Program/Project Manager

EXECUTIVE SUMMARY

Results-driven and detail-oriented Senior Cybersecurity Project Manager and Product Owner with over 16 years of experience in both Waterfall and Agile project management methodologies. Holds multiple certifications including PMP, Associate CISO, CISM, CISA, SAFe Practitioner and ITIL. Proven expertise in delivering complex projects on time and within budget by integrating DevSecOps into Scaled Agile environments (SAFe 5.1 and 6.0). Skilled in Scrum, Kanban, and Agile coaching, with a track record of training teams, removing impediments, refining backlogs, and enhancing team capacity and velocity. Proficient in agile tools such as Jira, Trello, Confluence, Bitbucket, Zephyr, and Salesforce. Certified Six Sigma Green Belt with hands-on experience in aligning processes to business objectives to improve efficiency and quality.

PROFESSIONAL EXPERIENCE

4L IT Solutions LLC, Compliance Consultant / Cybersecurity Product Owner / Risk Management Framework (RMF) / GRC Consultant, Nov 2024 to present

Serves as the lead Senior Compliance Consultant for Chiefs Construction and Tuskegee University, directing the implementation and execution of compliance audits based on NIST CSF, NIST 800-53, ISO 27001, ISO 9001, and ISO 20000-1 frameworks.

Conducts comprehensive assessments of clients' compliance posture, identifying areas for improvement and providing strategic recommendations aligned with NIST compliance, Risk Management, and Cybersecurity best practices.

Develops robust compliance frameworks, including policies, procedures, controls, and documentation aligned with ISO standards and regulatory requirements.

Leads the implementation and optimization of the ServiceNow Strategic Portfolio Management (SPM) suite to streamline project intake, prioritization, and performance tracking across cybersecurity and compliance initiatives.

Leads initiatives for Disaster Recovery, Business Continuity, and IT Resiliency, acting in roles such as Disaster Recovery Manager, Business Continuity Manager.

Collaborates with client and executive management teams to align compliance and Risk Management goals with business objectives, ensuring implementation of effective governance, Vendor Management, and continuous improvement programs.

Facilitates training sessions and workshops to educate clients and staff on evolving compliance requirements, industry trends, and Cybersecurity best practices.

Provides Executive Reporting and strategic oversight on compliance, GRC, and IT risk posture to support informed decision-making at the leadership level.

Manages and supports cloud and on-prem environments, applying expertise in Cloud Computing, IT Infrastructure, and modern control frameworks.

Oversees Project Leadership and Program Management activities, leveraging tools like Microsoft Project, Asana, Trello, and Jira to drive delivery of security, compliance and risk initiatives.

ASTRION, Montgomery, AL: Information System Security Manager (ISSM), Mar 2024 to Nov 2024

Designed and implemented control baselines mapped to NIST 800-53 for SaaS cloud environments, ensuring alignment with FedRAMP and agency-specific security requirements.

Developed, updated, and maintained all cybersecurity documentation for IT/OT systems, ensuring compliance with standards such as ITCSC, SSP, ISCM Plan, MRAB, and Security Test Plans, accessible via eMASS.

Implemented and conducted in-depth gap assessments against NIST 800-53 Rev. 5 controls and developed tailored System Security Plans (SSPs), POA&Ms and risk treatment strategies.

Ensured IT/OT configurations aligned with DISA Security Technical Implementation Guides (STIG), Security Requirements Guides (SRG), vendor specifications, and industry best practices.

Created and maintained Standard Test Procedures (STPs) and cybersecurity test scripts according to NIST SP 800-53A and FedRamp standards.

Reviewed security artifacts to verify alignment with the SSP, noting pass/fail status for controls.

Updated eMASS records to reflect current system status and managed Plan of Action and Milestones (POA&M) items.

Recommended security solutions to mitigate identified risks to project management.

Implemented and supported Microsoft security solutions including Azure Security Center, Microsoft Defender for Cloud, and Microsoft Sentinel to monitor, detect, and respond to cybersecurity threats across cloud and hybrid environments.

Provided analysis of threat vectors, mitigations, and residual risks for failed controls, formally reporting to relevant stakeholders.

Exhibited comprehensive knowledge in security domains, including network security, intrusion detection, risk management, access control, and cryptography; configured, tuned, and maintained systems to uphold a strong security posture.

Successfully led ISO 27001 certification audits, resulting in compliance and certification; improved audit efficiency by implementing streamlined processes and tools; managed audit teams and mentored junior auditors.

Encouraged a culture of continuous improvement within the team by identifying areas for enhancement and implementing changes to optimize efficiency and quality.

Supported team members' professional growth by providing guidance, coaching, and mentoring; assisted team members in understanding and embracing cybersecurity and Agile principles and practices.

