Diversity Cyber Council is a 501c3 non-profit that serves disadvantaged communities by facilitating the education, training, and staffing of underrepresented groups in cyber security by establishing a diversity talent pipeline to the cyber workforce.

I apply nuanced, wide-ranging expertise in IT security and risk management. I lead the effort in developing strategies, policies, and procedures to support operational excellence for my client's cybersecurity programs. I am also responsible for managing client executive relationships as well as providing governance and oversight of internal project teams to achieve pre-defined business goals.• Managed client executive relationships and project teams while engaging cyber security and privacy program audits/assessments.• Leads pre-assessment teams to improve client’s readiness for regulatory compliances such as HITRUST, PCI, GDPR, & CMMC.• Develops and enhances policies, procedures, and standards for client’s security program specifically related to incident response, access control, asset management, and other key related security areas.• Thought leader and specialist in security frameworks such as CSF, ISO, NIST, & COBIT.

Tasked with identifying open ePHI vulnerabilities in system servers across the organizational network to create work orders and correspond with business owners to implement access controls or alternative remediation methods to resolve potential issues. • Provided risk management oversight and compliance support for Information Security Technology (IST) Risk Management and compliance/internal control testing efforts within multi-platform environments.• Identified vulnerabilities, recommend corrective measures and addressed risk status.• Works with SME’s to conduct Electronic Protected Health Information (ePHI) assessments for risk impact; and ensured file shares security state complied with Kaiser Permanente Technical Security Standards (TSS).• Managed ePHI risks and structured Data at Rest (DAR) remediation actions; and integrated risk exemptions for open findings based on SLA requirements.• Analyzes data risk factors and make recommendations concerning risk ratings and assessment activities for mitigating controls and remediation plans for Kaiser ePHI File Share Remediation and risk mitigation process• Worked with Information Security, Information Technology, and business stakeholders to ensure HIPAA Information Security controls are managed for policies, procedures, implementation, metrics, and assurance requirements.• Provided knowledge transfer to rating risks using a defined and documented process to ascertain probability, impact, and combined score for each healthcare related risk. • Presents ePHI security assessment results and recommendations to Cyber Risk Teams for acceptance based on severity; and to Technical Security Office (TSO) to determine relevant security assessment processes and state of controls.• Participates in Risk Exemption and Security Development initiatives; and develop requirements for File Share Remediation and risk treatment of open findings prior to SLA’s expiring.

I led high-impact IT projects for SIEM operational monitoring, content development, and incident response. As a core contributor to a strategic enterprise risk management program, I assessed and managed system and network security risks, threats, vulnerabilities, and attacks. In addition, I created test plans, reports, processes, and internal/external communications.

My work took place nationwide as I conducted site go lives for distribution warehouses across the country. I oversaw integrations, configurations, and installations. I managed key relationships to control costs and quality. I also initiated an annual risk assessment program.

• Transfers data between information processing equipment and systems. • Troubleshoots automation equipment and systems to the degree required for isolation of malfunctions to specific hardware or soft ware. • Modifies existing application packages using application and operating system software and appropriate computer language commands and files. • Proficient in Microsoft Word, Excel, and PowerPoint applications and installs