Risk Management, Continuous Improvement

Shelby E. Barnes Jr, CISSP

Amston, CT 303-***-****

******.*.******.**@*****.*** www.linkedin.com/in/shelby-e-barnes-jr

Trusted Senior Risk Analyst

Turn Complex Business Priorities into Effective Solutions Shape Strategies & Influence Teams

Passionate leadership in driving business optimization of cybersecurity risks throughout the enterprise with a customer service mindset. Proven record of consulting with multiple teams to identify, analyze, and create mitigation plans aligned with business and regulatory objectives. Strong attention to detail to enable effective governance over existing operational and enterprise risk areas. Always look for areas to improve efficiency and proactively bring more value to all stakeholders.

Skills

Risk Management Program Oversight IT Security Consulting Digital Transformation Leadership

Cybersecurity Governance & Policy Operational & Enterprise Risk Analysis

Cross-functional Team Guidance Risk Program Enhancement New Process Implementation

Experience

RTX DIGITAL SERVICES, Farmington, CT

Manager, Cybersecurity Risk Management 2021 - 2024

Led transformation, expansion, and maturation of digital risk management process by leveraging NIST 800-39, 800-53, 800-171, GDPR, and ISO27001. Demonstrated expert management, governance, and development of Archer risk register, using Agile methodologies, to increase efficiency of and process adoption by business units. Cultivated strategic partnerships with business unit Governance Risk and Compliance (GRC) to influence and prioritize changes to risk program tailored to specific business needs.

Awarded for leading a team of 16 to develop and implement a comprehensive risk-based digital policy exception process companywide, streamlining compliance and governance across all units that enhanced operational efficiency.

Led a team of four risk analysts to liaison with each business unit to ensure consistent messaging and process changes within the risk program.

Directed digital policy exception program, utilizing risk-based decision process, enabling business to mitigate identified risk and escalate high-risk concerns to more rigorous analysis in the digital risk register.

Oversaw new digital risk management policy and standard work development to reflect changes in process and standards, resulting in improved compliance and simplified governance.

Interfaced with cross-functional teams, including infrastructure, applications, internal audit, and vulnerability management, integrating each group’s insights into risk management strategy and content.

Mentored new team members and trained teams in various business areas on risk management tools and processes, enhancing visibility of GRC data and promoting risk-based culture.

Researched emerging threats to proactively identify uncatalogued risks within complex enterprise landscape, strengthening overall organizational security posture.

Shelby E. Barnes Jr ******.*.******.**@*****.*** Page Two

SHELTIE COMPUTER CONSULTANTS, LLC, Amston, CT

Owner 2011 - 2021

Contractor - Hybrid Technologies 2018 - 2021

Engaged with Raytheon Technologies Corporation Cybersecurity. Provided expert consulting services in a staff augmentation role developing comprehensive risk management program, policy development, governance, and CCMC level 3 compliance.

Developed unified risk management program, strengthening organizational resilience against cyber threats.

Collaborated with digital policy framework team in identifying necessary changes in control standards or additional control procedures based on identified risks.

Managed digital risk register meticulously within Archer platform, ensuring consistent format and comprehensive detail for effective and insightful risk analysis.

Consulted with all Raytheon business units in providing expert advice on identified risk and mitigation strategies.

Spearheaded training for new team members on Archer, enhancing risk capture skills.

Engineered metrics for digital policy exceptions and Archer risk register that evaluated performance.

Orchestrated risk reassessments, keeping evaluations current across all projects.

Contractor - Open Sky Corp 2011 - 2018

Engaged with United Technologies Corporation (UTC) Cybersecurity. Provided consulting services in a staff augmentation role for many processes within the UTC IT security group.

Delivered expert installation and troubleshooting of SSL certificates for 2.4K+ servers, PCI-DSS compliance, and code signing certificates as program administrator across 4 business units.

Led workflow administration and security approvals for identity and access management at UTC cybersecurity, streamlining operations and enhancing efficiency.

Executed media sanitization, using Encase 7 software, analyzed ActiveX components, third-party connection risk analysis, drove compliance analysis of new server builds, and analyzed group policy requests for ensuring adherence.

Participated in Web Hosting Committee, representing cybersecurity for 3-tier web hosting, ensuring policy compliance and assisting with architecture planning.

Provided consulting services to submitters on risk assessments and compliance, enhancing operational security.

Facilitated implementation of new software testing initiatives for corporate cybersecurity, promoting innovative proof-of-concept solutions, such as Forcepoint DLP, smartcard authorization, and digital rights management. Managed test servers, including patch and change control.

Served as digital policy exception approver while advising submitters on appropriate and relevant policy references within expansive digital policy framework.

Shelby E. Barnes Jr ******.*.******.**@*****.*** Page Three

Additional Experience

ROBERTS AV, New London, CT

Installation Manager - Twin Peaks Ambrosium, LLC, Longmont, CO

Owner / Co-founder / E-commerce and Web Hosting Consultant (Self-employment)

Provided email and web hosting resources on a part time / project basis, PCI-DSS Compliance.

ARAPAHOE DISTRIBUTORS, Boulder, CO

Vice President

Performed various roles as member of a family-owned corporation, from management to service and installation of low-voltage systems and equipment.

UNITED STATES AIR FORCE, Domestic and International locations spanning 5 duty stations

Staff Sergeant

Achieved notable recognition with 2 Air Force Commendation Medals and Air Force Achievement Medal while being recommended for prestigious Meritorious Service Medal.

Led the development of a groundbreaking technical training program for Thule Air Base, gaining US Space Command approval and global radar site implementation.

Held Top Secret SCI Clearance, demonstrating exceptional level of trustworthiness and competence in securely handling sensitive information.

Education Training Certifications

Associate’s Degree Coursework, Fort Lewis College, Durango, CO

Leadership Coursework, Community College Of The Air Force

Microsoft Training, Eastern Connecticut State University

Certified Information System Security Specialist (CISSP) #488514

ISACA CRISC Certification, Self-study Training 2024

Agile SAFe Training, 2024

ISC2 Certified Cloud Security Specialist Training (CCSP), 2023

Technologies

Archer Microsoft Office Forcepoint and Symantec DLP ActiveX SharePoint Agile SAFe Azure JIRA

Confluence Service Now AWS Linux Windows Server Confluence

Contact this candidate