Profiles search
Lawson Kruger
Cyber Security Manager
Baltimore, MD, United States
Details
Experience:
● Oversee and mange the client’s enterprise cyber security operations, policy review, Assessment and Authorization (A&A), Host Based System Security (HBSS), Vulnerability Management life-cycle, Incident Response, contingency planning, and continuous monitoring
● Mange a team of 15 direct reports in support of client operations
● Develop Risk Assessment policies, procedures, and documentation in order to meet relevant Risk Management Framework (RMF) requirements
● Conduct internal inspections at multiple client sites to confirm and bolster security posture in preparation of the enterprise’s official transition towards RMF
● Review Security Technical Implementation Guide (STIG) checklists with technical POCs to validate secure configuration implementations
● Coordinate RMF security control requirements and provide guidance to senior members of technical, operational, and managements teams
● Hold weekly status update meetings with over 30 key representatives from all major organizational support teams
● Review and provide recommendations for security artifacts by identifying consistency, accuracy, and compliance with regulatory policies
● Conduct yearly enterprise Contingency Planning training and tabletop exercise
● Work with the Security Controls Assessment Team (SCA-V) during enterprise RMF evaluations to facilitate smooth assessments
● Achieved an Authority to Operate (ATO) recommendation for multiple systems from the SCA-V assessment team
● Develop and coordinate Plan of Action and Milestones (POA&M) documentation from respective enterprise groups and enter details into eMASS for tracking
● Review, maintain, and update the organization Enterprise Mission Assurance Support Service (eMASS) instances
● Submit packages through the eMASS package approval chain for higher command approval
● Provide RMF requirement updates and requests to individuals within higher chain of command
● Review and stay up to date with relevant DOD, Army, and NIST policy
2016 : Present
ICF
Senior Cybersecurity Manager
● Performed in-depth risk assessment reviews to ensure any threats to the enterprise are identified before making approval and denial decisions or recommendations
● Provided relevant security guidance and assistance to organization employees
● Identifed and suggest alternative solutions with security enhancements for customer requests
● Communicated the value of information technology security throughout all levels of the organization
● Developed Standard Operating Procedures (SOPs) and processes to secure a higher standard of cyber security training compliance with continuous monitoring to ensure future compliance
● Achieved a 99% enterprise-wide Cyber Security Training Awareness compliance rate with high visibility to the Director and higher command
● Ensured security improvement actions are evaluated, validated, and implemented as required
● Recognized security violations and take appropriate action to report the incident, as required
2015 : 2016
ICF
Cybersecurity Specialist - Associate
● Managed operations for over 7 different contracts accounting for 75% of the company’s revenue
● Manage a team of 15 compliance analysts including remote analysts located in the US, Canada, and Australia
● Interview potential employees to make hiring decisions
● Train new employees in house and remotely using GotoMeeting and Skype
● Provide support to corporate leadership as a search and media subject matter expert
● Developed a standard employee evaluation template and conducted yearly employee evaluations
● Advise and guide development team to create new tools to improve searching quality and productivity
● Participate on red teams for government contract proposal review
● Develop and implement new enhanced searching techniques ranging from advanced online search to IP spoofing and cloud computing
● Conducted open source intelligence gathering of personnel and private companies as part of a vetting process
● Developed persona management techniques and train employees on their usage
● Researched and analyzed relevant market intelligence and background information in order to develop supporting materials and make bid/no bid recommendations for high level contract proposals
● Capture elusive and fraudulent advertising relating to mobile content located on the internet, mobile applications, print, radio and television for major U.S., Canadian, and Australian carriers / associations
● Present technical reports and findings to propose services for potential new clients
● Monitor and maintain quality assurance processes for monthly contracts
● Develop and maintain audit standard guidelines for major carriers
● Achieved highest productivity numbers for functional and media testing in company history
● Utilized project management software for functional and media testing of mobile campaigns to ensure compliance with industry guidelines
● Analyzed the Android mobile application market for industry compliance relating to explicit material
2014 : 2015
Aegis Mobile
Media and Search Intelligence / Operations Manager
2012 : 2014
Aegis Mobile
Compliance Analysis Supervisor
2010 : 2012
Eagle Services, Inc.
