Nelson Lota

· Supported Sr. ISSO by assisting the implementation of NIST RMF (via 800-37) ensuring accurate categorization (FIPS-199 and 800-60).

· Meticulously evaluated over 18 controls of the NIST Cybersecurity Framework (CSF) for the cybersecurity posture for a potential acquisition company in an acquisition deal.

· Reviewed, evaluated, and identified additional business High Value Assets/Crown Jewels on Energy & Environmental Management, and updated applicable documents.

· Successfully led the revalidation of HVA risk management categorization based on CIA impact on business continuity, using High Water Mark analysis/rule.

· Successfully updated Access Control on energy and environmental emissions reporting system for policy and procedures, account management and account enforcement.

· Managed vendor performance by tracking 5 deviations from SOW and contracts of two major vendors to drive accountability on commitments mainly by reviewing deliverables against due dates and tasked to be performed.

· Maintained 100% compliance with integrity and regulatory requirements on energy and environmental pollution prevention and control, demonstrating strong control monitoring, documentation, and governance discipline.

· Implemented digital KPI dashboards enabling real-time monitoring of compliance and operational risk metrics, improving executive reporting and proactive governance oversight.

· Led cross-functional investigations into operational events, driving root cause analysis, corrective action tracking, and recurrence prevention to strengthen enterprise governance processes.

· Led governance and operational compliance for a 30-person operations team within a semiconductor manufacturing environment, strengthening control discipline, Health & Safety regulatory and compliance culture, and risk-aware decision making through structured coaching and performance management.

· Reviewed vendor’s draft security test case and exit criteria against NIST 800-5three Rev 5 controls and noted 3 discrepancies that required an update to the test cases.

· Reviewed, updated and implemented operation’s identification and authentication (IA), Personally Identifiable Information Process and Transparency (PT), and Access Control (AC) policy to ensure full compliance.

· Reviewed over 150 information security and environmental task assigned to engineers in Smartsheet and excel, ensuring they are entered concise and complete, while monitoring progress against due date and elevating risk where delays appear imminent.

· Managed sensitive data types such as HRIS, PII, PHI, and financial data

· Produced content for an Incident Response Procedure to help improve response time, and workflow standardization, demonstrating strong capabilities in process governance, risk assessment, and operational control management.

· Contributed to the generation of a bi-weekly Executive-level status report on key areas of risks associated with environmental reporting and process safety reporting tools migration.

· Improved compliance maturity by increasing annual employee health physical and IT training, and OSHA training compliance from 70% to 82%, strengthening internal control adoption and reducing operational and compliance risk.

• Served as site environmental focal point for high-pressure polyethylene manufacturing, ensuring compliance with air, water, and soil regulations.
• Oversaw Title V air program compliance activities, reinforcing operational controls in high-hazard environments.
• Achieved 15% reduction in environmental compliance deviations through program modifications and enhanced spill prevention measures.
• Developed strategies organization-wide to minimize greenhouse gas emissions and reduce environmental risk exposure.
• Supported site risk management plan and regulatory audit readiness by maintaining essential documentation and controls.
• Coordinated departmental management plans with regulatory priorities, enhancing environmental governance across the organization.
• Facilitated annual compliance strategy sessions to promote continuous improvement across operations.