Jason Soni
Security Solutions Consultant
Austin,TX
Summary
Results-driven professional with proven client relationship management and consultative problem-solving skills with a successful track record of identifying client needs, developing tailored solutions, and effectively communicating complex technical concepts to stakeholders at all levels.
Overview
9
9
years of professional experience
Work History
Cybersecurity Managing Consultant
Guidehouse
Austin, TX
02.2023 - Current
- Partnered with security, identity, and platform stakeholders to design Zero Trust and IAM solutions across enterprise cloud environments.
- Led technical discovery and strategy workshops with engineering and executive teams to define identity and access modernization roadmaps.
- Translate Zero Trust guidance into outcome-driven security programs focused on risk reduction and operational efficiency.
- Present security metrics and operational dashboards for executive leadership to prioritize vulnerability remediation and risk reduction.
- Drive alignment between technical teams and business leadership on risk, governance, and compliance initiatives.
- Align security architecture and controls with evolving enterprise risk posture and audit readiness.
- Orchestrated responses to several cyber and ICAM RFPs, securing $10M+ multi-year engagements against Big 4 competitors.
IP Digital Security Lead
Meta (Formerly Facebook)
Austin, TX
06.2022 - 12.2022
- Led product security risk assessments for digital products pre-launch, partnering with engineering, legal, and compliance teams.
- Conducted cross-functional discovery sessions with legal, compliance, and engineering stakeholders to identify risk and governance requirements.
- Designed and implemented security controls for IP classification and data protection.
- Influenced security policies and standards to align with fast-moving product development cycles.
Senior Consultant
Guidehouse (Formerly PwC)
Washington, D.C.
04.2019 - 06.2022
- Delivered executive cyber risk scorecards to CIO/CISO leadership for a $500M+ IT portfolio, informing strategic investment decisions.
- Directed cyber defense and IAM security initiatives within the modernization efforts of the identity management solution, ensuring protection of sensitive data and user credentials, reducing identity risk, and supporting Zero Trust adoption.
- Developed and presented risk posture, threat intelligence, and remediation strategies to senior leadership.
- Supported NIST-aligned policy development and RMF control implementations across enterprise systems.
- Developed innovative solution designs for 10+ RFIs/RFPs annually, contributing to $6M in new business pipeline for large federal government agencies.
Senior Cyber Risk Analyst
Deloitte - Risk and Financial Advisory
Falls Church, VA
02.2018 - 03.2019
- Assessed and hardened information systems in alignment with FISMA, RMF (NIST 800-53), and DHA policies to ensure secure operational environments and acceptable risk levels.
- Utilized security tools including ACAS, HBSS, Splunk, and STIGs to continuously assess vulnerabilities, monitor threats, and support compliance across federal systems.
- Led vulnerability prioritization and POA&M development, enabling risk-aligned remediation strategies and reducing exposure to cyber threats.
- Coordinated full lifecycle of cyber risk activities, including vulnerability assessments, incident simulations (tabletops), and ATO readiness under RMF.
- Continuous assessment of security controls to ensure compliance with Defense Information Security Agency (DISA) Security Technical Implementation Guides (STIGs).
System Analyst
D.C. Government – Office of the Chief Technology Officer
Washington, D.C.
05.2017 - 02.2018
- Supported large-scale cloud migration of 30,000+ users to Microsoft Exchange Online and Office 365, enabling improved security, availability, and mobile access.
- Provided operational support for enterprise-wide endpoint systems ensuring secure and consistent configurations across public sector environments.
- Deployed and maintained Microsoft Azure and ADFS services to support cloud identity and secure authentication infrastructure.
- Implemented mobile device management (MDM) tools to secure endpoints, enforce compliance policies, and improve incident response capabilities.
Systems Administrator
CRISP Health
Columbia, MD
09.2016 - 05.2017
- Delivered tier 1–2 support for Microsoft Server environments, Active Directory, and O365, helping to maintain secure, high-availability operations.
- Administered and secured Active Directory services, supporting user authentication, policy enforcement, and role-based access controls.
- Authored security-focused SOPs for enterprise tool usage (AD, O365, Salesforce), ensuring consistency, compliance, and operational efficiency.
- Supported core network infrastructure (firewalls, LAN/WAN), aiding in perimeter defense and endpoint monitoring initiatives.
Education
B.A. - Management Information Systems
University of Maryland, Baltimore County (UMBC)
Skills
- Client Engagement
- Account Management
- Cyber Governance, Risk, & Compliance
- Identity & Access Management (IAM)
- Cyber Risk & Threat Assessments
- Business Development
Timeline
Cybersecurity Managing Consultant
Guidehouse
02.2023 - Current
IP Digital Security Lead
Meta (Formerly Facebook)
06.2022 - 12.2022
Senior Consultant
Guidehouse (Formerly PwC)
04.2019 - 06.2022
Senior Cyber Risk Analyst
Deloitte - Risk and Financial Advisory
02.2018 - 03.2019
System Analyst
D.C. Government – Office of the Chief Technology Officer
05.2017 - 02.2018
Systems Administrator
CRISP Health
09.2016 - 05.2017
B.A. - Management Information Systems
University of Maryland, Baltimore County (UMBC)