Associate
● Mange a team of 15 direct reports in support of client operations
● Develop Risk Assessment policies, procedures, and documentation in order to meet relevant Risk Management Framework (RMF) requirements
● Conduct internal inspections at multiple client sites to confirm and bolster security posture in preparation of the enterprise’s official transition towards RMF
● Review Security Technical Implementation Guide (STIG) checklists with technical POCs to validate secure configuration implementations
● Coordinate RMF security control requirements and provide guidance to senior members of technical, operational, and managements teams
● Hold weekly status update meetings with over 30 key representatives from all major organizational support teams
● Review and provide recommendations for security artifacts by identifying consistency, accuracy, and compliance with regulatory policies
● Conduct yearly enterprise Contingency Planning training and tabletop exercise
● Work with the Security Controls Assessment Team (SCA-V) during enterprise RMF evaluations to facilitate smooth assessments
● Achieved an Authority to Operate (ATO) recommendation for multiple systems from the SCA-V assessment team
● Develop and coordinate Plan of Action and Milestones (POA&M) documentation from respective enterprise groups and enter details into eMASS for tracking
● Review, maintain, and update the organization Enterprise Mission Assurance Support Service (eMASS) instances
● Submit packages through the eMASS package approval chain for higher command approval
● Provide RMF requirement updates and requests to individuals within higher chain of command
● Review and stay up to date with relevant DOD, Army, and NIST policy
2016 : Present
ICF
Senior Cybersecurity Manager
● Performed in-depth risk assessment reviews to ensure any threats to the enterprise are identified before making approval and denial decisions or recommendations
● Provided relevant security guidance and assistance to organization employees
● Identifed and suggest alternative solutions with security enhancements for customer requests
● Communicated the value of information technology security throughout all levels of the organization
● Developed Standard Operating Procedures (SOPs) and processes to secure a higher standard of cyber security training compliance with continuous monitoring to ensure future compliance
● Achieved a 99% enterprise-wide Cyber Security Training Awareness compliance rate with high visibility to the Director and higher command
● Ensured security improvement actions are evaluated, validated, and implemented as required
● Recognized security violations and take appropriate action to report the incident, as required
2015 : 2016
ICF
Cybersecurity Specialist - Associate
● Managed operations for over 7 different contracts accounting for 75% of the company’s revenue
● Manage a team of 15 compliance analysts including remote analysts located in the US, Canada, and Australia
● Interview potential employees to make hiring decisions
● Train new employees in house and remotely using GotoMeeting and Skype
● Provide support to corporate leadership as a search and media subject matter expert
● Developed a standard employee evaluation template and conducted yearly employee evaluations
● Advise and guide development team to create new tools to improve searching quality and productivity
● Participate on red teams for government contract proposal review
● Develop and implement new enhanced searching techniques ranging from advanced online search to IP spoofing and cloud computing
● Conducted open source intelligence gathering of personnel and private companies as part of a vetting process
● Developed persona management techniques and train employees on their usage
● Researched and analyzed relevant market intelligence and background information in order to develop supporting materials and make bid/no bid recommendations for high level contract proposals
● Capture elusive and fraudulent advertising relating to mobile content located on the internet, mobile applications, print, radio and television for major U.S., Canadian, and Australian carriers / associations
● Present technical reports and findings to propose services for potential new clients
● Monitor and maintain quality assurance processes for monthly contracts
● Develop and maintain audit standard guidelines for major carriers
● Achieved highest productivity numbers for functional and media testing in company history
● Utilized project management software for functional and media testing of mobile campaigns to ensure compliance with industry guidelines
● Analyzed the Android mobile application market for industry compliance relating to explicit material
2014 : 2015
Aegis Mobile
Media and Search Intelligence / Operations Manager
2012 : 2014
Aegis Mobile
Compliance Analysis Supervisor
2010 : 2012
Eagle Services, Inc.
Associate
Company:
ICF
About
Detail-oriented INFOSEC professional with strong policy analysis and technical skills. Outstanding communication and relationship-building abilities. Strong sense of urgency, desire to succeed, and capable of learning new concepts quickly.
Profile Photo
