Washington Metropolitan Area Transit Authority (WMATA) Feb 2019 - Present

Program Lead, Cyber Policy, Washington, DC

• Lead cybersecurity policy expertise for various initiatives and programs.

• Research, review and report various best practices, industry cybersecurity developments, standards, and guidelines.

• Coordinate with internal and external partners to assess stakeholder needs and increase program efficacy.

• Manage multiple projects with broad scope, ambiguity, and high degree of complexity.

• Collaborate with cybersecurity subject matter experts to gather input and develop policy analysis and reports.

• Maintain and update security policies and SOPs.

• Work with the training developer to update mandatory security training content with details on existing policies, new policies and guidance.

• Provide planning, documentation, logistics, and execution support for cyber security meetings and events.

Washington Metropolitan Area Transit Authority (WMATA) Aug 2013 – Jan 2019 Information System Security Officer (ISSO)

• Performed Security Assessments & Authorization (SA&A) utilizing the NIST RM Framework

• Configured and managed enclave network environment IAW customer support policies, procedures, and standards.

• Assisted with development and maintenance SAP IA education and training program.

• Ensured all information systems (IS) are operated, maintained and disposed of IAW SAP directives and the System Security Plan at the assigned unit.

• Ensured all users have the requisite security clearances, authorization, and need-to-know, and are aware of their security responsibilities before granting access to the system.

• Reviewed newly proposed activities by regulatory agencies to determine potential impact on company operations.

• Led the Compliance Team in monitoring and reviewing regulatory and legislative changes, preparing company’s response to regulatory changes and following up with appropriate areas to ensure required changes are implemented.

• Led the Compliance Team in the coordination and completion of all government, regulatory, and compliance documents for all business units.

• Advised and assisted in guiding local and subordinate units on implementation of applicable government security standards.

TANISHA R. ASHFORD-SIMMS

PRIETO

Highly qualified, tenacious and well accomplished professional with an extensive project management portfolio, which seeks to enhance business objectives. Conceptualizing and executing program vision from start to finish, managing complex milestones while adapting to changes and shifting priorities. Proficient in driving the design and implementation of advanced program and portfolio analytics that ensure projects and programs are completed within budget, scope, time, and with the highest level of quality. Adept at defining security requirements, designing computer security architecture, documenting security procedures and protocols, testing security solutions, and tracking incidents. CONTACT

COMPETENCIES AND EXPERIENCE HIGHLIGHTS

SUMMARY

• Technical Communication

• IT Policy, Laws & Ethics

• IT Security & Policies

• Payment Card Industry (PCI-DSS)

• Problem Solving

• Business Process Improvement

• System Architecture Design

• Program Management

• Vendor Negotiations

• Project Management

• Cybersecurity

• Risk Management

• Vulnerability Evaluation

• Microsoft Office Suite

SKILLS

PROFESSIONAL EXPERIENCE

• Skilled in implementing security solutions, including processes & procedure definition

• Experienced in new or life cycle replacement of Cybersecurity technology deployments and assessment of technologies against requirements

• Expert in demonstrating proficiency in a wide range of information security technologies, embedded security, and platforms

• Proficient in gathering and interpreting complex qualitative or quantitative data

• Proficient in reading various blueprints and technical manuals

• Experience in managing complex/large IT Security and software development project

• Proven ability to manage complex projects using structured methodologies PRIETO

1153 3rd Street NE, Washington, DC

20002

adjpkv@r.postjobfree.com

240-***-****

George Washington University 2017

• M.P.S, Security and Safety

Leadership

Strayer University 2005

• BA, Business Administration, Cum

Laude

EDUCATION

George Washington University 2017

• Certificate, Cybersecurity Enforcement

PECB 2016

• Certificate, ISO/IEC 27001 LI

AXELOS 2014

• Certificate, ITIL v3 Intermediate

APMG-International 2013

• Certificate, ITIL v3 Foundations

CompTIA 2012

• Certificate, Security+

CERTIFICATIONS

Compass Solutions, LLC, Washington, DC May 2012 – Aug 2013 ICS-Nett, Inc. Vienna, VA Feb 2011 – May 2012

Compliance Specialist

On site At: Washington Metropolitan Area Transit Authority (WMATA), Washington, DC

• Performed Security Assessments and Authorization (SA&A) utilizing the NIST RM Framework.

• Implemented and managed an effective legal compliance program.

• Developed and reviewed company policies.

• Advised management on the company’s compliance with laws and regulations through detailed reports.

• Created and managed effective action plans in response to audit discoveries and compliance violations.

• Regularly audited company procedures, practices, and documents to identify possible weaknesses or risk.

• Assessed company operations to determine compliance risk.

• Ensured all employees are educated on the latest regulations and processes.

• Resolved employee concerns about legal compliance. Tantus Technologies, Washington, DC May 2010 – Feb 2011 Security Analyst

On site at: Federal Aviation Administration (FAA), Washington, DC

• Designed, developed, and maintained new security policies, according to FAA guidelines, Privacy Project Management Policies and Guidelines.

• Developed and assisted with the implementation of enterprise-level privacy project related standards and processes for information assurance within the agency.

• Provided portfolio-level integration management and information assurance analysis coordinating activities across projects.

• Maintained a portfolio level master schedule and a tracking and reporting system, in addition to a knowledgebase repository/portal for the Privacy program.

• Performed risk analysis and provided recommendations to the FAA for Privacy program projects.

• Assessed risks/issue areas for inter-related projects and assist the FAA with generating enterprise-level mitigation plans.

• Assessed areas of efficiencies and dependencies and proposing methods of coordination and consolidation that will improve portfolio level execution.

• Provided presentations and training using approved FAA Privacy project management standards to corporate executives, senior management, and the CIO Council.

• Identified and documented lessons-learned across projects to establish areas of continuous improvement of project processes.

• Facilitated Privacy project planning activities with Project Managers to ensure that the Privacy program methodology is followed. PRIETO

TECHNICAL SKILLS

Nessus Security Center Core Impact RSA Archer MS Project MS Office Suite Corel WordPerfect Mainframe (IBM-9000 series) WebInspect Symantec DLP - Vontu Crystal Reports Snagit 9 Remedy Eastland Reports Lens 6.0 Reports US Navy administrative software/applications

SECURITY CLEARANCE: Department of Treasury/OPM DHS FULL MBI CLEARANCE

Contact this candidate