Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Arthur Baylor

Waldorf

Summary

Information Technology, Information Assurance & Security Systems Professional with more than 20 years of experience. Proven management skills with the ability to organize and lead small to large projects, while improving team efforts and positively motivating individuals and teams to produce value for the organization. Expert in risk management, Assessment & Authorization, interpreting and implementing NIST SP 800-Series guidance, Federal Information Processing Standards (FIPS), Presidential directives, and OMB circulars. Possesses adept interpersonal, oral, and written communication skills with stakeholders at all levels of any organization. Adaptable and able to quickly learn and master any new skills not already proficient. Develops and promulgates short and long-term plans, policies, programs, procedures, and implementing guidance affecting IT equipment, software, personnel, and systems during every phase of development.

Overview

14
14
years of professional experience
1
1
Certification

Work History

Supervisory IT Specialist (INFOSEC) Chief Information Security Officer, Chief of Information Assurance Branch/Bureau Chief Privacy Officer

National Telecommunications and Information Administration
07.2022 - Current
  • Promotes vision and leadership for enterprise-wide business technology cybersecurity initiatives (e.g., Zero Trust Architecture, Secure Cloud, Multi-factor Authentication, Supply Chain Risk Management etc.)
  • Reports directly to the CIO; provides guidance/recommendations based on analyses of security control assessments, compliance/vulnerability scans, penetration tests, security incidents, policy/procedure change, and other related risk activity results
  • Directs enterprise cybersecurity governance structure, policies, processes, and metrics
  • Coordinates establishing, implementing, monitoring and enforcing information security standard and policies in response to Presidential Executive Orders, OMB guidance, CISA directives, legislative, and Departmental compliance requirements
  • Ensures that the stakeholder security requirements, necessary to protect the organization’s mission and business processes are adequately addressed in all aspects of enterprise architecture
  • Oversees the daily operations and activities of the agency-wide cybersecurity and information security program
  • Administers the Enterprise Information Security Assurance Branch by providing leadership to the Information System Security Officers, the Security Control Assessors, the Information Assurance Governance Team, and acts as as the initial contact for internal/external audits
  • Heads the effort to migrate on-premise systems to cloud system
  • Ensuring that systems leverage the FedRAMP process
  • Conducts the implementation for the Bureau’s privacy program/security awareness training/CUI training
  • Articulates security and/or privacy compliance, risk management, security operations, and communicates complex technical issues and solutions to technical and non-technical stakeholders, peers and all levels of leadership
  • Significant Achievements:
  • Spearheaded an interagency negotiation to obtain Penetration Testing services for High Value Assets (HVA) and public facing systems
  • Implemented strategies to streamline/simplify the POA&M management process reducing POA&M numbers by 45%
  • Facilitated communication between interagency groups that led to the expansion of Microsoft Teams as a communication platform across agencies
  • Transformed cybersecurity program from a traditional authorization process to an ongoing authorization process
  • Revamped an Information Security Continuous Monitoring (ISCM) Plan that includes bi-monthly manual assessments, continuous vulnerability/compliance scans as well as the Penetration Testing of HVA and publicly facing systems

Adjunct Associate Professor

University Of Maryland Global Campus
12.2010 - Current
  • Conducts online/ face-to-face instructions, lectures and training regarding IT security related concepts and practices
  • Utilizes different methodologies to help students improve on performance-focused assignments
  • Evaluates student’s overall understanding/comprehension of the fundamental concepts of computer security and its implementation
  • Encourages an environment/forum that allows students to discuss IT related concepts in regards to real world implementations

