Played a crucial role in safeguarding the organization's cyber infrastructure and ensuring business continuity for over 6,500 employees globally. Developed and implemented a new Cybersecurity Awareness Program after the divestment from McAfee by executing phishing simulation programs to achieve a significant click rate reduction. •Planned, coordinated, and executed phishing simulation campaigns to assess the organization's susceptibility to phishing attacks. Acted as a subject matter expert on phishing-related matters, providing insights and recommendations to senior management and stakeholders to support strategic initiatives and business objectives.•Implemented themed micro-learning modules during Cybersecurity Awareness Month (CSAM), linked to SharePoint/Google Sites. Organized gamification and "capture the flag" events to boost cybersecurity enthusiasm.•Collaborated with the Security Operations Center (SOC) to conduct thorough investigations into potential instances of phishing, utilizing advanced analytical tools from vendors such as Cofense, KnowBe4, and Swimlane to identify irregularities and suspicious activities. •Managed all relationships with third-party security and awareness vendors, ensuring that budget forecasts were maintained. Also, negotiated, renewed, and managed the approval processes of vendor contracts.

Pivotal role in emphasizing the human factor in information security throughout the organization. This involved designing and executing simulated phishing campaigns and conducting testing before deployment. Collaborated with the training and awareness team to transform information security awareness content into visually appealing and easily understandable visualizations for training courses.•Identified specific audiences for targeted training, such as executives and privileged users, and tailored appropriate training and awareness programs for each group. Implemented relevant training through methods like phishing simulations or mandatory training modules for privileged users in case of failed phishing attempts.•Orchestrated meetings with stakeholders to gather and document requirements for the phishing simulation program. Leveraged leadership advocacy to promote the company's security awareness program. Provided recommendations for customized phishing programs based on industry best practices and customer goals.•Authored technical and procedural documentation along with standard operating procedures (SOPs) for internal and external use. Developed and distributed a monthly cybersecurity newsletter, companywide training materials, and standardized email responses or mail merges for efficient email distribution.•Participated in test planning, functional testing, and error reporting processes. Provided detailed documentation of identified issues, including steps to reproduce them and, when applicable, visual overviews.

Provided instrumental compliance analysis support to the Transportation Security Administration (TSA) for a federal contract overseeing the entire OLE/FAMS portfolio, which includes 13 systems, 3 of which were High Value Assets (HVA). Conducted weekly briefings with the federal Project Manager and managed the team’s system spreadsheet. Additionally, served as the point person for monthly Ongoing Authorization (OA) meetings for relevant systems.•Collaborated with system managers to review the initial stages of the Authorization to Operate (ATO) process before the assessment phase in the Information Assurance Compliance System (IACS). Provided feedback and updates to system managers and assessed all ATO packages prior to distribution.•Corrected or updated system Information Security Vulnerability Management (ISVM) and Common Vulnerabilities and Exposures (CVEs) in Archer to ensure compliance. Created and disseminated monthly reports for supported TSA systems, maintaining confidentiality and privacy regulations to protect sensitive data and uphold trust and confidence in the TSA.•Provided expertise on the use and implementation of IACS for assigned systems. Updated all documents related to assigned systems in accordance with NIST guidance. Assisted with the completion of Plan of Action and Milestones (POAMs) by resolving findings and remediating issues promptly.•Produced technical documentation for internal and external use across Governance, Risk, and Compliance (GRC) departments. Participated in quality assurance test planning, functional testing, and error reporting.•Led a team of compliance analysts and conducted bi-weekly meetings to discuss ongoing system support. Provided training and onboarding information to new analysts.

Supported the Security Training Program Team by maintaining TSA’s existing security program for end-users. Actively contributed to a social engineering campaign aimed at increasing end-user awareness, enhancing efforts through measuring the effectiveness of current and proposed training methods, and contributing to overall training program improvements.•Developed creative campaigns and approaches for security and social engineering (phishing) awareness. Submitted relevant news articles and helped assemble the weekly TSA Cybersecurity Newsletter.•Managed SharePoint sites, including site and group creation, adjusting permissions, and designing site layouts. Provided training on the use of SharePoint sites.•Advanced TSA’s security awareness program by making recommendations and developing content as needed. •Conducted Governance, Risk, and Compliance (GRC) meetings, and provided onboarding and new hire training.

Developed e-learning, online web training, and in-person training sessions. Provided monthly training for applications both on-site and off-site, including writing user documentation and updating the MAX.gov knowledge base (Atlassian/Confluence platform) using Jira. Served as the point person providing direct support for FedRAMP PMO inquiries and requests.•Worked with GSA and HHS to create the FedRAMP repository system and established the accompanying rules and authorization for access. •Acted as direct support coordinator for all FedRAMP requests, modifications, and updates to the repository. Collaborated with the PMO on several Federal Agency projects, including those for the Office of Management and Budget (OMB).•Facilitated and coordinated training for various MAX.gov applications each month. Monitored quality assurance and testing of the applications.•Implemented changes to the client's website and served as a liaison for the MAX.gov Security Team and its components.•Collaborated with development staff and clients to identify, document, and resolve application issues and problems.

Trained new employees on position functionality, coached existing employees on the implementation of new processes or tools used in AWS. Facilitated MFA, 2-factor authentication, and training of the system, virtual and token hardware, setup, removal, and troubleshooting problem areas.•Provided extensive company training for new employees about policies and procedures within AWS and current systematic knowledge for their in-house tools. This included shadowing phone calls and case reviews before responses are sent to customers.•Assisted customers with an introduction to cloud computing and how it works, also showcase the benefits of utilizing the cloud while highlighting various AWS products to enable better web presence, web trafficking, and secured data backup with a low fail over rate using cloud computing.•Used the system Remedy Tickets to close the MFA report and respond to customers after completion, while working with security and legal teams to clear up customer access to accounts and assist with policy updates for MFA.•Wrote policy and reference points for the knowledge center database, including customized response references (canned responses) in addition to updating PowerPoint training decks and other materials for group or customer sessions.