Information Security Risk Specialist, Team Lead
Resume:
DALLAS DONOVAN
SECURITY CLEARANCE: PUBLIC TRUST
Rathdrum, Idaho (Spokane-Coeur d’Alene Area)
www.linkedin.com/in/dallasdonovan
*************@*****.***
PROFESSIONAL SUMMARY
Strategic Information Security and Risk Analysis leader with extensive experience orchestrating cybersecurity policy, system interconnections, and risk mitigation strategies. Expert in coordinating complex project management initiatives from planning to support, leveraging diverse technical backgrounds to achieve business objectives and drive program growth. Demonstrated expertise in leveraging and enforcing MOU/ISA frameworks aligned with NIST standards and FedRAMP guidelines. Adept at steering cross-functional teams, optimizing processes through automation, and delivering robust IT solutions in high-availability environments.
CORE COMPETENCIES & TECHNICAL SKILLS
• Cybersecurity Leadership & Compliance Management: FISMA, NIST CSF/RMF (800-47/53/37), FedRAMP, FIPS 199, Risk Analysis, SAP GRC, Operational Technology (OT), Policy Development, MOU/ISA compliance documentation, security audits, System Assessment & Authorization (A&A), vendor assessments, IAM, Risk Management Framework (RMF), ATO, Identity Governance, Information Security (INFOSEC), Lawful Government Purpose (LGP), Control Mapping, CA-3 control enforcement, HIPAA, PII, PHI, CUI, Sensitve, Information Governance & Lifecycle Management (IGLM) standards, ISO 27001, PCI DSS, eMASS, Information Assurance (IA)
• Project & Process Optimization: RFC, Agile (Scrum), SDLC, TEAMS, SharePoint workflow optimization, IT Risk Analysis, Process Automation, Documentation, DevOps, Change Control, Stakeholder Engagement & Operational Oversight, Federal systems integration, presentations, client briefings, vendor & partner collaboration
• SIEM & Incident Response: Splunk, SOC 2 Compliance, Vulnerability & Risk Assessment
• Virtualization & Cloud: VMware vCenter/vSphere, Nutanix, Cloud (VA Enterprise Cloud, Azure/AWS)
• Microsoft Technologies: Windows Server, Active Directory (AD), Exchange, SCCM, SharePoint, TEAMS, MS Office Suite (Excel, Word, PowerPoint), PowerShell
• Tools & Applications: Autotask, ServiceNow, NAble, Jira, Microsoft SharePoint Workflows PROFESSIONAL EXPERIENCE
MKS2 TECHNOLOGIES, INC Jan 2020 – Apr 2025
Information Security Risk Analyst, Team Lead
Department of Veterans Affairs TSS Contract, Enterprise Cybersecurity Support Division, Office of Information Security Risk Management & Operations
• Led cybersecurity support for VA ITOPS TSS 1.0 & 2.0 contracts, ensuring compliance with NIST, FISMA, and VA Handbook policies and strengthened VA's security posture by drafting, reviewing, and approving MOU/ISA agreements for external connections, aligning documentation with FedRAMP and FIPS 199 Security Categorization standards.
• Implemented standardized MOU/ISA templates aligned with NIST 800-53r5, FIPS 199 standards and VA Handbook policies, adopted across 100+ projects, enhancing compliance, traceability and operational efficiency.
• Coordinated the end-to-end MOU/ISA procedures to enhance documentation quality, security compliance and audit readiness for annual OIG inspections and provide SME guidance for documenting secure external system interconnections, complying with NIST 800-47r1 controls, OIG policies and VA guidelines.
• Led training sessions and strategic reporting, fostering professional development and ensuring compliance for cybersecurity staff
• Optimized OIG inspection preparations and security assessment reviews as a Subject Matter Expert (SME) on NIST controls, enhancing readiness and compliance
• Spearheaded process automation initiative rollouts using Microsoft SharePoint workflows, enhancing risk mitigation, operational efficiency, and security governance.
• Leading Analyst team for end-to-end project management and coordination, establishing and coordinating over hundreds MOU/ISA agreements, ensuring secure external system interconnections and compliance with CA-3 control standards, managing project deliverables, team coordination, and stakeholder communication
• Facilitated daily Scrum stand-ups, requirements elicitation gathering, stakeholder briefings and technical walkthroughs to communicate risk findings, mitigation strategies, and Authority to Operate (ATO) status updates to leadership and external assessors.
