Summary
Overview
Work History
Education
Skills
Certification
Timeline
Professional Development & Continuing Education
Generic
Christopher Banes

Christopher Banes

Coral Springs,FL

Summary

Strategic and results-driven Cybersecurity Leader with over 10 years of experience in information technology, cybersecurity, governance, risk, and compliance (GRC), including progressive leadership managing teams and cross-functional initiatives. Proven expertise in developing enterprise-wide security programs, leading incident response, and ensuring compliance with key regulations including NIST, ISO 27001, PCI-DSS, HIPAA, GDPR, and SOX. Adept at aligning cybersecurity strategy with business objectives, managing third-party risk, and enhancing organizational resilience through robust policy development, continuous monitoring, and comprehensive training. Seeking to apply leadership skills to protect critical aviation infrastructure as an Aviation Cybersecurity Officer.

Overview

10
10
years of professional experience
1
1
Certification

Work History

Governance, Risk and Compliance (GRC) Analyst

Miami Children's Initiative
07.2022 - 05.2024
  • Led and supervised cross-functional teams comprising IT, legal, operations, and external auditors to develop and maintain the organization's cybersecurity policy framework, creating and updating over 10 policies, standards, and procedures annually aligned with NIST, ISO 27001, HIPAA, and PCI-DSS.
  • Directed the third-party risk management program, managing a team of analysts and coordinating with vendors to conduct comprehensive risk assessments for 10+ new vendors annually, evaluating SOC 2, HITRUST, and ISO reports.
  • Orchestrated regular compliance audits and control assessments, assigning tasks to team members, reviewing work, and using tools like Splunk to ensure adherence to PCI-DSS, HIPAA, and NIST frameworks.
  • Chaired and managed cross-functional initiatives, overseeing teams across IT, security, and business units to design and implement enhanced risk management frameworks, resulting in a 25% improvement in alignment with NIST SP 800 series and a 30% reduction in incident response times.
  • Oversaw the implementation and monitoring of security controls, managing the use of GRC platforms (RSA Archer, ServiceNow) to track incidents, manage risk, and ensure 95% adherence to security KPIs and SLAs.
  • Spearheaded the cybersecurity awareness and training program, managing a team of training coordinators and content developers to create role-based materials and deploy phishing simulations that increased employee threat recognition by 40%.
  • Developed and documented Business Impact Analyses (BIA) and updated Disaster Recovery plans; led tabletop exercises and incident response drills, supervising cross-departmental participants to achieve a 30% improvement in plan resilience and reduce critical system Recovery Time Objectives (RTO) by 4 hours.
  • Conducted weekly team meetings, assigned tasks, tracked progress, and reported directly to executive leadership on security program status.

Compliance Analyst

Miami Children's Initiative
05.2020 - 07.2022
  • Managed the end-to-end SOC 2 Type II audit process, supervising a team of internal stakeholders and coordinating with external auditors to collect evidence, remediate findings, and achieve approximately 80% compliance with no major findings.
  • Collaborated with the cybersecurity team to leverage Splunk for threat intelligence; led initiatives that enhanced incident response capabilities and vendor risk management processes, directing the work of junior analysts.
  • Developed and socialized risk management frameworks aligned with SOX, GDPR, and PCI-DSS; guided cross-departmental teams in adopting these frameworks, strengthening governance and increasing regulatory adherence by 15%.
  • Supported the development and enforcement of security policies based on NIST and ISO 27001; led training sessions and mentored staff to foster a culture of security awareness across departments.
  • Assumed team leadership responsibilities during the absence of senior management, coordinating daily operations and ensuring continuity of compliance activities.
  • Supervised two compliance interns and reviewed their work products before submission to external auditors.

Information Security Analyst

Broward County Public Schools
07.2018 - 04.2020
  • Executed 15+ IT control risk assessments and audits aligned with NIST and HIPAA frameworks; led validation efforts across management, operational, and technical controls, coordinating with 20+ system owners.
  • Conducted walkthrough, test plans, and gap analyses across 8 distinct system environments; managed remediation efforts that resolved 95% of identified risks within required timeframes.
  • Performed IT General Controls (ITGC) testing across change management, operations, and logical security; mentored 3 junior analysts on audit procedures and control testing.
  • Served as the lead analyst for 5 major audit workstreams, delegating tasks to a team of 4 and ensuring 100% on-time completion of deliverables.
  • Supervised 2–3 temporary audit staff per audit cycle and coordinated with external auditors to achieve zero major findings across all compliance reviews.

