Summary
Overview
Work History
Education
Skills
Certification
Websites
Volunteering
Timeline
Generic

Randy Rodriguez

Cape Coral,FL

Summary

Randy Rodriguez is a Security Consultant. He has earned his Cisco Certified Network Associate (CCNA), CompTIA Security +, Mircosoft Azure Cloud Certification, and many other certifications. He is attending Western Governors University for his bachelor's in Cyber Security and Information Assurance. He has provided HIPAA HITECH solutions to over 300 physicians and hospitals. Familiar with security frameworks such as HITRUST, NIST CSF, 800-53, NIST 800-171, NIST RMF, CMS, ISO 27001, and APEC CBPR/PRP. Randy has provided over 300 security risk assessments, health information technology Reports, vulnerability/asset management assessments, and security best practices. Over 800 virtual risk assessments have been conducted to aid hospitals, financial firms, physicians, gaming companies, banks, public and private sector companies, and many others. In addition, he is a member of the South Florida Chapter of the Information Systems Security Association (SFISSA) and InfraGard Member Alliance.

Overview

6
6
years of professional experience
1
1
Certification

Work History

Senior Security Consultant

NCC Group
Remote, - Full Time
01.2024 - Current
  • Lead and supported over 40 cybersecurity reviews leveraging the NIST CSF, NIST 800-53, NIST 800-171, and NIST Privacy Framework.
  • Lead and supported over 45 successful certified HITRUST Facilitated Self-Assessments, validated assessments, and E1 assessments through the use of the MyCSF HITRUST portal.
  • Lead over 20 successful certification engagements and interviews for APEC CBPR PRP assessments.
  • Conducted over 20 third party risk assessments (TPRM)
  • Scoped and written Statements of Work (SOW) for privacy assessments.
  • Identified strategic and technical risks for organizations and provided recommendations.
  • Created and updated internal information security compliance policies, procedures and standards.
  • Evaluated vulnerability alerts from third-party sources to analyze potential impact to company, identify appropriate stakeholders and communicate threat level of exposure.
  • Have created template reports for Cybersecurity Reviews using the NIST CSF Framework and HIPAA/HITRUST Assessments.
  • Tools used: MyCSF for HITRUST Assessments and Coda for documentation

Security Consultant

NCC Group
Remote, - Full Time
05.2021 - 01.2024

Vulnerability Management Associate

Coinbase
Remote, - Full Time
08.2021 - 03.2022
  • Reporting on security vulnerabilities on a weekly basis and triaging security bug tickets.
  • Parsed through data to create efficient dashboards for ease of reporting through the use of JQL, JIRA and eazyBI.
  • Creating documentation for security bug processes, standard operating procedures, and standardization of documentation.
  • Responsible for reporting, analyzing, and following up on vulnerabilities.
  • Worked successfully with diverse group of coworkers to accomplish goals and address issues related to our products and services.

Security Consultant

24By7Security, Inc.
Remote, - Full Time
08.2019 - 05.2021
  • Have conducted many vulnerability risk assessments for various industries such as hospitals, law firms, and financial firms.
  • Assessed software and networks for cyber vulnerabilities and recommended and installed best security solutions with the use of Qualys.
  • Maintained essential security knowledge due to recent corporate cyber attack, implemented corporate mandated changes and rolled out new security guidelines and resolution procedures.
  • Conducted training sessions for employees in other departments to alert about various security issues with the use of easy LMS, these trainings were for HIPAA guidance.
  • Mitigated risk by providing immediate and effective emergency response security.
  • Worked with several compliance standards and frameworks such aa: HIPAA, HITRUST, NIST 800-53, NIST 800-171, NIST RMF, NIST CSF.

Information Security Analyst

Bankers Healthcare Group Inc.
Davie, FL, - Full Time
05.2019 - 08.2019
  • Worked with SIEM (JASK) to determine insights and threat possibilities. Tools and resource utilization involving Ubuntu, CIS Benchmarks, ADAudit, Vulnerability Scans (Nessus/Tenable), Antivirus/EDR Deployment (CrowdStrike), Ticketing system (JIRA), Confluence and Risk Mitigation.
  • Designed and implemented plans to secure computer files against breach, destruction or accidental modification.
  • Analyzed system risk to identify and implement appropriate security countermeasures.

Field Technician

ROOTPOINT
Miami, FL, - Full Time
06.2018 - 11.2019
  • Physical data migrations of servers, switches, routers, and other networking devices.
  • Ran fiber/ethernet cable inside of data centers.
  • Installed, racked, and daisy chained severs for redundancy inside of data centers.
  • Wireless heat mapping for areas of weak signal.
  • Installation of physical networking devices on customer sites.

