Profiles search

Lisa Edwards

CISSP • CGEIT • Zero Trust • ISCM/Cybersecurity Policy & Governance • Risk Management Framework • CDM • FISMA • Active DoD TS
Baltimore, MD, United States

Details

Experience: Promoted from senior consultant to associate.

2018 : Present

Booz Allen Hamilton

Lead Associate - ISCM / Cybersecurity Governance, Risk Management RMF, CDM, FISMA Compliance

Assignments with DOE, DOI, USDA, OPM, DOT/FAA, OPM, GSA, VA, HHS, Treasury/IRS, SSA, NASA, and USPS

Identified gaps in ISCM/cybersecurity governance structures and provided guidance on leveraging existing federal standards, policies, and processes within the context of their current ISCM strategy

• Performed analysis of OMB and NIST policy documents, mapped them to CDM requirements

• Applied NIST and FISMA compliance expertise to develop CDM Governance deliverables and assist departments and agencies in establishing governance related to the CDM solution

• Worked to understand CDM Department and Agency mission, strategic objectives/goals, and organizational structures to develop quality recommendations for building and improving IT Governance

• Led and contributed to CDM Governance working sessions

• Collaborated with BAH Engineers and SMEs regarding CDM technical solutions and relation to governance

• Developed Governance documentation including :

- Agency-Specific Governance Support Plan

- Governance Support Plan Implementation Strategy, which provides practical guidance, common recommendations, sample FISMA control, requirements mapping, and implementation strategy content for agencies to customize

- Governance Example Cross-Referenced Policies/Documents/SOPs which help in identifying key organizational policies and procedures directly affected by CDM that Departments and Agencies need to review and/or update due to the new capabilities provided by the CDM tool suite

- Governance Planning Summary and Checklist

- ISCM Strategy - Sample Outline

- Example Desired State Business Rules

• Coordinated and provided guidance on governance and policy for agency ISCM and CDM efforts in both centralized and federated environments

• Briefed DHS on CDM Governance Operationalization efforts and mission outcomes

• Led discussions in agency-specific governance meetings to address CDM functionality and integration

2016 : 2018

Booz Allen Hamilton

Senior Consultant for Continuous Diagnostics and Mitigation (CDM) Governance - Federal Agencies

Cybersecurity Program Coordinator, Consumer Finance Protection Bureau

• Served as the cybersecurity program coordinator; worked with the cybersecurity team to achieve the bureau’s information security strategy; proactively influenced peers and senior leaders to build a strong security culture

• Coordinated activities with the Strategy and Risk Management Team. Ensured that new projects underwent required security assessments

• Supported the Cybersecurity Program Management team with security audit and oversight-related activities

IRS Security Assessor

• Served as a Security Assessor for the IRS Security Risk Management and Enterprise FISMA Compliance Program

• Performed security assessments of IRS General Support Systems and Major Applications in accordance with FISMA, NIST, and IRS guidelines, directives, and standards

• Examined, tested, and validated compliance of technical, operational, and managerial security controls of general support systems and major applications

• Reviewed, analyzed, and documented changes made to the information system with emphasis on security impacts; updated the System Security Plan

• Developed an Assessment Plan that detailed security control implementation, evidence collected and reviewed during testing, and overall documents risks and vulnerabilities

Facility Security Officer

• Managed corporate compliance and all contractor personnel security clearance activities in accordance with National Industrial Security Program Operating Manual (NISPOM)

• Served as the Primary Liaison with the Defense Security Service (DSS) and other agencies

Senior Project Coordinator & Facilities Manager

• Supervised office administrative staff, project contract security, IT Help Desk, and office management activities

• Managed the planning, processes, activities, and documentation for successful corporate migration from CMMI Level 2 to Level 3

• Maintained organization level ISO 9001 : 2008 certification; passed ISO audits with no deficiencies

2012 : 2016

VariQ

Senior Project Coordinator - Cybersecurity Program Coordinator, Security Assessor, Facility Security

• Managed contracts, inventory control, logistics, design compliance, fabrication, and installation of physical security products and window treatments for government and commercial organizations

• Provided oversight for global product installation, crew logistics, and clearance for technicians

2009 : 2011

Mitigation Technologies

Purchasing Manager, Operations and Logistics Manager - Physical Security Products

• Managed product development projects, monitored progress for accuracy and adherence to deadlines

• Coordinated and managed installation teams and worked to ensure client satisfaction

2003 : 2009

Mitigation Technologies

Operations Project Manager, Logistics Manager - Product Development
Company: Booz Allen Hamilton
Spoken Language: English, Spanish

About

WHAT I DO: I help federal agencies and departments to build robust security programs by assessing governance and supporting the development of effective governance strategies and programs.



HOW I DO IT: I am a Lead Associate at Booz Allen Hamilton and an accomplished federal government cybersecurity compliance professional with ten years of management experience.



MY FOCUS:

• Analyzing emerging cybersecurity technologies, changing threats and growing requirements and their impact on organizational mission, goals, and objectives

• Maintain agency alignment with federal policies and guidance through analysis of strategic planning and programs design, implementation and impact

• Maintaining currency with federal guidelines and mandates. DHS/OMB directives, and requirements: Risk Management Framework (RMF), Information Security Continuous Monitoring (ISCM), Continuous Diagnostics and Mitigation (CDM), FISMA compliance

• Creating cybersecurity policy

• Analyzing and assessing strategy, policy, and programs against governance keys and priorities

• Develop Governance Support Plans



WHAT MAKES ME DIFFERENT: I have broad knowledge in the security field earned through my experience as an FSO, FISMA compliance assessor, direct report and support to federal CISO, and now supporting CDM. I have very good soft skills and can facilitate conversations between different fields easily, and I’m studying to take the CISSP in June 2018.



WANT TO TALK? Reach out to me directly here on LinkedIn.