional accreditation of 71 degree programs
• Directed course evaluation procedures, revamping process guidance and streamlining the evaluation of 2,000 courses providing collegiate credit to 316,000 students
• Oversaw the course management inspections of 57 affiliated schools correcting 49 deficiencies protecting the regional accreditation of Air University
• Queried and analyzed student information system of 3 million student records ensuring accurate collegiate course credit application and institutional effectiveness
• Led 5-person team in the administration of a $245,000 travel budget, auditing over 200 travel authorizations and vouchers preventing fraud, waste, and abuse
• Co-facilitated Green Belt continuous process improvement event, identifying non-value-added tasks in transcript processing procedures, reducing 14-week backlog to 7 days

Randolph AFB, TX, US

• Established, tracked, and audited plans of action and milestones in the identification and mitigation of security shortfalls, bolstering the security posture of USCENTCOM
• Supported a team of 18 cyber security subject matter experts in cyber policy, programs, and compliance initiatives, enabling security and reliable communications capabilities
• Oversaw social media security governance through policy development and auditing of web operations procedures safeguarding military information support operations security
• Led Cybersecurity Vigilance Program training 100 personnel in secure online web operations and protecting the reputation of USCENTCOM

Randolph AFB, TX, US

• Oversaw a matrixed team of 13 personnel in the mobilization of 42 warfighters to conflicted operations worldwide with 100% on-time delivery
• Coordinated transfer of day-to-day operations to 6 squadrons after 66% personnel reduction within office while still maintaining the same operations temp
• Standardized deployment processes across group, providing oversight and guidance to 13 squadron deployment managers
• Managed 6-person team in command and control of 5,000+ personnel advising senior leadership of accountability and recovery actions during installation emergencies
• Authored deployment shortfall requests coordinating with major command functional and manning managers to prevent training impacts
• Revitalized office SharePoint site, reorganizing and refreshing the content, providing a centralized information repository for deploying personnel and commanders

Randolph AFB, TX, US

• Supervised 6 curriculum developers in the development of 22 on-the-job training guides providing technology-specific guidance and training to 43,000+ IT professionals
• Authored Air Force Emissions Security (TEMPEST) handbook and Host-Based Security System on-the-job training guide providing security instruction to 2,000+ personnel
• Self-taught and utilized Adobe Captivate to develop interactive courseware consisting of 30 simulation slides for 450 technical training students per year
• Revamped unit security program enforcing countermeasures against sensitive information release while training 200 personnel and outlining the program baseline for 12 squadrons

Randolph AFB, TX, US

• Oversaw administration of 100+ personnel in development and research of future technology solutions supporting USCENTCOM enterprise network
• Led research for cyber common operations situational awareness dashboard development through collaboration with 3 combatant commands
• Managed schedule for 14-day fire guard providing 24/7 oversight of $90 million of critical USCENTCOM network infrastructure

Randolph AFB, TX, US

• Supervised installation of 100 communication circuits and cabling supporting 2,000 personnel
• Inventoried and shipped $23.5M network infrastructure equipment during operational drawdown
• Mentored 3 junior personnel providing leadership and guidance for Air Force issues in joint environment

Randolph AFB, TX, US

• Led 7 personnel in configuration control of 2,000+ software releases for 150 government-owned application systems supporting 500,000+ users
• Administered critical web server and Oracle database distributing 4K commercial and government software products enabling the cumulative download of 53+ terabytes of data
• Engineered fault-tolerant cluster failover for critical website reducing potential downtime from hardware failure from 48 hours to less than 2 minutes providing 99.9% uptime
• Maintained IT equipment inventory coordinating the acquisition of 110 items while ensuring 100% accountability of $805,000 in assets
• Oversaw the release of 600 software packages and security updates for commercial software from Microsoft and Sun
• Designed and implemented media duplication center network sharing 3.7 TB CD/DVD images between 3 media duplicators while ensuring 99% uptime

Randolph AFB, TX, US

• Users’ first point of contact for system and user account troubleshooting, providing guidance on software and security
• Procured, configured, and tested over 100 desktops and laptops with Windows XP supporting 65 users
• Designed Microsoft Access database of 400 item inventory ensuring 100% accountability of $270K in assets while tracking network-specific information
• Outfitted 6 tactical vehicles with high frequency communication systems providing radio contact over long distances

Randolph AFB, TX, US

• Users’ first point of contact for system and user account troubleshooting, providing guidance on software and security while resolving 75% of problems over the phone
• Monitored the performance of long-haul digital and analog circuits reporting conditions to higher headquarters
• Configured, troubleshot, and maintained 4,000+ information systems while upgrading operating system on 1,600+ computers
• Diagnosed a serious design flaw in 370+ motherboards, coordinated warranty replacement of new motherboards, and repaired systems
• Administered Remedy Action Request system to monitor and record trouble tickets while providing status reports to Tier 2 and Tier 3 support functions and leadership

US

• Provided initial contact with customers, providing estimates on computer repair costs and solutions, and checking in products for repair
• Repaired and maintained customer systems, removing malware, installing and replacing hardware, and fixing software related problems
• Facilitated in-store sales, upgrades, installations and service

Graduate Certificate, Cybersecurity Management

Graduate Certificate, Cyber Defense Operations

Master Of Science (Ms), Information Technology Management

Bachelor, Information Technology

Associate In Applied Science, Information Systems Management

Associate Of Arts, Business Administration