Summary
Overview
Work History
Education
Skills
Certification
Accomplishments
Timeline
Generic

Richard Lombardi

Ashburn ,VA

Summary

Information Security Governance Officer with 15+ years of experience leading enterprise-wide cybersecurity governance, risk, and compliance strategy. Skilled in developing and operationalizing governance frameworks, vulnerability management programs, and regulatory response structures. Proven ability to align security initiatives across all three lines of defense, and translate executive priorities into actionable plans. Trusted partner to C-suite leaders and boards, with strengths in policy design, audit readiness, and cross-functional program execution.

Overview

21
21
years of professional experience
1
1
Certification

Work History

Information Security Governance Officer

Federal Home Loan Bank – Office of Finance
Reston, VA
03.2023 - Current
  • Spearheaded the FHLBanks IT Governance Working Group, aligning cybersecurity oversight, policy execution, and regulatory strategy across 11 regional institutions.
  • Resolved a regulatory MRA by implementing baseline configuration governance across all critical systems, reducing enterprise risk exposure, and strengthening audit defensibility.
  • Trusted by C-suite and senior leaders as the de facto governance lead; serves as an escalation point for complex, cross-functional cybersecurity issues.
  • Established risk-tiered SLAs and KPIs for vulnerability remediation, improved patch timelines, asset protection, and executive risk visibility across critical infrastructure.
  • Led enterprise-wide tabletop simulations; revised CSIRP and DR playbooks, enhancing executive readiness, threat response, and organizational decision-making under pressure.
  • Mentored future leaders in executive presence and influence; built a culture of collaboration, accountability, and business-aligned cybersecurity engagement across teams.
  • Advised the CISO on governance risks, strategy, and modernization initiatives; influenced a cultural shift toward visibility, compliance, and proactive business alignment.

Department Head, Cybersecurity & Risk Training Pro

Information Warfare Training Group Pacific
San Diego, CA
02.2021 - 03.2023
  • Directed a 91-person cybersecurity, risk, and compliance team; led enterprise readiness assessments across infrastructure, cloud, network, and mission-critical systems.
  • Delivered 300+ certifications and evaluation events; improved operational risk visibility, audit preparedness, and secured compliance across 43 global business units.
  • Developed and implemented a Navy-wide cybersecurity readiness program for platform-unique systems, including SOPs, qualification standards, and audit toolkits; standardized enterprise training, and eliminated recurring compliance deficiencies.
  • Enhanced skill set of 130+ professionals in audit response, risk-based governance, and security assurance; advanced enterprise control maturity and cross-functional stakeholder collaboration.

Director of IT & Communications

SEAL Team SEVEN / Special Operations Task Force TH
Coronado, CA
01.2019 - 02.2021
  • Directed global IT operations, cybersecurity, and infrastructure for over 2,000 personnel across 10 international sites; ensured resilient, secure support in high-risk mission environments.
  • Managed a $155M portfolio of IT assets; optimized the lifecycle, consolidated procurement, and recovered over $7M through strategic cost-efficiency initiatives.
  • Deployed a multi-agency secure communications platform 18 months early and under budget; achieved ATO under NIST RMF with zero findings.
  • Executed real-time continuity and incident response during an active missile threat; restored secure communications and surveillance within 30 minutes.
  • Led secure technology integration across 200+ cross-functional operations, improved collaboration, real-time decision-making, and operational readiness in complex environments.

Director, Governance, Risk & Compliance – Cryptogr

U.S. Department of Defense – Africa & Middle East
Djibouti, Africa
11.2017 - 02.2019
  • Led enterprise GRC operations and internal audit for 25 business units and 5,000+ users across high-security environments, overseeing a 12-member team.
  • Oversaw lifecycle governance of encryption and key management systems across multinational infrastructure, guaranteeing secure communications in joint operations.
  • Executed 173 audits across 33 units, validated 6,000+ key exchanges, with 100% audit success and zero escalations.
  • Created risk dashboards and executive reports, accelerating resolution timelines and data-informed audit remediation.
  • Developed and implemented regional compliance training program, reducing average monthly non-reportable security violations from eight to zero, eliminating procedural inconsistencies and enhancing baseline security hygiene across all locations.
  • Redesigned encryption policies to align with NIST SP 800-57, CNSSI 4005, and DoD directives, which improved traceability and risk posture.

