Post Job Free
Sign in

Security Information

Location:
Atlanta, GA
Salary:
150000
Posted:
October 01, 2020

Contact this candidate

Resume:

Anthony M. Grantham

Fairburn, Georgia *****

*****************@*****.*** Mobile: 770-***-****

https://www.linkedin.com/in/anthony-grantham-7447073/

Senior Cybersecurity Consultant

Talented and Versatile Cybersecurity Engineering Professional with Strong Leadership Skills

Over 20-year track record, successfully leading teams, conducting assessments and advocating NIST Cyber Security Framework, and driving business, banking, and technical compliance of a variety of security standards. Conduct numerous assessments, fostering a moderate risk appetite, successfully responding to audits and federal examinations, instituting monthly metric reporting, and coaching and mentoring junior team members. Capitalize on skills in industry trends and dynamics, deep understanding of key business drivers and emerging technologies, and industry market trends.

Highlights of Expertise

Compliance

Leadership

Strategic Orientation

Establish Risk Appetite

KRIs and KPIs

NIST800-53 r4

HIPAA

Emerging Technologies

Technology Risk Framework

Risk and Control Assessment

Risk Framework and Mitigation

Disaster Recovery

FedRamp/FISMA

HITRUST

Career Experience

Consultants for Government and Industry (CGI) IT Security and Compliance, Fairfax, VA

Sole resource to support multiple top 10 US and foreign banks, serving as security subject matter expert, implementing NIST 800-53 R4, NIST Cyber Security Framework, overseeing environment scanning, ensuring vulnerability identification, remediation, and security updates.

INFORMATION SYSTEMS SECURITY/RISK COMPLIANCE OFFICER (ISS0) (10/2018 - Present)

Served as major contributor to PCI Compliance. reviewed PCI compliance scans, communicated results to executives. Key security resource for RFPs. Instrumental in bridging the gap between IT security engineering and executive management staff. Identified and remediated Cyber Risk to different LOB’s in the business sector. Provided key business unit Cyber advisory support. Ensured business processes and procedures were aligned and in compliance with Corporate Security Policies.

By partnering with Corporate Security, ensured Cloud Security. Adhered to Dodd-Frank/FFIEC/GLBA/CFPB/Bank Secrecy Act BSA/Anti-Money Laundering AML/OFARA/ANPR/FDIC/FRB.

Oversaw Data Loss Prevention (DLP).

Sun Trust Banks Inc., Atlanta Georgia

Led comprehensive cybersecurity program, enabling a tolerable level of risk enterprise-wide Risk Appetite

*Nominated Bank of the Year by Risk.Net June 2018 for Risk Appetite/KRI’S/Quantitative/Qualitative Metrics*

SENIOR VICE PRESIDENT STRATEGIC PLANNING AND CYBER RISK MANAGEMENT (03/2017 – 12/2017)

Directed and developed enterprise risk technology programs; drove quantitative metrics (KPIs and KRIs) for reporting risk appetite and tolerance reflecting a stronger and stable security environment.

Following NIST-CSF and COBIT Maturity Models, as well as FFIEC, ISO, and, Cloud Security Alliance frameworks, created a technology risk and maturity assessment tool, producing an enterprise-wide view of maturity levels.

Conducted audit support for vulnerabilities, in addition to evaluating and tracking IT controls, policies, standards, results, and mitigation plans.

Instrumental in the achievement of Enterprise Strategic IT goals and maintaining tolerance for moderate risks for all banking business units.

Resolved security business issues with cyber-security solutions, policies, and procedures.

Semais Consulting, Atlanta, Georgia

Guided and directed a technical team of 10-members focused on the client experience and high-quality advice regarding security systems, architecture, and infrastructure projects, in addition to targeting emerging technologies in fulfilling the goals of the overall business strategy.

CYBERSECURITY SENIOR CONSULTANT (11/2013 – 3/2017)

Coached, mentored, planned daily workloads for a team of 10 cyber professionals. Performed multiple complex security assessments, ensuring collaboration and cooperation by forming productive relationships with key stakeholders. Drove alignment of proper compliance and fulfillment of regulatory requirements with standards, policies, and procedures. Created strategic planning based on best practices. Resolved complex technical and operational issues

Identified and mitigated a variety of security incidents by researching, investigating, quality reviews, analyses, interpretations, and reporting.

Oversaw productive relationships with business units, conducted complicated security and vulnerability assessments, threat analysis, Pen testing, and educated end users on security frameworks (ITIL V3, NIST/ISO, COBIT5, COSO, HITRUST).

