Summary
Overview
Work History
Education
Skills
Certification
Affiliations
Accomplishments
Work Availability
Clearance
Quote
Timeline
References
Clearance
Generic

Baylee Hanlon

Granger,Indiana

Summary

Motivational leader and organizational problem-solver with advanced supervisory, team building and customer service skills. Experience stepping into roles and quickly making positive changes to drive company success. Focused on using training, monitoring and morale-building techniques to maximize employee engagement and performance.

Overview

12
12
years of professional experience

Work History

Governance, Risk, Compliance Director / Vendor Management

Crowe LLP
04.2021 - Current
  • Developed specifications to ensure risk, compliance and assurance efforts conform with security requirements of Crowe LLP
  • Collaborate with leadership to identify top human information security risks to the organization and the behaviors that must change to mitigate those risks
  • Developed enterprise-wide cybersecurity awareness content, training schedules, and campaigns
  • Improve the maturity of the security training and awareness program, including managing communication plans, driving behavior/culture change, developing and reporting metrics
  • Developed and Implemented NIST CSF Frameworks across the organization to continue the maturity of the firm
  • Develop and Document Policies and Procedures to ensure compliance with local and Federal security controls
  • Support and Coordinate with Crowe Engineering and Operations to ensure Governance, Risk and Compliance is being adopted throughout the organizations
  • Communicate effectively with individuals across the organizations at all levels
  • Providing accurate and accountable support to all teams across the organization to ensure security controls and frameworks are being built into projects and programs
  • Draft, create, review, and implement cybersecurity policies and procedures resulting from compliance requirements that apply to Crowe’s current and future target markets
  • Applying and interpreting internal and external cybersecurity audit and compliance requirements to drive plans of action as needed
  • Support the field sales teams in matters of compliance questions as a subject matter expert both internally and externally
  • Working closely with Operations, Engineering, Sales, and senior executives while keeping abreast of regulatory developments within or outside of the company as well as evolving best practices in cybersecurity compliance control
  • Designing and coordinating the preparation and ongoing review of policies, procedures, training materials and other communication tools to ensure company meets compliance requirements
  • Coordinating cybersecurity regulatory exams and internal business unit audits, to include SOC2, GDPR audits, ISO 27000, PCI DSS, HIPAA, HITRUST
  • Provided leadership briefings that detailed compliance status and critical issues that might affect business
  • Interacting with external cybersecurity auditors on matters related to audits of the organization’s internal controls
  • Successfully implemented OneTrust vendor risk management tool, integrated with ServiceNow to enable better vendor tracking procedure and processes.

Cyber Warfare Operator

Michigan Air National Guard
Battle Creek, MI
01.2012 - Current
  • Helped to sustain network communication, administer accounts, configure accounts and passwords, and maintain system functionality, system-specific software, and workstation functionality
  • Conduct both offensive and defensive cyberspace operations
  • Protect cyberspace systems from adversarial access and attack
  • Unix- command line interface, system administration, account management, file sharing, VI Editor
  • Experience with COMSEC material/equipment
  • Coordinate with other operators performing weapons control, surveillance, and network activities
  • Led Air Force Penetration Testing operations
  • Log in Classified SCI media, control the incoming and outgoing media from each building
  • Produced ad hoc reports and documents for senior team members.

Information System Security/Cyber Awareness & Training Manager

BAE Systems
09.2019 - 04.2021
  • Ensured network, system and data availability and integrity through preventative maintenance and upgrades
  • Recommended network standards to upper-level management
  • Proposed technical feasibility solutions for new functional designs and suggested options for performance improvement of technical standards
  • Supporting the system/application authorization and accreditation (A&A) effort, to include assessing and guiding the quality and completeness of A&A activities, tasks and resulting artifacts mandated by governing DoD and AF policies (i.e., Risk Management Framework (RMF)
  • Performed Audit utilizing CMMC, NIST 800-171, 800-53, as well as developing a corporate standard
  • Lead the Phishing Awareness Program in the assessment of simulated phishing campaigns and executive communications
  • FIPS 199 Certification for encryption
  • Utilizing RSA Archer to manage organizational compliance
  • Recommending and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures
  • Assessing security events to determine impact and implementing corrective actions
  • Ensuring the rigorous application of information security/cybersecurity policies, principles, and practices in the delivery of all IT services.

Information System Security / Cyber Awareness & Training Manager

PCI Strategic Management
02.2019 - 09.2019
  • Supporting the system/application authorization and accreditation (A&A) effort, to include assessing and guiding the quality and completeness of A&A activities, tasks and resulting artifacts mandated by governing DoD and AF policies (i.e., Risk Management Framework (RMF)
  • Recommending policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data
  • Supporting AWS/GovCloud software development and system integration
  • Recommending and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures
  • Assessing security events to determine impact and implementing corrective actions
  • Ensuring the rigorous application of information security/cybersecurity policies, principles, and practices in the delivery of all IT services.

