Summary
Overview
Work History
Education
Skills
Accomplishments
Certification
Languages
Timeline
Generic

FRANKY DATCHOUA

Washington,United States

Summary

Information Technology Specialists - Cybersecurity, Governance, Risk, and Compliance (GRC) professional with over 6+ years supporting enterprise cybersecurity programs across multiple federal agencies, including the U.S. Department of Commerce, Social Security Administration (SSA), Department of Transportation (DOT), and General Services Administration (GSA). Experienced in enterprise cybersecurity strategy, Zero Trust Architecture (ZTA), Continuous Diagnostics and Mitigation (CDM), Risk Management Framework (RMF), Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), Endpoint Detection and Response (EDR), vulnerability management, cybersecurity engineering, authorization packages, continuous monitoring, threat intelligence, and federal cybersecurity compliance, vulnerability management, threat intelligence, authorization packages, continuous monitoring, security engineering, and executive reporting. Recognized for collaborating with executive leadership, ISSMs, ISSOs, system owners, network engineers, cloud teams, and application teams to improve cybersecurity maturity and reduce enterprise risk.

Overview

1
1
Certification
3
3
years of professional experience

Work History

Enterprise Cybersecurity Program Manager

Department of Transportation (DOT)
01.2024
  • Conducted governance reviews, RMF documentation, risk assessments, remediation tracking, and cybersecurity engineering support.
  • Directed enterprise cybersecurity programs supporting federal mission objectives.
  • Developed agency-wide cybersecurity strategies, implementation plans, and governance frameworks.
  • Managed enterprise cybersecurity modernization initiatives across multiple organizations.
  • Led cross-functional teams responsible for cybersecurity engineering and operations.
  • Coordinated implementation of Continuous Diagnostics and Mitigation (CDM) capabilities.
  • Oversaw enterprise vulnerability management and risk remediation programs.
  • Established cybersecurity performance metrics and executive dashboards.
  • Managed cybersecurity budgets, schedules, risks, and program deliverables.
  • Coordinated executive briefings for CIO, CISO, and senior leadership.
  • Led cybersecurity policy development aligned with NIST RMF, CISA, and Executive Orders.
  • Integrated cybersecurity engineering efforts with enterprise architecture initiatives.
  • Directed continuous monitoring strategy and operational improvements.

Governance, Risk & Compliance Analyst

General Services Administration (GSA)
01.2023
  • Maintained SSPs, POA&Ms, supported audit readiness, vulnerability management, and federal compliance.
  • Designed enterprise cybersecurity architectures supporting federal security requirements.
  • Engineered enterprise SIEM, SOAR, EDR/XDR, and security analytics platforms.
  • Developed cybersecurity reference architectures supporting hybrid cloud environments.
  • Integrated enterprise identity, endpoint, network, cloud, and application security solutions.
  • Designed cybersecurity data pipelines supporting high-volume security telemetry.
  • Developed advanced threat detection use cases and behavioral analytics.
  • Integrated threat intelligence platforms with enterprise security operations.
  • Supported Zero Trust Architecture implementation across enterprise environments.
  • Developed technical security standards, engineering guidance, and architecture documentation.
  • Collaborated with system owners, engineers, and cybersecurity teams to implement secure enterprise solutions.
  • Improved enterprise visibility, detection capabilities, and cyber resilience.

Governance, Risk & Compliance (GRC) Analyst

U.S. Department of Commerce (DOC)
11.2025 - Current
  • Managed RMF lifecycle activities for mission systems.
  • Performed security control assessments supporting ATO decisions.
  • Produced executive compliance reports.
  • Supported Governance, Risk, and Compliance (GRC) initiatives across cybersecurity and regulatory compliance programs.
  • Conducted enterprise risk assessments, compliance reviews, and security control evaluations.
  • Performed control testing and gap assessments against NIST, ISO 27001, SOC 2, SOX, HIPAA, PCI DSS, FedRAMP, and CMMC requirements.
  • Supported internal and external audits through evidence collection, documentation review, and remediation tracking.
  • Developed and maintained policies, procedures, standards, System Security Plans (SSPs), and POA&Ms.
  • Managed vendor and third-party risk assessments and compliance reviews.
  • Collaborated with cross-functional stakeholders to strengthen security posture and reduce organizational risk.
  • Prepared compliance reports, risk metrics, and executive-level documentation.

