Cybersecurity Director

JOE HARRISON

Beaverton, OR ***** 831-***-**** ***.*.********.**@*****.***

LinkedIn: linkedin.com/in/joe-harrison-II

PROFESSIONAL SUMMARY

Dynamic cybersecurity leader with extensive experience in the utilities industry and DoD, specializing in Information Assurance, Compliance Management, and Technology Lifecycle Management. Proven ability to improve cybersecurity posture and lead cross-functional teams to achieve regulatory compliance and operational excellence. Proficient in NERC/CIP, ISO 27001, SOC 1 & 2, NYDFS, CIS Controls, and NIST 800.53 compliance standards. Expertise in vulnerability management, risk mitigation, and incident response. Awaiting CISSP certification, currently a Certified Scrum Product Owner (CSPO).

CORE SKILLS

Regulatory Compliance: NERC/CIP, CIS Controls, NIST 800.53, ISO 27001, SOC 1 & 2

Security Program Design & Implementation

Vulnerability & Compliance Management

SIEM (Security Information and Event Management) Management

Incident Response & Disaster Recovery Planning

Network Security

Leadership Development & Relationship Management

CERTIFICATIONS

Certified Scrum Product Owner (CSPO) – Current

Cisco Certified Network Associate (CCNA) – Expired

GIAC Security Essentials Certification (GSEC) – Expired

WORK EXPERIENCE

Elyon International, Vancouver, WA

Cybersecurity Compliance Analyst March 2024 - October 2024

Remediated a backlog of open findings for compliance standards, including ISO 27001, NYDFS, SOC1, and SOC 2.

Successfully closed 70 findings and brought 40 current within six months by collaborating with cross-functional teams to create roadmaps, implement technology, and build policies.

Developed strategic solutions to mitigate compliance risks and streamline audit preparation.

Percipio Consulting Group, Portland, OR

Senior Manager, Cybersecurity January 2021 - November 2023

Led a cross-functional team to develop a CIS-based cybersecurity program, improving compliance from 2 to 14 of the 18 CIS controls over 24 months.

Created program documentation including Policies, Standards, and Guidelines for all CIS Controls.

Developed testing methodologies to validate the implementation of new controls, ensuring audit readiness.

Led governance meetings with senior leadership, presenting scorecards to report progress and compliance levels.

Identified key areas for compliance improvement and created a prioritized roadmap for audit preparation.

Portland General Electric, Portland, OR

Manager, Cyber Security Operations September 2018 - March 2020

Managed and expanded the Security Operations (SecOps) team, achieving CMMI Level 3 maturity in six months from CMMI 1 by implementing strategic initiatives in Digital Forensics and Threat Intelligence.

Led process improvements that reduced vulnerabilities, enhanced visibility, and ensured adherence to asset/software management and user access rules.

Oversaw daily operations, including training, vulnerability management, change and risk management, and incident response.

Achieved a 65% reduction in the vulnerability footprint, exceeding targets by 15%.

Founded and led the Digital Forensics and Threat Intelligence teams.

Managed cybersecurity threat response, incident response, and disaster recovery for the enterprise.

Portland General Electric, Portland, OR

Manager, Energy Information Technology October 2016 - September 2018

Managed a cross-functional team of Windows, Cisco Network, and Unix administrators, supporting Utility Critical Infrastructure Systems.

Reduced NERC/CIP audit findings from 22 to 3, avoiding significant fines by improving IT CIP compliance.

Piloted the use of automation and AI to track compliance and enhance the ability to self-report audit findings.

Managed zero-downtime upgrades for critical software and hardware systems.

Portland General Electric, Portland, OR

Supervisor, Energy Information Technology January 2015 - October 2016

Developed NERC/CIP compliance documentation and enhanced operational capabilities in Windows and Unix environments.

Created Security Playbooks for incident response based on Cyber Kill Chain analysis.

Knowledge Universe, Portland, OR

Senior Network Engineer March 2013 - January 2015

Managed data center operations, network infrastructure, firewall configurations, and led Change Management processes.

Fleet Numerical Meteorology and Oceanography Center (FNMOC), Monterey, CA

Network Security Officer November 2008 - March 2013

Managed two separate Cisco networks for classified and unclassified systems, ensuring adherence to DoD network security standards.

Led multiple annual DISA audits of network security for the command.

Updated core switching, load balancing, SIEM integration, and high availability capabilities to ensure network resilience.

EDUCATION

Master of Science (MS) in Information Technology Management

US Naval Postgraduate School, Monterey, CA

Bachelor of Science (BS) in Computer Science, Cum Laude

California State University Monterey Bay, Monterey, CA

LEADERSHIP & COMMUNITY INVOLVEMENT

Founder/Owner, Not One Hungry Child Hauling: Launched a company to support local charities and eliminate student lunch debt in Beaverton School District.

Bikers Against Child Abuse (BACA) Organizer: Orchestrated annual 100-mile motorcycle rides, raising over $60,000 in five years for child abuse prevention.

Diversity & Inclusion Advocate: Active member of the Advisory Council on Diversity & Inclusion, promoting workplace diversity and equity initiatives.

Contact this candidate