Information System Security Manager

University of Notre Dame
Notre Dame, IN
08.2018 - 02.2019
  • Supports multiple programs administering the Information Assurance duties as the Information Systems Security Manager (ISSM) for an information systems processing
  • Conduct technical and nontechnical reviews and audits as prescribed by the Information System Owner (IO)
  • Experience supporting various computer hardware platforms and multiple operating systems, both stand-alone and LAN/WAN configurations
  • IA Training and Awareness Incident response, investigation, and resolution Development, maintenance, and execution of effective, well written, and customer compliant IA policies and procedures Incident response, research, and resolution
  • Interpret information security and compliance/regulatory policies, standards, and requirements such as NIST 800-53, 800-171 CUI
  • As well as coordinating Accreditation standards with the Defense Security Service
  • Created and supported large scale Information Technology research operations for the Turbonetics Laboratory, as well as the Hypersonic Testing Facility.

Information System Security manager

Booz Allen hamilton
10.2017 - 08.2018
  • Performed the Certification and Accreditation (C&A) of the TS/SCI as well as SAP Defense Finance Accounting Services main operational accounting system using Xacta, as well as EMASS
  • Developed the Defense Finance Accounting Center's classified network cyber security program
  • Ensured network, system and data availability and integrity through preventative maintenance and upgrades
  • Recommended network standards to upper-level management
  • Proposed technical feasibility solutions for new functional designs and suggested options for performance improvement of technical standards
  • Supporting the system/application authorization and accreditation (A&A) effort, to include assessing and guiding the quality and completeness of A&A activities, tasks and resulting artifacts mandated by governing DoD and AF policies (i.e., Risk Management Framework (RMF)
  • Supports multiple programs administering the Information Assurance duties as the Information Systems Security Manager (ISSM) for information systems processing.

Information System Security Officer

Quantum Dynamics
03.2012 - 10.2017
  • Supports multiple TS/SCI programs administering the Information Assurance duties as the Information Systems Security Officer (ISSO) for information systems processing
  • Conduct technical and nontechnical reviews and audits as prescribed by the Information Systems Security Manager (ISSM)
  • Experience with national security information system-related security requirements
  • Interpersonal skills are necessary to deal courteously and effectively with a diverse group of individuals
  • Developing System Security Plans (SSPs) and all supporting certification and accreditation documentation
  • Supporting DCGS operations by reviewing security audits also archiving security audits Managing DCGS media control and reporting operations
  • Destroying classified hard drives in accordance with AFI 33-200
  • Risk Management Framework experience
  • Knowledge in UNIX, Linux, Solaris
  • Weekly Audit Review
  • Monthly Antivirus updates on over 20 DCGS systems
  • Verified data integrity and accuracy.

Education

Master of Science - Cyber Security Management

Purdue University
08.2019

Bachelor of Science - Information Assurance & Cyber Security

Purdue University
08.2018

Associates of Applied Science - Computer and Information Sciences

COMMUNITY COLLEGE OF THE AIR FORCE
01.2015

Skills

  • EMASS
  • XACTA
  • RSA Archer
  • OneTrust
  • PII/HIPPA
  • Windows Operating System
  • Risk Management
  • Regulatory Documentation
  • Audit Oversight
  • Document Reviews
  • Process Development
  • Project Management
  • Team Leadership
  • GDPR
  • Phishing Training
  • NERC-CIP
  • COBIT
  • Active Directory
  • Account Management
  • Interpersonal Skills
  • Client Support
  • Process Implementation
  • Customer Requirement Prioritization
  • Policies and Procedures
  • NIST 800-57, 800-171
  • ISO 27000 Series
  • RSA Archer
  • PCI DSS
  • Employee Cyber Awareness Training
  • HIPAA
  • CCPA

Certification

  • CompTIA Advanced Security Practitioner, CE
  • CompTIA Security +, CE
  • ITIL Foundations
  • CIW Site Development Associate
  • CIW Web Security Associate
  • CISM
  • Private Pilot’s License (PPL)

Affiliations

  • 4H Horse Club Leader
  • Baseball Coach 22' - Current

Accomplishments

  • Airmen Leadership School Distinguished Graduate
  • Non-comissioned Officer of the Year Award

Work Availability

monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse

Clearance

Cleared for Top Secret information and granted access to Sensitive Compartmental Information based on single scope background investigation, completed 8 October 2014

Quote

It is never too late to be what you might have been.
George Eliot

Timeline

Governance, Risk, Compliance Director / Vendor Management

Crowe LLP
04.2021 - Current

Information System Security/Cyber Awareness & Training Manager

BAE Systems
09.2019 - 04.2021

Information System Security / Cyber Awareness & Training Manager

PCI Strategic Management
02.2019 - 09.2019

Information System Security Manager

University of Notre Dame
08.2018 - 02.2019

Information System Security manager

Booz Allen hamilton
10.2017 - 08.2018

Information System Security Officer

Quantum Dynamics
03.2012 - 10.2017

Cyber Warfare Operator

Michigan Air National Guard
01.2012 - Current

Master of Science - Cyber Security Management

Purdue University

Bachelor of Science - Information Assurance & Cyber Security

Purdue University

Associates of Applied Science - Computer and Information Sciences

COMMUNITY COLLEGE OF THE AIR FORCE

References

References available upon request.

Clearance

Cleared for Top Secret information and granted access to Sensitive Compartmental Information based on single scope background investigation, completed 8 October 2014

Similar Profiles

CREATE PROFILE
Baylee Hanlon