Profiles search

Jawa Layachi

Cybersecurity Architect | CISO | CIO | Leader Fostering trust Culture for an Agile Cyber Resilience
Chevy Chase, MD, United States

Details

Education: Master of Engineering - MEng

Radar Communications and Systems Technology

Ecole Royale de l'Air-Marrakech-Morocco

1977 : 1981



Leadership

Squadron Officer School-Maxwell AFB-Alabama

1992 : 1992



Advanced Military and Operational Studies

Führungsakademie der Bundeswehr-War College-Germany

2000 : 2001



Military Joint Operations Planning

Cours d'Etat Major-CREMS-Command and Staff College-Kénitra-Morocco

1992 : 1993
Experience: Co-founded Adhoccyber, a cybersecurity company, and concurrently served as its cybersecurity architect, promoting the adoption of the Cybersecurity Framework (CSF) among organizations.

• Saved 50% of time and resources by developing compliance programs to meet SOC 2 Type 2, HITRUST, and HIPAA certifications, and by implementing internal audit tasks to ensure ongoing compliance.

• Supported small and medium-sized businesses throughout their certification processes, including ISO 27001 and PCI-DSS. Successfully reduced costs by 50% while ensuring strict adherence to industry standards.

• Created for companies customized CSF profiles, devised strategic plans, and developed

implementation roadmaps based on their specific needs and available resources. By integrating

the NIST Risk Management Framework (RMF) and security control frameworks such as NIST 800-

53, ISO 27002, HITRUST, and CIS into the CSF, achieved a remarkable 50% reduction in certification time.

2019 : Present

ADHOCCYBER

Cybersecurity Architect

• Implemented a robust and comprehensive cybersecurity process by leveraging industry-leading industry-leading frameworks, such as the Cybersecurity Framework (CSF), Risk Management Framework

(RMF), and standards including NIST 800-37, NIST 800-60, NIST 800-53, and CIS.

• Oversaw and led the development of comprehensive risk assessments, security assessment

reports, Plans of Action and Milestones (POA&M), and System Security Plans (SSPs). By

leveraging the Cybersecurity Framework (CSF) and streamlining coordination between key

stakeholders and authorizing officials, reduced expenses and the time required to obtain

crucial 'Authorizations to Operate' (AOs) by 40%.

• Developed an effective and accepted Business Continuity Plan (BCP) and Continuity Of Operations Plan (COOP), ensuring smooth operations following disruptions.

• Established a cost-effective, tailored Security Operations Center (SOC). Leveraging open-source

products and utilizing in-house resources, I formed a highly skilled SOC team, resulting in savings of 1 million dollars.

• Elevated the CISO function to the C-level, increasing the visibility and importance of cybersecurity within the organization.

2013 : 2018

Forces Royales Air

Chief Information Security Officer

• Negotiated multi-billion dollar FMS acquisition programs.

• Supervised the training of numerous trainees in us military schools.

2007 : 2011

Moroccan Embassy

Diplomat - Defense Attaché

As the CIO of the Moroccan Air Force, designed and implemented a 3-year strategic plan to establish a multi-million dollar integrated information system where :

• Supervised the replacement of the outdated telecommunications network,

• Led the in-house development of innovative software solutions customized to address the

organization's specific needs, resulting in streamlined processes, enhanced operational efficiency, and

significant cost savings.

• Collaborated closely with the C managers to ensure they understood the importance of their roles as solution owners, which helped to ensure their successful acceptance and deployment

• Developed the organization's first cybersecurity policy.

2002 : 2007

Forces Royales Air

Chief Information Officer

As a Software Development Manager, employed several unique measures, including :

• Using commercial-off-the-shelf products instead of costly customized solutions, which helped us save at least one million dollars.

• Integrating permanent users into the team to obtain specifications tailored to our specific environment.

• Utilizing the Agile methodology to ensure that we periodically produced useful deliverables, which kept our users and decision-makers engaged.

• Creating and maintaining a mission-command culture (trust) within the team.

1993 : 1998

Air Defense Morocco

Software Project Manager
Company: ADHOCCYBER
Years of Experience: 31

Skills

Acting, Agile Methodologies, Agile Project Management, Analytical Skills, Attention to Detail, Coaching, Communication, Cross-cultural Communication Skills, CSF, Cyber Risk Management, Cybersecurity, Cybersecurity Incident Response, Decision-Making, Executive Management, Flow State Building, Information Security, Information Security Management, Inspirational Leadership, ISO 27001, ISO Standards, IT Operations, Leadership, Microsoft Excel, Negotiation, NIST, NIST 800-53, Problem Management, Problem Solving, Project Management, Radar, Risk Management, RMF, Security Architecture Design, Security Awareness, Security Policy, Skilled Multi-tasker, Software Project Management, Strategic Leadership, Strategic Planning, Strategic Thinking, Strategy, Tactical Planning, Team Building, Team Management, Teamwork, Technical Leadership, Transformational Leadership, Written Communication

About

You are looking for a dynamic and adaptive cybersecurity process? Jawa has a proposal that will enforce your cybersecurity posture.



Drawing from diverse experiences, he developed and applied a distinctive approach to tackling complex challenges. This perspective is guided by two fundamental principles. Firstly, trust-building is essential for empowering individuals and facilitating suitable independent decision-making. Secondly, the Agile methodology maintains momentum and provides the necessary flexibility to adapt to unpredictable and volatile environments.



• At adhoccyber, he successfully reduced certification costs by 50% while supporting small and medium-sized businesses throughout their certification or compliance processes, including ISO 27001, PCI-DSS, HITRUST, and HIPAA regulations. He established strategic planning for companies through Cybersecurity Framework (CSF) profiles and developed customized implementation roadmaps based on their specific needs and available resources. Integrating the NIST Risk Management Framework (RMF) and popular security control frameworks such as NIST 800-53, ISO 27002, and CIS into the CSF, he achieved a notable 50% reduction in realization time.



• As the Chief Information Security Officer (CISO), he implemented a robust and dynamic cybersecurity process based on NIST, CSF, and RMF. Additionally, he set up a cost-effective Security Operations Center (SOC) and developed a comprehensive Business Continuity Plan (BCP). His persuasion skills allowed him to elevate the CISO function to C-level, increasing cybersecurity visibility.



• In Washington DC, as a diplomat (defense attaché), he negotiated multi-billion dollar FMS acquisition programs and supervised the training of numerous trainees in US military schools.



• Drove multimillion-dollar savings as the Chief Information Officer (CIO) by leading the in-house development of cutting-edge information systems. This achievement not only optimized operations but also enhanced overall efficiency and productivity by 60%.



If you want to learn more about a unique perspective on navigating complex challenges in dynamic cyberspace and sail toward success, please don't hesitate to reach Jawa Layachi at comtechafrica@gmail.com.