Summary
Overview
Work History
Education
Skills
Personal Information
Timeline
Generic

Steven Jackson

Hayward,California

Summary

Accomplished Consultant drives organizational improvements through leveraging expertise in research and system enhancement. Well-versed in collaborating with employees and leaders to resolve control and procedural problems negatively affecting business operations. Dedicated to cost, process and resource optimization.

Overview

17
17
years of professional experience

Work History

Principal Consultant

First Information Technology Services
01.2023 - Current
  • Led FedRAMP Assessment team, overseeing pricing proposals, client and government agency engagement, and project schedule and deliverable coordination.
  • Managed FedRAMP assessments to ensure compliance of SaaS, PaaS, and IaaS platform security requirements with U.S. standards.
  • Reviewed disaster recovery and incident response plans, identifying and ensuring appropriate continuity of operations requirements that support data backup and restoration.
  • Developed and documented audit preparation and artifact collection processes for MS Exchange Online/Substrate Platform Model D service teams.

Senior Consultant/FedRAMP Audit Lead Consultant

First Information Technology Services
01.2021 - 01.2023
  • Led FedRAMP Assessment team in absence of Director, actively participating in pricing proposals, engaging clients and government agencies to address project schedules and deliverables.
  • Manage FedRAMP assessments of SaaS, PaaS, and IaaS platform security requirements, ensuring implementation in compliance with U.S. laws, industry regulations, standards, and frameworks.
  • Perform reviews of disaster recovery and incident response plans, ensuring identification of appropriate disaster recovery and continuity of operations requirements that support data backup and restoration.
  • Developed and documented MS Exchange Online/Substrate Platform Model D service teams’ audit preparation and artifact collection processes.

Contractor – Senior Risk and Compliance Analyst (PG&E)

Swoon Staffing
01.2020 - 01.2021
  • Led information system assessments ensuring appropriate security controls are implemented in accordance with regulatory requirements and frameworks (NERC, NIST 800-53).
  • Collaborated with Gas and Electrical departments stakeholders to develop system security and disaster recovery plans to support organizational and industry regulations requirements.
  • Developed security assessments and gap analysis reports identifying security control weakness.
  • Investigated allegations to check validity and recommend actions to minimize risk.

Contractor - Governance Risk & Compliance (GRC) Manager (BetterUp)

People 2.0
01.2019 - 01.2020
  • Developed and implemented security policies, procedures, and standards in compliance with industry standards, laws, and regulations aligning with organizational cybersecurity processes.
  • Implemented third-party cloud services procurement process that addressed information security requirements and supply chain risks.
  • Created the security training and awareness program utilizing KnowB4 and Litmos Learning Management System (LMS) to ensure compliance with industry standards and frameworks.

Contractor - Senior Cybersecurity Solution Analyst (PG&E)

Insight Global, LLC.
01.2018 - 01.2019
  • Managed Operational Technology (OT) system assessments requiring project plan development, review of system security categorization, security plans, and business impact analysis (BIA) plans
  • Corresponded with Gas and Electric stakeholders presenting status on identified security risks remediation activities timelines
  • Developed OT training materials and related communication resources needed for new team members to successfully perform assigned assessment duties.

Senior Cybersecurity Audit Support/Solutions Engineer 6

Deloitte
01.2017 - 01.2018
  • Managed the coordination of Program Offices (PO’s) ISSO’s of remediation efforts assuring monitoring, detection, corrective actions, and procedures are standardized and implemented.
  • Informed PO’s leadership on the development, dissemination, and remediation efforts of their mission action plan’s (MAP’s).
  • Participated in documenting all PO’s systems security implementation, operations, and maintenance plans and update as necessary.

Sr. Software Engineer/Programmer Analyst 4

Western Digital Corporation
01.2007 - 01.2016
  • Led automation developer in the Chemical Mechanical Polishing (CMP) and Veeco Ion Beam Deposition (VIBD) wafer processing areas.
  • Enhanced on time delivery of software systems through developing project integration definitions, coordinating internal resources, and collaboration with external vendors.
  • Implemented software security standards in the software development life cycle (SDLC), which reduced the number of misuse incidents and vulnerabilities in software systems.

Education

Massachusetts Institute of Technology

Skills

  • Risk Management: NIST, FIPS, SOC, NERC, HIPPA, ISO
  • Laws: FISMA, FedRAMP, GDPR, CCPA
  • Cloud Services: AWS, Azure, Google Cloud, Oracle Cloud, Salesforce
  • Cloud Automation: Terraforms, Puppet
  • Scripting: Python, Powershell, JavaScript
  • Database: Oracle Cloud, Oracle, MS SQL Server
  • Authentication Security: Okta, Active Directory, SSL/TLS, SSH, Data Encryption
  • Vulnerability Management: Tenable Nessus, Tripwire IP360
  • SEIM: Splunk, QRadar
  • Project Coordination
  • Strategic Development
  • Technology Implementation
  • Program Coordination
  • Technical Integration

Personal Information

Title: CISSP, CCSP

Timeline

Principal Consultant

First Information Technology Services
01.2023 - Current

Senior Consultant/FedRAMP Audit Lead Consultant

First Information Technology Services
01.2021 - 01.2023

Contractor – Senior Risk and Compliance Analyst (PG&E)

Swoon Staffing
01.2020 - 01.2021

Contractor - Governance Risk & Compliance (GRC) Manager (BetterUp)

People 2.0
01.2019 - 01.2020

Contractor - Senior Cybersecurity Solution Analyst (PG&E)

Insight Global, LLC.
01.2018 - 01.2019

Senior Cybersecurity Audit Support/Solutions Engineer 6

Deloitte
01.2017 - 01.2018

Sr. Software Engineer/Programmer Analyst 4

Western Digital Corporation
01.2007 - 01.2016

Massachusetts Institute of Technology

Similar Profiles

  • Karl D. Nichols

    Karl D. NicholsKarl D. Nichols

    Penetration Tester at First Information Technology ServicesPenetration Tester at First Information Technology Services

    View Profile
  • Daniel Nader

    Daniel NaderDaniel Nader

    Senior Technology Consulting Specialist at King Abdullah University of Science & Technology (KAUST), Information Technology Services DepartmentSenior Technology Consulting Specialist at King Abdullah University of Science & Technology (KAUST), Information Technology Services Department

    View Profile
  • Anchit Kaulgud

    Anchit KaulgudAnchit Kaulgud

    Student Tech Support Analyst at University of Massachusetts Lowell Information Technology ServicesStudent Tech Support Analyst at University of Massachusetts Lowell Information Technology Services

    View Profile
Steven Jackson