Montie Brown
Davidson,NC
Summary
Cybersecurity Professional with extensive progressive experience developing and leading the implementation of enterprise-wide information security and cyber risk management strategies and frameworks for Government and Non-Government organizations. Displays a strong understanding of cybersecurity risk from a technical and business perspective. Experience with multiple cybersecurity frameworks including NIST CSF, NIST 800-53, NIST 800-171, and CMMC.
Overview
10
10
years of professional experience
1
1
Certification
Work History
US Cybersecurity Specialist
Oerlikon AM
02.2024 - Current
- Advise senior management in US and Europe on US cybersecurity policies and regulations affecting business operations for a global, multinational organization.
- Oversee planning and preparation for required assessment to meet Cybersecurity Maturity Model Certification (CMMC) Level 2 Certification.
- Manage the Plans of Action and Milestones (POA&Ms) to implement the required security practices to meet NIST 800-171 compliance.
- Develop and deliver cybersecurity awareness training to company employees.
- Coordinate responses to customer and regulatory agency cybersecurity questionnaires.
Information Systems Security Officer
Experis IT Services
05.2023 - 10.2023
- Supported the US Department of Energy
- Oversaw implementation of the NIST Risk Management Framework (RMF) and NIST Cybersecurity Framework (CSF) across varied programs
- Lead audit preparation and artifact collection to meet stringent government requirements; results ensured a robust and compliant cybersecurity environment.
- Collaborated with IT teams to integrate security best practices into system development and operations.
- Recommend improvements in security systems and procedures.
Lead Information Security Analyst
KForce Inc
11.2022 - 03.2023
- Contracted to deliver expert information security consultation for Wells Fargo, including compliance, policy, risk management, and remediation
- Collected and validated necessary evidence, directed risk assessments, and advised on effective remediation plans
- Influenced stakeholders on key decisions regarding assets and controls; subsequently enhanced risk awareness and implemented mitigating actions
- Consulted on complex security issues and findings; confirmed robust security measures were efficiently implemented.
Sr. Information Systems Security Officer
Kreative Technologies LLC
08.2021 - 09.2022
- Delivered crucial support to FEMA by managing Assessment and Authorization (A&A) efforts in adherence to NIST RMF procedures while ensuring compliance with the Federal Information Security Management Act (FISMA)
- Conducted comprehensive risk-based assessments of cybersecurity posture for varied information systems, both on-premises and in AWS and Microsoft Azure cloud environments
- Led discussions with system teams to document NIST 800-53 control implementation statements and created necessary artifacts to demonstrate compliance with FISMA and FedRAMP standards
- Organized, managed, and executed IT auditing projects while preparing programs teams for Office of Inspector General (OIG) and FISMA audits of assigned systems
- Guided continuous monitoring of system security posture by managing Plan of Action and Milestones (POA&M) and updating the body of evidence within the designated Governance, Risk, and Compliance (GRC) tool
- Advised senior-level management on current privacy and security trends; offered recommendations to mitigate cyber risks.
Sr. Information Security and Risk Engineer
Allscripts Healthcare Solutions
03.2021 - 08.2021
- Recruited to serve as subject matter expert in cyber governance, risk, and compliance, developing essential cyber risk metrics and key risk indicators (KRIs)
- Tasked with providing clients with cyber risk scoring while playing a key role in team management, including selection and interviewing of multi-disciplinary professionals
- Achieved significant team milestones, including creation of a Patch Management Program that improved overall compliance by 35% in five weeks
- Subsequently reduced backlog patches and enhanced per cycle compliance from 56% to 94% in 30 days
- Spearheaded the formation of a Patch & Vulnerability Management Governance Team; collaborated with business leaders to minimize vulnerabilities and reduce response time for zero-day remediation; results strengthened security measures by increasing tool installations from 80% to 95% in three months, covering essential areas such as SIEM, Vulnerability Management, Patch Management, NextGen AV End Point Protection, and Endpoint Detection & Response
- Coordinated team’s responses during first-ever company SOC2 audit for Microsoft Azure and ISO 27001/27002; ensured a seamless and successful audit process.
