Technical Program Manager / Scrum Master
Resume:
lavurn nolen
New Orleans, LA *****
******@****************.***
Solution-oriented Senior Healthcare IT Security Executive, Enterprise Level Program Manager with more than 25 years of deep technical experience developing, implementing, securing, and supporting complex infrastructures for fast-growing programs in both the government and private sectors. He excels at developing, coordinating and implementing healthcare information systems life-cycle functions, policies, internal organizational operations, and associated program management. He is vastly experienced at formulating and executing multimillion-dollar budgets. He is a proven leader, coach and collaborator. Managed requirements to maintain industry standards such as Security Information and Event Management (SIEM), DDoS, CMMI, FISMA, FEDRAMP, GDPR, HIPAA, ISO 27001, NIST, and PCI-DSS. Authorized to work in the US for any employer
Work Experience
Project Manager
TISTA Science and Technology Corporation / Veterans Administration-11 SUGARBERRY PL November 2023 to Present
• Collaborates with sponsors and stakeholders to define project scope, requirements, and budget for prioritized small projects.
• Develops project plans that mitigate risk and decompose requirements into actionable tasks that are measurable from a schedule and budgetary perspective.
• Ensures project documents are current and complete, as well as appropriately managed and stored.
• Communicates relevant project information and status to sponsors, stakeholders, and project team members.
• Manages project scope, schedule and budget for assigned small projects, identifying any potential issues that require contingency plans to mitigate concerns and ensure project success.
• Applies the company’s project management and software development lifecycle methodology and maintains project standards.
• Verifies final project deliverable acceptance, closes financial accounts, releases project resources, completes and archives final project records and recognizes and celebrates outstanding project work.
• Develops and maintains Gantt charts, reports, charters, organization charts, project schedules, spreadsheets, presentations, stats and trends, and management reports.
• Maintains training resources, rooms, and ensures equipment is working properly.
• Maintains and administers SAP, databases, learning management systems, document management systems (DMS) and generates recurring reporting.
• Assisted in the EHR implementation process, including the build, testing, training, and go-live of the EHR system in conjunction with the vendor.
• Worked with staff and vendors to implement interfaces between the EHR system and external systems such as the lab information system, Pacs, pharmacy, etc.
• Assisted management in establishing reporting requirements and developing reports from the Nextgen database.
• Worked With with medical and mental health care providers to evaluate current processes and implement technology solutions to reduce costs and improve staff efficiency and patient care. Senior Healthcare Project Manager – Agile Coach-Remote (WFH) Cognitive Medical Systems / Veterans Administration-Converse, TX December 2022 to November 2023
• Was responsible for partnering with subcontractors by setting goals, reviewing tasks, providing direction, scheduling meetings and managing task completion.
• Managed initial presentation on the new EMR system after it was installed.
• Worked closely with medical office professionals, and helped them to understand their new system.
• Was Responsible for keeping active customer log of installs and ongoing maintenance projects.
• Led the creation of training materials for the new installs.
• Worked closely with ongoing customers when came to upgrade & system maintenance.
• Managed the development of system materials for the new installations.
• Assisted in preparing medical professionals for the new platforms.
• Responsible for taking incoming marketing calls & turning calls into active customer.
• Responsible for clear and concise status reports (e.g. biweekly, monthly) and meeting minutes to senior internal leadership and customer stakeholders
• Responsible for identification and management of issues and risks, with appropriate and timely escalation to internal and external stakeholders
• Responsible for project budgets, including direct labor and subcontractor labor
• Responsible for driving Agile scrum objectives and customer deliverables to completion Senior Cybersecurity Program Manager / Scrum Master Dell Technologies-Remote
April 2022 to December 2022
• Developed and implemented a program management plan to identify activities, events, and documentation keys for project execution.
• Developed and implemented the policies created by the president's Executive Order on Cyber Security.
• Planned, organized, directed, and controlled the project or program to ensure all contractual obligations are fulfilled, quality standards are met, and associated expectations of performance are achieved.
• Assisted The Business Units must review all EO Workflows and determine what courses of action must be taken to ensure the Company's compliance.
• Primary Scrum Master on the Company PEEP Program, consisting of Engineering Lab Security and Product Code Security.
• Performed audit and security compliance checks, including network penetration testing, vulnerability scans, and other configuration analysis.
