Sandon Nachmann

*** ******* ** • Clayton, NC ****7 • 919-***-**** • adg6dn@r.postjobfree.com

WORK EXPERIENCE

Information Security Officer & Network Manager - NCSEAA; RTP, NC; Dec 2019 - Present

• Create and execute the vision and strategic roadmap for the Information Security and Network Infrastructure team in order to ensure the confidentiality, integrity, and availability of all information at NCSEAA

• Administer the NCSEAA security program, and coordinate with agency staff during annual Federal FISMA Audit to ensure compliance with all NIST 800-53 standards

• Manage $500K department budget, ensuring sufficient resources are available and allocated to projects

• Operate Azure Cloud Infrastructure via ExpressRoute connected VNET with 35 VM’s, load balanced Barracuda firewall cluster, and Barracuda WAF

• Oversee administration of Barracuda Firewalls, Cisco Firepower IPS, AlienVault SIEM, Cisco Umbrella Web/URL filtering, Cisco AMP. As well as Qualys, Imperva, Veracode, & Titania Nipper Vulnerability Scanning program

• Perform penetration testing on custom Dev web app servers using Kali Linux, ensuring OWASP best practices

• Direct an ongoing, proactive risk assessment program for all new and existing systems and advise the Executive Director of any security violations or risks

Security Consultant - MCNC; RTP, NC; July 2018 – Dec 2019

• Provide guidance and direction to 300 K-12, University, College, and Charter schools in North Carolina to achieve compliance with laws and regulations (HIPAA, PCI, FERPA, GLBA)

• Evaluate customer cybersecurity program effectiveness against industry accepted frameworks (ISO 27002:2013, NIST 800-53, NIST 800-171, NIST Cybersecurity Framework, CIS Critical Security Controls)

• Lead the design and execution of security engagements, review assessment findings, and present mitigating controls in detailed reports to optimize information security controls

• Act as “virtual CISO” working alongside school leadership to provide guidance and expertise in all areas of security

• Provide Palo Alto system/threat monitoring. Respond to system wide security events & provide incident response

• Review AWS VPC network segmentation, EC2 Security groups, NACL’s, and route tables for least privileged access. Assess public facing EC2 instances and S3 access controls Director Strategic Projects - Coastal Federal Credit Union; Raleigh, NC; March 2015 – July 2018

• Coordinated project deliverables throughout 1-year merger and acquisition of Freedom credit union, having a total project budget of approximately $2.5M

• Managed 6-month RFP for the selection of new core credit card processing system which consisted of contract reviews, pro-forma cost analysis, vendor demo’s, and recommendations to senior management

• Developed corporate project management training program which set the standards for managing projects across all business units. Taught program to 80 personnel inclusive of VP’s, Mgr.’s, & PM’s

• Directed team of 15 BA’s, Engineers, Developers, and SME’s through the implementation of Interactive Intelligence’s CIC phone dialer solution. This provided predictive dialing, real-time account lookup, and interactive recording of agent calls for collection department consisting of 50 personnel IT Project Manager - MBM Customized Foodservice; Rocky Mount, NC; Apr 2014 – Mar 2015

• Managed the deployment of SelectorPro warehouse selecting technology at 35 distribution centers throughout the country, having a total budget of approximately $15M

• Executed the rollout of RF Warehouse Scanning devices to distribution centers throughout the country. This resulted in real-time visibility into inventory, reduced labor expense, and improved accuracy and efficiency

• Served as liaison between non-technical business units and IT, communicating technical information and plans

• Worked with Clarizen and MS Project, project portfolio management tools

• Defined project scope, milestones and deliverables that support business goals in collaboration with senior management and stakeholders

IT Integration Manager - Teachers Federal Credit Union; Hauppauge, NY; Aug 2012 – Apr 2014

• Implemented Docusign eSignature suite on an enterprise level for member and employee-based documents. This led to increased efficiency, paper cost savings, and member level satisfaction

• Utilized advanced knowledge of SQL, SSRS, Crystal Reports, MS Access, and Excel for managing systems development, maintenance, and enhancements

• Researched and implemented new technologies, development tools, and commercial software products to enhance organizational efficiency and functionality

• Development of technology products, service standards and other efforts that impact lending operations for a $5.4- billion-dollar credit union

Security / Business Continuity Manager - Teachers Federal Credit Union; Hauppauge, NY; Oct 2008 – Aug 2012

• Performed comprehensive risk assessments on all aspects of security inclusive of IT Security Testing, Physical security, and regulatory compliance (PCI-DSS, FFIEC, GLBA)

• Establishment of Board of Director approved Information Technology Policy that complied with federal regulations and best practices, and provided security for the credit union and its members data

• Conducted all forms of BCP testing including call trees, tabletops, as well as oversee and evaluate bi-annual HP-UX mainframe failover testing to company hot-backup site

• Utilized Kali Linux, Armitrage, Nmap, Nessus, and Aircrack-ng to validate security controls in place PC / Project Technician - Teachers Federal Credit Union; Hauppauge, NY; Aug 2000 – Oct 2008

• Installed and configured OS software and upgrades on the 50+ Windows and Unix-variant servers (OpenBSD, FreeBSD, HP-UX), as well as the 800+ user desktop pc’s

• System administration of Cisco routers, Cisco ASA, Nortel switches, Snort IDS, Sendmail, DNS (bind)

• Maintained and updated corporate Apache web site using Dreamweaver and Photoshop

• Managed a team of eight SME’s to implement a corporate CRM solution using Harland’s Touché Sales & Service

• Met with IT Manager reporting the status of current projects, identifying issues and assessing their impact, and proactively recommending solutions

EDUCATION

Certified Ethical Hacker (CEH); #ECC7209158364 EC-Council Aug 2020 AWS Certified Solutions Architect – Associate; #2TKTT9W2MBQEQV3P Amazon Web Services Aug 2019 AWS Certified Cloud Practitioner; #81TH0GK2JEVQQZ92 Amazon Web Services May 2019 Certified ScrumMaster #722932 SCRUM Alliance Nov 2017 LEAN Six Sigma Green Belt Certified Purdue University Jan 2015 Master of Business Administration - Corporate Finance Dowling College May 2005 Bachelor of Science - Computer Science Dowling College Dec 2003 VOLUNTEER WORK

Program Mentor – Carolina Credit Union League; Sept 2015 – July 2018

• Mentor for the CUaware Protege Mentor Program which matches professionals in the credit union industry with a mentor for a period of one year

• Serve as trusted advisers and role model. Encouraged mentees by offering suggestions and knowledge, both general and specific. The goal is to help mentees improve their skills and, hopefully, advance their careers

Contact this candidate