Profiles search
M. Maurice Coles
Information Security & Risk Management Professional
Richmond, VA, United States
Details
Education:
Master's degree
Law
Washington University in St. Louis School of Law
2016 : 2018
Bachelor of Arts (B.A.)
Homeland Security and Emergency Preparedness
Virginia Commonwealth University
2010 : 2014
Bachelor of Science (B.S.)
Criminal Justice
Virginia Commonwealth University
2010 : 2014
Law
Washington University in St. Louis School of Law
2016 : 2018
Bachelor of Arts (B.A.)
Homeland Security and Emergency Preparedness
Virginia Commonwealth University
2010 : 2014
Bachelor of Science (B.S.)
Criminal Justice
Virginia Commonwealth University
2010 : 2014
Experience:
Serves as Principal Information Security Analyst for the Virginia Department of Veterans Services.
• Implements and manages the Agency Information Security & Risk Management Program across all applications, networks information assets.
• Provides guidance on security and privacy issues to all levels of Agency staff.
• Manages security activities in risk management, resource provisioning, disaster planning and recovery, application security, incident management, data preservation, user education and training, and physical and operational security.
• Ensures Agency compliance with federal and state laws, industry-recognized regulatory frameworks, agency policies, requirements, and standards.
• Engages with agency personnel, vendors, contractors, and officials, including agency executives, to promote a culture of security awareness and ensure compliance.
• Maintains partnerships with security entities, including Commonwealth Security & Risk Management (CSRM), the Virginia Information Technologies Agency (VITA), and supporting service towers and vendors.
• Engages with on-site and remote personnel throughout the Commonwealth to ensure local and regional compliance with the Agency Information Security & Risk Management program.
• Leverages relationships with private sector partners, law enforcement, the intelligence community, and the Governor’s Office to enrich security operations and overall security posture within the Agency and industry.
2023 : Present
Virginia Department of Veterans Services
Information Security Analyst
2008 :
Self-employed
Technologist (Consulting & Support)
Served as an Information Security Analyst for the Virginia Department of Education.
• Collaborates with IT to provide guidance and support for the development and implementation of technical system and data controls in the environment.
• Develops robust application monitoring and response strategies and manage implementation.
• Evaluate and respond to vulnerability assessments and issues identified. Actively manage VITA, vendors and IT projects required to address identified deficiencies with respect to information security
• Investigate and respond (either directly or with third-party providers) to cyber threats.
• Change Management Support & Oversight : Oversee changes to the network, applications, and data to ensure the appropriate management and implementation that will reduce threats that impact the confidentiality, integrity or availability of systems and data.
• Penetration Testing Oversight & Issue Remediation : Develop testing requirements, engage vendors, and ensure successful performance of required internal and external penetration test.
• Manage the communication for remediation of vulnerability scans with system and business owners
• Prepare compliance reports and escalate as necessary
• Assist Security Engineer in the development and management of sensitive system security plans and risk assessments
• Assists in the development of Information Security Program Procedures and Supporting Documentation for system scanning, logs, and penetration testing
2021 : 2023
Virginia Department of Education
Information Security Analyst
Served as Principal Information Security Analyst for the Virginia Department of Human Resource Management.
• Monitors and assesses security risks and designing and implementing information security programs, procedures and policies
• Develops, implements, tests and administers Agency’s security and disaster recovery plans, Continuity Plans and tabletop exercises
• Monitors and assesses network threats, managed information security solutions (intrusion detection, virus protection systems, etc.)
• Reviews network, computers, applications, and other IT systems configurations to ensure compliance with pertinent policies, laws, and regulations
• Configures, integrates, and deploys new security solutions and enhancements
• Develops and supported physical and electronic security standards for information systems
• Serves as Security Analyst for the Agency’s systems of record and grants, modifies, assesses, and revokes access to ensure access controls functioned as intended
• Liaisons with Virginia Information Technologies Agency (VITA) and IT Service Providers to provide out-of-scope support and maintenance
• Provides support to Information Security Officer – conducted review of network and applications security to ensure compliance with Commonwealth security standards
• Handles access requests for information systems and telecommunications systems
• Develops end user training for staff and management on business and productivity software
• Develops and document systems administration standard operating procedures
• Maintain baseline system security according to organizational policies
• Conducts Business Impact Analysis and Risk Assessments and enter them in RSA ARCHER
2018 : 2021
Virginia Department of Human Resource Management
Information Security Analyst
Served as Information Security Officer for VCCS, Shared Services Center, and twenty-three community colleges.
• Liaison with Virginia Information Technologies Agency (VITA) and IT Service Providers to provide out-of-scope support and maintenance
• Coordinated the procurement of security solutions including evaluating technology needs and recommending purchases to meet agency business requirements
• Provide support to Information Security Officer – conducted review of network and applications security to ensure compliance with Commonwealth security standards
• Handled access requests for information systems and telecommunications systems
• Managed internal software license management system to ensure compliance with Commonwealth standards
• Developed end user training for staff and management on business and productivity software
• Develop and document systems administration standard operating procedures
• Maintain baseline system security according to organizational policies
• Participated in COOP/Continuity Plan development, implementation and testing
• Developed and implemented Disaster Recovery Plans and exercises
2017 : 2018
Virginia Community College System
Information Security Officer
• Implements and manages the Agency Information Security & Risk Management Program across all applications, networks information assets.
• Provides guidance on security and privacy issues to all levels of Agency staff.
