Payam Hojjat
Details
Technology and Innovation Management - Specialization : Cybersecurity
Northcentral University
2020 : 2023
Master of Science - MS
Cyber Security and Information Insurance
Western Governors University
2017 : 2019
Bachelor's Degree
Management Information Systems, General
CSU Sacramento
2014 : 2016
Computer Systems Networking and Telecommunications
Sacramento City College
2012 : 2014
Associate's Degree
Math & Science, Business, Sociology
Folsom Lake College
2011 : 2014
California Department of Technology
Statewide Cybersecurity Risk & Governance Chief
Part-time professor for the Management Information Systems program at CSUS. Course content examines network security, ethical hacking, compliance and operational security, threats and vulnerabilities, application and data security, host security, access control and identity management, administration and governance, and cryptography.
2019 :
California State University-Sacramento
Adjunct University Professor
2020 : 2023
California Department of Technology
Statewide Incident Response Program Manager
Provide direction and security guidance for the California Department of Toxic Substances Control as the Chief Information Security Officer. Build and implement an information security strategy, road map, and program to align security controls, and enable users, business objectives, and services to DTSC’s core mission and values, while reducing organizational risk through digital safeguards and countermeasures. Integrate technology to modernize and streamline DTSC business processes while enforcing regulatory policies to ensure legislative and organizational compliance of the confidentiality, integrity, and availability of California State resources. Direct all aspects of security product life cycles, including but not limited to : requirements gathering, strategy, architecture, design, procurement, decision making, and communication. Reform security culture to increase cyber security resiliency, provide management responsibilities to infrastructure staff, collaborate with regulatory, emergency, and financial State agencies, and act as the Privacy Officer, Technology Recovery Coordinator, and information technology Risk Manager. Provide last level technical support for major security breaches.
2018 : 2020
California Department of Toxic Substances Control
Chief Information Security Officer
Lead Technical Security Architect/Tiger Team Lead :
Technical lead to securely design and architect enterprise wide projects, and ensure the compliance to CDCR's DOM, CDT’s SAM, ISO 27000 and NIST frameworks. Promote collaboration and facilitate meetings with different stakeholders on enterprise wide projects as CDCR's Tiger Team coordinator. Provide security guidance and risk mitigation techniques to business units and ensure the confidentiality, integrity, and availability of CDCR data. Develop network diagrams and enterprise firewall rules as necessary.
Red Teaming :
Audit the enterprise’s security posture through penetration testing and risk assessments, which provided a gap analysis to further create new policies and mitigate departmental vulnerabilities. Additionally, configured, administered, and tuned CDCR's vulnerability scanner and created policies scans to help assess and develop baseline images for DISA STIGs compliance.
Blue Teaming :
Help create CDCR’s Security Operations Center by drafting playbooks to streamline incident response during security breaches.
Conduct analysis and create triggers on suspicious activities utilizing our McAfee Suite (SIEM, ATD, ePO, DLP) and various online website auditing tools to create reports, timelines, and remediation processes to help upper management make data-driven decisions.
2016 : 2018
California Department of Corrections and Rehabilitation
Enterprise Security Architect
Skills
Access Control Management, active directory, Business Intelligence, Computer and Network Forensics, Computer Network Operations, Crowdstrike Falcon, Data Mining, Diligent, Discipline, enterprise network security, Enterprise Risk Management, Hyper-V, Identity & Access Management (IAM), Industrial Control System Security, information security awareness, Information Security Management, JavaScript, Leadership, Linux, Log Analysis, Mainframe, Malware Analysis, Metasploit, Networking, Office 365 Administration, Penetration Testing, Persistence, Physical Security Assessment, powershell, public speaking, Python, R, root cause analysis, SCADA, SDLC, security architecture design, Security Incident Response, Security Information and Event Management (SIEM), security policy development, SQL, Syslog, Threat & Vulnerability Management, Time Management, Varonis, Virtual Private Network (VPN), web application security, Web Application Security Assessment, Windows Server, Wireless Security, z/OS, Help Desk Support, Computer Network, Information Technology, Cisco IOS, Wireless Networking, Cisco Technologies, LAN Switching, Router and Switch, TCP/IP, IPv6, SNMP, Netflow, LAN-WAN, Wireshark, Access Lists, Virtualization, Java, Socket.io, SharePoint, C, HTML, VBA, Relational Databases, Microsoft SQL Server, Microsoft Servers, Statistical Data, Self-confidence, Strategic Planning, Positive Energy, Friendly Personality, Teamwork, Helping Others Succeed, Open Minded, Energetic Self-Starter, Consistency, Organization, Loyal, Cisco VoIP, Router and Switch Configuration, JCL, SQL DB2, MySQL, SQL Server Management Studio, Big Data Analytics, Statistical Data Analysis, Data Structures, SAP, IBM Mainframe, CA-Top Secret, IBM Explorer for z/OS, Green Screen, bluecoat proxies, mcafee antivirus, rapid7, cybersquatting, network security implementation
About
Seek Discomfort.
Profile Photo
