Harvey Newstrom
Cybersecurity Compliance
 (Download as docx doc pdf rtf txt)
Credly.com/users/Harvey-Newstrom
 in  LinkedIn.com/in/HarveyNewstrom
📧 mail@HarveyNewstrom.com
🔗 HarveyNewstrom.com
🌎 Melbourne, FL, USA
321-544-3642
🗓 6/28/2021

Credentials
• ISC² Security Certifications:
   CISSP, ISSAP, ISSMP, CSSLP
• ISACA Audit Certifications:
   CISA, CISM, CRISC, CGEIT
• AWS Cloud Certifications:
   AWS-CCP, AWS-CSS
• DoD Cyber Certifications:
    IAT, IAM, CSSP, IASAE - I, II, III
• DoD Clearances:
   NAC, NACLC, SSBI, C, S, TS, SCI
• NIST Co-authorship:
   NIST 800-53, 800-53A, 800-53B
• Education:
   BPS-Business, AS-CompSci

Capabilities
• Roles:
   Architect, Auditor, Assessor, ISSM/O
• Tasks, Skills, Abilities:
   FISMA, NIST, RMF, Program, Policy,
   Procedures, Standards, Requirements,
   Compliance, C&A, A&A, Certification,
   Accreditation, Assessment, ATO,
   Authorization, POA&M, MOU/A, ISA
• Expertise:
   800-18 SSP; 800-34 CP; 800-61 IR;
   800-30, 800-37, 800-39 Risk;
   800-53, 800-53A, 800-53B Controls;
   800-171, 800-171A, 800-172 CUI;
   HB-162 DFARS, CMMC, CNSSI-1253

Collaboration
• Regulatory Agencies:
   NIST, NARA, GSA, OMB
   GAO, SEC, DoT, FAA, EPA,
   FMCSA, USDA, USFS
• Intel/Defense Agencies:
   DNI, CIA, DoE, SNL, DHS,
   DoJ, FBI, DoS, NSA, NRO,
   DoD, DARPA, DCMA, DISA
• Audit Teams:
   Deloitte, Mandiant, KPMG,
   Ernst&Young, Fiderus,
   ADP, BankOfAm, IBM, EBS,
   JPMorgan, Credit-Suisse,
   FarmCredit, FirstAmBank

Experience
Security Compliance SME, IBM, Telework (7/2021 – present)

• Regulatory expert in FedRAMP/FISMA, SOC, HIPAA, PCI, NIST 800 series, ISO 27000 series, GDPR, etc.
• Developing cost-effective security program, standards, requirements, policies, processes, procedures, audits.
• Conducting regular audits on systems and host third-party audits for certifications and compliance certificates.
• Providing security information, reporting, marketing, problem solving, solution architecting, and training.
• Collaborating with security architects, technical teams, DevOps, auditors, and customers.

Senior Principal Security Architect, SAIC, Telework (4/2004 – 6/2021)

• Lead NARA development of first unified security architecture, cited as “best” federal architecture by OMB.
• Assisted NIST integrating my security architecture into NIST SP 800-53, then 800-53A, eventually 800-53B.
• Implemented security programs at USFS, IRS, EPA, DCMO, DHS, GSA, DOT, and other organizations.

Principal Security Consultant, Newstaff, Telework (8/2000 – 4/2004)

• Cofounded consulting firm, with clients IBM, Advantis, AT&T, Philips, Ryder, CGI, CHC, Fleming, K-mart.
• Helped IBM spin-off Fiderus establish is ethical hacker division, sign its first contract, and earn its first revenue.

Lead Security Consultant, IBM, Telework (1/1995 – 8/2000)

• Contracted by IBM to investigate campus-wide system shutdowns, which I traced to NetBIOS design flaw.
• Contracted by IBM to prototype proof-of-concept for IBM Global Services’ Security and Privacy Consulting.
• Employed by IBM to develop intellectual capital, train consultants, became top earning consultant nationwide.
• Lead IBM consulting projects for Olympics, IBM internally, and dozens of Fortune 500 companies.

Lead Security Engineer, Harris, Palm Bay, FL (1/1985 – 12/1994)

• First Metronet ISSO, lead first corporate security program, lead beta test lab, helped develop security products.

 
https://HarveyNewstrom.com/newstrom/resume.html
© Copyright 2021 by Harvey Newstrom. All rights reserved.
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License
Creative Commons License
Last updated Wednesday June 30, 2021
Contact Site Privacy Do Not Track Do Not Sell
No Spam No Retention No Third-Party No Ads No Disclosure