Profiles search
Greg Harris
Director of Cybersecurity at FEDITC - Federal IT Consulting
United States
Details
Experience:
Re-established a cybersecurity department after losing the entire incumbent workforce.
Provided guidance, document review, and eMASS subject matter expertise for a program of record
managing OPM and the security clearance process.
Developed and maintained the System Security Plan, Security Assessment Reports, and other accreditation artifacts for over 75 sites, both CONUS and OCONUS.
Created a robust testing schedule that allowed for all 75 sites controls to be assessed on a yearly basis for the development of 75 individual SARs.
Project lead for the integration of new GRC tools in both the corporate environment as well as client environments.
Implemented and managed OneTrust GRC and Security Assurance to either meet or maintain compliance with industry standards and government regulations such as ISO, NIST, CMMC, and CMMI.
Used the Compliance Framework Readiness page within OneTrust to brief the CEO, COO, Sr. President of the current status of operations.
Corporate account manager for Skillsoft account, managing over 2000 courses for over 400 FTEs
Managed a team of 8 analysts during a malware incident while conducting a full-spectrum incident response at a corporate office.
Provided 24-hour support to USSOCOM Cybersecurity with over 60 FTEs to support operations, mission requirements, and incident response around the world.
Conducted customer engagement to evaluate stakeholders and satisfaction of contracts in multiple countries.
Deployed OCONUS within 24 hours of notification to serve as a surge asset and provide SME support on a Risk Assessment package.
Developed a schedule to provide 24 hours by 7 days a week support for the SOC and IRC.
Advised CIOs and ISSMs on IA policies, IA assessments, cost benefits, risk analysis, and DISA STIGs so they could implement the most effective course of action to gain their ATO.
Monitored and Controlled the travel budget by actively updating all travel trackers past and projected.
2017 : Present
FEDITC - Federal IT Consulting
Director of Information Security / BD&Capture Manager
Developed a training pipeline for Security Control Assessor II to transition to Level III roles as well as career progression within the Security Operation Center (SOC) and Incident Response Center (IRC).
Developed a schedule to provide 24 hours by 7 days a week support for the SOC and IRC.
Led a team of 12 remote cyber security engineers in Risk Management Framework (RMF) operations to accredit 75 Air Force Medical Treatment Facilities (MTF). This focused heavily on NIST SP 800-53, FISMA, and HIPAA
Advised CIOs and ISSMs on IA policies, IA assessments, cost benefits, risk analysis, and DISA
STIGs so they could implement the most effective course of action to gain their ATO.
Tracked the progress Risk Assessment and accreditation of the Medical Community of Interest (MedCOI) across 75 Air Force Medical Treatment Facilities.
Submitted all Weekly Status Reports and Monthly Status Reports on time with accurate information
Reviewed all expense reports from travel and customer guided travel
Monitored and Controlled the travel budget by actively updating all travel trackers past and projected.
2018 : 2018
FEDITC - Federal IT Consulting
Program Manager/Capture Manager
Led a team of 3 cyber security engineers in current and future operations to secure the 65,000
workstations across the United States Army Reserve (USAR) enterprise and support over 80,000
customers at 767 locations with Tier II support and expertise.
Project Manager for the implementation of Cisco Identity Services Engine (ISE) throughout the
USAR enterprise. Developed project management plan, tracked deliverables, managed priorities of
the project team, performed strategic communication and coordinated with stakeholders to ensure
successful deployment in order to improve the enterprise's security posture.
Served as the cyber security subject matter expert (SME) for the Enterprise Architecture (EA)
Used GRC tools such as Tanium, Xacta, and eMASS to evaluate vendors software and programs.
Provided cyber security input to the WIPT charged with migrating the USAR enterprise behind the
Joint Regional Security Stacks (JRSS) hosted by the Defense Information Systems Agency (DISA)
as part of the DoD's network convergence effort.
Tracked and reported completion of taskings/directives from the Army Reserve Cyber Command
(ARCYBER) and higher headquarter organizations. Operational responsibility (OPR) for the IAVM
program within the 8 branches within the CIO/G-6.
Served as the Server, Workstation, Multifunction Device (MFD), and Network Device SME on the
Compliance team.
Developed PowerShell Scripts to automate a manual process and collect data more efficiently
Collected, Analyzed, and Reported SCAP data from scans to senior management and customer for
remediation.