Aviation and Missiles Solutions, Huntsville, AL: Sr. Cybersecurity Analyst/ Product Owner-Scrum Master,

Oct 2021 to Mar 2024

As the Cybersecurity Agile Product Owner, I led and managed the project’s cybersecurity roadmap using Agile principles and practices. My key responsibilities and tasks are:

Led cyber project planning to collaborate with stakeholders to define cyber project goals, scope, and deliverables to developed a high-level project plan and created a backlog of prioritized user stories or tasks

Implemented Agile frameworks by using Scrum, Kanban, and SAFe Agile; facilitates Agile ceremonies, including daily stand-ups, sprint planning, sprint reviews, and retrospectives

Enhances strategic alignment and governance maturity by leveraging key SPM modules, including Project Portfolio Management (PPM), Demand Management, and Resource Management.

Led the implementation of the NIST Cybersecurity Framework (CSF) across multiple client environments, aligning security practices with business objectives and regulatory requirements.

Managed a cross-functional Cybersecurity Agile team of 12 members; assigning tasks, providing guidance, and ensuring that team members had the necessary resources and support to deliver high-quality results

Identified project risks and developed mitigation strategies; regularly assessed and addressed potential obstacles that could have impacted project timelines or deliverables

Led the overhauling of secure coding guidelines and standards, enhanced the overall security posture of the organization's applications

Implemented automated security testing tools and processes, streamlining the identification and remediation of security vulnerabilities.

Established a cyber-vault to create immutable, air-gapped backups; enhanced data protection and enabling rapid recovery from cyber threats.

Collaborated with third-party security vendors to assess the security posture of externally sourced applications, ensured compliance with regulatory requirements.

Demonstrated a strong understanding of Identity and Access Management (IAM) concepts and practices, such as Role Based Access (RBAC), least privilege, access automation methods, user access, and cloud access concepts

Supported identity governance processes, which involved defining and enforcing policies for access control, segregation of duties, and compliance requirements; allowed the organization to perform regular access reviews, manage entitlements, and demonstrate compliance with regulations and industry standards

Led cyber network design, system integration, and application development initiatives; ensured compliance with company and IT security policies, standards, operating requirements, as well as governmental guidelines and industry best practices

Managed the design and implementation of Zero Trust solutions, closely monitored compliance with regulations and industry standards

Served as Team Lead for Cybersecurity Supply Chain Risk Management (c-SCRM); continuously monitored and evaluated emerging technologies and trends in the SCRM, leveraging this knowledge to enhance and optimize network design, system integration, and application development initiatives

ERP International INC, Gunter AFB, Montgomery AL: Sr. Project Manager, Product Owner/Scrum Master, Feb 2020 to Nov 2021

Served as a servant leader consultant for Agile Development and Sustainment teams for the Medical Readiness Decision Support System (MRDSS).

Collaborated with product owners and stakeholders to define product vision, roadmaps, and prioritization based on customer needs, regulatory requirements, and business goals, ensuring the delivery of high-quality, user-centered products within agreed-upon timelines and budgets.

Managed the program's migration from a centralized integration environment to an AWS Cloud environment; consolidated and provisioned Active Directory for user access to the new environment; worked with customers to provision accounts, including ticket management, customer service desk, security rights, and permissions.

Facilitated Scrum ceremonies, including sprint planning, daily stand-ups, sprint reviews, and retrospectives; ensured adherence to Scrum principles and maximized team productivity.

Led a twenty-member cross-functional team of developers, analysts, and subject matter experts in developing requirements and user stories for MRDSS.

Monitored and communicated project progress, risks, and dependencies to stakeholders; proactively addressed obstacles or bottlenecks; managed project budgeting and monthly status reporting metrics.

Acted as Task Lead, serving as a liaison between the government Program Management Office and the contracting company.

Partnered with product leadership to drive and manage the SDLC sustainment and development processes; ensured the product team understood the direction and vision.

1 Synch Technologies, Gunter AFB, AL: Business Analyst / Functional Analyst, Jun 2019 to Feb 2020

Delivered business analytical support to the Air Force Reserve and National Guard Theater Medical Information Program Air Force (TMIP-AF) Family of Systems, including AHLTA-T, TC2, TMDS, MSAT, MIRTH, and CDR.

Led Electronic Health Record (EHR) modernization initiatives, overseeing the transformation of legacy systems to advanced EHR platforms.

Collaborated with cross-functional teams—comprising IT, medical staff, and administrators—to gather requirements, assess needs, and define project scope.

Developed and executed comprehensive modernization plans, ensuring seamless integration with existing workflows and compliance with healthcare regulations.

Conducted training sessions for medical staff, facilitating a smooth transition to new EHR systems, which significantly reduced onboarding time and enhanced user proficiency.

Coordinated with third-party vendors to integrate specialized modules, resulting in improved interoperability and enhanced patient care.

Contributed to achieving overall healthcare service efficiency, including increased data accuracy, reduced documentation errors, and improved patient outcomes.

UIC Government Services, Gunter AFB, AL: IT Acquisition Specialist/Business Analyst, Apr 2019 to Jun 2019

Collaborated with five product owners and five government leads to ensure the completion and accuracy of acquisition documentation for United States Air Force (USAF) Civil Engineering Systems.

Worked closely with stakeholders to develop business problem statements, translating them into detailed user stories for the development team.

Clearly communicated product vision and user stories to development teams, ensuring a comprehensive understanding of project objectives.

Ensured platform compliance with the National Defense Authorization Act (NDAA) and Clinger-Cohen Act (CCA) requirements.

