Harvey Newstrom
Cybersecurity Compliance
 (Download as docx doc pdf rtf txt)
Credly.com/users/Harvey-Newstrom
 in  LinkedIn.com/in/HarveyNewstrom
📧 mail@HarveyNewstrom.com
🔗 HarveyNewstrom.com
🌎 Melbourne, FL, USA
321-544-3642
🗓 8/10/2021

Credentials
• ISC2 Security Certifications:
   CISSP, ISSAP, ISSMP, CSSLP
• ISACA Audit Certifications:
   CISA, CISM, CRISC, CGEIT
• AWS Cloud Certifications:
   AWS-CCP, AWS-CSS
• DoD Cyber Certifications:
    IAT, IAM, CSSP, IASAE - I, II, III
• DoD Clearances:
   2014 SSBI TS/SCI, 2021 NACLC
• Acknowledged Contributor to:
   NIST 800-53, 800-53A, 800-53B
• Education:
   BPS-Business, AS-CompSci

Capabilities
• Roles:
   Architect, Auditor, Assessor, ISSM/O
• Tasks, Skills, Abilities:
   FISMA, NIST, RMF, Program, Policy,
   Procedures, Standards, Requirements,
   Compliance, C&A, A&A, Certification,
   Accreditation, Assessment, ATO,
   Authorization, POA&M, MOU/A, ISA
• Expertise:
   800-18 SSP; 800-34 CP; 800-61 IR;
   800-30, 800-37, 800-39 Risk;
   800-53, 800-53A, 800-53B Controls;
   800-171, 800-171A, 800-172 CUI;
   HB-162 DFARS, CMMC, CNSSI-1253

Collaboration
• Regulatory Agencies:
   NIST, NARA, GSA, OMB
   GAO, SEC, DoT, FAA, EPA,
   FMCSA, USDA, USFS
• Intel/Defense Agencies:
   DNI, CIA, DoE, SNL, DHS,
   DoJ, FBI, DoS, NSA, NRO,
   DoD, DARPA, DCMA, DISA
• Audit Teams:
   Deloitte, Mandiant, KPMG,
   Ernst&Young, Fiderus,
   ADP, BankOfAm, IBM, EBS,
   JPMorgan, Credit-Suisse,
   FarmCredit, FirstAmBank

Experience
Security and Compliance Focal, IBM, Telework (9/2021 - present)

• Compliance expert in FedRAMP/FISMA, ISO, SOC, HIPAA, PCI, NIST 800 series, ISO 27000 series, GDPR, etc.
• Developing cost-effective security program, standards, requirements, policies, processes, procedures, audits.
• Conducting regular audits on systems and host third-party audits for certifications and compliance certificates.
• Providing security information, reporting, marketing, problem solving, solution architecting, and training.
• Collaborating with security architects, technical teams, DevOps, auditors, and customers.

Senior Principal Security Architect, SAIC, Telework (4/2004 - 6/2021)

• Provided subject matter expertise in the design, implementation, and assessment of NIST compliant security.
• Documented security programs, standards, requirements, policies, processes, procedures, assessments, audits.
• Lead NARA development of first unified security architecture, cited as “best” federal architecture by OMB.
• Assisted NIST integrating much of my security architecture work into NIST SP 800-53, 800-53A, and 800-53B.
• Implemented security programs at USFS, IRS, EPA, DCMO, DHS, GSA, DOT, others based on NARA/NIST work.

Principal Security Consultant, Newstaff, Nationwide (9/2000 - 4/2004)

• Rejoined consulting firm to help Fiderus establish security consulting practice, sign and fulfill first contract.
• Helped IBM teams supporting Fleming, K-mart, and Cox Cable with nationwide network and security projects.

Senior Security Consultant, IBM, Nationwide (8/1998 - 8/2000)

• Developed consulting assets, trained consultants, became top selling security and privacy consultant.

Security Consultant, Newstaff, South Florida (7/1995 - 7/1998)

• Cofounded consulting firm to provide network and security support services to IBM.
• Helped IBM Investigate and resolve campus-wide system shutdowns originally thought to be hacker attacks.
• Helped IBM design new South Florida secure network and transition legacy networks to new infrastructure.
• Helped develop proof-of-concept infrastructure for new IBM Security and Privacy consulting practice.

Lead Security Engineer, Harris, Melbourne, FL (1/1985 - 12/1994)

• First Metronet ISSO, lead first corporate security program, lead beta test lab, helped develop security products.

https://HarveyNewstrom.com/newstrom/resume.html
Creative Commons License © 1995-2021 Harvey Newstrom Contact Site
Last updated Wednesday August 11, 2021
Privacy No Data Retention No Third-Party Share No Ad Share No Disclosure