Nyesha Harden
Summary
Senior technology leader with 17+ years of experience in delivering and managing large complex projects for customers, who currently works as a Vulnerability Management Manager at Amazon Web Services (AWS). Proficient in cross-functional team building, project management, complex analysis, and vulnerability assessments. Skilled in collecting, analyzing, and modeling data from various sources to guide planning efforts and create data-driven solutions. Has worked with different teams such as Network Operations, Cybersecurity Operations, Cyber Threat Intelligence, Vulnerability Management, and Procurement to coordinate and meet customer needs. Has practical experience in project management, complex analysis, cyber threat emulation, network traffic analysis, vulnerability assessments, and capability development. Holds a CompTIA Advanced Security Practitioner (CASP+) industry certification, a Master’s in Cybersecurity Technologies, and hands-on experience with AWS tools.
Overview
17
17
years of professional experience
1
1
Certification
Work History
Sr. TPM Manager, AWS Vulnerability Management
AMAZON WEB SERVICES (AWS)
10.2023 - Current
- Leading an AWS Security Engineers team, achieving a 41% reduction in vulnerabilities across 1.2M critical assets
- Implementing a risk assessment framework, resulting in a decrease in the likelihood of compromise
- Developing a threat modeling strategy, improving overall security posture across 89% of AWS’s fleets
- Orchestrating collaboration with SDEs for, increasing operational efficiency by 15%
- Leading patching and reporting efforts to ensure compliance with regulatory regimes, resulting in successful audits and adherence to standards
- Spearheading a global program to support PCI and Containers, ensuring alignment with organizational objectives
- Proactively identifying and addressing compliance gaps, enhancing overall compliance posture.
Management
AMAZON WEB SERVICES (AWS)
07.2022 - 10.2023
- Managed vulnerabilities and ensured the security posture of AWS infrastructure and services as an AWS Vulnerability Management TPM for AWS's Native EC2
- Conducted comprehensive security assessments using industry-standard frameworks, including the Risk Management Framework (RMF) and the National Institute of Standards and Technology (NIST) guidelines
- Leveraged expertise in threat modeling and risk analysis to identify potential vulnerabilities and developed remediation plans to mitigate risk
- Developed an AWS-wide process to handle Native AWS EC2 reporting and patching issues by finding major gaps in AWS Vulnerability Management (AVM) technology and methods in < 3.5 months of joining
- Reduced the duration of the reporting and patching exception process by half (2-3 months to 1-2 months)
- Resolved auto-renewing reporting and patching issues (100+) that affected 1.2M hosts with security risks
- Improved the efficiency the AVM program by 20% by expanding its Security Engineering team from 2 to 13
- Enhanced customer documentation and intake templates for AVM team, making processes more efficient and decreasing workloads for over 200 AWS Service teams
- Onboarded, trained, and mentored (2) L4, (2) L5 TPMs, and (1) Security Engineer on the AVM team
- Led a project across organizations with the Vulnerability Management Development team to integrate OS patching information and monitoring into a centralized tool for AVM metrics
- Established a standard for security evaluation and distributed it among different programs to promote alignment where feasible.
Director, Cyber Program and Mission Management
U.S. MARINE FORCES CYBERSPACE COMMAND (MARFORCYBER)
11.2020 - 07.2022
- Managed a team of Technical Project Managers and coordinated efforts to capture external customer technical/operational requirements, driving the design, analysis, planning, and timely delivery with internal teams
- Designed and integrated cyber strategies aligning to organizational strategy, and implemented policies, programs, and guidelines supporting over 130 USCYBERCOM operations teams and key stakeholders
- Coordinated with internal Network, Cybersecurity, and Procurement JMOC staff and USCYBERCOM teams to plan, design, and deliver cyber mission environments to external mission partners
- Managed a large team of various skilled professionals, including 16 cyber watch standers, ensuring the 24/7 availability and operational readiness of customer-facing cyber operations facilities and infrastructure
- Conducted over 200 candidate interviews and hiring actions for positions, recommended appointments, promotions, or reassignments, contributing to the growth and development of the organization
- Facilitated the integration of the cyber workforce into the software development life cycle (SDLC), enhancing the quality and security of software products and contributing to the overall efficiency of operations.
Deputy Director, JMOC Operations
U.S. MARINE FORCES CYBERSPACE COMMAND (MARFORCYBER)
11.2020 - 07.2022
- Managed three key departments responsible for 24/7 Cyber Operations, Technical Project Management, and Knowledge Management, enhancing global cyberspace operations
- Orchestrated collaboration with various directorates and advisors to assess mission risk and implement best practices in cyber operations, improving the security posture of the organization
- Led a large team of diverse technical professionals, including 16 cyber watch standers, ensuring 24/7 operational readiness of customer-facing cyber operations facilities and infrastructure
- Defined requirements and coordinated cross-organizational efforts, ensuring that the needs of USCYBERCOM, MARFORCYBER, and DoD Cyber Service Organizations were met
- Conducted customized semi-monthly leadership and developmental training for managers and first-line supervisors, enriching cross-organizational synchronization and enhancing team performance.