Created and updated Service Level Agreements (SLAs), Memorandums of Agreement (MOAs), charters, and Concepts of Operations (CONOPS) to support project initiatives.

Participated in risk management workshops to identify potential system risks.

Developed and updated mitigation plans and tracked action items to address identified risks.

U.S. Army Corps of Engineers, Huntsville, AL, Senior IT Project Manager/ Cybersecurity Manager, Aug 2015 to Sep 2018

Collaborated with the Tri-Service Automated Cost Engineering System (TRACES) Program Management Office to manage a cost-estimating web portal.

Administered six databases and eight web applications, ensuring optimal performance and security.

Designed and implemented security features for various Windows architectures, web platforms, and SQL database maintenance systems.

Transitioned ten standalone environments to a DoD/Government/FEDRAMP-approved cloud source, enhancing system scalability and compliance.

Collaborated with Microsoft's Identity and Access Management (IAM) team to develop a Public Key Infrastructure (PKI), Common Access Card (CAC), and Single Sign-On (SSO) solution for provisioning user accounts on the new TRACES cloud platform.

Conducted comprehensive assessments of diverse software environments, utilizing established and customized evaluation frameworks in accordance with FISMA, NIST, and FEDRAMP policies and guidelines.

607th Air Operations Center, Osan AB, ROK: Senior Project Manager, Configuration Manager, Aug 2013 to Aug 2015

Directed Configuration Management (CM) functions for the Air Force Air Operations Center (AOC) Weapon System (WS), ensuring alignment with ANSI/EIA-649B standards.

Developed and implemented CM processes, sustaining the organization's software and hardware environments.

Managed change control for WS applications, tracking processes from initiation to completion.

Maintained strict software configuration management across NIPR, ACE, and SOSAN networks.

Facilitated the AOC's Configuration Change Board, overseeing Engineering Change Notices (ECNs), Engineering Change Requests (ECRs), and variances.

Represented the AOC at wing-level meetings, conferences, and workshops.

Prepared PowerPoint presentations and documentation for stakeholder briefings.

AFWAY, Gunter AFB, AL: Project Manager, Configuration Manager, System Administrator, Information Assurance Manager Aug 2006 to Aug 2013

Project Management: Led multiple IT projects, ensuring alignment with Air Force requirements and timely delivery within budget constraints.

Configuration Management: Implemented and maintained configuration management processes in accordance with ANSI/EIA-649B standards, ensuring accurate documentation and control of system configurations.

System Administration: Managed and administered multiple databases and web applications, ensuring optimal performance and security.

Information Assurance: Developed and enforced information assurance policies and procedures, ensuring compliance with FISMA, NIST, and FEDRAMP standards.

Stakeholder Collaboration: Coordinated with cross-functional teams, including product owners and government leads, to develop acquisition documentation and ensure compliance with National Defense Authorization Act (NDAA) and Clinger-Cohen Act (CCA) requirements.

Risk Management: Conducted risk assessments and developed mitigation plans to address potential vulnerabilities in IT systems.

EDUCATION AND CERTIFICATIONS

•Master of Science Degree in Management, Faulkner University Montgomery AL, June 2010

•Bachelor's Degree in Business Administration, Faulkner University Montgomery AL, Dec 2007

•Certified Project Management Professional (PMP), PMI, 3376274, Nov 2028

•Certified Information Security Manager (CISM), ISACA, June 2023

•Certified Information Security Auditor (CISA), ISACA, 222016933, Dec 2022

•Certified CompTIA Advanced Security Practitioner (CASP+), COMP001021920540, Sep 2021

•Certified Expert Independent Assessor (CEIA), Feb 2018

•Certified Expert Risk Management Framework (CERP), Mar 2018

•Certified ISO 27001Information Executive / Risk Manager / Internal / External Auditor 2021

•Certified SAFe Scaled Agile Practitioner 2024

•Certified Scrum Product Owner (SPOC) 2025

•Certified Scrum Master (CSM) 2025

•Certified DevOps Project Manager, International Scrum Institute, Mar 2020: 077*********

•Certified DevOps Generalist, International DEVOPS Certification Academy, Dec 2020: 995***********

•Certified Six Sigma Green Belt 2021

AREAS OF EXPERTISE

•Project management over IT and Software Development Life Cycle (SDLC), Auditing, and IT Product release cycles

•Waterfall and Agile software development

•NIST CSF, NIST 800-53, ISO 27001, ISO 9001, and ISO 20000-1 external audits, GDPR, PCI, HIPAA, HITRUST and SOC1-2 Audits, Risk and Compliance assessments, consulting/training, and vulnerability remediation

•Agile tools Jira, Confluence, Bitbucket and Zephyr

•Agile Coach, Product Owner, Scrum Master, Scrum/Kanban Expert and Accredited Business Analyst

•Risk Management Assessor, ITIL expert, Configuration Manager (ANSI/EIA 649 trained), Cyber Supply Chain Risk Management (C-SCRM) and Agile Test Management

•OMB A-123/NIST 800-53 audit readiness, remediation and security policy authoring

•Electronic Health Record Modernization

Contact this candidate