Prepared, executed, and reported on audit of subset of NIST SP 800-53 cybersecurity controls to include interview, document review, and testing of systems to support compliance audit activities.
Knowledgeable on NIST Cybersecurity Framework and how the Identify, Protect, Detect, Respond, and Recover categories comprise and facilitate an information security program
Developed concise, tailored cybersecurity awareness content, improving targeted end-user base cyber hygiene
Developed Just-In-Time cybersecurity awareness content for emerging threats to reduce operational risk to tailored audiences
Semi-quantitatively analyzed cybersecurity risk using NIST SP 800-30 methodology to identify highest risk weaknesses for a system
Executed threat modeling exercise to determine higher likelihood threat events to inform cybersecurity risk modeling