Supervisory IT Specialist (INFOSEC) Chief of Cybersecurity Assurance Branch

US Census Bureau
02.2017 - 07.2022
  • As the Chief of the Cybersecurity Assurance Branch, I served as Program Manager responsible for overseeing the management and deployment of cybersecurity governance, risk, and compliance (GRC) services for all FISMA reportable, executive level IT portfolios hosting over 200 systems/subsystems
  • Program oversight included the supervision of Information system security officers (ISSOs) and Information system security managers (ISSM)/Portfolio Managers–both federal employees and contractors
  • Daily duties and responsibilities included:
  • Collaborated in the development of agency-wide security compliance and system assessment and authorization programs for both on-prem and cloud systems
  • Supervised ISSOs in the integration of the Enterprise System Development Life-Cycle process into all phases of Risk Management Framework (RMF) projects
  • Participated in monthly division budget meetings to help determine and track the allocation of funding
  • Refined ongoing role-based training to educate business owners, information system owners, security points of contact, technical personnel, and other stakeholders on information security responsibilities and processes
  • Directed the implementation of higher-level security requirements such as those resulting from laws, regulations, or Presidential directives
  • Integrates security programs across disciplines
  • Executed, implemented, and communicated IT security strategies that delivered metrics and intelligence needed for senior program managers (e.g., System Owners (SO), Authorization Officials (AO), Chief Information Officer (CIO)), the Chief Information Security Officer (CISO), the Deputy Chief Information Security Officer (DCISO) and Division Chief for the Bureau’s Office of Information Security (OIS) to make informed risk-based decisions
  • Authored and maintained information security policies, standards, and procedures for the enterprise that comply with federal statutes and regulations; to ensure that information systems were reliable and accessible and prevented and defended against unauthorized access to systems, networks, and data
  • Performed duties as the most senior expert and consultant for strategic enterprise project teams, supported efforts to anticipate, identify, evaluate, minimize and/or mitigate risks associated with IT system vulnerabilities
  • Ensured that security assessments of information systems were completed and that selected security controls were implemented in accordance with applicable laws, policies, and standards
  • This included securing and authorizing cloud services (e.g., Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS) offerings using FedRAMP
  • Liaised with internal and external senior agency leaders to plan, develop, and coordinate agency level cybersecurity or information security programs and strategies
  • Distributed expert guidance during internal and external IT audits and conducted reviews and analyses of IT audit findings and recommendations (e.g., FISMA, Financial, GAO, OMB A-123) facilitated the development of POA&Ms that successfully remediated findings
  • Leveraged automated tools to streamline assessment and authorization management and documentation (SSPs, SARs, POA&Ms) activities to ensure compliance with FISMA and Federal and agency-level policies
  • Acted as task manager and contracting officer representative for ISSO support contracts/contractors
  • Participated in the weekly review of the allocation of the budget
  • Significant Achievements:
  • Oversaw the consolidation of FISMA reportable boundaries into enterprise boundaries, resulting in an overall enterprise footprint reduction of 75%
  • This initiative significantly reduced costs and resources needed to manage, implement, and assess security controls by maximizing the effectiveness of common control providers
  • This further allowed for the reassignment of limited critical resources to address the most critical/high risks to the enterprise
  • Initiated the implementation of the redesign of the Cybersecurity Assurance Branch which allowed the Information System Security Managers to be aligned to Directorate Authorization Boundaries where they lead security teams providing support
  • Despite a 15% reduction in ISSO resources, I adeptly employed limited personnel resources to sustain the on-time delivery of cybersecurity projects and Assessment & Authorization (A&A) activities

IT Specialist (INFO SEC), ISSO

US Census Bureau
11.2013 - 12.2017
  • Directed all of the IT security activities associated throughout the Systems Development Lifecycle (SDLC) within the Risk Management Framework (RMF) process for over 30 Demographic Directorate Information systems
  • Acted as the Branch Chief of the Information System Security (ISSO) Staff in various capacities during absences, leave, and upon request
  • As principal advisor for the Demographic Directorate established relationship with businesses and customers, interpreted and applied standards, policies, best practices and analyzed threats and vulnerabilities, and designed system security strategy and architecture
  • Advised and worked with other program area leaders and stakeholders throughout the Demographic Directorate to leverage innovative and contemporary approaches to IT security and develop new methods and systems for delivering a more secure environment and appropriately managing risk
  • Led the development, tracking, updating and remediation of Plan of Action and Milestones (POA&M)
  • Collaborated on the overall development of policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, network and data
  • Ensured IT projects met the minimum-security posture required under FISMA and that all projects were incorporated into the Census Bureau Risk Management Framework (RMF), particularly the risk profile and assessment were completed at the appropriate level for all proposed projects
  • Contributed to the annual development, update, and implementation of critical security documents to include: the System Security Plan, Incident Response Plans, Configuration Management, Account Management, Auditing Management and Risk Assessment Plans
  • Safeguard procedures for the protection of sensitive information with the development of Configuration Management procedures, IT Awareness training, and Rule of Behaviors for assigned personnel
  • Coordinated the collection of evidence/artifacts needed to answer Government Accountability Office (GAO), Department of Commerce (DOC), Bureau of the Census (BOC), or Office of the Inspector General (OIG) data calls
  • Guided the development of long-range plans for IT security systems that anticipated, identified, evaluated, mitigated and minimized risks associated with IT systems violations
  • Ensured the establishment, implementation, and interpretation of the requirements for compliance with high-level policy directives and/or executive orders governing infrastructure protection

