James Griffin
Details
Information Technology
Howard Community College
Cybersecurity Management & Policy (in progress)
University of Maryland University College
General Dynamics Information Technology
Director, Information Security
• Manage ongoing security operations for the Healthcare Integrated General Ledger Accounting System (HIGLAS), the system of record for all Medicare and Medicaid payments.
• Investigation and evaluation of potential security events.
• Conduct daily and weekly security briefings regarding the HIGLAS security posture.
2019 : 2022
General Dynamics Information Technology
Senior Cybersecurity Manager
• Security analysis including NIDPS / HIDPS outputs, network traffic / wire analytics, system and application logs, and other security-related data sources.
• Investigation and evaluation of potential security events using tools such as Splunk, Splunk Enterprise Security, Trend Micro Deep Security, and TripWire Enterprise.
• Coordinate all audit activities including SCA, A-123, CFO, FISCAM, and FISMA audits.
• Conduct daily and weekly security briefings regarding the HIGLAS security posture.
• Develop and maintain RMF-based security package for HIGLAS, a FISMA High system.
2017 : 2019
General Dynamics Information Technology
Information Systems Security Advisor
- Develop NIST RMF-based system security packages for medical devices including : ensuring appropriate system categorizations; selecting security control baselines; tailoring selected security baselines accordingly; applying the security control baselines to each medical device; assessing the devices through vulnerability scans; remediating discovered vulnerabilities; and preparing the final Assessment and Authorization (A&A) packages in eMASS (Enterprise Mission Assurance Support Service).
- Schedule and conduct vulnerability assessments for medical devices, analyzed results and developed remediation plans, incorporated resulting vulnerabilities into associated security packages, and reported results and ongoing status to upper management.
- Catalogue compliance with control assessment procedures in accordance with Defense Information Systems Agency (DISA) required Control Correlation Identifiers (CCIs) and how each CCI is implemented at WRAIR.
2016 : 2017
InterImage
Information Assurance Team Lead
- Conduct Capability Maturity Model Integration (CMMI) audits of defined development processes to ensure third-party Standard CMMI Appraisal Method for Process Improvement (SCAMPI) assessments are efficient and unsurprising.
- Write and edit technical volumes for security- and development-related contracts. Provide subject matter expertise on information assurance, cyber security, software development methodologies, web development, federal governance, and regulatory compliance.
- Wrote technical volumes for security- and development-related contracts resulting in $20M new work.
2015 : 2016
InterImage
Auditor / Proposal Writer
Skills
Auditing, CMMI, FISMA, HTML, Information Assurance, Information Security, Information Technology, Integration, Leadership, Microsoft Office, NIST 800-53, Program Management, Project Management, Proposal Writing, Risk Management, Security, Web Development, Section 508, XML, Advanced CSS, VB.NET, AJAX, PHP, MySQL, JavaScript, Adobe Creative Suite
About
James serves as the Director of Information Security at General Dynamics Information Technology as part of the Federal Civilian Division. He is CISSP, CGRC, and Security+ certified. In his present role, James delivers mission-critical security services and solutions to the Centers for Medicare and Medicaid Services while overseeing the security operations for HIGLAS, the system of record for all Medicare and Medicaid payments, processing $1.5T in payments each year.
James brings over 20 years of technology experience, holding roles in development, information assurance, system administration, security operations, auditing, program growth, and leadership over the course of his career. He has proven skills in critical thinking, cybersecurity, data analysis, project management, information assurance, and regulatory compliance polished over the course of his IT career.
Profile Photo