Senior Cybersecurity Engineering Manager

Social Security Administration (SSA)
01.2024 - 02.2025
  • Managed RMF lifecycle activities for mission systems.
  • Performed security control assessments supporting ATO decisions.
  • Produced executive compliance reports.
  • Directed enterprise cybersecurity engineering programs supporting agency-wide security modernization initiatives.
  • Designed and implemented Zero Trust Architecture (ZTA) capabilities aligned with PILLARs, and NIST guidance.
  • Led engineering and deployment of SIEM, SOAR, EDR/XDR, Network Detection & Response (NDR), and threat intelligence platforms.
  • Developed cybersecurity engineering roadmaps supporting enterprise risk reduction.
  • Engineered scalable cybersecurity data architectures supporting enterprise telemetry ingestion and normalization.
  • Integrated cloud, endpoint, network, identity, vulnerability, and application security data into centralized security platforms.
  • Directed security automation initiatives reducing manual security operations.
  • Oversaw enterprise detection engineering and security analytics development.
  • Collaborated with executive leadership to prioritize cybersecurity investments.
  • Supported RMF, FISMA, Continuous Monitoring, and federal compliance initiatives.
  • Improved Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) through automated workflows.
  • Managed multidisciplinary cybersecurity engineering teams supporting enterprise operations.

Education

Master of Science - Information Technology

University of Maryland
01-2026

Bachelor of Science - Information Technology

University of Maryland Global Campus
01-2025

Associate Degree - Information Technology

Prince George's Community College
01-2020

Skills

  • Governance: Enterprise Cybersecurity Strategy, Governance, Risk & Compliance (GRC), Risk Management Framework (RMF)
  • Architecture: Zero Trust Architecture (ZTA), Enterprise Security Architecture, Cybersecurity Engineering
  • Operations: Security Operations (SOC), Security Information & Event Management (SIEM), Security Orchestration, Automation & Response (SOAR)
  • Platforms & Technologies: Splunk, Microsoft Sentinel, IBM QRadar
  • Governance: NIST SP 800-53, FISMA Compliance, Security Control Assessments, Authorization to Operate (ATO), Continuous Monitoring (ConMon), System Security Plans (SSPs), POA&M Management, Security Assessment Reports (SARs), Cyber Risk Assessments, Cybersecurity Policy & Compliance, Executive Risk Reporting, Federal Cybersecurity Compliance, Audit Readiness, Security Governance, Enterprise Risk Management
  • Architecture: Security Capability, Behavioral Analytics, Post-Quantum Cryptography, Enterprise Visibility Solutions, Shared Security Services, Amazon Virtual Private Cloud (VPC), AWS Web Application Firewall (WAF), AWS Shield for Distributed Denial of Service (DDoS), Data Encryption, Logging and Monitoring, AWS CloudTrail to log API calls and AWS Config to monitor resource configuration changes
  • Operations: Endpoint Detection & Response (EDR/XDR), Network Security Monitoring, Cloud infrastructures, Identity and Access Management (IAM), Vulnerability Management, Incident Detection & Response, Security Event Correlation, Detection Engineering, Detection Rule Development, Security Automation, Continuous Diagnostics & Mitigation (CDM), Threat Intelligence Integration, Mean Time to Detect (MTTD) Optimization, Mean Time to Respond (MTTR) Optimization, Security Analytics & Dashboards
  • Platforms & Technologies: ArcSight, CrowdStrike Falcon, Microsoft Defender for Endpoint, ManageEngine, SentinelOne, Tenablesc / Nessus, Qualys, Rapid7 InsightVM, Microsoft Azure, AWS, Google Cloud Platform (GCP), SIEM - SolarWinds, Threat Intelligence Platforms, Cloud Firewall, Data Lakes / Security Data Platforms
  • Process improvement
  • Problem-solving
  • Project management
  • Detail-oriented
  • Strategic planning
  • Team leadership and direction

Accomplishments

  • Used Microsoft Excel to develop inventory tracking spreadsheets.
  • Resolved product issue through consumer testing.
  • Collaborated with a team on 10 the development of Copilot AI.
  • Supervised team of 4 staff members.

Certification

  • Certified Information Systems Auditor (CISA)
  • Information Systems Security Manager (ISSM)
  • CompTIA Security+
  • Cisco CCNA

Languages

French
Full Professional

Timeline

Governance, Risk & Compliance (GRC) Analyst

U.S. Department of Commerce (DOC)
11.2025 - Current

Enterprise Cybersecurity Program Manager

Department of Transportation (DOT)
01.2024

Senior Cybersecurity Engineering Manager

Social Security Administration (SSA)
01.2024 - 02.2025

Governance, Risk & Compliance Analyst

General Services Administration (GSA)
01.2023

Associate Degree - Information Technology

Prince George's Community College

Bachelor of Science - Information Technology

University of Maryland Global Campus

Master of Science - Information Technology

University of Maryland