Cybersecurity Leadership & Technical Program Management
Resume:
ALI M. OLIVIERE
Associate CCISO AISSO CISM CEH SEC+ AWS AZURE PMP (In Progress)
404-***-**** ***********@*****.*** www.linkedin.com/in/Ali-Oliviere
EXECUTIVE SUMMARY
Dynamic and versatile Cybersecurity and Technical Project Management Leader with 20+ years of experience delivering enterprise-level security operations, vulnerability management, and GRC initiatives across federal, public, private, and startup environments. Proven ability to lead security programs, manage enterprise risk, and align cyber initiatives with organizational objectives while executing complex, multi-stakeholder projects. Skilled in Trend Micro, Rapid7, and GRC platforms (ServiceNow, Archer) with expertise in regulatory compliance (NIST 800-53, RMF, PCI-DSS), cloud security (Azure, AWS), and incident response. Known for bridging the gap between technical implementation and executive strategy, driving operational efficiency, governance maturity, and securing mission-critical environments through automation and continuous improvement.
CORE COMPETENCIES
Security Operations & Incident Response (SOC, SIEM, EDR, IDS/IPS)
Vulnerability Management (Rapid7 InsightVM, Nessus, Trend Micro Apex One, Deep Security, Cloud One)
Cloud & Network Security Architecture (Azure, AWS, Hybrid Environments)
Risk Assessment, Audit Readiness & Remediation Tracking
Vendor & Third-Party Risk Management
PCI-DSS, GDPR, HIPAA & Data Privacy Compliance
Business Continuity, Disaster Recovery & Strategic Planning
Technical Project Management (Agile, PMP Methodologies)
System Security Plan (SSP) Development & Maintenance
Access Control & Authentication (ACLs, IAM, MFA)
Data Security: Encryption, DLP, Data Masking & Content Filtering
Firewall Management, Network Segmentation & Monitoring
Process Automation & Continuous Improvement
Security Awareness, Compliance Training & Cross-Functional Leadership
Information Security Governance, Risk & Compliance (NIST 800-53, RMF, FISMA, FedRAMP, ISO 27001, CIS, TISAX)
PROFESSIONAL EXPERIENCE
Savannah River Nuclear Solutions (SRNS) Jul 2024 – Present
Senior Engineer Alternate Information Systems Security Officer (AISSO) Aiken, SC
Serve as a senior-level ISSO responsible for ensuring classified and unclassified systems meet Department of Energy (DOE) cybersecurity requirements.
Conduct risk assessments, vulnerability analysis, and continuous monitoring in alignment with NIST SP 800-53 and 800-82 controls.
Collaborate with Information System Owners (ISOs), Cybersecurity SMEs, and system administrators to implement system security plans (SSPs) and POA&Ms.
Support technical and procedural updates during the system reauthorization process and prepare detailed documentation for federal review.
Received positive feedback on 90-day performance evaluation for improving team collaboration, documentation standards, and audit readiness.
Developed and maintained System Security Plans (SSPs), POA&Ms, and Security Assessment Reports (SARs) for cloud-based and on-prem systems.
Supported annual FISMA reporting efforts and DOE audits, preparing documentation and evidence for system authorization packages.
Collaborated with engineering and operations teams to embed security into SDLC processes and reduce compliance drift.
Documented Continuous Monitoring (ConMon) strategies and implemented automation using cloud-native security tools and scripts.
Reviewed and approved Change Requests (CRs) and Configuration Management activities for impact on security posture and risk exposure.
A.M.E. Incorporated (Consulting Services) / Principal Consultant Feb 2022 – Present
Cloud Security SME / Cybersecurity Technical Project Manager Atlanta/Augusta, GA
Lead consulting engagements focused on cybersecurity strategy, infrastructure design, and regulatory compliance across SMBs and nonprofits.
Designed and implemented security controls aligned with NIST 800-53, ISO 27001, and PCI-DSS frameworks.
Conducted risk assessments, penetration testing coordination, and remediation planning to reduce client exposure by 30%+.
Acted as virtual CISO for clients, developing policies, business continuity plans, and governance frameworks.
Oversaw security operations for in-house systems and supported asset management, procurement, and vendor evaluation.
Led IT procurement and vendor risk management efforts aligned with operational goals and budgets.
Utilized ServiceNow GRC for policy management and risk remediation tracking.
Deployed and managed Rapid7 InsightVM vulnerability management lifecycle.
Led multiple concurrent cybersecurity initiatives, managing budgets, scope, and schedules across global teams.
Defined project charters, deliverables, and risk registers; tracked progress and mitigated schedule deviations.
Partnered with vendors and internal teams to integrate new vulnerability management tools and streamline compliance reporting.
MARTA (Metropolitan Atlanta Rapid Transit Authority) Aug 2021 – Feb 2022
Sr. GRC Security Analyst Atlanta, GA
Administered the enterprise risk and compliance program, including the development of the Authority-wide risk register.
Performed control assessments and third-party risk reviews, ensuring adherence to internal policy and federal requirements.
Facilitated collaboration between IT, legal, and procurement teams to remediate risks and enhance security posture.
Supported internal audits and regulatory reporting for FTA compliance and information assurance initiatives.
Managed enterprise-wide InfoSec risk programs including governance, compliance, and vendor risk management.
Arby’s Restaurant Group May 2015 – Jan 2017
Information Security Analyst Atlanta, GA
Developed policies for Acceptable Use, Mobile Device Management, and BYOD compliance across 3,000+ endpoints.
Evaluated and deployed vulnerability scanning tools (Nessus, Rapid7) and automated remediation workflows.
Monitored event logs and SIEM alerts to analyze trends and reduce false positives in PCI-sensitive environments.
Partnered with DevOps to integrate security controls into application development and release cycles.
Managed vulnerability programs including proof-of-concept evaluations of Nessus and Rapid7.
SAIC – DCMA Network Operations Security Center (NOSC) Aug 2012 – Oct 2014
IA/CND Response Analyst Smyrna, GA
Responded to cyber incidents, unauthorized access attempts, and insider threat activity across DOD systems.
Delivered impact analysis and forensic documentation in support of FISMA compliance.
Managed service-level agreements, contractor deliverables, and mission-critical network infrastructure assets.
Liaised with federal and military stakeholders to maintain operational readiness and security integrity.
Facilitated Red Team vs. Blue Team (Pen Test) exercises to identify and close security gaps.
EDUCATION & CERTIFICATIONS
Professional Education Certificate, Cyber Security – Georgia Institute of Technology, 2019
B.S., Technical Management – DeVry University, 2014
A.A.S., Information Systems Technology / Avionics Systems Technology – Community College of the Air Force, 2012
Certifications:
CISM Associate CCISO CEH v11 Security+ CE AWS Certified Architect – Associate Microsoft Azure Architect DOD 8570.01M IAT Level II
Contact this candidate