• Conducted Computer Incident Response Team (CIRT) activities, including forensic analysis and review and assessment of security events and logs via sophisticated cyber security /event management tools.
• Implemented and support network defense, identification/authentication/access control, data protection mechanisms, and data transfer mechanisms.
• Developed threat models and security risk assessments and recommend mitigations and countermeasures to address risks, vulnerabilities, and threats.
• Reviewed and validated security documentation, including the system security requirements definition and System Security Plans
• Implement security designs in hardware, software, data, and procedures.
• Conducted multiple phishing exercises that led to an overall 40% improvement in employee awareness of potential cyber threats.
• Managed and resolved over 100 daily security alerts, reducing the potential risk of major security incidents.
Program Manager (cloud)/ Information Security Lead
(US Air Force) Datum Government Services-San Antonio, TX September 2019 to March 2022
• Coordinated with the CISO in the architectural design and operation of information system security controls and countermeasures.
• Researched threat landscape and conducted vulnerability analysis on emerging risks to provide recommendations regarding readiness and remediation activities.
• Developed security engineering elements to mitigate threats as they emerged.
• Implemented security policies and procedures to ensure compliance with industry standards such as HIPAA and PCI-DSS.
• Planned, implemented, monitored, and upgraded security measures for the protection of the organization's data, systems, and networks.
• Provided countermeasure support to quickly counter cyber threats to enterprise systems while assisting and advising in computer evidence seizure, computer forensics, and data recovery.
• Managed requirements and industry standards such as CMMI, FEDRAMP, GDPR, HIPAA, ISO 27001, NIST, and PCI-DSS.
• Directed Project Managers and Business Analysts to develop high-level project schedule resource plans for implementation projects.
• Conduct systems design, feasibility, and cost studies and recommend cost-effective cloud solutions.
• Developed expert knowledge of existing systems and facilitate the creation of mechanisms to track current and future state architectures.
• Developed, documented, communicated, and enforced environment/release management, configuration, and development best practices.
• Working experience in Azure and AWS IaaS, PaaS, storage, network, and database. Cyber Security Program Manager (Veteran Affairs)
M Powered Strategies Incorporated / Department of Veteran Affairs-Washington, DC February 2018 to September 2019
• Supported the Department of Veterans Affairs (VA) Electronic Health Record Modernization (EH RM).
• Managed a team of over 150 VA and Contract Civilians.
• Created and maintain fully automated CI/CD pipelines for code deployment using Octopus Deploy and PowerShell.
• Maintained current training on all versions and formats of EMR systems under the Cerner Corporation umbrella of Millennium applications.
• Conformed to all legal and privacy standards in the healthcare industry.
• Supported delivery for end-user training of newly implemented EMR systems at hospitals and satellite clinics.
• Conducted product education and utilization for providers, nurses, and staff while building solid rapport and relationships.
• Supported team led with management of large teams across multiple clinics and sites, trained oncoming team members on client workflows.
• Presented project details to hospital management, informatics teams and physicians, keeping informed on how implementation process will take place while team is on site, to ensure expectations are met and exceeded.
• Executed decision-making authorities and establishes vision and direction for the Agency's cyber and cyber-related resources and/or operations.
• Bolstered cybersecurity by ensuring the Agency is increasing the safety and security of services, and implementing the requirements on Improving the Nation's Cybersecurity, as well as the Federal Zero Trust Strategy.
• Led development, planning, coordination, administration, management, staffing and supervision of the information security and privacy operations related to SBA-wide IT security and privacy programs.
• Led the effort to maximize the integration between FISMA reporting and certification and accreditation to ensure increased continuous monitoring and remediation of IT systems' threats and vulnerabilities.
• Assured information systems and associated facility provides a level of security that is commensurate with the risk and magnitude of the harm that could result from the loss, misuse, disclosure, or modification of the information contained in the system.
• Facilitate information security risk assessment and risk management processes.
• Worked with the Security division to design and manage IAM roles for users, vendors, and other third- party vendors.
Information Security Manager / Project Manager
Guadalupe Valley Telephone Cooperative-San Antonio, TX October 2016 to February 2018
• Directed and guided major IT projects to identify and deploy new technologies using waterfall / agile mythology.