Chief of Operations, Electromagnetic Spectrum Stra

DISA Joint Spectrum Center
Annapolis, MD
05.2015 - 11.2017
  • Oversaw global spectrum operations and risk governance for the U.S. Combatant Commands support over 350,000 personnel across strategic and real-world missions.
  • Directed a multidisciplinary team driving enterprise spectrum risk mitigation, governance, and mission assurance.
  • Enabled uninterrupted spectrum access by deploying rapid-response teams for urgent tactical and strategic needs.
  • Aligned EMSO execution with DoD CIO policy and innovation goals, including 5G and secure SATCOM integration into JADC2 capabilities.
  • Represented DISA in national and international forums (FCC, NTIA, NATO), shaping global policy and interoperability strategy.

Director, Cybersecurity & IT Risk

Commander Destroyer Squadron 21
San Diego, CA
02.2012 - 06.2015
  • Managed cybersecurity governance and IT risk assurance across eight global enterprise sites with 83 cyber professionals and 7 senior leads.
  • Oversaw inspection and remediation lifecycle as Enterprise Information Assurance Manager (IAM); ensured continuous audit readiness under NIST and DoD frameworks.
  • Established and enhanced governance controls, compliance protocols, and training pipelines — elevating risk visibility and cyber resilience.
  • Managed secure key infrastructure and cryptographic access controls with 100% accountability and zero major findings across multiple audits.
  • Enhanced enterprise communication integrity and cybersecurity alignment across remote, high-impact operational environments.

Sr. Communications & Operations Chief

Joint Special Operations Command – Iraq & Af
Fort Bragg, NC
02.2005 - 12.2011
  • Led 75+ strategic events and briefings for senior leaders, including the U.S. President, Secretary of State, and foreign heads of state enabled real-time visibility and faster decision-making.
  • Led secure communications operations for three U.S. Flag officers and senior staff delivered uninterrupted C2 across 20+ high-risk missions in combat zones.
  • Managed $2.5M in secure equipment and systems; maintained full accountability, and ensured operational readiness across headquarters and remote sites.
  • Managed $55M in tactical C4ISR systems across 18 remote sites; ensured secure, resilient operations for 1,500 personnel in sustained combat conditions.
  • Ranked #4 of 84 senior enlisted in the Special Operations Task Force; recognized for extraordinary wartime performance and technical leadership under fire.

Education

Master of Arts - Master of Business Administration (Project Mgmt.)

Capella University
01-2015

Bachelor of Science - Information Technology Management

Excelsior College
01-2013

Skills

  • Integrity and accountability
  • Change leadership
  • Strategic thinking
  • Executive presence
  • Decision-making under pressure
  • Emotional intelligence
  • Operational execution
  • Collaborative influence
  • Resilience and adaptability
  • Talent development

Certification

Certified Information Security Manager

Certified Information Systems Auditor

Certified Risk Information Systems Control

Project Management Professional

PMI Risk Management Professional

Graduate Certificates & Executive Programs

Executive Certificate in Leadership & Management – University of Notre Dame

Master Certificate in Strategic Organizational Leadership – Villanova University

Master Certificate in Maximizing Team Effectiveness for IS/IT Project Management – Villanova University

Certificate in Finance for the Non-Financial Manager & Lean Enterprise Solutions – Villanova University

Accomplishments

  • Recipient of the USNI Copernicus Award (2014) for excellence innovation and leadership, recognized for advancing joint warfighting communications and information systems in support of Navy and DoD mission objectives.
  • Honored as United States Special Operations Command Communicator of the Year (2021) for exceptional leadership, technical proficiency, and mission-critical communications support in joint special operations environments.
  • Awarded the Bronze Star Medal (Baghdad, Iraq – 2008)
  • Active: Top Secret/SCI clearance with polygraph

Timeline

Information Security Governance Officer

Federal Home Loan Bank – Office of Finance
03.2023 - Current

Department Head, Cybersecurity & Risk Training Pro

Information Warfare Training Group Pacific
02.2021 - 03.2023

Director of IT & Communications

SEAL Team SEVEN / Special Operations Task Force TH
01.2019 - 02.2021

Director, Governance, Risk & Compliance – Cryptogr

U.S. Department of Defense – Africa & Middle East
11.2017 - 02.2019

Chief of Operations, Electromagnetic Spectrum Stra

DISA Joint Spectrum Center
05.2015 - 11.2017

Director, Cybersecurity & IT Risk

Commander Destroyer Squadron 21
02.2012 - 06.2015

Sr. Communications & Operations Chief

Joint Special Operations Command – Iraq & Af
02.2005 - 12.2011

Master of Arts - Master of Business Administration (Project Mgmt.)

Capella University

Bachelor of Science - Information Technology Management

Excelsior College

Similar Profiles

CREATE PROFILE