Data Analytics Program Manager

Tracy Adams Avery

Washington, DC New York City Dallas, TX

C: 916-***-**** E: *****.*.*****@**.***

SUMMARY

Results-driven cloud-cybersecurity and GRC expert and business owner with 13 years of experience applying technical solutions and strategy to government, commercial and small businesses’ real world problems. Technical trainer and STEM educator with an emphasis in cybersecurity, data analytics and technical skills building.

SKILLS & TOOLS MOST RELEVANT PROFESSIONAL EXPERIENCE REPRESENTATIVE OF TECHNOLOGY Dallas, TX

Owner & Managing Partner October 2021 - current

Executive Leadership & Business Management

• Develops and executes on business operations, revenue strategy, goals and objectives

• Drive technical growth and expansion strategy and seeks partnership opportunities for future business Project: Artificial Intelligence Integration Implementation (AlixPartners)

• Leading an ‘Artificial Intelligence implementation in the workplace and beyond’ initiative for the Diversity and Inclusion department of the organization

• Developing practical technical strategies and education materials for organization consumption Project: Data Analytics, ML & AI Education Program (Tuskegee University)

• Consulting for professors and staff within the Computer Science department on best practices within the industry on Data Analytics, machine Learning and Artificial Intelligence implementation

• Developing intellectual property in collaboration with the university in the data science field of study Project: Cybersecurity Program Manager (Client: Trellix)

• Led the White House Executive Order 14028 project for a large organization across multiple platforms and software development processes and acquired applications

• Managed program deliverables within approved timelines and developed budget guidelines

• Effectively managed a multiple teams across the organization to meet FedRAMP program requirements Project: Cybersecurity Program Manager (Client: State of Texas)

• Led cross-functional team under the direction of the Deputy CISO and the cybersecurity policy board to develop a process of certifying education applications with a NIST/FEDRAMP based certification

• Enterprise cybersecurity program roadmapping,

strategy development/implementation and

project/program management

• IT compliance audit (NIST RMF/CSF, FedRAMP,

ISO 27001, SOC 2, PCI)

• Cybersecurity maturity model, gap assessments

and audit prep

• GDPR, CCPA and privacy policy/regulations

• Vendor and third-party risk assessments and

management

• Cloud security - AWS and Azure well architected

frameworks and security architecture design

• Risk management and governance frameworks

• ITSM and ITIL implementation

• IDS/IPS - FireEye, ZScalar

• Business Impact Analysis, Incident Response,

Contingency Planning

• Threat modeling

• Identity and Access Management solutions

• Asset management solutions

• Vulnerability testing and management (Qualys,

Nessus, Rapid 7)

• Jira and Confluence

• Zero Trust security model strategy

• O365 Security Tools (i.e. Sentinel, Defender)

• Datacenter maintenance and migrations

• Oracle database security

• SIEM for threat response - Splunk

• Data visualization, monitoring and analyzing

• Technical and grant writing

• Project Management: Scrum, Agile

• White House Executive Order 14028

• Snowflake, Databricks

1

• Managed hundreds of technical certification assessments with a number of assessor with varying expertise and schedules

• Worked closely with the CISO to review, approve and certify applications after assessor review Project: Cloud Security Solutions Architect (Client: Private)

• Lead the development of a hybrid cloud architecture model for a multi-client based platform

• IAM solutions lead and implementation SME for complex client environments

• Developed and updated policies and SOPs for the new, modernized multi-cloud and hybrid environment

PROTIVITI Dallas, TX

Cybersecurity Strategy & Privacy — Senior Manager March 2020 - September 2021 Project: Cybersecurity Program Management

• Managed a very high-priority multi-million dollar security breach response program, with direct support of the CISO and 11 Project Manger reports

• Advised Project Managers on best practices approaches to security vulnerability mitigation to ensure accurate completion of timelines and cost requirements

• Communicated to leadership status of projects, issues with implementation and coordinated with multiple department stakeholder for faster results Project: Cybersecurity Maturity & PCI Assessment and Program Strategy

• Led multiple teams in conducting gap analysis and risk assessments to help organization recognize areas of improvement utilizing CMMI and PCI frameworks

• Built out 3-5 year roadmaps and strategic plans based on business goals, compliance requirements, technology and budgetary capabilities

• Developed improved security posture in an incremental manner while consulting on implementation, processes and procedures to meet compliance requirements Project: Remote Work Technology Effectiveness Assessment

• Conducted a full organizational leadership assessment of remote work effectiveness from a technology perspective

• Evaluated tools and criteria determined by leadership and the consulting team to determine efficiency and ability to continue work, securely, from a remote location

• Developed and presented a report to top county leadership on recommendations of effective technology use in a remote work environment, responsible for technical writing of all technical reports and documentation

KPMG Dallas, TX

Cybersecurity Strategy & Privacy — Senior Consultant/Manager September 2017 - February 2020 Cloud Migration and Cybersecurity Architecture

• Led a team introducing NIST cybersecurity framework and FedRAMP to an organization migrating on- premise systems to a cloud computing environment

• Supported and lead infrastructure migration activities and maintenance of a hybrid cloud environment

• Developed a cybersecurity program with cloud security and migration requirements detailed, including IAM, third party integrations and hybrid-cloud application data usage Oracle Database Security Lead

• Identified compliance gaps in the current Oracle database security baseline and consulted on proper implementation

• Automated Oracle security integration support into the agency’s software development lifecycle

• Informed the Information Security Group of NIST and ISO 27001 governance and risk best practices ITSM Program Lead