• Validated cloud connections (VA GovCloud, Azure/AWS) per FedRAMP & FIPS199 standards, enhancing security posture MKS2 TECHNOLOGIES, INC Apr 2019 – Jan 2020
Cybersecurity Operations Analyst
Department of Veterans Affairs CRISP Contract, Enterprise Cybersecurity Support Division, Office of Information Security Risk Management & Operations
• Analyzed IT specifications and assessed security risks, ensuring adherence to the NIST Cybersecurity framework and risk management (RMF) methodologies.
• Managed SIEM (Splunk) platforms for proactive cybersecurity incident detection and remediation, bolstering threat response capabilities, detection rates, and incident response times
• Drafted and updated security policies, technical documentation, privacy breaches, malware threats and risk assessments to support robust IT security practices and strengthen compliance with FISMA guidelines.
• Drafted incident response policies and oversaw vulnerability assessments, contributing to improved organizational preparedness and risk mitigation processes
• Engaged in SOC analysis, risk mitigation, and policy enforcement, significantly enhancing the security infrastructure and reducing potential vulnerabilities
ARROW ELECTRONICS, INC Jan 2016 – Jun 2017
Solutions Architect
• Drove delivery of IT solutions according to enterprise and business objectives of the organization by leading other teams in developing solutions.
• Facilitated achievement of core goals through creation of technical road maps detailing the path between current and future states.
• Collaborated with senior personnel on external service provider sourcing, analysis, and selection based on cost drivers and strategic capabilities.
• Researched and chose technology solutions meeting core business goals.
• Designed cost-effective, profit-supporting architecture frameworks and organizational strategies.
• Cultivated partnerships and identified opportunities to increase group support, utilizing Agile methodologies to enhance collaboration and efficiency.
• Defined system, network, and application-level IT solutions ensuring alignment with customer requirements and security standards
• Provided technical leadership for new proposals and existing projects, analysis, architecture, design, validation, implementation, problem identification, and resolution for customer’s needs.
• Demonstrated extensive experience in providing solutions across technologies including Microsoft, VMware, Nutanix, and Cloud services, successfully supporting datacenter and storage management projects ARROW ELECTRONICS, INC May 2011 – Jan 2016
IT Systems Engineer, Team Lead
• Defined and managed IT infrastructure standards by implementing ISO 27001 protocols, automated systems, and optimized project execution methods, enhancing workflow efficiency across tasks.
• Engaged in delivery of technical solutions for customer deployment issues in the field.
• Performed detailed analysis of customer computing environments, evaluating supportability of environment and quantifying effort needed for customized non-standard applications along with potential business continuity risk.
• Planned project management activities and initiatives, overseeing personnel resourcing and meeting deadlines.
• Designed and implemented network, system, and storage infrastructure solutions. ARROW ELECTRONICS, INC Jul 2000 – May 2011
IT Service Operations Analyst
• Handled implementation and definition of change management strategy.
• Provided change control (RFC), configuration management, and Incident ticket tracking.
• Coordinated with project teams, supporting integration of projects with change management initiatives.
• Facilitated smooth transitions by applying understanding of change control management processes
• Support global sites and North American employees
• Assist in the resolution of diverse user and support issues among company sites to ensure timely distribution of knowledge and positive impact on employee satisfaction
• Acquire and maintain current knowledge of relevant support policies in order to provide technically accurate solutions to employees
CERTIFICATIONS & TRAINING
• ISC2 Certified in Cybersecurity (CC) – (2025 - Present)
• VMware Certified Professional (VCP) 6.5, Data Center Virtualization, (2019 – Present)
• VMware Site Recovery Manager: Install, Configure, Manage 5.5, (2013 – Present)
• Microsoft Certified IT Professional (MCITP), Server Administrator on Windows Server 2008, (2011 – Present)
• Microsoft Certified Technology Specialist (MCTS), Windows Server 2008 Network Infrastructure, Configuration, (2011
– Present)
• Microsoft Certified Technology Specialist (MCTS), Windows Server 2008 Active Directory, Configuration, (2011 – Present)
• Nutanix Consulting Specialist (NCS), (2017 – Present)
• Trend Micro Certified Professional for Deep Security, (2016 – Present) EDUCATION
Bachelor of Science (B.S.), Texas A&M University, Corpus Christi, TX
Contact this candidate