• Defined technical requirements and document plans for project lifecycle deployments, including the scheduling of project deliverables, budgets, and timelines.
• Developed new policy or recommends changes to existing Policies, standards and procedures.
• Served as the Information System Security Manager (ISSM) for Mission Training Complex, supporting Cyber security Program Management and oversight for the organization.
• Conducted Cyber security meetings to ensure security requirements are met.
• Composed informational memorandums, and a wide-range of administrative/technical correspondence prepared for supervisor’s signature and distribution.
• Served as a liaison between the Security Operations Center and the impacted business function and technical teams during an incident.
• Coordinated and directed efforts among Security Operations team members throughout the incident response lifecycle.
• Provided timely and relevant updates to appropriate executive stakeholders and sponsor leadership.
• Conducts after-action reporting and provides relevant insights to guide improvements and adjustments to cybersecurity response processes.
Clinical Program Manager / Security Lead
WellMed Medical Management Group-San Antonio, TX
July 2015 to October 2016
• Collaborated with program/project initiative developers, training teams, business owners, clinical staff, providers, and other stakeholders to ensure inputs, processes and outputs are captured and maintained for effective implementation
• Coordinated EMR implementation for small to medium sized medical offices.
• Provided onsite and remote installation, training and support for the Quest Diagnostics EMR platform.
• Volunteered for multi-state project implementing and training over 200 EMR clients.
• Assisted with a cross-team collaboration effort to create a new Project Coordinator team and re- organization of the existing EMR team.
• Employed by various small medical practices to assist and consult with physicians and practice administrators regarding the best fit EMR solution for their practices.
• Implemented of EMR systems within practice settings and also providing assistance and training of IT, medical staff and off site billing personnel.
• Provided measurable, actionable solutions to providers that will result in improved accuracy for documentation and coding practices.
• Defined / Manages Project Scope: able to lead the change management processes to drive effective project.
• Executed (e.g., launch, deployment, revisions, change control) and raise awareness when misalignment or misunderstanding of scope with stakeholders.
• Managed, mentored and directed a team of security professionals, including hiring, training, mentoring, and evaluating performance.
• Provided expertise and guidance during incidents. Working closely with partner teams to contain, examine, and remediate security breaches or threats. Contribute to post-incident reviews and develop recommendations for improving software security mechanisms.
• Delivered routine updates in Security group meetings, sharing relevant information, progress reports, and insights. Deliver tech talks to other groups within Indeed, promoting security awareness and knowledge sharing.
• Established and maintain technical and financial reports to show progress of programs and projects to management and customers
• Performed internal DRT Task Order management including status reporting, time and expense approval, and financial tracking
• Interpreted policies, procedures, and goals and objectives of the organization, and ensure alignment with Functional area tasks
• Used tools such as JIRA, Confluence, Excel, and SharePoint to improve reporting efficiency. Chief Resource Officer / Program Manager (US ARMY) US Army Medical Information Technology Center
TX-Fort Sam Houston, TX
September 2013 to May 2015
• Served as a senior Resource Manager for a large-scale/complex Health Care IT Unit with an overall budget of $188 million, within the US Army Medical Information Technology Center (CALAMITOUS).
• Managed a full range of Resource Management activities from concept and exploration, and continues through development, production, and completion of initial fielding of the system/equipment items, as well as lifecycle management and support.
• Exercised centralized accountability and oversight of all Unit resources.
• Managed project resource requirements, established the proposed project schedule, tracked work effort, and facilitated Integrated Product Team meetings.
• Ran department meetings with staff leads and managers to ensure continuity of information systems support and goal attainment.
• Worked with the Project Managers and Business Analysts to develop high-level project schedule resource plans for implementation projects.
• Developed, documented, communicated, and enforced environment/release management, configuration, and development best practices.
• Provided input to the manager on team member performance relating to technology but does not prepare or deliver reviews.
• Documented the Unit's existing solution architecture and technology portfolio; make recommendations for improvements and/or alternatives.
Chief Technical Officer (CTO) / Information Security Officer (US ARMY) TX-Houston, TX
January 2012 to September 2013
• Provided overall organizational leadership and strategic direction in close collaboration with other colleagues on the Executive Leadership Team.
• Thoughtfully coordinated our technical roadmap with our product roadmap, ensuring alignment with our overall strategic plan and theory of change.