• Manages security activities in risk management, resource provisioning, disaster planning and recovery, application security, incident management, data preservation, user education and training, and physical and operational security.
• Ensures Agency compliance with federal and state laws, industry-recognized regulatory frameworks, agency policies, requirements, and standards.
• Engages with agency personnel, vendors, contractors, and officials, including agency executives, to promote a culture of security awareness and ensure compliance.
• Maintains partnerships with security entities, including Commonwealth Security & Risk Management (CSRM), the Virginia Information Technologies Agency (VITA), and supporting service towers and vendors.
• Engages with on-site and remote personnel throughout the Commonwealth to ensure local and regional compliance with the Agency Information Security & Risk Management program.
• Leverages relationships with private sector partners, law enforcement, the intelligence community, and the Governor’s Office to enrich security operations and overall security posture within the Agency and industry.
2023 : Present
Virginia Department of Veterans Services
Information Security Analyst
2008 :
Self-employed
Technologist (Consulting & Support)
Served as an Information Security Analyst for the Virginia Department of Education.
• Collaborates with IT to provide guidance and support for the development and implementation of technical system and data controls in the environment.
• Develops robust application monitoring and response strategies and manage implementation.
• Evaluate and respond to vulnerability assessments and issues identified. Actively manage VITA, vendors and IT projects required to address identified deficiencies with respect to information security
• Investigate and respond (either directly or with third-party providers) to cyber threats.
• Change Management Support & Oversight : Oversee changes to the network, applications, and data to ensure the appropriate management and implementation that will reduce threats that impact the confidentiality, integrity or availability of systems and data.
• Penetration Testing Oversight & Issue Remediation : Develop testing requirements, engage vendors, and ensure successful performance of required internal and external penetration test.
• Manage the communication for remediation of vulnerability scans with system and business owners
• Prepare compliance reports and escalate as necessary
• Assist Security Engineer in the development and management of sensitive system security plans and risk assessments
• Assists in the development of Information Security Program Procedures and Supporting Documentation for system scanning, logs, and penetration testing
2021 : 2023
Virginia Department of Education
Information Security Analyst
Served as Principal Information Security Analyst for the Virginia Department of Human Resource Management.
• Monitors and assesses security risks and designing and implementing information security programs, procedures and policies
• Develops, implements, tests and administers Agency’s security and disaster recovery plans, Continuity Plans and tabletop exercises
• Monitors and assesses network threats, managed information security solutions (intrusion detection, virus protection systems, etc.)
• Reviews network, computers, applications, and other IT systems configurations to ensure compliance with pertinent policies, laws, and regulations
• Configures, integrates, and deploys new security solutions and enhancements
• Develops and supported physical and electronic security standards for information systems
• Serves as Security Analyst for the Agency’s systems of record and grants, modifies, assesses, and revokes access to ensure access controls functioned as intended
• Liaisons with Virginia Information Technologies Agency (VITA) and IT Service Providers to provide out-of-scope support and maintenance
• Provides support to Information Security Officer – conducted review of network and applications security to ensure compliance with Commonwealth security standards
• Handles access requests for information systems and telecommunications systems
• Develops end user training for staff and management on business and productivity software
• Develops and document systems administration standard operating procedures
• Maintain baseline system security according to organizational policies
• Conducts Business Impact Analysis and Risk Assessments and enter them in RSA ARCHER
2018 : 2021
Virginia Department of Human Resource Management
Information Security Analyst
Served as Information Security Officer for VCCS, Shared Services Center, and twenty-three community colleges.
• Liaison with Virginia Information Technologies Agency (VITA) and IT Service Providers to provide out-of-scope support and maintenance
• Coordinated the procurement of security solutions including evaluating technology needs and recommending purchases to meet agency business requirements
• Provide support to Information Security Officer – conducted review of network and applications security to ensure compliance with Commonwealth security standards
• Handled access requests for information systems and telecommunications systems
• Managed internal software license management system to ensure compliance with Commonwealth standards
• Developed end user training for staff and management on business and productivity software
• Develop and document systems administration standard operating procedures
• Maintain baseline system security according to organizational policies
• Participated in COOP/Continuity Plan development, implementation and testing
• Developed and implemented Disaster Recovery Plans and exercises
2017 : 2018
Virginia Community College System
Information Security Officer
Company:
Virginia Department of Veterans Services
Years of Experience:
16
Spoken Language:
Spanish
Skills
Access, Artificial Intelligence (AI), Cloud Security, Customer Service, Cyber Risk Management, Cybersecurity, Data Analysis, Data Classification, Data Privacy, Document Management, Employee Data Management, Help Desk Support, Higher Education, Incident Response, Information Management, Information Security, Information Security Management, IT Risk Management, Leadership, Management, Microsoft Excel, Microsoft Office, Microsoft Word, Network Security, Nonprofits, Photoshop, PowerPoint, Privacy Law, Privacy Policies, Public Speaking, Research, Teaching, Technical Support, Threat & Vulnerability Management, Training, Troubleshooting, Vulnerability Assessment, Windows, Wireshark
About
A highly skilled, results-oriented administrative professional with expertise in providing excellent Information Security and business administration support to senior executives. Self directed problem solver who works well under pressure; has the ability to multi task while maintaining excellent attention to detail and the capacity to organize and manage multiple projects simultaneously across a broad range of activities at once. Effective communicator able to work closely with diverse individuals including customers and associates as well as establish relationships of trust to achieve goals within all levels of an organization.
Profile Photo
