Summary
Overview
Work History
Education
Skills
Websites
Certification
Timeline
Generic
Alex Nieves

Alex Nieves

Haymarket,United States

Summary

Currently the Senior Manager of the Global Certifications team driving federal certifications at Palo Alto Networks. Leads a team of 4 directs to serve all of PANW products as they pursue and maintain FedRAMP and DoD authorizations.10 years experience working in Federal compliance and a wealth of expertise in both advisory and consultant work. Expertise in advising and assessing CSPs in Federal IT compliance. Long track record of implementing security controls and assessing compliance across multiple infrastructures to include Azure, AWS and GCP.

Overview

11
11
years of professional experience
1
1
Certification

Work History

Senior Manager of Global Certifications

Palo Alto Networks
05.2025 - Current
  • Successfully guided PANW's largest FedRAMP environment (20+ services) to a FedRAMP High Authorization
  • Maintaining PANW’s FedRAMP Moderate, DoD IL5, PBMM and CMMC certifications
  • Serves as the ISSO for all FedRAMP and DoD compliance matters for PANW
  • Managing 4 direct reports as the lead for the FedRAMP and DoD group within our Global Compliance team
  • Works directly with cross-functional teams across InfoSec, IT, Product, Development and SOC
  • Serves as the primary point of contact for 3PAOs to ensure compliance with FedRAMP requirements
  • Oversees the development and maintenance of all required documentation for PANW FedRAMP and DoD certifications
  • Provides regular status updates on the FedRAMP certification process to relevant stakeholders
  • Assists with the development and implementation of security controls to ensure compliance with FedRAMP requirements
  • Responsible for the successful completion of FedRAMP, DoD, StateRAMP, CMMC and PBMM audits and assessments
  • Ensures that PANW maintains its FedRAMP certifications by meeting all ongoing compliance requirements
  • Conducted performance evaluations, compensations and hiring to maintain appropriate staffing requirements

Manager of Global Certifications

Palo Alto Networks
10.2022 - 05.2025
  • Successfully guided PANW's largest FedRAMP environment (20+ services) to a FedRAMP High Authorization
  • Maintaining PANW’s FedRAMP Moderate, DoD IL5, PBMM and CMMC certifications
  • Serves as the ISSO for all FedRAMP and DoD compliance matters for PANW
  • Managing 4 direct reports as the lead for the FedRAMP and DoD group within our Global Compliance team
  • Works directly with cross-functional teams across InfoSec, IT, Product, Development and SOC
  • Serves as the primary point of contact for 3PAOs to ensure compliance with FedRAMP requirements
  • Oversees the development and maintenance of all required documentation for PANW FedRAMP and DoD certifications
  • Provides regular status updates on the FedRAMP certification process to relevant stakeholders
  • Assists with the development and implementation of security controls to ensure compliance with FedRAMP requirements
  • Responsible for the successful completion of FedRAMP, DoD, StateRAMP, CMMC and PBMM audits and assessments
  • Ensures that PANW maintains its FedRAMP certifications by meeting all ongoing compliance requirements

Board Member

CSP-AB
04.2025 - Current
  • The Cloud Service Providers – Advisory Board (CSP-AB) is a trade association representing the world’s premier cloud companies in order to advance policies and standards that empower secure, scalable, and impactful cloud adoption across the public and private sectors.

FedRAMP Compliance Specialist

Cisco
06.2021 - 10.2022
  • Supports the Global Cloud Certification team with global regulatory cloud certifications as well as annual renewals for Cisco cloud offering certifications.
  • Additionally, provides technical guidance on the implementation and documentation of the cloud certification requirements, ensuring each certification is compliant with relevant regulatory and certification security requirements with a focus on FedRAMP environments.
  • Partners with business units to remove impediments beyond/outside of business units that jeopardize securing or retaining a cloud certification.

Senior Manager

Coalfire
01.2021 - 06.2021
  • Specialized in advising service providers in the Security and Privacy Controls for Federal Information Systems and Organizations.
  • Creation, maintenance, validation, and exercise of the following: System Security Plan(s) Security and Privacy policies and procedures Contingency and Incident response planning and testing Vulnerability management Access and Identity management
  • Perform lead and oversight responsibilities for a variety of advisory clients and deliver final FedRAMP packages on time
  • Meet 1 on 1 with direct reports to discuss goals and priorities, as well as assist in training new personnel
  • Balance multiple clients simultaneously and maintain strong relationships with CSPs

