Profiles search
David Lucas, CISSP
Vice President - Information Security Officer, Federal Services at PNC
Cleveland, OH, United States
Details
Experience:
Oversees information security and risk management activities for all federal contracts across PNC.
Interfaces with government Information Systems Security Officers (ISSO) to ensure that all FISMA/NIST/agency specific security requirements are being met.
Acts as a liaison between security/IT and the business.
2016 : Present
PNC
Vice President - Information Security Officer, Federal Services
Member of the U.S. Department of Veterans Affairs Continuous Readiness in Information Security Program (CRISP).
Developed and reviewed security documentation to facilitate successful execution of VA security initiatives.
Audited various organizations within the VA to ensure compliance with FISMA and other federal laws.
2015 : 2016
U.S. Department of Veterans Affairs (Contract)
Senior Information Security Analyst
Built, maintained, and audited security programs across multiple organizations using the following frameworks, standards, and regulations :
-Payment Card Industry (PCI) Data Security Standard (DSS)
-Federal Information Security Management Act (FISMA)
-National Institute of Standards and Technology (NIST)
-Department of Defense Information Assurance Certification and Accreditation Process (DIACAP)
-Minimum Acceptable Risk Standards for Exchanges (MARS-E)
-Criminal Justice Information Services (CJIS)
Performed Risk Assessments for organizations taking into account threats, vulnerabilities, and implemented controls to determine overall risk.
2013 : 2014
SecureState
Audit and Compliance Staff Consultant
Managed Information Assurance and tracking of 2000+ end-user network accounts and 5000+ Information Technology assets, spread over 3 geographically separated locations.
Enforced DOD/USAF security policies & directives, reported and handled security incidents; ensured maximum security for computer systems.
Served as Program Manager for the 58 Special Operations Wing Aircrew Training Enclave, ensuring DIACAP, NIST, and FISMA requirements were met.
2008 : 2012
United States Air Force
Information Assurance Manager
Developed and instructed a train the trainer IT networking and server management course for the Iraqi Army; provided 20 senior officers and enlisted personnel the skills needed to manage the Iraqi Defense Network.
Resolved group policy issues, enabling the Pro-metric and Pearson View testing center at Baghdad Signal University to function; allowed proctored certification training for deployed soldiers.
Relocated Army Battalion Headquarters; led communications survey team and assisted with the design of the communications architecture for new facility.
2010 : 2011
United States Air Force
Information Management Officer
Interfaces with government Information Systems Security Officers (ISSO) to ensure that all FISMA/NIST/agency specific security requirements are being met.
Acts as a liaison between security/IT and the business.
2016 : Present
PNC
Vice President - Information Security Officer, Federal Services
Member of the U.S. Department of Veterans Affairs Continuous Readiness in Information Security Program (CRISP).
Developed and reviewed security documentation to facilitate successful execution of VA security initiatives.
Audited various organizations within the VA to ensure compliance with FISMA and other federal laws.
2015 : 2016
U.S. Department of Veterans Affairs (Contract)
Senior Information Security Analyst
Built, maintained, and audited security programs across multiple organizations using the following frameworks, standards, and regulations :
-Payment Card Industry (PCI) Data Security Standard (DSS)
-Federal Information Security Management Act (FISMA)
-National Institute of Standards and Technology (NIST)
-Department of Defense Information Assurance Certification and Accreditation Process (DIACAP)
-Minimum Acceptable Risk Standards for Exchanges (MARS-E)
-Criminal Justice Information Services (CJIS)
Performed Risk Assessments for organizations taking into account threats, vulnerabilities, and implemented controls to determine overall risk.
2013 : 2014
SecureState
Audit and Compliance Staff Consultant
Managed Information Assurance and tracking of 2000+ end-user network accounts and 5000+ Information Technology assets, spread over 3 geographically separated locations.
Enforced DOD/USAF security policies & directives, reported and handled security incidents; ensured maximum security for computer systems.
Served as Program Manager for the 58 Special Operations Wing Aircrew Training Enclave, ensuring DIACAP, NIST, and FISMA requirements were met.
2008 : 2012
United States Air Force
Information Assurance Manager
Developed and instructed a train the trainer IT networking and server management course for the Iraqi Army; provided 20 senior officers and enlisted personnel the skills needed to manage the Iraqi Defense Network.
Resolved group policy issues, enabling the Pro-metric and Pearson View testing center at Baghdad Signal University to function; allowed proctored certification training for deployed soldiers.
Relocated Army Battalion Headquarters; led communications survey team and assisted with the design of the communications architecture for new facility.
2010 : 2011
United States Air Force
Information Management Officer
Company:
PNC
About
Experience in information security including governance, risk and compliance.
During my career I have worked with several organizations including (but not limited to):
-U.S. Department of Defense
-U.S. Department of Education
-U.S. Department of Agriculture
-U.S. Department of Veterans Affairs
-U.S. Department of the Treasury
-U.S. Department of Energy
-U.S. Agency for International Development
-National Institutes of Health
-Centers for Medicare and Medicaid Services
-Federal Deposit Insurance Corporation
-Federal Reserve Banks of Cleveland, Dallas, and Boston
-NASA
-University of California, San Diego
-Iowa State University
-TIAA-CREF
-AXA
-Cintas
-American Family Insurance
Profile Photo