• Integrated our technical processes with our partnership and support processes to ensure we put our partners first and learned everything we could from their experiences to better inform our solutions.
• Grew and led a world-class technology team, providing empathetic leadership and strong team management, guidance, and direction to your team leaders.
• Assessed new and emerging external technologies for opportunities to partner or integrate as new ideas rise through our teams.
• Coordinated with Operations and other teams to ensure we develop sound Licensing, Data, and Privacy policies and practices.
• Led and participated in IPTs to develop approaches to correct existing or anticipated project discrepancies and problems; the experienced manager has proven problem-solving excellence.
• Developed IT network infrastructure and acquisition strategies from initiation through the development, production, testing, and fielding of 28 IT projects and services worth over $10 million.
• Collaborated with colleagues on the integration of new internal security controls and created a new, more efficient information security plan.
• I worked closely with IT managers and provided beneficial advice to them on any cybersecurity-related issues.
• Simplified the whole account creation process, maintained and protected sensitive data, and performed security audits.
• Analyzed all internal security incidents, assisted in network management, and completed risk analysis and risk assessments.
Chief Information Security Officer (CISO) / Program Manager (US ARMY) Carl R. Darnell Army Medical Center-Fort Cavazos, TX October 2009 to January 2012
• Sr advisor to the Command on all Information security Health Care IT-related issues and projects.
• Directed security operations for complex and advanced Information Technology environments.
• Prepared, implemented, directed on IA policies, procedures, directives, programs, and projects by interfacing with peers, senior leaders, MAJCOM and other external agency representatives, and government contractors.
• Managed / Executed approved software program that identifies and summarizes network and computer- based vulnerabilities.
• Participated in IT configuration management and engineering review board meetings, serving as advisor regarding IT security policies and procedures. Determines requirements, develops policies & procedures for implementing technologies.
• Managed telecommunications, network security, WAN, LAN and multimedia platforms
• Managed the information security technology budget effectively by reviewing any key IT and telecom commercial opportunities to drive out costs or improve performance that existed regionally
• Managed and implemented the disaster recovery plan and successive tap log maintenance using backup exec software and Symantec Endpoint Protection
• Evaluated software coding for security vulnerabilities and provided input to remedy potential problems
• Managed service management through ITIL Service Lifecycle and Service Capability
• Managed Wire Integrity Program lead; changed phase inspection; and engineering-capable rates rose 15%
• Managed organizational risk to acceptable levels based on risk and regulatory requirements gained. S6 / Chief Information Officer (CIO) / Information Security Officer ( US ARMY) Health Care-Fort Johnson, LA
June 2006 to October 2009
• Senior advisor to the Command on all Health Care IT-related issues and Projects.
• Built the team and technical environments to develop a web-based medical training system for the US Army.
• Managed the daily operations of the Core Technology Division through analysis and evaluations of operating reports, established metrics, accounting statements, procurement, and budgetary requirements.
• Identified, analyzed, and resolved the most complex issues elevated from IT project teams.
• Governed readiness and compliance posture for 6 units comprised of 2,300 personnel.
• Drastically improved Readiness reporting and overall battle readiness by 20% were lauded by the commander.
• Maintained an enterprise-level information technology system of access control, intrusion detection, and the associated physical, electronic, and technical security elements.
• Performed, or reviewed, technical security assessments of computing environments to identify points of vulnerability and non-compliance with established Information Assurance (IA) standards and regulations and recommend mitigation strategies
• Validated and verified system security requirements definitions and analysis, establishes system security designs.
• Designed, develops, implements, and/or integrates IA and security systems and system components, including those for networking, computing, and enclave environments, to include those with multiple enclaves and with differing data protection and classification environments.
• Performed system scans and conveyed mitigation strategies to engineering staff.
• Participated as a security engineering representative on engineering teams for the design, development, implementation, and/or integration of secure networking, computing, and enclave environments.
• Applied knowledge of IA policy, procedures, and workforce structure to design, develop, and implement secure networking, computing, and enclave environments.
• Supported security planning, assessment, risk analysis, and risk management.
• Recommend system-level solutions to resolve security requirements.
