Senior Executive Cybersecurity

SAMSON E. RIDDLE

PEYTON, CO ***** 719-***-**** ******.*.******@*****.***

SENIOR CYBERSECURITY ARCHITECT

Personnel Leadership Cybersecurity/Enterprise Architecture GRC/Policy Development Experienced and versatile multi-disciplinary cyber professional with strong backgrounds in leadership at various organizational levels and extensive prowess at translating complex technical issues into digestible common terminology. Over 20 years of experience leading teams, teams of teams, and succinctly presenting evidence, artifacts, and deliverables to Executive and Senior Executive level personnel. Recognized as a professional that communicated clearly and concisely, whether it be through oral presentations or written correspondence. Continually thrives in deadline-driven environments and high-pressure situations. Life-long learner that just as ready to learn new disciplines and teach others the disciplines that have been experienced. CORE COMPETENCIES

Leadership at all levels (~20 years)

Authorization and Accreditation (A&A)

Governance, Risk, and Compliance (GRC)

Anything/Everything-as-a-Service (XaaS)

Incident Response

Liaison/Customer Relationship Management

Metrics Development and Analysis

SIEM tools (HBSS, Splunk)

Cybersecurity Frameworks (NIST CIS, RMF)

Networking protocols (TCP/IP)

Cloud Security/AWS

Vulnerability Management

Policies, Plans, and Procedures Development

Cybersecurity Architecture/Zero-Trust (ZTA)

System Administration (Windows/Linux)

Agile development/DevSecOps

PROFESSIONAL EXPERIENCE

PANTEX DETERRENCE LLC 04/2025 – Present

SENIOR SECURITY ARCHITECT/POLICY SME

Duties/Accomplishments:

Spearheads the Endpoint Detection and Response (EDR) projects for the deployment of the solutions for the classified and unclassified networks, totaling over 5,000 assets within the Pantex Plant Site.

Leads the rebranding and reconstitution effort of all Pantex Cyber Enterprise policies, directives, and work forms. Project has been streamlined to reduce timeline by 25% while maintaining 100% completion with Subject Matter Expert (SME) review.

Chairs the Azure DevOps Site Separation meeting to accurately track and report all metrics for the tasks necessary to separate all cyber applications from other DOE sites; currently tracking 18 separate line-of-effort (LOE) items representing over 1200 hours of work

Co-authoring the Vendor Security Requirements Policy to ensure Pantex vendors protect and handle Controlled Unclassified Information (CUI) data IAW NIST 800-171

Leading the effort for the complete redesign of the Pantex Plant Site classified network architecture; collaborating with numerous stakeholder groups achieve “single pane of glass” for operators and engineers

Collaborating with Senior Solutions Architect for the implementation of Zero Trust Architecture and currently leveraging in-house technologies and minimizing overhead costs to achieve proper ZTA

PLANNED SYSTEMS INTERNATIONAL 04/2023 – 04/2025

SENIOR SECURITY ARCHITECT

Duties/Accomplishments:

Provided Subject Matter Expert (SME) guidance during the customer site separation between the Texas-based networks and the Tennessee-based networks to ensure that proper defense- in-depth solutions are implemented, tuned, and optimally operating per customer guidelines.

Collaborated with the Enterprise System Architect to ensure a functional and secure implementation of enterprise-level tools, security protocols, and processes.

Acted as a liaison between the Cyber Operations, NOC/SOC, and IT Operations teams to ensure a cohesive approach to the defense and operations within the Pantex enterprise; aids in knowledge transfer between the associated stakeholders to ensure that information and intent are clearly communicated and that stakeholders maintain the same strategic view for the enterprise networks.

Hand-selected by Chief Information Security Officer (CISO) as the Senior Cybersecurity Architect and Lead for the Enterprise Architecture Team; leads multiple projects including policy creation and modernization, classified network tools implementations, and vendor management for unclassified network detection and response solutions. RAYTHEON INTELLIGENCE & SPACE 02/2020 – 04/2023

SENIOR PRINCIPAL CYBERSECURITY ENGINEER

Duties/Accomplishments:

Developed cybersecurity test cases and scenarios as part of the Integration and Test (I&T) team supporting General Dynamics in a new ground station deployment with the United States Space Force and United States Air Force

Critical team member in discussing and discerning technical requirements traceability between the various teams on the General Dynamics and Raytheon business groups; Provided Cybersecurity SME input to high-visibility conversation to help steer relationships between the organizations

Developed policies, plans, and procedures for securing AWS GovCloud; articulated the criticality of policy adoption and its impact to the government customer’s short and long- term strategic cloud deployment planning

Served as chairman for Cyber Working Groups (CWG), Cyber Tabletops (CTT), and FORGE-RTX tag-ups ensuring that there are appropriate strategic, long-term subject matter discussions as well as near-term or ad hoc issues that arise and require expedient resolution.