Collaborated and aligned cross-functional teams in delivering cybersecurity solutions.

Applied emerging security technologies to solve complex business security issues, following policy, procedures, and compliance standards.

Developed and tracked the annual IT security budget, proactively anticipating security needs, events, and spend.

Promoted and educated end-users on IT governance risks, compliance, and interdependencies.

Set high standards for a best-in-class security team, and set key performance indicators (KPIs) and mentored junior consultants.

First Data, Atlanta, Georgia

Due to restructuring, the Executive Director role was relocated to Denver, CO.

EXECUTIVE DIRECTOR, ENTERPRISE GOVERNANCE (7/2013 – 11/2013)

Drove and guided 10 security professionals, focused on delivering outstanding customer service. Led a variety of IT security development initiatives, meeting business initiatives and goals. Contributed and assisted cross-functional teams serving as a technical resource for security systems, architecture/infrastructure projects, and emerging technologies.

Launched a variety of programs consisting of program documentation, procedures, and processes complying with business changes and regulatory drivers.

Directed IT governance strategy for regulatory and contractual obligations, including compliance and support for best practices, cross-functional teams, and security recommendations.

KPMG, Secretary of Defense, AF/CIO

Led and performed a variety of cybersecurity projects,

CONTRACTOR SENIOR TECHNOLOGY CONSULTANT, GOVERNANCE (7/2008 – 7/2013)

Re-architected enterprise security software application, applicable to multiple clients.

Revamped cyber operations program by creating a certification and accreditation compliance solution.

Overhauled the IT Security Budget data reporting to the office of the Secretary of Defense and OMB; complied with the Federal Information Security Modernization Act (FISMA).

Reduced overhead by remediating deficiencies by streamlining business processes and employing guidance from the Capability Maturity Model Institute (CMMI).

Selected high performing team members with careful attention to competencies and skill-sets, communicating clarification of roles, responsibilities, and KPIs, with frequent mentoring and coaching.

ADDITIONAL EXPERIENCE

EXECUTIVE DIRECTOR (CISCO) ENTERPRISE NETWORKS/OPERATION (GSOC)/CRC), GLOBAL SECURITY OPERATIONS Xerox Corporation

SENIOR INFORMATION TECHNOLOGY PROGRAM MANAGER (PMO) Georgia Tech Research Institute, Atlanta, Georgia

DIRECTOR TECHNOLOGY/CTO ENTERPRISE SECURITY OPERATIONS, MARINE CORPS Okinawa, Japan/Kaneohe Bay, HI

Education & Credentials

Excelsior College, Albany, NY

MASTERS OF LIBERAL ARTS AND SCIENCES, 2020

BACHELOR OF ARTS, LIBERAL ARTS AND SCIENCES

Certifications and Licenses: Certified Network Telecommunications Engineer Certified Information System Security Manager (ISSM/ISSO) Certified Information Security Officer (CISO) Certified Computer Systems Security Concepts and Practices Certified Computer Security Risk Management Certified Computer Security Risk Assessment Certified Computer Security Risk Analysis Certified Microsoft’s Advanced Networking Techniques Certified Microsoft Windows Server Certified Microsoft Windows Professional Client Certified Microsoft’s Networking Essentials/MS Office Tools Certified Microsoft Exchange Server Concepts and Administration Certified Microsoft Exchange Server Design and Implementation Certified Microsoft Exchange Server Performance and Troubleshooting Certified Microsoft Supporting Windows Core Technologies Certified Small Computer Systems Specialist Certified Senior Management Administrations and Communications Certified Client-Centered Selling Techniques/Methodologies (PSS III) Certified Customer Needs Satisfaction Methodologies (PSSIV)

Technical Proficiencies: Security of networking protocols; HTTP; HTTPS; FTP; UDP; SMTP; Windows 10; Windows Server; Red Hat; Unix; NIST 800-53 r4; ISO27000; NIST 800-37 RMF; FISMA; Risk Assurance; Risk Analysis; Information Assurance; COBIT5; Sarbanes Oxley (SOX-404); HIPAA; HITRUST; GBLA; FFIEC; SWIFT; Bank Secrecy Act; ANPR; PCI-DSS; SOC-1; SOC-2; Anti-Money Laundering (AML); Dodd-Frank; OFARA; NYDFS;FDIC; OCC; FRB; CRPB; SWIFT compliance; Microsoft Office 365: Microsoft Teams.



Contact this candidate