Risk Management Incident Response
Resume:
Andrew M. Davidson
253-***-**** • ******.********.****@*****.*** • 2912 Galleon CT NE, Tacoma WA 98422 • LinkedIn Profile
EXECUTIVE SUMMARY
Dynamic Cybersecurity and Risk Management Executive with a proven track record of over a decade in fortifying enterprises against evolving cyber threats. I bring a strategic yet hands-on approach to designing, implementing, and optimizing security programs that protect organizations across government, defense, private sector, and state-level operations. I am adept at leading cross-functional teams, driving security governance, and implementing robust frameworks, I specialize in cloud security (Azure, AWS, GCP), threat intelligence, incident response, and security automation. My ability to influence executive leadership, foster security-first cultures, and navigate complex regulatory environments has positioned me as a trusted leader in cybersecurity. With extensive experience spanning garrison and theater military operations, defense contracting, private contracts, and state agencies, I offer a comprehensive perspective on risk management, compliance, and resilience-building in high-stakes environments. I am passionate about securing critical infrastructures and empowering organizations to stay ahead of emerging threats with cutting-edge security strategies.
CORE COMPETENCIES
Security Governance & Compliance – NIST, ISO 27001, CIS, HIPAA, GDPR, PCI-DSS
Cloud & Network Security – Azure, AWS, GCP, Zero Trust Architecture, SIEM (Sentinel, Splunk)
Threat Intelligence & Incident Response – Insider Threats, Nation-State Cyber Threats, Digital Forensics
Leadership & Stakeholder Engagement – Risk Management Strategy, Board-Level Communication
Secure Software Development – OWASP Top Ten, DevSecOps, Secure SDLC, IAM Solutions
Penetration Testing & Vulnerability Assessment – Nessus, Metasploit, Burp Suite, Red Teaming
Automation & Scripting – Python, Bash, Security Orchestration, Compliance Automation
Education
Doctor of Information Technology, Capella University Minneapolis, MN (In Progress). Expected Graduation September 2026
Advanced Research Techniques & Leadership: Mastered quantitative and qualitative research methods, focusing on design integrity, ethical standards, and adaptability across varied populations (RSCH7860, RSCH7864, RSCH7868). Developed leadership competencies in research oversight and application.
IT Innovation & Strategic Management: Explored progressive IT lifecycle management, emphasizing leadership within global, multicultural workforce settings (DIT8216). Acquired skills in strategic IT program management and cutting-edge security practices.
IT Consulting & Educational Strategies: Comprehensive training in IT consulting business formation, market strategy, and operational planning. Specialized in educational methods and human development in IT training environments (DIT8940, DIT8950).
Master of Science in Cyber Security and Information Assurance, Western Governors University Salt Lake City, UT July 2023
Relevant Coursework: Advanced Cyber Security Knowledge, Information Assurance Strategies, Security Policy and Compliance, Risk Management and Mitigation, Incident Response and Forensics, Strategic Planning and Leadership, Security Software Design, Ethical Hacking and Penetration Testing, Secure Network Design.
Bachelor of Science in Theology, Warner University Lake Wales, FL June 2010
Relevant Coursework: Critical Thinking and Analysis, Ethical Considerations in Technology, Effective Communication, Emotional Intelligence, Interdisciplinary Research Skills, Cultural and Global Awareness, Leadership and Team Collaboration, Adaptability and Lifelong Learning.
PROFESSIONAL EXPERIENCE
Cybersecurity Analyst and CEO
Boaz Cybersecurity LLC Tacoma, WA
Cybersecurity Analyst & CEO
Boaz Cybersecurity LLC Tacoma, WA
Dec 2022 – Present
Founded and scaled a cybersecurity consultancy specializing in compliance, risk management, and security operations.
Led security architecture design for SMB and enterprise clients, securing cloud infrastructures and optimizing incident response workflows.
Developed security governance frameworks, enforcing regulatory compliance across multiple industries.
Trained and mentored security teams, fostering a culture of continuous security awareness and improvement.
Cybersecurity Analyst Microsoft Quantum Security (Contract)/ Worldwide Technology (WWT) Redmond, WA
May 2024 – Aug 2024
Monitored Azure egress and ingress channels, utilizing SIEM tools for real-time threat detection.
Led risk assessments to identify vulnerabilities in Microsoft’s Quantum Security environments.
Conducted insider threat investigations, uncovering and mitigating security risks.
Developed cloud security processes, reducing operational risks and improving compliance adherence.
Principal Security Engineer
TQI Solutions – PSNS IMF Bremerton, WA
Feb 2022 – Dec 2022
Designed and implemented network security architectures, ensuring STIG compliance for mission-critical systems.
Led vulnerability management and penetration testing to mitigate cyber threats.
Created incident response playbooks, optimizing response times to critical threats.
Information Technology Lead
Senior Security Engineer IMCOM – Department of the Army Joint Base Lewis-McChord, WA
Feb 2021 – Oct 2021
Managed the security of a 300-endpoint network, emphasizing patch management, vulnerability scanning, and access controls.