Senior Information Security Specialist (Policy)

CSSS.NET
01.2012 - 11.2013
  • Reviewed and interpreted Federal and Departmental guidelines, regulations, directives, policies and other regulatory guidance governing IT program operations to determine the intent of the guidelines and impact on the Internal Revenue Service procedures and policies
  • Provided policy guidance and compliance oversight for the Internal Revenue Service policies and initiatives, Office of Management and Budget (OMB) Memorandums, National Institute of Standards and Technology (NIST) Special Publications, E-Government Act of 2002, Federal Information Security Management Act (FISMA)
  • Developed and maintained security policies, controls and their compliance
  • Acquired expertise in security-related technologies, trends, issues, and solutions
  • Contributed the IRS in its compliance with relevant information technology laws and policies
  • Authored IT security training lessons and study guides
  • Conducted research of various IT related technologies and methodologies

Education

Some College (No Degree) - Project Management Master's Certificate

George Washington University
Washington, DC

MBA - Information Systems Management

Southeastern University
Washington, DC

Bachelor of Science - Computer Information Systems

Strayer University (College)
Washington, DC
12.1993

Skills

  • Certified Information Systems Security Professional
  • Certified Chief Information Security Officer
  • Certificate of Cloud Security Knowledge
  • Proficiency with applying project management concepts and methodology
  • Mastery understanding in implementing cybersecurity best practices, secure configuration benchmarks and developing secure configuration baselines
  • Expert in the interpretation and implementation of NIST 800 Series Publications, Federal Information Processing Standards, Executive Orders, presidential directives, and OMB circulars
  • Deep knowledge of Information assurance, Assessment and Authorization and Risk Management
  • Proven written communication abilities
  • Competency with performing vulnerability, compliance and asset scans
  • Adeptness with performing vulnerability and risk assessments
  • Aptitude with analyzing audit logs and scan results

Certification

  • Certified Chief Information Security Officer (CCISO)
  • Certificate of Cloud Security Knowledge (CCSK)
  • Certified System Security Professional (CISSP)
  • CompTIA Security+ ID u5

Timeline

Supervisory IT Specialist (INFOSEC) Chief Information Security Officer, Chief of Information Assurance Branch/Bureau Chief Privacy Officer

National Telecommunications and Information Administration
07.2022 - Current

Supervisory IT Specialist (INFOSEC) Chief of Cybersecurity Assurance Branch

US Census Bureau
02.2017 - 07.2022

IT Specialist (INFO SEC), ISSO

US Census Bureau
11.2013 - 12.2017

Senior Information Security Specialist (Policy)

CSSS.NET
01.2012 - 11.2013

Adjunct Associate Professor

University Of Maryland Global Campus
12.2010 - Current

MBA - Information Systems Management

Southeastern University

Bachelor of Science - Computer Information Systems

Strayer University (College)

Some College (No Degree) - Project Management Master's Certificate

George Washington University

Similar Profiles

  • Larry M Chadwick

    Larry M ChadwickLarry M Chadwick

    Federal Program Officer for South Carolina: Broadband, Equity, Access, and Deployment (BEAD) Program and Digital Equity at National Telecommunications and Information Administration, United States Department of CommerceFederal Program Officer for South Carolina: Broadband, Equity, Access, and Deployment (BEAD) Program and Digital Equity at National Telecommunications and Information Administration, United States Department of Commerce

    View Profile
  • S M Rafaet Hossain

    S M Rafaet HossainS M Rafaet Hossain

    IT Skill Consultant LEDP at Ministry of Posts Telecommunications and Information TechnologyIT Skill Consultant LEDP at Ministry of Posts Telecommunications and Information Technology

    View Profile
  • Haya Abu Shamsieh

    Haya Abu ShamsiehHaya Abu Shamsieh

    Content Editor at Ghayat for Information Technology and TelecommunicationsContent Editor at Ghayat for Information Technology and Telecommunications

    View Profile
Arthur Baylor