Sr. Principal Information System Security Officer
Northrop Grumman
04.2020 - 12.2020
- Offered cybersecurity GRC support to the U.S Department of the Treasury and enhanced security of four public-facing web applications and systems
- Conducted research and assessment to suggest methods for cybersecurity posture improvement and ensured FISMA compliance
- Minimized open POA&M related to cyber-risks by identifying NIST 800-53 security control gaps in processes, procedures, and systems
- Collaborated with technical teams and system owners to set realistic milestones and completion dates; addressed vulnerabilities and performed security impact analyses
- Developed and maintained all Security A&A documentation; confirmed alignment with FISMA, Treasury, NIST, and FedRAMP policies and guidelines.
Sr. Cybersecurity Analyst
Technatomy Corporation
09.2017 - 03.2020
- Provided essential support to the U.S Department of Defense by offering comprehensive RMF assistance to the Defense Logistics Agency (DLA)
- Oversaw continuous monitoring of security posture, managed the POA&M, and updated the body of evidence within the designated GRC tool
- Successfully reduced the POA&M count by 35% for assigned systems
- Played a key role in IT audit and security compliance oversight for systems; ensured rigorous adherence to established standards and protocols.
Senior Cybersecurity Analyst
SecureStrux, LLC
01.2017 - 09.2019
- Supported RAND (2017)
- 1099 Consultant (2017-2019)
Information Systems Security Manager/IT Manager
US Navy
11.2015 - 08.2016
Senior Information Systems Security Analyst
Lifecare Management Partners
09.2014 - 09.2015
Education
Doctor of Science - Cybersecurity
Marymount University
Arlington, Virginia05.2025
Adjunct Instructor—Cybersecurity -
Central Michigan University, Global Campus
Mount Pleasant12.2019
Master of Science - Computer Science
Capitol Technology University
Laurel, Maryland05.2017
Master of Science - Administration - Information Resource Management
Central Michigan University
Mt. Pleasant, Michigan08.2012
Bachelor of Science - Business - IT Management
Western Governors University
Salt Lake City, Utah01.2010
Skills
- Risk Management Framework
- NIST Cybersecurity Framework
- NIST 800-53
- NIST 800-171
- CMMC
- Cybersecurity Risk
- Cybersecurity Regulations
- Cybersecurity Principles
- Cybersecurity Policy
Affiliations
- Member, Information Systems Audit and Control Association (ISACA)
- Member, International Information System Security Certification Consortium (ISC)2
Certification
- CISSP
- CRISC
- CCSP
Timeline
US Cybersecurity Specialist
Oerlikon AM
02.2024 - Current
Information Systems Security Officer
Experis IT Services
05.2023 - 10.2023
Lead Information Security Analyst
KForce Inc
11.2022 - 03.2023
Sr. Information Systems Security Officer
Kreative Technologies LLC
08.2021 - 09.2022
Sr. Information Security and Risk Engineer
Allscripts Healthcare Solutions
03.2021 - 08.2021
Sr. Principal Information System Security Officer
Northrop Grumman
04.2020 - 12.2020
Sr. Cybersecurity Analyst
Technatomy Corporation
09.2017 - 03.2020
Senior Cybersecurity Analyst
SecureStrux, LLC
01.2017 - 09.2019
Information Systems Security Manager/IT Manager
US Navy
11.2015 - 08.2016
Senior Information Systems Security Analyst
Lifecare Management Partners
09.2014 - 09.2015
Doctor of Science - Cybersecurity
Marymount University
Adjunct Instructor—Cybersecurity -
Central Michigan University, Global Campus
Master of Science - Computer Science
Capitol Technology University
Master of Science - Administration - Information Resource Management
Central Michigan University
Bachelor of Science - Business - IT Management
Western Governors University
Similar Profiles
Akaysha MurrayAkaysha Murray
Laboratory Manager/Chemist at Oerlikon AMLaboratory Manager/Chemist at Oerlikon AM
Chantel VettorChantel Vettor
Level 3 Inspector at Oerlikon BalzersLevel 3 Inspector at Oerlikon Balzers
MOUHAMED SALLMOUHAMED SALL
GRENAILLEUR ET MAINTENANCE at Oerlikon BLAZERGRENAILLEUR ET MAINTENANCE at Oerlikon BLAZER
Michael Jack McMillanMichael Jack McMillan
UNCW Delegate at Bloomberg Global Trading ChallengeUNCW Delegate at Bloomberg Global Trading Challenge
Bradley TownerBradley Towner
Intramural Sports Official at Davidson CollegeIntramural Sports Official at Davidson College