Led secure configuration initiatives for multi-user systems, enhancing data protection and system integrity.
Secured a 300-endpoint network, managing patching, threat hunting, and access controls.
Led security configuration efforts for multi-user environments, enhancing zero-trust security models.
Automation Systems Technician, INDTAI Inc. Vienna, VA
Oct. 2019 – Dec. 2020
Led IT support initiatives, optimizing efficiency and security in alignment with information security and assurance policies.
Directed network infrastructure management, overseeing monitoring, patching, upgrading, and secure custom configurations to enhance operational readiness.
Provided strategic guidance to leadership and stakeholders, ensuring seamless communication and rapid resolution during outages and incidents.
Developed and enforced comprehensive acceptable use policies for commercial networks, ensuring compliance with DISA and JBLM standards while strengthening overall cybersecurity posture.
Designed and implemented acceptable use policies for commercial networks, adhering to DISA and JBLM standards, strengthening compliance and overall network security.
Senior Field Engineer, ATLAS International Daytona Beach, FL
Oct. 2019 – Dec. 2020
Resolved complex network, software, hardware, virtual machine, and server issues in collaboration with onsite technical teams, prioritizing application security to optimize performance and safeguard data.
Designed and deployed secure business solutions using network equipment such as routers, switches, and VoIP systems, adhering to industry security standards.
Diagnosed and mitigated performance issues proactively, addressing security risks to maintain operational integrity and compliance.
Executed application security strategies, including regular security assessments, vulnerability testing, and code reviews, fortifying systems against cyber threats.
Systems Analyst II, SOGETI – Starbucks Coffee Co. Seattle, WA
Mar. 2019 – Oct. 2019
Led cross-functional teams in troubleshooting complex system and application issues, collaborating with technical stakeholders to embed proactive security measures and mitigate vulnerabilities.
Developed and optimized scalable IT infrastructures, enhancing operational efficiency through strategic implementation of routers, switches, and VoIP systems.
Spearheaded system performance monitoring initiatives, identifying and resolving degradation issues to bolster reliability, security, and overall system resilience.
Established and enforced robust application security protocols, conducting regular audits, vulnerability assessments, and compliance checks to ensure comprehensive data protection and regulatory adherence.
Recruited, mentored, and managed offshore teams in India, transforming system analysts into high-performing professionals capable of working non-standard hours to support global operations.
Systems and Cloud Consultant
Miranda IT Solutions Fort Lauderdale, FL
Dec 2017 – Aug 2019
Developed and implemented hybrid cloud solutions, focusing on scalability and security within Azure and AWS platforms.
Delivered strategic guidance on cloud migration processes, ensuring seamless transitions and robust security postures.
Communications Manager, Insight Global, Microsoft CRM Dynamics Redmond, WA
Apr. 2017 – Nov. 2017
Developed and executed a communications strategy for the product suite, aligning messaging with business goals and customer needs.
Provided real-time reporting on high-impact incidents to stakeholders, enhancing transparency and issue resolution.
Designed training plans and procedures for future communications managers, integrating technical safeguards and software access controls.
Partnered with change, patch, and incident management functional teams to resolve issues while adhering to disaster recovery processes.
Exceeded customer SLA requirements for national and international clients through proactive problem-solving and diligent monitoring.
SATCOM Systems Operator (25S), 1SFG (A) – Department of the Army JBLM, WA
Mar. 2012 – Jun. 2016
Planned and deployed secure and unclassified networks, including satellite links, ensuring comprehensive connectivity and security.
Supervised the installation, operation, and maintenance of strategic earth terminal complexes, including antennas, ground terminals, and COMSEC equipment.
Implemented technical and physical safeguards, adhering to DISA and DOD security policies to maintain network integrity and data security.
Directed a large team of SATCOM soldiers, providing training and leadership to enhance operational effectiveness.
Ensured compliance with national security standards, integrating advanced processes and practices into daily operations.
Certifications
CISSP – Certified Information Systems Security Professional
CEH – Certified Ethical Hacker
Azure Security Engineer Associate
CompTIA Security+
PMP (Pending)
TECHNICAL SKILLS & TOOLS
Security Tools: Metasploit, Nessus, Burp Suite, Wireshark, Splunk, Azure Sentinel
Cloud Security: Azure AD, AWS IAM, GCP Security Controls
IAM & Access Control: Okta, CyberArk, Zero Trust Security
Programming & Scripting: Python, Bash, PowerShell
Compliance & Risk Management: NIST, ISO 27001, CIS, GDPR, HIPAA
LEADERSHIP & EXECUTIVE QUALITIES
Visionary Leadership: Built and scaled cybersecurity programs from the ground up.
Strategic Communication: Engaged with C-level executives and board members on risk and compliance.
Governance & Risk Mitigation: Designed security policies aligning with enterprise risk frameworks.
Cybersecurity Evangelist: Regular speaker at security forums, driving security-first initiatives across organizations.
Contact this candidate