Used the data from the SCAP scan to identify risks, measure our remediation efforts, monitor our
risk profile, and control the risks within the appropriate risk appetite for the associated activity.
Maintained consistent and accurate data in order to be ready to pass a Command Cyber Readiness
Inspection at a moment's notice.
2017 : 2018
FEDITC - Federal IT Consulting
Senior Cybersecurity Engineer/Technical Writer
Responsible for providing all strategic communication for the entire Brigade.
Provided 24 hours, 7 days a week support during hurricane relief operations managing 15 soldiers.
Re-configured military routers and switches to support local Emergency Operation Centers during
24-hour operations.
Responsible for the command, control, training, administration, operation, logistics, and combat
readiness of a 42 personnel Brigade Signal Company.
Develop policies and procedures for the battalions in regard to communications strategic goals.
Managed and was accountable for a Property Book of over 52 million dollars.
Planned, Coordinated, Participated, and Managed a successful Annual Training and Change of
Command Inventory.
Managed and trained 44 personnel in the proper security measures for safeguarding controlled
cryptographic items containing sensitive information.
Facilitated monthly meetings to develop strategies that would positively influence mission success.
2018 : 2021
Army National Guard
Brigade Signal Company Commander
Install new/repurpose existing servers and configure hardware, services, settings, directories, and
storage in accordance with project requirements/operation needs.
Researched, documented, and recommended innovative automated approaches for system
administration tasks.
Worked an on-call schedule to support the DOJ during non-business hours providing continuous
support to districts within the US.
Perform daily system monitoring, verifying the integrity and availability of all hardware, server
resources, systems, and key processes, reviewing system and application logs, and verifying the
completion of scheduled jobs such as backups.
Create, change, unlock and delete users’ accounts as needed
Migrated a district of over 200 workstations to PIV Log In Only
Apply patches and updates on a regular basis, as well as upgrade administrative tools based on the
needs of the project.
Tested all MSI packages created locally in the lab environment before pushing them to production
Advise the project manager on the capabilities, restraints, and limitations of the district
Decommissioned Server 2008 and transitioned services to Server 2012
Managed Group Policies per the guidance and direction of DOJ CISO
2015 : 2017
Deloitte
Senior System Engineer
Provided guidance, document review, and eMASS subject matter expertise for a program of record
managing OPM and the security clearance process.
Developed and maintained the System Security Plan, Security Assessment Reports, and other accreditation artifacts for over 75 sites, both CONUS and OCONUS.
Created a robust testing schedule that allowed for all 75 sites controls to be assessed on a yearly basis for the development of 75 individual SARs.
Project lead for the integration of new GRC tools in both the corporate environment as well as client environments.
Implemented and managed OneTrust GRC and Security Assurance to either meet or maintain compliance with industry standards and government regulations such as ISO, NIST, CMMC, and CMMI.
Used the Compliance Framework Readiness page within OneTrust to brief the CEO, COO, Sr. President of the current status of operations.
Corporate account manager for Skillsoft account, managing over 2000 courses for over 400 FTEs
Managed a team of 8 analysts during a malware incident while conducting a full-spectrum incident response at a corporate office.
Provided 24-hour support to USSOCOM Cybersecurity with over 60 FTEs to support operations, mission requirements, and incident response around the world.
Conducted customer engagement to evaluate stakeholders and satisfaction of contracts in multiple countries.
Deployed OCONUS within 24 hours of notification to serve as a surge asset and provide SME support on a Risk Assessment package.
Developed a schedule to provide 24 hours by 7 days a week support for the SOC and IRC.
Advised CIOs and ISSMs on IA policies, IA assessments, cost benefits, risk analysis, and DISA STIGs so they could implement the most effective course of action to gain their ATO.
Monitored and Controlled the travel budget by actively updating all travel trackers past and projected.
2017 : Present
FEDITC - Federal IT Consulting
Director of Information Security / BD&Capture Manager
Developed a training pipeline for Security Control Assessor II to transition to Level III roles as well as career progression within the Security Operation Center (SOC) and Incident Response Center (IRC).
Developed a schedule to provide 24 hours by 7 days a week support for the SOC and IRC.
