AMANDEEP SINGH
Silver Spring,MD
Summary
Results-driven Cybersecurity Manager with proven expertise in multitasking and time management. Recognized for high productivity in threat modeling, risk management, incident response, and network security. Strong leadership and communication skills enhance team performance and strengthen cybersecurity measures.
Overview
8
8
years of professional experience
1
1
Certification
Work History
Senior Manager Product Security
Capital One
05.2024 - Current
- Led the security strategy for Capital One’s primary customer platforms (Web and Mobile), protecting services utilized by over 100 million customers.
- Directed comprehensive security lifecycle—integrating CI/CD, enhancing vulnerability management, and automating bug tracking.
- Spearheaded secure integration of backend systems for Capital One and Discover mobile apps during M&A, reducing attack surface.
- Designed and implemented AI Security Framework adopted by over 2,000 security professionals for standardized assessments.
- Onboarded and secured critical enterprise platforms through thorough threat assessments and robust technical controls.
- Defined security architecture and policy for Chatbot and Live Agent Chat initiative, ensuring best practices for 10 million customers.
- Directed development of security frameworks like GraphQL Security Framework to enhance application security consistency.
- Conducted proactive threat modeling in SDLC to identify risks early, minimizing production vulnerabilities.
- Mentored over 20 junior staff members in the organization's business processes, customer service standards, and quality assurance protocols.
Cybersecurity Director
Maryland State Government
Silver Spring, MD
01.2024 - 05.2024
- Spearheaded Maryland's cybersecurity oversight initiative for 60+ regulated utility companies, enforcing Zero Trust Architecture adoption statewide.
- Evaluated utilities against NIST Cybersecurity Framework and CISA Performance Goals, delivering actionable improvement plans to minimize sector-wide risk.
- Designed and implemented a new Incident Management Program, establishing standardized response procedures for enhanced resilience.
- Advised Maryland PSC leadership on cybersecurity strategy and policy recommendations, influencing regulatory approaches for critical infrastructure protection.
- Engaged in state-level information-sharing networks to enhance threat situational awareness and develop mitigation strategies against advanced threats.
- Fostered collaboration among state agencies, utilities, and federal partners to align cybersecurity practices with national security objectives.
Security Architect
Marriott International
03.2023 - 12.2023
- Acted as key stakeholder in Enterprise Security Architecture Reviews, ensuring adherence to secure-by-design principles.
- Reviewed over 20 platform-level architecture designs, identifying redundancies and saving $300K in managed security service costs.
- Collaborated with partners including Akamai and Shape Security to enhance feedback loops and refine security rulesets.
- Directed product management for Enterprise Password Management and Secure Browser implementations, achieving $85.7K in subscription cost savings.
- Led Anti-Phishing FIDO 2-based IAM architecture to strengthen security infrastructure.
Governance, Risk, and Compliance Manager
Peraton
08.2022 - 03.2023
- Successfully assessed two High, one Medium, and two Low security category System Security Plans, securing Authorization to Operate from the Authorizing Official.
- Led migration from NIST 800-53 Revision 4 to Revision 5, overseeing a team of five Security Engineers and three ISSOs for compliant control updates.
- Conducted comprehensive security posture assessments at New Mexico and Goddard Space Centers, identifying gaps and achieving $129.7K in cost savings by optimizing licenses.
- Performed in-depth threat modeling, enhancing security assessment score from 69.3 to 90.3, reflecting a 21-point improvement in risk posture.
Senior Cybersecurity Incident Handler Lead
US Army Regional Cybersecurity Center
09.2021 - 07.2022
- Led team of Incident Handlers to enhance incident containment, triage, and rapid response strategies.
- Collaborated with Threat Hunting Department to assess and secure environments at over 50 OCONUS bases.
- Reviewed and refined continuous feedback loop between firewall rules and ArcSight SIEM for improved detection.
- Designed and delivered training programs for new hires, ensuring consistent onboarding and skill development.
Information Security Engineer
Directviz Solution
San Jose, CA
05.2017 - 08.2019
- Led development and review of disaster recovery and incident management plans, ensuring data replication and business continuity for critical customers like JetBlue Airlines.
- Conducted threat modeling and vulnerability mapping to prioritize risks and enhance security measures.
- Maintained effective mitigation strategies using SIEM and Splunk dashboards.
- Utilized CISCO and Juniper firewalls to strengthen network security against potential threats.
Education
Chief Technology Officer Certificate -
The Wharton School, University of Pennsylvania
Philadelphia, PA01.2024
Chief Information Security Officer Certificate -
Carnegie Mellon University
PA01.2024
Risk Management for Corporate Leaders -
Harvard Business of School
MA01.2023
MBA Information Technology Management -
Western Governors University
Utah01.2023
Master's - Cybersecurity and Information Assurance
Western Governors University
Salt Lake City, UT01.2021
Skills
- Project management and operations
- Stakeholder engagement and collaboration
- Security architecture and data privacy
- Team building and employee training
- Risk assessment and management
- Data analysis and business performance
- Budget administration and financial oversight
- Conflict resolution and incident management
- Disaster recovery and continuity planning
- Identity management (IAM) and policy development
Accomplishments
- Received two NASA Quarterly Performance Awards, each valued at $3,800, for exceptional contributions to cybersecurity initiatives and consistent delivery of high-impact results.
Certification
- CISSP
- CMMC Certified Professional
- Financial Planning and Analysis
- CISM
- PMP
- AWS Security Specialist
- Google GCP Security Professional
- OSCP
- EC-Council Certified Incident Handler
- ITIL Foundation
References
References available upon request.
Timeline
Senior Manager Product Security
Capital One
05.2024 - Current
Cybersecurity Director
Maryland State Government
01.2024 - 05.2024
Security Architect
Marriott International
03.2023 - 12.2023
Governance, Risk, and Compliance Manager
Peraton
08.2022 - 03.2023
Senior Cybersecurity Incident Handler Lead
US Army Regional Cybersecurity Center
09.2021 - 07.2022
Information Security Engineer
Directviz Solution
05.2017 - 08.2019
Chief Technology Officer Certificate -
The Wharton School, University of Pennsylvania
Chief Information Security Officer Certificate -
Carnegie Mellon University
Risk Management for Corporate Leaders -
Harvard Business of School
MBA Information Technology Management -
Western Governors University
Master's - Cybersecurity and Information Assurance
Western Governors University
Similar Profiles
Jesus CastilloJesus Castillo
Senior Risk Coordinator - Collections at Capital OneSenior Risk Coordinator - Collections at Capital One
Saleh AlkhouliSaleh Alkhouli
Principle Coordinator / Fraud Investigator at Capital OnePrinciple Coordinator / Fraud Investigator at Capital One
EDDIE FEATHEREDDIE FEATHER
Software Engineering Manager at Capital OneSoftware Engineering Manager at Capital One
Jakyla PaytonJakyla Payton
Customer Service Representative at Capital OneCustomer Service Representative at Capital One
Alvin BeltranAlvin Beltran
Personal Banker at PNC BankPersonal Banker at PNC Bank