Associate Director of Technology

International Education Corporation
02.2016 - 06.2018
  • Managed and supervised a team of IT professionals, including system administrators, help desk staff, and network technicians, supporting 350+ desktops and 600+ user accounts across multiple locations.
  • Led company-wide technology strategy and standards development, aligning IT initiatives with long-term business goals and overseeing the full lifecycle of hardware, software, and security tools.
  • Directed strategic improvements to Disaster Recovery (DR) and Business Continuity (BC) plans; supervised the implementation team, increasing resilience by 30% and enhancing operational efficiency.
  • Secured virtual environments during the rapid shift to remote work; managed the deployment of security controls for collaboration tools like Microsoft Teams and underlying network protocols.
  • Conducted regular performance reviews, mentored staff, and coordinated cross-departmental projects, ensuring IT deliverables were met on time and within budget.
  • Served as the primary liaison between the technology department and executive leadership, presenting risk assessments, project updates, and resource requirements to senior management

IT Manager

FastTrain College
01.2014 - 01.2016

Note: Institution closed due to loss of federal loan funding

  • Managed and supervised a team of 5 IT staff, including help desk technicians and system administrators, supporting 200+ faculty, staff, and students across the campus.
  • Led technology operations, security controls, and compliance efforts aligned with institutional policies and industry best practices, achieving zero security-related audit findings during tenure.
  • Directed user access management, password policies, and basic security hygiene across all 200+ user accounts, reducing unauthorized access incidents by 35% .
  • Supervised incident response for 50+ security-related tickets annually, including malware outbreaks and unauthorized access attempts, with average resolution time under 4 hours.
  • Managed vendor relationships for 8+ software, hardware, and security vendors, including contract oversight and performance reviews, saving approximately 15% on annual licensing costs.
  • Conducted weekly team meetings, assigned tasks, tracked project progress, and reported directly to college leadership on 10+ major IT initiatives.
  • Developed and enforced technology standards for 150+ end-user devices, network access, and data protection, achieving 99% compliance with institutional policies.
  • Led the implementation of security awareness training for all 200+ faculty and staff, reducing password-related help desk tickets by 40% within six months.

Education

Master of Information Technology - IT Network Security

American Intercontinental University
Weston, FL

Bachelor of Science - Computer Information Systems

Bethune-Cookman University
Daytona Beach, FL

Skills

  • Cybersecurity Leadership & Team Management
  • Governance, Risk & Compliance (GRC)
  • Incident Response & CIRT Oversight
  • Business Continuity & Disaster Recovery (BC/DR)
  • Cybersecurity Awareness & Training Programs
  • Regulatory Compliance (HIPAA, GDPR, PCI-DSS, SOX)
  • NIST CSF, SP 800-53, SP 800-37
  • Third-Party & Supply Chain Risk Management
  • Security Policy Development & Socialization
  • Stakeholder Engagement & Executive Communication
  • IT & Operational Technology (OT) Auditing
  • Project & Program Management

Certification

  • ISACA CISA | Certified Information Systems Auditor
  • ISC2 CC | Cybersecurity Certification
  • CompTIA Security+ | Security Professional
  • CompTIA CySA+ | Cybersecurity Analyst+
  • CompTIA Network+ | Network Professional
  • GRC Mastery Course Certificate
  • NIST 800-53 Course Certificate
  • Qualys Vulnerability Management, Detection, and Response (VDMR) Training
  • HIPAA Training

Timeline

Governance, Risk and Compliance (GRC) Analyst

Miami Children's Initiative
07.2022 - 05.2024

Compliance Analyst

Miami Children's Initiative
05.2020 - 07.2022

Information Security Analyst

Broward County Public Schools
07.2018 - 04.2020

Associate Director of Technology

International Education Corporation
02.2016 - 06.2018

IT Manager

FastTrain College
01.2014 - 01.2016

Master of Information Technology - IT Network Security

American Intercontinental University

Bachelor of Science - Computer Information Systems

Bethune-Cookman University

Professional Development & Continuing Education

(May 2024 – Present)

  • Dedicated period to intensive certification achievement and skill advancement in Cybersecurity, Governance, Risk, and Compliance (GRC).
  • Certifications Earned: Successfully obtained CompTIA Security+ (April 2024), CompTIA CySA+ (May 2024), ISC2 Certified in Cybersecurity (CC) (August 2024), and ISACA Certified Information Systems Auditor (CISA) (Completed), collectively establishing expertise in security analytics, auditing, and governance.
  • Focused Coursework: Completed the GRC Mastery certification course (Sept – Oct 2024) and a comprehensive IT Auditing and GRC certificate program (May – June 2025).
  • Additional Training: Self-paced TechEd Academy curriculum covering IT General Controls (ITGC), IT Application Controls (ITAC), Third-Party Risk Assessment/Management (TPRA/TPRM), IT Governance, and IT Security Audits.