Education

Bachelor of Science - Cybersecurity And Information Assurance

Western Governors University
Salt Lake City, UT
08.2023

Certification Program - Cyber Security

University Of Miami Continuing Education
Miami, FL
08.2019

Skills

  • Leading and engaging client communications through a risk assessment
  • Vulnerability management systems such as Nessus Tenable, and Qualys
  • Experienced with SIEM such as JASK
  • SQL/JQL searches for filtering through a SIEM/JIRA
  • AV Deployment with CrowdStrike Falcon
  • Asset Management with CrowdStrike and LanSweeper
  • Compliance experience with CSR, PCI, FIPA, HIPAA, HITRUST, APEC CBPR- PRP and many others
  • Third party vendor DB management with Imperva software
  • Beginner level software programming with C and Python

Certification

  • Certified Information Systems Auditor (CISA) (In Progress)
  • Cisco Certified Network Associate Routing and Switching (CCNA)
  • CompTIA Security +
  • Certified Payment Security Practitioner (CPSP - PCI)
  • Lean Six Sigma White Belt Certified - v4.0 - Advanced
  • Cloud Application Scanner - Qualys
  • Vulnerability Management - Qualys
  • Azure AZ-900
  • APEC CBPR-PRP Certified Assessor
  • HITRUST Certified CSF Practitioner
  • ITIL 4 Foundation

Websites

Blogs

  • https://blog.24by7security.com/foresight-2020-segment-your-network
  • https://blog.24by7security.com/foresight-2020-building-an-incident-response-plan
  • https://blog.24by7security.com/foresight-2020-create-an-offline-backup
  • https://blog.24by7security.com/malware-covid19
  • https://blog.24by7security.com/how-to-reduce-the-cybersecurity-gap-in-it

Article

  • https://digitalskills.miami.edu/cybersecurity/university-of-miami-cybersecurity-bootcamp-graduate-spotlight-randy-rodriguez/

LinkedIn

  • https://www.linkedin.com/in/randy-rodriguez-632152183/

Volunteering

InfraGard National Member Alliance

Member

Oct. 2020 - Present

  • InfraGard is a partnership between the FBI and members of the private sector. The InfraGard program provides a vehicle for seamless public-private collaboration with government that expedites the timely exchange of information and promotes mutual learning opportunities relevant to the protection of Critical Infrastructure.

South Florida ISSA

Member

Feb. 2020 - Present

  • South Florida ISSA is a long standing chapter of the Information System Security Association, and is one of the most distinguished chapters world-wide.
  • SFISSA is very involved in the InfoSec space on a variety of levels, from management to technicians, and covers a broad range of InfoSec topics at both the monthly meetings and during our events.

Timeline

Senior Security Consultant

NCC Group
01.2024 - Current

Vulnerability Management Associate

Coinbase
08.2021 - 03.2022

Security Consultant

NCC Group
05.2021 - 01.2024

Security Consultant

24By7Security, Inc.
08.2019 - 05.2021

Information Security Analyst

Bankers Healthcare Group Inc.
05.2019 - 08.2019

Field Technician

ROOTPOINT
06.2018 - 11.2019

Bachelor of Science - Cybersecurity And Information Assurance

Western Governors University

Certification Program - Cyber Security

University Of Miami Continuing Education
  • Certified Information Systems Auditor (CISA) (In Progress)
  • Cisco Certified Network Associate Routing and Switching (CCNA)
  • CompTIA Security +
  • Certified Payment Security Practitioner (CPSP - PCI)
  • Lean Six Sigma White Belt Certified - v4.0 - Advanced
  • Cloud Application Scanner - Qualys
  • Vulnerability Management - Qualys
  • Azure AZ-900
  • APEC CBPR-PRP Certified Assessor
  • HITRUST Certified CSF Practitioner
  • ITIL 4 Foundation

Similar Profiles

  • Alexandra Duenas

    Alexandra DuenasAlexandra Duenas

    Head of Project Resourcing at NCC GroupHead of Project Resourcing at NCC Group

    View Profile
  • Tara Goodwin-Ruffus

    Tara Goodwin-RuffusTara Goodwin-Ruffus

    Sr. Project Manager at NCC GroupSr. Project Manager at NCC Group

    View Profile
  • Philip Gentry

    Philip GentryPhilip Gentry

    Global Standards and Support Officer at NCC GroupGlobal Standards and Support Officer at NCC Group

    View Profile
Randy Rodriguez