Strategic Cyberspace Planner | MARFORCYBER
GLOBAL INFOTEK, INC. (GITI)
08.2019 - 11.2020
- Conducted detailed planning support for the Marine Corps Forces Cyberspace Operations Command (MARFORCYBER), directly impacting the operational capability of MARFORCYBER in support of U.S
- Cyber Command (USCYBERCOM) strategic initiatives
- Developed and documented requirements, capabilities, and constraints for processes and procedures, supporting the organizational buildout of the Joint Mission Operations Center (JMOC) and ensuring the successful installation of critical assets
- Managed complex projects from inception to execution, developed and monitored project schedules using project management tools, and maintained comprehensive project documentation, ensuring customer expectations and deadlines were met.
Technical Project Manager, Cybersecurity | MARFORCYBER
GLOBAL INFOTEK, INC. (GITI)
08.2019 - 11.2020
- Delivered advanced cybersecurity analytics, enhancing Cyber Protection Team capabilities and security
- Collaborated with developers to create advanced security analysis techniques, supporting MARFORCYBER objectives
- Identified opportunities to enhance cybersecurity using advanced techniques, preempting threats and strengthening defense.
Cyber Threat Analyst II | ARCYBER
PERATON (formally Perspecta)
05.2019 - 08.2019
- Conducted research and evaluation of technical and all-source intelligence, enhancing the security of US and DoD information networks and weapons platforms
- Analyzed network events, conducted all-source research, and prepared detailed assessments, contributing to robust threat intelligence
- Authored threat reports focused on TTPs and activities of APTs, based on partner incident reporting, malware reverse engineering reports, and open-source research.
Sr. Manager, Enterprise Cyber Infrastructure Operations
U.S. ARMY CYBER COMMAND (ARCYBER)
03.2018 - 05.2019
- Served as the key infrastructure and incident manager for enterprise/joint DoD Cyber Operations, overseeing network management throughout the JMOC and enhancing operational efficiency
- Managed a diverse team of 24 individuals (12 Cyber Watch Officers, 11 Cyber Mission Integration teams, and 1 Network Defense Team), who effectively managed infrastructure resources in support of approved Cyber Tasking Orders
- Performed comprehensive risk analysis on operational infrastructure, providing technical advisory for mitigation and enhancing the security posture of the organization
- Developed and implemented standard operating procedures for the operation and use of the DoD infrastructure, streamlining processes and improving operational efficiency
- Coordinated policy guidance and provided critical analysis to correct deviations and identified deficiencies, facilitating the JMOC operational requirements and ensuring compliance
- Monitored collaborative platforms to track upcoming operations utilizing cyber operations infrastructure, ensuring timely and effective response to emerging threats
- Facilitated the administration of all cyber operations, including coordinating mission rehearsals, ensuring operational readiness and effectiveness.
Senior Program Manager | Operations and Readiness
U.S. ARMY CYBER COMMAND (ARCYBER)
04.2017 - 05.2019
- Supervised a staff of 38, delivering continuous training and coaching, thereby enhancing employee skills and contributing to the overall efficiency of operations
- Spearheaded the buildout of a tri-state Cyber Protection Team (CPT) from initiation to completion, streamlining operations and accelerating project progress under the USCYBERCOM’s Executive Order
- Managed comprehensive training and mobilization planning for a team of 51 Soldiers, ensuring 100% initial operational capability and maintaining the organization’s highest readiness status for daily operations.
Sr. Cyber Security Threat Intelligence Analyst
U.S. ARMY CYBER COMMAND (ARCYBER)
04.2017 - Current
- Managed a team of intelligence analysts, providing timely detection and alerting of potential cyber threats, leading to a significant reduction in system vulnerabilities
- Trained junior analysts on the use of cyber defense tools, enhancing the team’s ability to monitor and analyze systems for malicious activity
- Served as the incident manager, documenting and escalating incidents that could impact the environment, thereby minimizing potential damage
- Led a team of analysts in identifying malicious activity, determining exploited weaknesses, exploitation methods, and effects on systems and information, contributing to robust threat mitigation strategies
- Performed event correlation using diverse sources within the enterprise, enhancing situational awareness and the effectiveness of countermeasures against observed attacks
- Conducted comprehensive research and analysis across a wide variety of data sets, improving the organization’s ability to anticipate and respond to cyber threats
- Managed and trained junior analysts to analyze network traffic and identify anomalous activity, bolstering the organization’s defense against potential threats.