Led a team of 12 remote cyber security engineers in Risk Management Framework (RMF) operations to accredit 75 Air Force Medical Treatment Facilities (MTF). This focused heavily on NIST SP 800-53, FISMA, and HIPAA
Advised CIOs and ISSMs on IA policies, IA assessments, cost benefits, risk analysis, and DISA
STIGs so they could implement the most effective course of action to gain their ATO.
Tracked the progress Risk Assessment and accreditation of the Medical Community of Interest (MedCOI) across 75 Air Force Medical Treatment Facilities.
Submitted all Weekly Status Reports and Monthly Status Reports on time with accurate information
Reviewed all expense reports from travel and customer guided travel
Monitored and Controlled the travel budget by actively updating all travel trackers past and projected.
2018 : 2018
FEDITC - Federal IT Consulting
Program Manager/Capture Manager
Led a team of 3 cyber security engineers in current and future operations to secure the 65,000
workstations across the United States Army Reserve (USAR) enterprise and support over 80,000
customers at 767 locations with Tier II support and expertise.
Project Manager for the implementation of Cisco Identity Services Engine (ISE) throughout the
USAR enterprise. Developed project management plan, tracked deliverables, managed priorities of
the project team, performed strategic communication and coordinated with stakeholders to ensure
successful deployment in order to improve the enterprise's security posture.
Served as the cyber security subject matter expert (SME) for the Enterprise Architecture (EA)
Used GRC tools such as Tanium, Xacta, and eMASS to evaluate vendors software and programs.
Provided cyber security input to the WIPT charged with migrating the USAR enterprise behind the
Joint Regional Security Stacks (JRSS) hosted by the Defense Information Systems Agency (DISA)
as part of the DoD's network convergence effort.
Tracked and reported completion of taskings/directives from the Army Reserve Cyber Command
(ARCYBER) and higher headquarter organizations. Operational responsibility (OPR) for the IAVM
program within the 8 branches within the CIO/G-6.
Served as the Server, Workstation, Multifunction Device (MFD), and Network Device SME on the
Compliance team.
Developed PowerShell Scripts to automate a manual process and collect data more efficiently
Collected, Analyzed, and Reported SCAP data from scans to senior management and customer for
remediation.
Used the data from the SCAP scan to identify risks, measure our remediation efforts, monitor our
risk profile, and control the risks within the appropriate risk appetite for the associated activity.
Maintained consistent and accurate data in order to be ready to pass a Command Cyber Readiness
Inspection at a moment's notice.
2017 : 2018
FEDITC - Federal IT Consulting
Senior Cybersecurity Engineer/Technical Writer
Responsible for providing all strategic communication for the entire Brigade.
Provided 24 hours, 7 days a week support during hurricane relief operations managing 15 soldiers.
Re-configured military routers and switches to support local Emergency Operation Centers during
24-hour operations.
Responsible for the command, control, training, administration, operation, logistics, and combat
readiness of a 42 personnel Brigade Signal Company.
Develop policies and procedures for the battalions in regard to communications strategic goals.
Managed and was accountable for a Property Book of over 52 million dollars.
Planned, Coordinated, Participated, and Managed a successful Annual Training and Change of
Command Inventory.
Managed and trained 44 personnel in the proper security measures for safeguarding controlled
cryptographic items containing sensitive information.
Facilitated monthly meetings to develop strategies that would positively influence mission success.
2018 : 2021
Army National Guard
Brigade Signal Company Commander
Install new/repurpose existing servers and configure hardware, services, settings, directories, and
storage in accordance with project requirements/operation needs.
Researched, documented, and recommended innovative automated approaches for system
administration tasks.
Worked an on-call schedule to support the DOJ during non-business hours providing continuous
support to districts within the US.
Perform daily system monitoring, verifying the integrity and availability of all hardware, server
resources, systems, and key processes, reviewing system and application logs, and verifying the
completion of scheduled jobs such as backups.
Create, change, unlock and delete users’ accounts as needed
Migrated a district of over 200 workstations to PIV Log In Only
Apply patches and updates on a regular basis, as well as upgrade administrative tools based on the
needs of the project.
Tested all MSI packages created locally in the lab environment before pushing them to production
Advise the project manager on the capabilities, restraints, and limitations of the district
Decommissioned Server 2008 and transitioned services to Server 2012
Managed Group Policies per the guidance and direction of DOJ CISO
2015 : 2017
Deloitte
Senior System Engineer
Company:
FEDITC - Federal IT Consulting
Profile Photo