Coordinated efforts across multiple Independent Product Teams (IPTs) and leadership teams to ensure the timely and accurate delivery of Cyber Contract Delivery Requirements List

(CDRLs) items.

SCIENCE APPLICATIONS INTERNATIONAL CORPORATION (SAIC) 11/2019 – 02/2020 SENIOR PRINCIPAL CYBERSECURITY ANALYST

Duties/Accomplishments:

Maintained critical classified operations system and its unclassified counterpart by leveraging the Assured Compliance Assessment Solution (ACAS) Security Center and the associated Nessus scanner, Security Content Automation Protocol (SCAP) Compliance Checker, and the Defense Information Systems Agency (DISA) Security Technical Information Guidelines (STIG) Viewer

Documented processes and procedures for monitoring changes to the system architecture and configuration; lead the effort to steer local policies and procedures to create efficiencies at the operational levels

Lead multiple weekly cybersecurity and program IPT and CVA meetings with actionable feedback given directly to the government leadership personnel

Recommended changes to operational battle rhythm within the cybersecurity/information assurance team to better support the implementation of 24x7 operational support and provide pathways for program scalability.

SITEC CONSULTING, LLC 02/2019 – 11/2019

INFORMATION SYSTEM SECURITY ENGINEER

Duties/Accomplishments:

Selected as the subject matter expert (SME) for Kubernetes (K8S)/Docker container security as the agency and division transition from traditional architecture to containerized application architecture.

Performed and reviewed technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations and recommend mitigation strategies.

Validated and verified system security requirements definitions, analyzed and established system security designs.

Applied leading-edge principles, theories, and concepts to the development, maintenance, and implementation of information security standards, procedures, and guidelines.

Provided high level technical leadership focused on complex information security architecture.

ENSCO, INC. 11/2017-02/2019

INFORMATION SYSTEM SECURITY MANAGER

Duties/Accomplishments:

Led the Cybersecurity and Information Security group for the Program and the Colorado Springs office, which grew from 3 personnel to nearly 30 in only one year.

Authored over 20 different policies, processes, and procedures that were adopted at the company level; Owned all policies, processes, and procedures from cradle-to-grave.

Provided sound guidance and direction as the program’s lead technical advisor regarding information assurance and security as well as the regulatory guidelines associated with NIST, CNSSI, and DOD publications.

Directly supervised and enforced all administrative and technical controls for all accredited systems within the ENSCO Colorado Springs facility; coordinated with the Facility Security Officer to ensure that all physical security implementations meet the physical controls standards established by the governing CSA

COACT 07/2017-11/2017

INFORMATION SYSTEM SECURITY ENGINEER

Duties/Accomplishments:

Served as the Information System Security Engineer (ISSE) and Information Assurance (IA) subject matter expert (SME) for two separate RDT&E ISOL environments, each supporting 150+ users.

Led a team of engineers that provided information and guidance for the deployment of security information and event management (SIEM) solutions such as the Assured Compliance Assessment Solution (ACAS), ArcSight, and McAfee’s host-based security system (HBSS).

Managed the change management (CM) process for all documentation associated with the system packages to ensure that only the most accurate and current versions are submitted for accreditation packages.

Tracked changes, patches, and updates to all systems to ensure that the Plan of Action and Milestones

(POA&M) remained updated for all associated systems. BOOZ ALLEN HAMILTON 07/2014-07/2017

SENIOR INFORMATION ASSURANCE ENGINEER

Duties/Accomplishments:

Worked directly with Department of the Navy (DON) civilian project engineers (PE) and project managers (PM) to successfully transition nine individual Department of Defense (DOD) Information Assurance Certification & Accreditation Process (DIACAP) packages to the new Risk Management Framework

Led multiple teams, totaling over 50 personnel, through artifact development, including Incident Response Plans, Vulnerability Management and Mitigation, and various policies and plans for securing systems and enterprise networks.

Cybersecurity stakeholder for the program steering committee regarding policy enforcement and procedure development.

Utilized eMASS daily to ensure that the Program Management Office (PMO), customer, and other external stakeholders had the most accurate documentation and artifacts available.

