Manager Security
Resume:
Curtis Evans
Address: ***** ********* **, ******** *******, CO, 80908
Telephone: 719-***-****
Email: ***********@*****.***
Professional Profile
Experienced IT / Cyber Security Manager with a proven track record for success in cyber security, IT risk management, project management, and IT security operations. Possesses excellent problem-solving abilities, consistently reviews and utilizes information to facilitate business success. Directed IT infrastructure projects to deliver cost effective solutions for mission-critical operations. Piloted long-range planning efforts for nationally classified cyberspace/network operations. Oversaw security incident planning and handling engagements. Highly experienced in leading diverse teams to achieve in high stress environments. Knowledgeable of NIST Risk Management Framework, PCI-DSS, and HIPAA standards.
Cyber-Security Leadership
IT Governance
Budget Management
Vulnerability & Threat Management
Security Strategy Development
Program/Project Management
Risk Management
Cloud Based IT Security
Policy/Procedure Development
Team Building & Mentoring
Emerging Technologies
Career Summary
11/17 –11/19
Senior Manager, Network Security Operations
Charter Communications Greenwood Village, CO
Key Achievements
Established Standards and Evaluation program to measure team performance and improve readiness
Enhanced operational processes; reduced unresolved investigations from 430 to 15 monthly tickets
Collaborated with partner organizations; modified procedures to incorporate lessons learned into organizational continuous vulnerability and remediation program to reduce future event exposure
Established monthly status reporting to provide insight into event volume and enterprise security trends
Coordinated with vendor representatives; provided high level requirements to enhance the user interface for real-time network detection and response solution.
Oversaw requirements development and user acceptance testing to deliver phase one of a ticket automation and incident response orchestration capability.
Responsibilities
Directs 24/7 Security Incident Respond Operations--manages monitoring, containment, and reporting of cyber security events to ensure service availability and protect customer information
Leads Cyber Security escalations and functions as the incident commander during critical events
Recruits, trains, and assesses staff; manages schedules and policies to ensure operational readiness
Provides Key Performance Indicator (KPI) metrics and communicates opportunities for risk mitigation / security improvements
06/16 – 11/17
Security Incident Response Manager
Comcast Englewood, CO
Key Achievements
Led the transition of Data Loss Prevention (DLP) monitoring into Security Incident Response operations; saved $1M in annual contract cost and streamlined data loss investigation and resolution times
Managed projects to evaluate security tool monitoring and alerting performance, identified gaps and initiated efforts to move from a monitor and detect to a protection and prevention security model
Developed Security Information and Event (SIEM) content management framework, established operational drivers to select and prioritize content deployment to ensure alignment with business needs
Responsibilities
Leads a team of twenty-two Cyber Security Analyst and Engineers to provide 24/7 Cyber Security Incident Response support to detection, analysis, and containment attacks directed towards business services
Provides security incident post mortem support and reporting to ensure opportunities for improvement are identified, communicated and implemented
Oversees the development of incident handling run procedures and processes for managing escalations and notifications to key stakeholders
01/14 – 06/16
Information Assurance Program Manager
Lockheed Martin (Antarctic Support Contract) Centennial, CO
Key Achievements
Resolved and removed potential mission threats with increased management of computer incident responses
Reduced costs, improved efficiencies and maximized enterprise security with the management and implementation of changes to the program’s vulnerability management process
Successfully reduced the total cost of ownership by $60,000 annually with the standardization of a single management tool for patch and vulnerability, and standard configuration management
Resolved 76% of vulnerabilities in just two months with the identification of 30,000 previously unreported critical and third-party vulnerabilities
Eliminated dependencies on external department resources, removing 50% of the annual support requirement; standardized operations with the consolidation of operations into a single department
Improved enterprise security with the implementation of advanced planning for next generation activities
Divested $200,000 in lifecycle replacement money with the identification of capability gaps and shortfalls in current intrusion detection and response capabilities
Improved enterprise security and continuous monitoring practices three-fold with the streamlining of processes
Responsibilities
Leads a team of seven to deliver the information security program which supports the National Science Foundation / US Antarctica program across 11 operating locations with a budget of $1.3M
Provides management and expertise to network security operations; coordinates security engineering and integration activities in compliance with NIST Risk Management Framework/FISMA security standards
Analyzes and recommends preventative measures for standard configurations during assessments
05/12 – 11/14
Information Assurance Compliance Manager
Exelis (SENSOR contract), Colorado Springs, CO
Key Achievements
Improved cost effectiveness with the development of security solutions and integration with system development operations
Met with all deadlines and objectives during the delivery of projects; effectively developed plans and requirements and managed project operations for security services which delivered security engineering support for system modernizations valued at $50M
Responsibilities
Provided security support for ground-based ballistic missile defense RADAR systems; led a team of 16 to include a budget of $2.6M
Consistently identified risks and produced mitigation strategies; led teams of service and project engineering management and program senior managers; communicated deliverables effectively
Incorporated all security requirements into system designs and completed verification tests; delivered security risk assessments for authorization prior to operation
10/10 – 05/12
Offensive Cyber Operations Strategic Planner
USAF, Peterson AFB, CO
Key Achievements
Achieved $307M in funding for research and development into cyber initiatives, recommended actions and provided advice regarding advantages and limitations of current activities
Responsibilities
Provided support for a range of strategic objectives with the evaluation of program space and cyber operation developments; conducted analysis, identified gaps, and recommended investment requirements for the future
Developed comprehensive long-term plans and cyber proposals which secured a $14M budget and facilitated the delivery of offensive cyber lessons learned to defensive cyber operations
04/10 10/10
IT Project Manager
USAF, Kandahar Afghanistan
Key Achievements
Increased deployed communications capacity by 400% with the procurement of $250,000 in equipment and management of 322 IT requirements
Met with all strategic directives for joint operations with the identification of core requirements, development of support plans, and management of deployment capabilities
Responsibilities
Provided comprehensive support for Southern Afghanistan operations with effective communications plans
Delivered information assurance program management for US information systems and 2,900 NATO systems across 13 locations
06/08 – 10/10
IT Manager / Information Security System Manager
USAF, Schriever AFB CO
Key Achievements
Achieved $1.7M in savings with the removal of duplicate equipment and the re-use of security solutions and automation of information systems which supported counter-space testing and training events
Improved support for the new operations facility, increased mission capabilities, reduced system administration and sustained cost levels with the modernization of IT systems with Thin Client, Blade PC architecture and video presentation systems
Maximized the visibility of integrated operations during exercises with accurately fused mission data
Responsibilities
Provided management and leadership for IT services which included information assurance and configuration management for the US Air Force space test and training range
Provided expertise and supervision to the development and construction of a unified air, space, and cyber operations room
Professional Development
SANS SEC524: Cloud Security Fundamentals
SANS ICS410: Industrial Control Systems Security
FedRAMP Online Training Series
Applying NIST - Risk Management Framework
USAF Adv. Cyber Operations Transition
Communications Officer Networks
Network Security I & II
Project Management Essentials for IT Professionals
Education and Qualifications
Master’s Degree
Information Systems Management, Touro University International (2005)
Bachelor Degree
Management Information Systems, Colorado Technical University (2000)
Associate Degree
Electronics Communication Technology, Community College of the Air Force (1997)
Certificate
Certified Information Systems Security Professional (CISSP)
Certificate
Information Systems Security Engineering Professional (ISSEP)
Certificate
Information Technology Infrastructure Library (ITIL) v3 2011 Foundation
Contact this candidate