Andrew Escobedo
Summary
Driven Information Security professional with six years of experience as a lead Information Systems Technician in the US Navy, specializing in technical service government contracts. Proven track record in building high-performing teams and exceeding organizational goals while providing expertise in Security Compliance, including ATOs within FedRAMP. Currently serving as Defense and Intel BISO and Senior Security Engineer, effectively managing a portfolio of over 200 projects to enhance project delivery and mitigate enterprise risk. Core competencies include risk management, technical operations, and team leadership.
Overview
12
12
years of professional experience
1
1
Certification
Work History
Security Delivery Manager
Accenture Federal Services
09.2022 - Current
- A Security Delivery Manager of the Program/Project Management Business Unit that is responsible for the vision and direction of the Secure Cloud Practice helping ISVs achieve FedRAMP authorization and the Defense Industrial Base navigate business support system transformation to meet CMMC compliance.
- Advise ISVs on FedRAMP Authorization for SaaS based solutions
- Guide Government Contractors through business support systems and development environments for CMMC Compliance.
- Lead program management for an ISV FedRAMP moderate authorization of a multi cloud SaaS based solution. Advised client on security architecture solutions and cloud-based policies to met FedRAMP contract requirements.
- Handles day-to-day operations from financials, Agile project management, customer relations and leading a team of security engineers and SMEs to accomplish the clients vision through value delivery.
Vice President of Space Programs
Cyber Defense Technologies, CDT
Dulles, VA
10.2021 - 09.2022
- Responsible for executing the CEO's vision for the company's Space Program Portfolio, including business development, process maturation, and financial growth by providing executive oversight of Business Operations within the portfolio
- This includes Contracts, Finance, Human Resources, Technical Management, and overall Strategic Growth Initiatives by serving as the link between technical engineers and business-minded operations while providing our customers the utmost satisfaction
- CDT provides cybersecurity engineer services to DARPA, Air Force, Intelligence Agencies, and Space Force
- Develops strong relationships with all levels of client leadership, becoming the trusted single point of contact with client stakeholders for all technology initiatives and communications
- Identifies and mitigates risk to program and project schedules, budgets, deliverables, and operations, communicating them effectively with the customer
- Develops and implements foundational processes for business operations across the organization, optimizing them to boost efficiency to keep operations scalable and agile for changing customer demands
- Trains, coaches, mentors staff to ensure the needs of our customers are met
- Work closely with outside contractors on joint projects to ensure compliance, deliverables, and project schedule stay on track with our customers' needs
- Sourced, negotiated, and hired engineers to staff our Space Program portfolio based on the dynamic needs of the program with constrained hiring budgets
- Responsible for leading a team of engineers to deliver the first contractor-built data center to Space Force to facilitate industry-based rocket launches
- Analyze metrics and outcomes from strategic initiatives at weekly, monthly, and quarterly intervals to ensure the outlined approach meets targets.
Program Manager/Lead Security Engineer
09.2020 - 10.2021
- Responsible for leading a team of engineers to implement multiple highly complex data centers supporting a United States Space Force program
- Responsible for coordinating the design, implementation, and delivery of a cloud infrastructure that meets compliance with DoD Standards
- Oversaw the day-to-day operations of the build of the data centers, coordinating with multiple organizations and critical stakeholders with over 100 personnel involved
- Developed and implemented a security strategy and framework comprising integrated elements of NIST Risk Management Frameworks, CNSS 1253, and classified overlays
- Established policies and procedures for system administrators to maintain the network and data centers' confidentiality, integrity, and availability during incident response, disaster recovery, and business continuity operations
- Collaborated with key stakeholders to meet project schedule requirements and business objectives and facilitate strategic efforts to deliver the project under budget and on time.
Senior Information Systems Security Officer
One Network Enterprises
Dallas, TX
09.2019 - 09.2020
- Responsible for obtaining and maintaining certifications such as ISO/IEC 27001, NIST, DFARS, and GDPR
- Delivers policy, guidance and ensures compliance for an Information Security Management System (ISMS) with users in five continents as the lead Information Systems Security Officer (ISSO), reporting directly to the Chief Information Security Officer (CISO)
- Oversees a security budget and manages a security staff to ensure the highest level of information security for an ISMS and connecting data centers
- Develops and implements an enterprise security strategy and framework that consists of integrated elements of ISO/IEC 27001/27002 and NIST Risk Management Frameworks
- Collaborates with internal departments and business units to establish and accomplish standard information technology and security objectives while also meeting the needs of a fast-paced and dynamic business strategy and goals
- Leads the security program for all government contracts, working with external security staff from all branches of the DoD to ensure that all security needs such as vulnerability management, secure development of applications, and incident response capabilities are met and maintained.
