Fattis N. Mann

Orlando, FL 407-***-****

adwfq0@r.postjobfree.com LinkedIn

Information Security industry veteran with a solid track record of leading end-to-end information security solutions delivery for large organizations in diverse markets.

$7B ENTERPRISE PORTFOLIOS ATTRACTING & RETAINING CYBERSECURITY TALENT INDUSTRY: INFORMATION SECURITY Information Security/Cybersecurity executive with 20+ years of experience in a dedicated information security leadership role, including ownership of multibillion-dollar infrastructure support for the 17th largest US County. Strong project management, communication, and documentation skillset, including Business Continuity/Disaster Recovery, Incident Response reporting and application security reviews. Tactical knowledge of Incident Response tools and methods. Experience working in cloud environments, including IaaS, PaaS, SaaS, and IaC. DevSecOps and Product Security experience and familiarity with commercial and open-source security offerings. Success working with vulnerability management data using industry-recognized tools and prioritizing and communicating those results to non-security staff. CGRC, CDPSE, CISSP, and CRISC certified. SELECT LEADERSHIP COMPETENCIES

• Information Security

• Vulnerability Management

• DR and Incident Response

• Data Quality/Governance

• Architecture Solutions

• Analytics-Driven Decisions

• IT Initiative Leadership

• Gov., Risk & Compliance

• Customer Engagement

• Budget Management

• Product Security

• Motivating Teams

• Strategic Planning

• Collaboration & Teamwork

• Problem Solving

EXECUTIVE CAREER HISTORY & HIGHLIGHTS

Toptal, February 2023 – present

The world’s largest fully remote company with Top 3% of enterprise -grade freelance talent and talent solutions. vCISO / INFORMATION SECURITY EXECUTIVE, SENIOR ADVISOR Performing or advising on-demand engagements as a vCISO, a Cybersecurity Executive and /or a Business Information Security Officer as required by contract. I direct or advise in aligning information security, compliance and disaster recovery programs for optimal business enablement and business resilience for client companies. Key service discriminator and skillset is a track record for delivering solid project management, communication and documentation skills while leveraging balanced cybersecurity implementations for each of the specific business settings. Conduct highly effective cybersecurity communications with both technical and nontechnical staff, to include DevSecOps and SDLC team VP leads, the C-Suites and Board of Directors. SAIC (SAIC: NYSE), Orlando, FL 2013 – 2023

Science Applications International Corporation, providing government services and information technology support. DIRECTOR, CYBERSECURITY BUSINESS ENABLEMENT & RESILIENCE Built the first SAIC enterprise Cyber Business Engagement team and later integrated the Business Resilience (BR) and Disaster Recovery (DR) teams to align Information Security with global business operations. Managed 8 business information security officers, delivering product recommendations, performing software reviews, and determining cybersecurity awareness for the organization. Managed cybersecurity across 2 sectors, a $4.7B Defense & Civilian sector and a $2.7B National Security & Space sector focused on government contracts. Oversaw cyber reviews of each service to verify security controls are in place, including those supporting the US Army Corp of Engineers, Department of State, Space Defense Agency, and NASA.

• Sourced positions for the BE team to represent Cyber for In Process Reviews (IPRs) for all programs above $750M

– $1B in contract values, promoting better cyber hygiene through cyber communication, awareness, resilience, and training.

- Launched the first Cybersecurity Governance Risk & Compliance (GRC) organization to integrate former IA and Compliance Cyber personnel to perform SOX monitoring, Risk Management and insourced the $1M SOC and CSIRT teams. vCISO/Business Information Security Executive

Developing Secure & Resilient Information Management Solutions Across Multiple Lines of Business.

Fattis N. Mann Orlando, FL 407-***-**** adwfq0@r.postjobfree.com Page 2 of 2 JetBlue, Orlando, FL 2011 – 2013

The 7th largest airline in North America by passengers carried. SENIOR PCI COMPLIANCE CYBER SECURITY CONSULTANT

Recruited to address compliance issues, including the lack of an existing compliance program for managing credit card transaction processes. Conducted a risk assessment for the CDE (card data environment) and defined POS and device requirements. Reviewed existing CDE security architecture designs, including performance, confidentiality, integrity, availability, access, and total cost of ownership to integrate new technology solutions.

• Defined the 21k node Cardholder Data Environment (CDE) by personally compiling device inventory in the CDE, pricing and budgeting security tools to purchase based on a CDE Risk assessment and Attestations of Compliance (AoCs) from dozens of JetBlue Business Partners and suppliers.

• Developed $3M budget strategy for security tools and secured $1.9M in consultant fees for a team to create the first JetBlue Report on Compliance (ROC) and quickly end escalating quarterly fines up to $100K per quarter to VISA and MasterCard before the granting of Trustwave QSA.

• Completed monthly PCI DSS compensating control worksheets, self-assessment reports, and compliance requirement checklists monthly until granting of ROC.

Broward County Board of Commissioners, Ft. Lauderdale, FL 2006 – 2011

$3B+ revenue county organization (17th largest US County). DIRECTOR, IT SECURITY AND COMPLIANCE

Oversaw IT security operations for a $3B+government organization. Delivered the first budget proposal for the County Commissioner and Executive IT Security & Compliance program. Supported IT security and compliance initiatives impacting all 84 agencies, leveraging RSA Envision DLP tools to monitor and track data exfiltration and protect against insider threats.

• Developed the first budget documents ever submitted in Broward County to secure $2M in funding and build the first IT Security and Disaster Recovery team while becoming the FEMA certified NIMS Technology Incident Commander

• Collaborated with revenue-generating agency security teams to deliver an enterprise perspective and tool economies of scale for existing siloed multimillion-dollar budgets for FLL airport security, Port Everglades port security, water wastewater utility, SCADA networks, and the Department of Transportation.

• Resolved multiple conflicts and saved millions of dollars in McAfee and Microsoft tool procurements/ investments for the county, including decreasing privileged accounts from over 20% to less than 6% and closer to the industry benchmark. ADDITIONAL EXPERIENCE:

Sr. TECHNICAL CONSULTANT - AUTOMOTIVE & LOCAL GOVERNMENT SALES SECURITY ENGINEER – BossDev, MI GENERAL MANAGER PUBLIC SAFETY DIVISION & CISO - City of Detroit, MI Sr. STAFF, COMPUTER SECURITY ENGINEER & DISASTER RECOVERY CONSULTANT – Lockheed Martin Corp., MD DIRECTOR CORPORATE SECURITY & SAFETY – Technology Applications, Inc., VA EDUCATION & CERTIFICATIONS

Bachelor of Science in Criminal Justice - University of Baltimore Mechanical Engineering/Engineering Administration Coursework – US Naval Academy Certified Information Systems Security Professional (CISSP) Certified in Risk Information Systems Control (CRISC) Certified in Governance, Risk and Compliance (CGRC) Certified Data Privacy Solutions Engineer (CDPSE)

Contact this candidate