Produced documentation artifacts for RMF accreditation packages to include but not limited to: System Plan (SSP), System Assessment Plan (SAP), Information Security Continuous Monitoring (ISCM) plan, System Categorization forms, Plan of Action and Milestones (POA&M), and Assured Compliance Assessment Solution (ACAS) results and reports. DECISIVE ANALYTICS CORPORATION

COMPUTER EMERGENCY RESPONSE TEAM (CERT) ANALYST 06/2013-07/2014 Duties/Accomplishments:

Coordinated efforts with the government lead which resulted in the implementation of the initial Missile Defense Agency (MDA) Insider Threat Program; offered SME advisement regarding the policy and recommending tools for enforcement of the policy.

Recommended changes to monitoring tools and areas of focus to respond to changing cyber threat environment which resulted in the MDA Chief Information Officer (CIO) approving the purchase of two new application suites for the FY16 MDA budget

Maintained documentation and artifacts that were critical during DISA CNDSP reaccreditation inspection and resulted in the MDA CERT receiving the second-highest rating possible.

Performed Computer Network Defense (CND) Protection scanning analysis of network vulnerability scan (VS) results; determine impacts to network ops; provide recommended mitigation activities to Local Control Centers (LCC), review corrective/mitigation actions

Created reports, templates and procedures that were directly implemented into the MDA Insider Threat Program using a variety of digital forensics tools such as McAfee electronic Policy Orchestrator (ePO suite, Blue Coat, and ArcSight)

DUETIX DESIGNS, LLC.

INFORMATION ASSURANCE SPECIALIST 03/2013-06/2013

Duties/Accomplishments:

Created a virtualized environment using VMWare and vSphere that mirrored the operational baseline which consisted of several Server 2008 R2 servers and multiple Windows 7 clients

Performed compliance checks utilizing the DISA SCC and the most current STIGs; documented all proposed changes that were outside of the approved ATO baseline for review by the CCB

Completed Information Assurance technical documentation of assigned projects in compliance with DoD Risk Management Framework (RMF)/ DoD Information Assurance Certification and Accreditation Process (DIACAP) processes

UNITED STATES ARMY

IT MANAGER/INFORMATION ASSURANCE AND SECURITY OFFICER 07/2003-03/2013 Duties/Accomplishments:

Implemented change and configuration management procedures through rigorous documentation and recordkeeping regulation; commended by agency level personnel on the accuracy and stringency of the records that were maintained over a three-year period.

Exercised subject matter expertise in various IT disciplines throughout military career supporting an average of 24 companies of personnel, ~3,000 people.

Led teams ranging in size from five personnel to over 80 personnel that supported operations from the direct operator level to the strategic executive level.

Developed and deployed local LAN and Oracle database that managed over $127M in Joint Task Force munitions and assets with 100% accountability

Peer-selected for the John D. Woodyard Leadership award while attending Basic Non-Commissioned Officer course (BNOC)

EDUCATION

Master Of Science (MSCS) with Honors: Cybersecurity Studies American Military University, Charles Town, WV (2018) Master Of Science (MSCS) with Honors: Information Assurance and Security American Military University, Charles Town, WV (2015) Bachelor Of Science (BSCS): Information Technology American Military University, Charles Town, WV (2014) CERTIFICATIONS

All certifications listed below are current as of the date of this resume Certified Information Security Auditor (12/2025) - projected Certified Information Security Manager (08/2025) - projected Certified CMMC Professional (07/2025) -projected

Six Sigma Global Institute – Scrum Master (03/2024) Six Sigma Global Institute – Program Management Certification (10/2023) Six Sigma Global Institute – Yellow Belt (09/2023) AWS Partner Accreditation (Technical) Certificate (03/2022) AWS Certified Cloud Practitioner (AWS CCP) (03/2022) Certified Cloud Security Professional (CCSP) (05/2021) Certified Information System Security Professional (CISSP) (03/2017) Splunk Power User (06/2015)

Microsoft Certified Solutions Associate (MCSA): Windows Server 2012/2016 (10/2013) Microsoft Certified IT Professional (MCITP): Windows 7/10 (05/2013) Microsoft Certified Solutions Associate (MCSA): Windows 7/10 (05/2013) Microsoft Certified Technology Specialist (MCTS): Windows 7/10 Configuration (05/2013) Information Technology Infrastructure Library (ITIL) Foundations (05/2012) CompTIA A+ CE (05/2012)

CompTIA Security+ CE (02/2012)

CompTIA Network+ CE (01/2012)

Contact this candidate