Information Security Manager

JONATHAN P. HUFFMAN

**** ** ***

th

PL, Beaverton, OR 97007 • 720-***-**** • *******@*****.***

PROFESSIONAL EXPERIENCE

Northwest Natural Portland, OR

Information Security Specialist Sept 2019 – May 2020 Led efforts to mature security processes and modernize enterprise technology across business functions

● Developed capability & organizational models that brought together IT, Security, Business and the software catalogue to enable tech consolidation and alignment to the company’s strategic vision

● Led creation of a new application security program that assessed security processes using the OWASP SAMM and built a roadmap tailored to the company’s risk profile Nike, Inc Beaverton, OR

Business Information Security Architect Consultant July 2018 - July 2019 Served as the lead security architect consultant for Nike’s Brand Marketing Technology (BMT) organization

● Provided security expertise to ensure BMT aligned with Nike’s enterprise business & security strategies, audit requirements & technology roadmaps through cross-functional integration & architecture reviews

● Partnered with executive leaders, architects, and third party vendors to design a new, secure end-to-end architecture that included a common language, data model, and stateless API integration to enable the consolidation of 160+ systems/processes across the globe and ensure GDPR & SLA compliance Ernst & Young, LLP Los Angeles, CA

Manager in Advisory - Cyber Program Management September 2015 – July 2018 Planned, managed, and advised complex projects for strategic technology initiatives at Fortune 500 companies

● Collaborated with C-suite leaders at multi-billion dollar companies across technology, retail, media & entertainment, and manufacturing industries to define their security strategies/organizations, design risk control frameworks, and develop policies that aligned business processes & enabled strategic priorities

● Advised CIOs and CISOs on planning and implementing cyber transformation best practices including but not limited to: information security organizational cultures, policy consolidation approaches, customer/supplier trust strategies, disaster recovery plans, and controls assurance requirements

● Notable Framework Experience: C2M2, NIST CSF, NIST-800-53, ISO 27001, NERC-CIP, PCI-DSS Northrop Grumman Corporation Linthicum, MD

Signals and Intelligence Analyst and Program Manager II March 2011 - June 2015 Provided strategic direction and led implementation of critical electronic systems programs

● Developed and managed project plans, timelines, and portfolios for $1.5M+/year projects with a team of 8-13 engineers, analysts and developers to build an electronic warfare and cyber visualization tool

● Managed a team of analysts to define unknown Industrial Control Systems signals using advanced software and cutting-edge techniques in applied math while assigned to the Joint PROFORMA Center United States Air Force Aerospace Data Facility, Buckley AFB, Aurora, CO Electronic Signals Analyst (1N5) - PROFORMA June 2005 - June 2009

● Served as a crew lead for a team of twelve senior and junior-level analysts to manage and coordinate advanced cyber security operational components of foreign systems EDUCATION

UNIVERSITY OF MARYLAND UNIVERSITY COLLEGE Adelphi, MD Bachelor of Science, Cybersecurity August 2014

UNIVERSITY OF CALIFORNIA, IRVINE Irvine, CA

Master of Science Certificate, Information Systems Security June 2013 CLEARANCE AND CERTIFICATIONS

● Active Top Secret – Single Scope Background Investigation (08/29/16), Full Scope Polygraph (2/7/07)

● CISSP Certification – #495184

● SCIP CIP I & II (Business Competitive Intelligence) [Harvard Business School facilitators]

● ITIL v4 Foundations Certification

Contact this candidate