Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Darryl Danoo

Dallas,USA

Summary

Cybersecurity professional with strong expertise in identifying, assessing, and mitigating risks. Cloud security and AI Governance specialist. With over 3+ years’ experience in deploying and managing cloud native security platforms including security tools (WIZ) across multi cloud environments, Implementing AI governance frameworks, an aligning security operation with enterprise and compliance mandates. Proven track record of developing and implementing strategic security measures that safeguard organizational assets, managing secure AI and data environments, ensuring regulatory alignment (NIST AI RMF, ISO 42001, GDPR), and enabling secure cloud transformation. Adept at cross functional collaboration with engineering, security and compliance teams. Strong focus on team collaboration and driving results, adapting seamlessly to evolving challenges.

Overview

12
12
years of professional experience
1
1
Certification

Work History

Cyber Cloud and AI Risk Analyst

Kapitus
Arlington, VA
01.2024 - Current
  • Prepared detailed reports on findings from risk assessments, facilitating communication between technical and non-technical stakeholders.
  • Conduct AI/ML security risk assessments across models, data pipelines, APIs, and deployment environments.
  • Collaborated with AI/ML to establish AI governance frameworks, implementing NIST AI RMF and ISO/IEC 23894 controls.
  • Develop and advise on AI governance frameworks covering security, ethics, privacy, and compliance.
  • Assisted in end -end- deployment of Wiz security Platform across AWS and Azure environments, enhancing cloud visibility and reducing misconfigurations by 73%.
  • Contributed to Internal AI policy documentation addressing transparency and accountability for AI-driven recommendation engines.
  • Assisted in developing and automating policies to remediate workflows integrating Wiz with slack, Salesforce, Jira and Terraform pipelines.
  • Conducted internal workshops to align stakeholders on responsible AI principles and cloud security best practices.
  • Assist in establishing monitoring and detection capabilities for AI-related threats.
  • Developed and provided guidance regarding cybersecurity policies, standard operating procedures, and best practices for system development life cycle (SDLC), networking, and server management.

INFORMATION SECURITY CONSULTANT

VikingCloud
Chicago, IL
01.2022 - 01.2024
  • Communicate and enforce security policies, procedures, and safeguards for all systems and staff, based upon PCI DSS standards.
  • Contributed to internal AI policy documentation addressing fairness, transparency, and accountability for AI-driven recommendation engines.
  • Conduct AI/ML security risk assessments across models, data pipelines, APIs, and deployment environments.
  • Develop and advise on AI governance frameworks covering security, ethics, privacy, and compliance.
  • Work with Software engineers to develop and implement security requirements.
  • Work with the project team on implementing the defined policies within the PDCI DSS Compliance.
  • Creates-drafts, enhance, and adopt the information security policies and standards with the needs of business segments (NIST, PCI DSS, CIS Critical Security Controls).
  • Create a cross functional program around the NIST privacy framework.
  • Performs Audit and other related IT reviews (NIST, PCI DSS).
  • Analyze and advise on the risk and the remediation of security issues based on reports from vulnerability assessments scanners, patch management tools, and emerging threat information.

IT CLOUD SECURITY & Compliance ANALYST

Lynk Remote Technologies
San Diego, CA
04.2020 - 12.2021
  • Work with the project team on implementing the defined policies within the AWS (IAM) solutions cloud infrastructure.
  • Identifying and evaluating the risks during review and analysis of system development life cycle (SDLC), which includes the design, testing /QA and implementation of systems and upgrades.
  • Work with Software engineers to develop and implement security requirements.
  • Participate in development of roadmaps and participate in the standards process for AWS (IAM) solutions.
  • Maintain and Execute AWS Cloud Information security strategy to proactively identify risk and drive remediation.

INFORMATION SECURITY ANALYST/ AUDITOR

Yehowa Medical Services
Los Angeles, CA
08.2018 - 03.2020
  • Develop, review, and update Security Assessment Plan documentation using Federal Certification and Accreditation (C&A) processes.
  • Communicate and enforce security policies, procedures, and safeguards for all systems and staff, based upon NIST.
  • Perform HIPAA audits and other related IT reviews (NIST, PCI DSS) as prescribed in the annual plan.
  • Assisted project teams in the implementation of security measures to meet corporate security policies and external regulations (HIPAA, NIST).

INFORMATION SECURITY ANALYST

Cru Property Management
Costa Mesa, CA
06.2016 - 08.2018
  • Analyze and update Risk Assessment (RA), Privacy Impact Assessment (PIA), System Security Plan (SSP), System Security Test and Evaluation (ST&E) and the Plan of actions and Milestones (POA&M).
  • Develop information security risks and vulnerabilities assessments and applied security controls to assure confidentiality, integrity and availability of information systems and associated data to limit their impact on the information and information systems.
  • Conduct IT security controls risk assessment that includes reviewing organizational policies, standards and procedures and provide advice on their adequacy, accuracy and in compliance with the Payment Card Data Security Standard (PCI DSS).
  • Verify proper privacy complaints or program gaps requiring solutions.

INFORMATION SECURITY ANALYST

Nationwide Credit Corp
Alexandria, VA
02.2014 - 04.2016
  • Conducted IT controls risk assessments that included reviewing organizational policies, standards, procedures and guidelines.
  • Identify weakness in the internal controls and opportunities to enhance operational efficiencies.
  • Perform HIPAA audits and other related IT reviews (NIST, PCI DSS) as prescribed in the annual plan.
  • Maintained appropriate security documentation for applications and systems.

Education

Bachelor of Science - Information Technology

University of Maryland
College Park, MD
05.2013

Associate of Science - Computer and Information Systems

Montgomery College
Takoma Park, MD
12.2011

Skills

  • AI/ML Compliance management
  • Cloud Security Posture Management (CSPM)
  • Wiz Security Deployment & Administration
  • Multi Cloud environments (AWS, AZURE, GCP)
  • AI Governance Frameworks & Compliance (OECD, NIST AI RMF)
  • Privacy protection
  • Python
  • JSON
  • Java
  • JavaScript
  • C#
  • Cloud security
  • Incident response & Forensics
  • Risk assessment & Mitigation
  • Compliance monitoring
  • Software deployment
  • Programming languages
  • Cybersecurity frameworks

Certification

  • Certified Information Security Manager (CISM) - ISACA
  • CompTIA Security+ - CompTIA
  • Amazon Web Services (AWS) Certified Solutions Architect
  • Project Management Professional (PMP)
  • Microsoft Certified, Azure Security Engineer Associate - Microsoft
  • Certified Information Systems Auditor (CISA) - ISACA
  • Qualified Security Assessor (QSA) PCI SSC

Timeline

Cyber Cloud and AI Risk Analyst

Kapitus
01.2024 - Current

INFORMATION SECURITY CONSULTANT

VikingCloud
01.2022 - 01.2024

IT CLOUD SECURITY & Compliance ANALYST

Lynk Remote Technologies
04.2020 - 12.2021

INFORMATION SECURITY ANALYST/ AUDITOR

Yehowa Medical Services
08.2018 - 03.2020

INFORMATION SECURITY ANALYST

Cru Property Management
06.2016 - 08.2018

INFORMATION SECURITY ANALYST

Nationwide Credit Corp
02.2014 - 04.2016

Bachelor of Science - Information Technology

University of Maryland

Associate of Science - Computer and Information Systems

Montgomery College