Harvey Newstrom
Cybersecurity Architect
 (Download as docx doc pdf rtf txt)
Credly.com/users/Harvey-Newstrom
 in  LinkedIn.com/in/HarveyNewstrom
📧 mail@HarveyNewstrom.com
🔗 HarveyNewstrom.com
🌎 Melbourne, FL, USA
321-544-3642
🗓 5/1/2021

Objective

As co-author of NIST SP 800-53, 53A, and 53B, I leverage cybersecurity controls to protect, improve, automate, monitor and maintain enterprise operations.


Credentials
• ISC² Security Certifications:
   CISSP, ISSAP, ISSMP, CSSLP
• ISACA Audit Certifications:
   CISA, CISM, CRISC, CGEIT
• AWS Cloud Certifications:
   AWS-CCP, AWS-CSS
• DoD Cyber Certifications:
    IAT, IAM, CSSP, IASAE - I, II, III
• DoD Clearances:
   NAC, NACLC, SSBI, C, S, TS, SCI
• NIST Co-authorship:
   NIST 800-53, 800-53A, 800-53B
• Education:
   BPS-Business, AS-CompSci

Capabilities
• Roles:
   Architect, Auditor, Assessor, ISSM/O
• Tasks, Skills, Abilities:
   FISMA, NIST, RMF, Program, Policy,
   Procedures, Standards, Requirements,
   Compliance, C&A, A&A, Certification,
   Accreditation, Assessment, ATO,
   Authorization, POA&M, MOU/A, ISA
• Expertise:
   800-18 SSP; 800-34 CP; 800-61 IR;
   800-30, 800-37, 800-39 Risk;
   800-53, 800-53A, 800-53B Controls;
   800-171, 800-171A, 800-172 CUI;
   HB-162 DFARS, CMMC, CNSSI-1253

Clients
• Intel/Defense Agencies:
   DNI, CIA, DoE, SNL, DHS,
   DoJ, FBI, DoS, NSA, NRO,
   DoD, DARPA, DCMA, DISA
• Regulatory Agencies:
   OMB, GAO, GSA, NARA,
   NIST, SEC, DoT, FAA, EPA,
   FMCSA, USDA, USFS
• Audit Partners:
   Deloitte, Mandiant, KPMG,
   Ernst&Young, Fiderus, IBM
• Fortune 500:
   IBM, AT&T, Cisco, Leidos,
   Philips, ADP, JPMorgan

Experience
Senior Principal Security Architect, SAIC, McLean, MD (4/2004 – present)

• Lead NARA development of first unified security architecture for FISMA, DoD, Intel, record submitting agencies.
• Cited by OMB as best federal architecture, chosen for first ever PRISMA, requisitioned by NIST for standards.
• Supported NIST integration of my security controls into NIST SP 800-53, then 800-53A, eventually 800-53B.
• Lead NARA SecOps with policy, training, risk, monitoring, scans, incident, audit, SSP, C&A, POA&M, ATO.
• Lead NARA development of security templates and work products for use throughout system life cycles.
• Lead USFS, IRS, EPA, DCMO, DHS, others to duplicate NARA architecture, SecOps, templates, work products.
• Supported FAA, Treasury, NATO, DOI, LoC, DoJ, Senate, USPTO, Sandia Labs, SEC, Census FISMA and ATO.
• Lead GSA cyber monitoring, scans, incident response, audit, SSP, C&A, POA&M, ATO in Google Cloud.
• Lead FMCSA projects for standards library, SSP, requirements, STIGs, checklists, ARB, scrums, pilots, AWS tools.
• Supported FMCSA cyber monitoring, scan tuning, incident response, audit, C&A, POA&M, ATO, NIST expertise.

Principal Security Consultant, Newstaff, Melbourne, FL (8/2000 – 4/2004)

• Cofounded consulting firm, with clients IBM, Advantis, AT&T, Philips, Ryder, CGI, CHC, Fleming, K-mart.
• Helped IBM spin-off Fiderus establish is ethical hacker division, sign its first contract, and earn its first revenue.

Lead Security Consultant, IBM Security and Privacy Services, Orlando, FL (1/1995 – 8/2000)

• Contracted by IBM to investigate campus-wide system shutdowns, which I traced to NetBIOS design flaw.
• Contracted by IBM to prototype proof-of-concept for IBM Global Services’ Security and Privacy Consulting.
• Employed by IBM to develop intellectual capital, train consultants, became top earning consultant nationwide.
• Lead IBM consulting projects for Olympics, IBM internally, and dozens of Fortune 500 companies.

Lead Security Engineer, Harris Corporation, Palm Bay, FL (1/1985 – 12/1994)

• First Metronet ISSO, lead first corporate security program, lead beta test lab, helped develop security products.

 
https://HarveyNewstrom.com/newstrom/resume.html
© Copyright 2021 by Harvey Newstrom. All rights reserved.
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License
Creative Commons License
Last updated Saturday May 22, 2021
Contact Site Privacy Do Not Track Do Not Sell
No Spam No Retention No Third-Party No Ads No Disclosure