Senior Manager | Intelligence Operations (All-Source)
U.S. ARMY CYBER COMMAND (ARCYBER)
08.2007 - 04.2017
- Directed a multi-disciplinary team of 15 (11 U.S
- Army All-Source Intelligence Analysts and 4 DoD Contractors), enhancing intelligence operations across disciplines like OSINT, GEOINT, SIGINT, IMINT, and MASINT
- Managed intelligence requirements for 7 enterprise organizations, effectively coordinating a geographically dispersed all-source intelligence team and ensuring seamless operations
- Provided pivotal analytical support during OPERATION NEW DAWN and OPERATION IRAQI FREEDOM, enhancing defensive operations across several regions in Iraq
- Integrated the Distributed Common Ground System-Army (DCGS-A) analytic software tool, increasing operational awareness for commanders and contributing to strategic decision-making
- As the 256th Brigade’s Senior Intelligence Operations Manager, tracked enemy forces and updated mission trackers, ensuring real-time updates for 7 battalions and enhancing situational awareness.
Technical Program Manager, AWS Vulnerability
AMAZON WEB SERVICES (AWS)
- Situation: The individual joined AWS Vulnerability Management as a Technical Program Manager
- Task: The individual was tasked with finding major gaps in AWS Vulnerability Management (AVM) technology and methods
- Action: The individual developed an AWS-wide process to handle Native AWS EC2 reporting and patching issues in less than 3.5 months of joining
- Result: The duration of the reporting and patching exception process was reduced by half (from 2-3 months to 1-2 months).
Education
Master of Science in Cybersecurity Technologies -
University of Maryland Global Campus
Bachelor of Science in Criminal Justice and Sociology -
McNeese State University
Skills
- Cybersecurity Implementation
- AWS Cloud Fundamentals
- Change Management
- Cyber Threat Intelligence
- Governance Compliance Planning
- Team Building Cross-Collaboration
- Vulnerability Analysis
- Strategic Organizational Planning
- Critical Thinking and Analysis
- Cyber Threat Mitigation
- Project Program Management
- Threat Modeling and Risk Analysis
- Network Architecture Integration
- Accountability Reliability
- Organization and Time Management
Certification
- CompTIA Advanced Security Practitioner (CASP+) Certified, CompTIA
- AWS Academy Cloud Foundations
- Cyber Threat Emulation Course
- Cyber Intel Analyst Course
- AWS Academy Data Analytics
Security Clearance
TS/SCI w/ CI Polygraph
Timeline
Sr. TPM Manager, AWS Vulnerability Management
AMAZON WEB SERVICES (AWS)
10.2023 - Current
Management
AMAZON WEB SERVICES (AWS)
07.2022 - 10.2023
Director, Cyber Program and Mission Management
U.S. MARINE FORCES CYBERSPACE COMMAND (MARFORCYBER)
11.2020 - 07.2022
Deputy Director, JMOC Operations
U.S. MARINE FORCES CYBERSPACE COMMAND (MARFORCYBER)
11.2020 - 07.2022
Strategic Cyberspace Planner | MARFORCYBER
GLOBAL INFOTEK, INC. (GITI)
08.2019 - 11.2020
Technical Project Manager, Cybersecurity | MARFORCYBER
GLOBAL INFOTEK, INC. (GITI)
08.2019 - 11.2020
Cyber Threat Analyst II | ARCYBER
PERATON (formally Perspecta)
05.2019 - 08.2019
Sr. Manager, Enterprise Cyber Infrastructure Operations
U.S. ARMY CYBER COMMAND (ARCYBER)
03.2018 - 05.2019
Senior Program Manager | Operations and Readiness
U.S. ARMY CYBER COMMAND (ARCYBER)
04.2017 - 05.2019
Sr. Cyber Security Threat Intelligence Analyst
U.S. ARMY CYBER COMMAND (ARCYBER)
04.2017 - Current
Senior Manager | Intelligence Operations (All-Source)
U.S. ARMY CYBER COMMAND (ARCYBER)
08.2007 - 04.2017
Technical Program Manager, AWS Vulnerability
AMAZON WEB SERVICES (AWS)
Master of Science in Cybersecurity Technologies -
University of Maryland Global Campus
Bachelor of Science in Criminal Justice and Sociology -
McNeese State University
Similar Profiles
Francisco Javier Chavero, Jr.Francisco Javier Chavero, Jr.
Environmental Program Manager (EPM) at Amazon Web Services (AWS), Amazon Data Services, Inc.Environmental Program Manager (EPM) at Amazon Web Services (AWS), Amazon Data Services, Inc.
Joe BehrensJoe Behrens
Senior DevOps Consultant at Amazon Web Services (AWS) Professional ServicesSenior DevOps Consultant at Amazon Web Services (AWS) Professional Services
Jeffrey Mullins JrJeffrey Mullins Jr
Data Center Operations Technician III at Amazon Web Services (AWS)Data Center Operations Technician III at Amazon Web Services (AWS)
Ravi PandeRavi Pande
Network Development Engineer at Amazon Web Services(AWS)Network Development Engineer at Amazon Web Services(AWS)
Doug FarreDoug Farre
Security Engineering Manager, AWS Vulnerability Management at Amazon Web ServicesSecurity Engineering Manager, AWS Vulnerability Management at Amazon Web Services