Cybersecurity Professional

RICHARD TILLERY, CISSP, Assoc. C CISO

Clearance: TS/SCI w/CI Poly (Active)

********@*******.*** 303-***-**** LinkedIn

SUMMARY

Strategic cybersecurity executive with 20+ years of experience leading enterprise security, governance, risk management, and compliance programs across regulated military, federal, critical infrastructure, and commercial environments. Proven leader in designing and executing multi-year information security roadmaps aligned to business objectives, customer trust, and regulatory requirements. Expertise includes NIST RMF, SOC 2-aligned controls, ISO 27001 governance, CMMC planning, NIST CSF program alignment, privacy-driven security (GDPR, CCPA/CPRA), vendor and third-party risk management, secure SDLC / secure-by-design implementation, incident response leadership, and digital forensics supporting defensible eDiscovery workflows and chain-of-custody practices.

LEADERSHIP

• Enterprise Security Strategy, Roadmaps, and Maturity Programs (NIST RMF and CSF)

• Governance, Risk & Compliance (SOC 2, ISO 27001, CMMC readiness)

• Privacy & Data Protection (GDPR, CCPA/CPRA, HIPAA-aligned security controls)

• Vendor Risk Management / Third-Party Risk (TPRM), supply chain security, contract requirements

• Secure SDLC / Secure Software Development, AppSec governance, threat modeling, secure-by-design controls

• Identity & Access Management (IAM), privileged access, MFA, Zero Trust architecture

• Incident Response, breach escalation, root-cause analysis, corrective action programs

• Security Operations: SIEM, IDS/IPS, EDR/XDR integration, threat detection, vulnerability management

• Digital Forensics, evidence handling, chain-of-custody, and eDiscovery defensibility

• Executive & Board Reporting: security metrics, KPIs/KRIs, dashboards, risk posture reporting

PROFESSIONAL EXPERIENCE

CINTEL – Army Materiel Command Cybersecurity & Operational Technology Aug 2025 – Present

•Provide cybersecurity governance support for regulated construction and modernization initiatives in converged IT/OT environments.

•Develop compliance artifacts aligned to NIST 800-53 and NIST CSF to improve audit defensibility and enterprise cybersecurity posture.

•Perform risk and gap assessments to ensure security requirements are integrated into architecture and implementation.

•Create targeted training supporting secure-by-design controls for personnel operating in OT/control system environments.

SOFTWARE ENGINEERING SOLUTIONS

NATIONAL CYBERSECURITY PROTECTION TEAM / AIR FORCE Cyber Operations Planner Jan 2025 – Aug 2025

•Led development of cyber operations strategies aligned to mission assurance and cyber resilience objectives.

•Produced posture assessments and executive recommendations to strengthen cybersecurity maturity and operational readiness.

•Supported resilience planning and continuity alignment across operational initiatives.

VISS, LLC Founder & Principal Security Executive / CISO Consultant Apr 2007 – Jan 2025

•Served as a leader delivering enterprise security programs in regulated environments, defined security roadmaps and risk governance.

•Built audit-ready compliance structures aligned to SOC 2 and ISO 27001 expectations, including policy frameworks, control narratives, and evidence models.

•Owned enterprise incident response program development, including escalation, breach handling, forensic evidence collection, and corrective action.

•Led vendor risk management (TPRM) programs including supplier tiering, due diligence, contractual security requirements, and remediation tracking.

•Guided secure SDLC governance, application security controls, threat modeling, and risk-based secure-by-design architecture practices.

XCEL ENERGY Consultant Senior Manager, Cybersecurity Feb 2016 – Nov 2017

•Oversaw security operations including incident response, vulnerability management, and cyber forensics supporting regulated environments.

•Led deployment of FTK eDiscovery Suite supporting legally defensible investigations and chain-of-custody workflows.

•Directed vendor security assessments and third-party risk evaluations, reducing supply chain exposure.

•Supported compliance alignment with NIST CSF, NERC CIP, and ISO-aligned practices across enterprise and OT environments.

U.S. DEPARTMENT OF ENERGY – NNSA Senior Security Consultant Nov 2012 – Dec 2013

•Directed teams restoring compliance across multiple high regulation programs; transitioned compliance initiatives from red to green.

•Built executive metrics and reporting mechanisms for risk, incidents, and compliance posture.

•Assessed and re-architected cybersecurity monitoring for nuclear facility operations.

UNITED STATES ARMY (ACTIVE DUTY & RESERVE) — Cybersecurity Operations, Cyber Counterintelligence & Digital Forensics 2006 – 2020

•Led mission-critical cybersecurity operations and investigative response programs, directing incident triage, threat detection, containment, root-cause analysis, and corrective action planning under high-stakes operational constraints.

•Provided executive operational oversight through structured briefings and decision-support reporting to senior stakeholders, translating complex cyber risk and mission impacts into actionable priorities, resourcing decisions, and operational direction.

•Led and coordinated cyber counterintelligence missions across the European Area of Responsibility, increasing Detachment operational tempo by 30% while enabling other detachments to maintain operations with minimal disruption.

•Developed and governed standardized cyber forensic SOPs, evidence-handling workflows, and chain-of-custody procedures to ensure defensible investigations and repeatable execution across geographically distributed teams.

•Orchestrated operational planning and cross-functional coordination across multi-organization teams, sustaining continuity of operations and improving operational throughput by 40% during periods of elevated demand.

•Produced operational readiness and performance and reporting (activity volume, risk, response timelines, and capability gaps), enabling leadership visibility into security posture, operational capacity, and mission assurance outcomes.

EDUCATION

Southern New Hampshire University — B.S. Information Technology Management (Expected 2026)

CERTIFICATIONS Current* and Past

*CISSP (ISC2) *Associate C CISO (EC-Council) CEH CHFI CDFE CDMC IASO DHS ICS-CERT Training

Contact this candidate