• Interacted with customers, IT staff, and corporate officers to define and achieve required IA objectives. IT Project Manager / Information Security Specialist US SUPPORT COMPANY-Shreveport, LA
January 2001 to October 2006
• Directed and guided major IT projects to identify and deploy new technologies for competitive advantages.
• Led IT to project teams in creating architecture documentation, including technical reviews and related infrastructure documents, architecture planning estimates, performance test plans, and IT architecture deliverables.
• JCI/ASG IT initiatives, standard technologies, policies, security, SLA's, service management, service capability, and Business Operating Systems (BOS)
• Analyzed and revised policies, directives, procedures, and techniques required to sustain peak performance of personnel and equipment for C-CS and information technology systems
• Advised and collaborated with IT and business leaders to develop and implement layered security controls for protecting the privacy, confidentiality, integrity, and availability of customer information, corporate data, and networks
• Developed meaningful enterprise security metrics, leveraging enterprise knowledge to demonstrate effective risk management and build security capability and maturity.
• Facilitated cross-training within the PC group of information technology to help enhance the understanding of PC issues/ problem resolution, cabling projects, etc.
• Took a lead role in the drive for technology standardization.
• Provided command and control to 1,100 personnel in 35 facilities; lauded by leadership.
• Introduced risk assessment frameworks and risk analysis processes for all products and services, including IT, Operations, Finance, Lending, and Third-Party vendors.
• Reviewed reports and provided management response on issues up to and including recommendations for systems of controls.
• Developed and executed enterprise-wide IT security strategy and drove implementation of security into business operations.
• Included risk analysis & risk assessments, vulnerability assessments, disaster recovery & business continuity development, and penetration testing.
• Provided IA inspection for STIGs compliance to evaluate the existence and effectiveness of NIST 800-53 security controls Supervised, mentored.
• Resolved compliance with new Federal critical information protection regulations, and established controls protecting customers' private information. Information Security Specialist (US Air Force)
United States Air Force (AF)-San Antonio, TX
May 1998 to January 2001
• Established and maintained an information security program in alignment with the information security strategy.
• Managed all PC, LAN, and WAN workstations and servers, networks, and related infrastructure, including hardware, operating system software, and business Windows applications software.
• Maintained information security governance framework (aligned with division/IT policy) to ensure individual site compliance, working with local management on.
• Reduced system downtime by 45% by resolving workstation and server issues.
• Coordinated hardware and software system installation, ensuring that each department had the necessary tools and resources.
• Increased user satisfaction by 20% through excellent technical support and problem resolution.
• Conducted studies of customer support performance to determine areas of deficiency, identify commonality of problems with equipment and or software.
• Identified existing or potential problem areas recommending necessary corrective action and preventive measures.
• Provided technical assistance to Region personnel to ensure future acquisitions are following the ACIC IM/IT plan.
• Provided a multitude of cybersecurity functions to include but not limited to design hardware, operating systems, and software applications to adequately address cybersecurity requirements.
Education
Doctor of Business Administration in Information Systems California InterContinental University
November 2023 to Present
Bachelor's in Applied Sciences
Excelsior College
US Army’s IT Officers Course
US Army’s Advanced Signal Officers Course
US Army’s Advanced Security Course
US Army’s Command and Staff Generals College
Skills
• IT governance
• User Acceptance Testing
• Azure
• Wireshark
• SAFe for Government
• Metasploit Framework
• Waterfall
• Quality Assurance
• Agile
• NIST standards
• HIPAA
• Linux
• Solarwinds
• Distributed denial of service (DDoS)
• Cloud Security Methodology
• Penetration testing
• GRC
• Terraform Cloud
• Cloud architecture
• Network Security
• Confluence
• Mitigation
• Process improvement
• DevSecOps Toolchain: Jira, Confluence, Azure DevOps suite
• Information security
• SDLC
• Symantec Endpoint Protection
• Splunk
• Business Analysis
• EHR's / EMR's Epic
• Enterprise architecture
• CI/CD
• ServiceNow
• Security information and event management
• ERP systems
• ISO 27001
• VMWare
• Threat intelligence
• Network administration
• CMMS
• Disaster Recovery
• Change management
• APIs
• Incident response
• User Interface (UI)
• Cybersecurity
Certifications and Licenses
CompTIA Security+
Certified Scrum Master
PMI-ACP
IAT
Contact this candidate