• Provided ITSM and ITIL processes in various areas of problem and incident management

• Led tool selection configuration to meet processes and procedures created to better meet agency’s business and technical needs

• Created SOPs and guides for departments to implement new processes 2

Continuity of Operation Program Development

• Led a team that developed a government organization’s Continuity of Operations (COOP), Business Continuity, Contingency, and Incident Response Plans

• Wrote and implemented interdepartmental Testing and Training Exercise (TT&E) of all plans

• Ensured leadership buy in and fully trained primary stakeholders of roles and responsibilities BOOZ ALLEN HAMILTON Washington, DC

Cybersecurity Strategy & Privacy — Associate August 2011 - September 2017 Cloud Migration Security Implementation

• Led pre-migration activities from a security perspective as well as capacity planning, GRC and tool integration requirements

• Developed achievable outcomes by creating use cases and testing in cloud environments, determining suitability and interoperability between on-premise and cloud configurations

• Supported the development of data governance and security strategy beyond the security architecture compliance requirements

Cybersecurity Program Implementation

• Established multiple enterprise-wide automated security assessment, compliance and continuous monitoring programs utilizing ERP tools and automated processes

• Led teams that implemented NIST 800-53, SOC 2, ISO 27001, Hi-Trust and PCI security compliance assessments for federal agencies at the enterprise and department levels

• Led operations and manage department responsibilities as a result of gaps identified and compliance requirements, implemented ITIL processes and ITSM principles Information System Security Officer

• Responsible for all in-scope IT systems required to receive and maintain an Authority to Operate (ATO)

• Developed and maintained corporate and department level IT security and privacy policies and procedures to ensure business and government regulation compliance

• Managed application security tasks and incident handling and issues tracking using Jira and Confluence tools

SRA Washington, DC

Information Assurance — Consultant June 2010 - August 2011 Project: Technical Writer

• Lead Technical Writer for a high-visibility government office’s cybersecurity engineering department

• Wrote use cases, testing results, reviews of security tools/software and security control guidance, i.e. NIST SP 800 series, SANS Top 20 and OWASP Top 10

• Authored the Security Operations Center (SOC) newsletter on cybersecurity subjects of interest and current events, internally and eternally to the organization Project: Information Assurance Analyst

• Maintained a large number (over 100) military systems’ Certification and Accreditation (C&A) compliance with 96% accuracy (avoiding expirations/federal non-compliance)

• Assisted Information Assurance Managers (IAM) to better track systems through the DIACAP process

• Developed automated processes for managing systems, tracking tasks and maintaining accreditation expiration dates

ARMY - NATIONAL GAURD & RESERVES Multiple Locations Army Corporal May 2003 - May 2011

Multichannel Transmission Systems Operator and Maintainer

• Facilitated the installation, operations, maintenance and diagnostics of various multi-channel line-of- site communications systems, communication security devices, power generators, WAN/LAN networks and associated equipment

3

• Performed systems and user administrator duties, as well as end user maintenance for various armories

• Managed and trained 100s of soldiers and held many personnel and technical leadership positions EDUCATION & CERTIFICATIONS

• Howard University June 2010

Bachelor of Science, Computer Engineering

• George Washington University June 2016

Master of Science, Computer Science - Cybersecurity

• Massachusetts Institute of Technology Professional Education Current Certification, Designing and Building AI Products and Services CERTIFICATIONS, AWARDS & PROFESSIONAL AFFILIATIONS Certifications & Certificates

• Certified Information Systems Security Professional (CISSP) Course Completion Certificate

• Project Management Professional (PMP) Course Completion Certificate

• Security+

Awards

• Women of Color in STEM – Technology Rising Star 2017

• Booz Allen Recognition: Problem Solvers: Women Who are Changing the World 2017

• National Society of Black Engineers (NSBE) – Public Policy SIG: Program of the Year 2016

• Booz Allen Excellence (BAE) Awards – STEM Girls for Social Good (SG4SG) Program of the Year 2016

• White House Summit on Computer Science for All Recognition for Non-Profit Leaders in CS 2016

• Black Engineer of the Year (BEYA) – Modern Day Technology Leader 2015 Community Leadership

• Cyber Secure Kids, LLC 2016 – present

President & CEO

• National Society of Black Engineers (NSBE) 2003 – present Various Leadership and Board Roles

Currently the Professionals Executive Board (PEB) Pre-College Initiative Chair

• The Links, Inc. Greater Denton County Chapter 2020 – present Various Leadership Roles

Currently the Services To Youth and STEM Chair

• Techbridge Girls 2016 - 2018

Washington D.C. Advisory Board Member

• Metro Warriors STEM Organization 2015 - 2018

Robotics and Cybersecurity Instructor, Program Manager

• Booz Allen’s STEM Girls for Social Good (SG4SG) 2014 - 2017 Program Development Lead

• Society of Women Engineers (SWE) 2008 - 2010

Howard University Chapter President

Professional Organizations Membership & Affiliations

• Information Systems Audit and Controls Association (ISACA) Professional Member

• Information Security Forum (ISF) SME Member

• International Information Systems Security Certification Consortium (ICS) Member

• Information Systems Security Association (ISSA) Member

• International Consortium of Minority Cyber Professionals (ICMCP) Member

• Executive Women’s Forum on Information Security, Risk Management & Privacy Member

• Engineers Without Borders - North Texas Chapter

4

• National Society of Black Engineers (NSBE) Board Member

• The Links, Incorporated

5

Contact this candidate