BRIAN DERRICO

• Provides strategic cybersecurity consulting services for critical infrastructure clients.
• Specializes in regulatory compliance, risk assessments, and security architecture.
• Optimizes cybersecurity programs for efficiency and cost-effectiveness.

• Performing regulatory readiness assessments for nuclear licensee fleets on their compliance with 10CFR73.54
• Inspection various program elements for completeness and accuracy and evaluating sites implementation vs regulation
• While performing these assessments, also working back with client to identify not only deficiencies within their program but recommended actions to close these gaps

• Perform engagements with customers on the deployment of the Tenable.OT and Tenable.VM products
• Conduct pre-engagement calls with clients to cover expectations, and internal network architecture to determine the most efficient way to deploy the product to deliver maximum value for the client

• Leading the design and implementation of comprehensive cybersecurity strategies for 24 Small Modular Reactor (SMR) sites across Poland
• Collaborating with key stakeholders to deliver secure architecture solutions for business, cybersecurity, and operational technology (OT) systems
• Ensuring compliance with U.S
• NRC regulations as adopted by the Polish government, leveraging extensive experience in developing and applying industry standards such as NRC RG 5.71 and NEI 08-09
• Providing strategic guidance to safeguard critical infrastructure against evolving threats

Experienced leader managing a nationwide cybersecurity team for nuclear power plants, ensuring 24/7 operational support, regulatory compliance, and multi-million-dollar project execution.

• Cybersecurity Program Leadership: Led a high-performing cybersecurity team, improving efficiency, saving over $1M in operational costs, and automating regulatory processes to eliminate 2,000+ hours of manual work.

• Financial & Project Management: Managed $3.6M in budgets, delivering projects on time and under budget, returning $455K in savings.

• Regulatory Compliance & Audits: Successfully led NRC inspections across fleet with high praise from regulators

• Vulnerability & Risk Management: Centralized vulnerability management across the nuclear fleet, driving automation and securing high-priority assets.

• Supply Chain & Vendor Oversight: Ensured compliance with cybersecurity controls in procurement, working closely with vendors to resolve security issues.

• Mentorship & Agile Leadership: Coached cybersecurity specialists and championed Agile practices, reducing routine work by 600+ hours annually.

• Access Authorization & Compliance: Spearheaded digital access authorization initiatives, saving $150K annually per site, and presented compliance strategies at industry conferences.

• Efficiency and Automation: Developed suggestions for technical process improvements to optimize resources. Managed implementation of new technological improvements resulting in increased efficiency.

• Works actively with team members on assigned projects, including assuring fleet cybersecurity compliance to appropriate federal regulations (NIST 800-53 & 800-82; NERC/CIP; ISO27000)
• Led efforts to develop and implement a new cybersecurity program including policies and procedures, incident response, contingency planning, training and awareness, managing risk and compliance assessments
• Reviews financial statements and budgets in order to effectively choose technology solutions
• Works closely with vendors and other external partners to cut costs through new contracts and software roadmap planning