Information Systems Security Engineer / Site-Lead
Cyber Defense Technologies, CDT
Westford, MA
12.2016 - 09.2019
- Provides security consulting for a top defense contractor
- Provides input, guidance, implementation, and ensures compliance for a SIPRNet network, an Air Force Research Lab classified test network and serves as an Information Systems Security Officer for a JWICS IS
- Ensures compliance on all servers, workstations, routers, and equipment per Security Technical Implementation Guides and other DoD standards
- Leads the implementation of Risk Management Framework on multiple ISs by writing policy packages, implementing physical and logical controls, and ultimately obtaining Authority to Operate (ATOs) for all systems onsite
- Provides guidance to the ISSM and Program Managers on all security-related issues and RMF processes, demonstrating the ability to influence security stakeholders while driving focus on strategic mission and business objectives
- Responsible for project deliverables, including security reports, project schedules, and timelines for all government customers and security stakeholders
- Coordinated between remote sites to build a JWICS IS from the ground up, starting with design, authorization, and implementation
- Fine-tune procedures and common practices to make a more efficient network, often going outside the job role to ensure that the users get the support they need to fulfill their job requirements while maintaining the most secure environment possible
- Oversaw and implemented a Windows 10 upgrade on the SIPR circuit per USCYBERCOM TASKORDs and DoD directives
- Serves as the ACAS and HBSS SME onsite, providing robust vulnerability management and configuring a secure, functional environment for 50+ users
- Implemented and maintained a PKI Infrastructure to include establishing Trusted Agents onsite and configuring a robust smart card login configuration for multiple systems.
Technician / Lead Systems Administrator
US Navy, 767 USS Hampton
San Diego, CA
06.2013 - 12.2016
- Performed duties as IT support leader for all information systems on board the USS Hampton
- Supported systems include NIAPS, Compose 4.0, and NTCSS (Linux) system suites, including management of 25 servers and 60 workstations on both classified and unclassified systems
- Installed, configured, and managed servers, workstations, and network equipment
- Created and implemented incident response and disaster recovery procedures, IAVA patch installs, Anti-viruses, SCCVI scans, and a PKI infrastructure for the ship
- Supervised, instructed, and qualified over 20 military peers in network computer systems security, server administration, network management, and incident response capabilities
- Played a vital role in rebuilding and managing the shipboard network through incident response and disaster recovery capabilities, resulting in winning numerous Naval awards such as the Battle "E" and Navigation "N" for special LAN operations
- Authored 20 Standard Operating Procedures and Incident Response procedures to increase junior associates' performance within the LAN Division
- Corrected over 1,000 deficiencies with servers and workstations while on board, resulting in USS Hampton maintaining the highest operational tempo in the Pacific Fleet
- Served as the Repair Parts Petty Officer and Work Center Supervisor, leading in the repairs of over $400,000 of equipment, an unprecedented LAN expansion throughout the ship, and overseeing all maintenance conducted on LAN systems
- Led a successful and seamless LAN migration from the ship to an onshore site during an engineering overhaul for the USS Hampton.
Education
Master of Business Administration -
Texas A&M University
College Station, TX05-2022
BS - Information Technology
University of Massachusetts
Lowell, MA05-2020
Skills
- FedRAMP Architecture and Compliance
- NIST compliance framework
- Technical Leadership
- Program/Project Management
- Security Engineering
- Customer Relations
- Management and Cybersecurity Consulting
Certification
- ISC2: Certified Information Systems Security Professional (CISSP), 2018 (Credential #595109)
- ISACA: Certified Information Systems Auditor (CISA), 2023 (Credential #232167512)
Timeline
Security Delivery Manager
Accenture Federal Services
09.2022 - Current
Vice President of Space Programs
Cyber Defense Technologies, CDT
10.2021 - 09.2022
Program Manager/Lead Security Engineer
09.2020 - 10.2021
Senior Information Systems Security Officer
One Network Enterprises
09.2019 - 09.2020
Information Systems Security Engineer / Site-Lead
Cyber Defense Technologies, CDT
12.2016 - 09.2019
Technician / Lead Systems Administrator
US Navy, 767 USS Hampton
06.2013 - 12.2016
Master of Business Administration -
Texas A&M University
BS - Information Technology
University of Massachusetts