Senior Consultant

Coalfire
04.2020 - 01.2021
  • Lead IT system security consultation within cloud-based environments in accordance with NIST SP 800-53, 800-37, OMB, and other authoritative IT security guidance
  • Develop System Security Plans, Configuration Management, IT Contingency, and Incident Response Plans in accordance with NIST requirements
  • Prepare, review, and/or update, and maintain IT Security supporting artifacts
  • Provide IT security guidance to Information System Owners
  • Identifying information security problems and challenges, researching and developing technical solutions to rectify them

Consultant

Coalfire
05.2017 - 04.2020
  • Execute examine, interview, and test procedures in accordance with NIST SP800-53A Revision 4
  • Ensure cyber security policies are adhered to and that required controls are implemented
  • Validate respective information system security plans to ensure control requirements are met
  • Develop resultant SCA documentation, including but not limited to the Security Assessment Plan, Security Assessment Report, Security Requirements Traceability Matrix (SRTM)
  • Author recommendations associated with findings on how to improve the customer’s security posture in accordance with control requirements for various frameworks: i.e. FISMA, FedRAMP, DoD

Analyst

Veris Group, LLC
11.2016 - 05.2017
  • Execute, examine, interview, and test procedures in accordance with NIST SP 800-53A Revision 4
  • Ensure cyber security policies are adhered to and that required controls are implemented
  • Validate respective information system security plans to ensure NIST control requirements are met
  • Develop resultant SCA documentation, including but not limited to the Security Assessment Report
  • Author recommendations associated with findings on how to improve the customer’s security posture in accordance with NIST controls

Consultant

Deloitte
03.2016 - 11.2016
  • Served as a security analyst working directly with the Chief Information Security Officer for the security authorization of the client's system
  • Developed the System Security Plan, Security Assessment Reports, and Briefings for both major and minor applications
  • Delineated control implementation responsibility between the FedRAMP environment and the client
  • Documented controls implementation status in advance of the Security Controls Assessment
  • Supported the effort of developing the plan to follow the NIST SP 800-37 Risk Management Framework

Security Engineer

Advanced Threat Analysis Inc. (ATA)
10.2014 - 03.2016
  • Worked with IRS Affordable Care Act (ACA) Cybersecurity as a Security Engineer.
  • Played key role as Subject Matter Expert in ensuring that the security baseline met Cyber criteria
  • Ensured successful implementation of NIST 800-53 security controls for the Affordable Care Act (ACA) project
  • Conducted system security assessments based on NIST 800-53
  • Generated security documentation, including: security assessment reports, system security plans, contingency plans, and disaster recovery plans
  • Provided security support and evaluation to development teams in order to integrate information assurance/security throughout the System Development Life Cycle of major and minor application releases

Education

Bachelor's Degree - Business Administration and Management, General

Strayer University
Sterling, VA
01.2013

Skills

  • Business performance management
  • Reporting oversight
  • Budget oversight
  • Operations planning
  • Cross-functional communication
  • Cross-functional collaboration
  • Organizational improvement
  • Resource allocation

Certification

  • CCSK v4
  • ITIL v3

Timeline

Senior Manager of Global Certifications

Palo Alto Networks
05.2025 - Current

Board Member

CSP-AB
04.2025 - Current

Manager of Global Certifications

Palo Alto Networks
10.2022 - 05.2025

FedRAMP Compliance Specialist

Cisco
06.2021 - 10.2022

Senior Manager

Coalfire
01.2021 - 06.2021

Senior Consultant

Coalfire
04.2020 - 01.2021

Consultant

Coalfire
05.2017 - 04.2020

Analyst

Veris Group, LLC
11.2016 - 05.2017

Consultant

Deloitte
03.2016 - 11.2016

Security Engineer

Advanced Threat Analysis Inc. (ATA)
10.2014 - 03.2016

Bachelor's Degree - Business Administration and Management, General

Strayer University

Similar Profiles

  • Bonney Bhaik

    Bonney BhaikBonney Bhaik

    Customer Success Engineer at Palo Alto NetworksCustomer Success Engineer at Palo Alto Networks

  • Matthew Hewson

    Matthew HewsonMatthew Hewson

    Professional Services Associate at Palo Alto NetworksProfessional Services Associate at Palo Alto Networks

  • Lily Webb

    Lily WebbLily Webb

    Head of Human Resources at Protect AI, Inc. (Acquired by Palo Alto Networks)Head of Human Resources at Protect AI, Inc. (Acquired by Palo Alto Networks)

  • LILIAN SANG

    LILIAN SANGLILIAN SANG

    CMA at Centurion GroupCMA at Centurion Group

  • Rashmi Bairoliya

    Rashmi BairoliyaRashmi Bairoliya

    Strategic Initiatives Manager at Genesee Health SystemStrategic Initiatives Manager at Genesee Health System

CREATE PROFILE