Reza Sasaninejad
Sterling,VA
Summary
Cybersecurity expert with significant experience in GRC tools implementation and risk management at Evolver Federal. Demonstrated success in leading cross-functional teams to enhance IT infrastructure security and engage stakeholders. Specialized in vulnerability management and security compliance, achieving successful project outcomes and ensuring regulatory adherence.
Overview
27
27
years of professional experience
1
1
Certification
Work History
Sr. Information Systems Security (Cybersecurity) Analyst/Specialist
Evolver Federal/CSS
06.2024 - 11.2025
- Managed implementing all GRC management security umbrella including projects: frameworks, policies, tailoring controls, compliance scoping, control testing (NIST/ISO/HIPAA/CMMC…) compilate frameworks by conducting risk assessments, and documenting compliance measures based on NIST RMF and ISO standards to meet organizational and regulatory requirements.
- Managed implemented utilizing Governance, Risk, and Compliance (GRC) tools for managing Assessment & Authorization (A&A) processes & act as subject matter expert (SME) for A&A process, including providing guidance to stakeholders, business units, and new A&A resources, as necessary.
- Development of actionable security blueprints, principles, models, designs, standards, and guidelines to ensure enterprise IT architecture and support is consistent, usable, secure and adds value to the business.
- Supervise and perform the vulnerability scanning technologies to interrogate systems for configuration and status.
- Architecture principles and best practices to design, implement, and maintain secure IT infrastructures in alignment with A&A policies.
- Performed evaluating and supporting documentation, validation, and accreditation processes necessary to assure that new and existing information technology (IT) systems meet the organization's information assurance (IA) and security requirements.
- Under The Government Contract (Federal Communication Commission - FCC)
Sr. Information Systems Security (Cybersecurity) Analyst
Intelipath Services Group Inc.
Alexandria, VA
05.2017 - 06.2024
- Implementing all GRC management security umbrella including projects: frameworks, policies, tailoring controls, compliance scoping, control testing (NIST/ISO/HIPAA/CMMC…) compilate frameworks by conducting risk assessments, and documenting compliance measures based on NIST RMF and ISO standards to meet organizational and regulatory requirements.
- Managed implemented utilizing Governance, Risk, and Compliance (GRC) tools for managing Assessment & Authorization (A&A) processes & function as subject matter expert (SME) for A&A process, including providing guidance to stakeholders, business units, and new A&A resources, as necessary.
- Development of actionable security blueprints, principles, models, designs, standards, and guidelines to ensure enterprise IT architecture and support is consistent, usable, secure and adds value to the business.
- Supervise and perform the vulnerability scanning technologies to interrogate systems for configuration and status.
- Architecture principles and best practices to design, implement, and maintain secure IT infrastructures in alignment with A&A policies.
- Performed evaluating and supporting documentation, validation, and accreditation processes necessary to assure that new and existing information technology (IT) systems meet the organization's information assurance (IA) and security requirements.
- Led at conducting implementation IT compliance strategy as SME for IT business & digital products solutions, and security products/services procurement bidding projects from the best modernization and digital transformation necessities, requirements, and solutions for the client including FAR contract vs the legacy systems.
- Led at collaborating security compliance analysis/input to IT Leadership for IT system investment scope & required expenditures budget management based on the required enterprise selective IT Business, product, security solution projects including ROI technology investments analysis report.
- Under The Government Contract (Federal Communication Commission - FCC)
Sr. Cybersecurity Analyst, Sr. BA, Sr. International BD Director, Business IT & Security Project lead
IMCI Technologies
Herndon, VA
01.2013 - 05.2017
- Implementing security controls, conducting risk assessments, and documenting compliance measures based on NIST RMF and ISO standards to meet organizational and regulatory requirements.
- Development of actionable security blueprints, principles, models, designs, standards, and guidelines to ensure enterprise IT architecture and support is consistent, usable, secure and adds value to the business.
- Supervise and perform the vulnerability scanning technologies to interrogate systems for configuration and status.
- Architecture principles and best practices to design, implement, and maintain secure IT infrastructures in alignment with A&A policies.
- Performed and implemented utilizing Governance, Risk, and Compliance (GRC) tools for managing Assessment & Authorization (A&A) processes & act as subject matter expert (SME) for A&A process, including providing guidance to stakeholders, business units, and new A&A resources, as necessary.
- Performed evaluating and supporting documentation, validation, and accreditation processes necessary to assure that new and existing information technology (IT) systems meet the organization's information assurance (IA) and security requirements.
- Managed IT & Cybersecurity Project cross-functional teams in the successful delivery of complex technology projects. Proven expertise in delivering eighty five percent of risk management, cybersecurity frameworks, and implementation of secure IT infrastructures.
- Managed project communication to adapt an effective bridge the gap between technical and non-technical stakeholders to ensure project alignment with business goals. Recognized for strong leadership, problem-solving abilities, and commitment to deliver the project to the satisfactory phase out point.
- Herndon, VA
Business Analyst, Sr. Business Development, Director, IT Consultant, and Project Manager
Farahsun International Co.
01.1999 - 01.2010
- Independent Consultant - Overseas
- Previous Teaching Experience: Self Consultant (IT Teaching and Training Instructor) for 7 years
Education
Master of Science (MSc) - Cybersecurity (Information System Assurance) Policy & Management
UMGC
Adelphi, Maryland, USA05-2022
Bachelor of Science - Cybersecurity (Information System Assurance)
UMGC
Adelphi, Maryland, USA12-2013
Skills
- Microsoft Office
- M365
- MS Project
- SharePoint
- JIRA
- SNOW
- CSAM
- Visio
- Vulnerability management
- Security compliance
- GRC tools implementation
- IT infrastructure security
- Project management
- Cross-functional collaboration
- Regulatory knowledge
- Stakeholder engagement
- Solution architecture
- Problem solving
- Effective communication
- Analytical thinking
- Virtualization security
- Public key infrastructure
- Security analysis
- Security audits
- Security protocols
- SIEM management
- Cybersecurity frameworks
- Cloud security
- Web application security
- Access control
- Network security
- IDS integration
- Application security
- Cryptanalysis
- Security architecture
- Business continuity
- User awareness training
- Anomaly detection
- Security frameworks
- IT infrastructure knowledge
- Data encryption
- SIEM, EDR, SOAR, IDS, IPS, DLP, SOD, SAP IT, CASBs, ICAM, UEBA security frameworks
- SIEM tools
- Information security policies
- Cyber threat analysis
- Patch management
- Two-factor authentication
- IoT security
- Incident response
- Cryptography knowledge
- Threat hunting
- Data loss prevention
- Cloud System Security Compliance
- Incident response management
- Compliance monitoring
- Database security
- Security monitoring
- Information assurance
- IT compliance
- Change management
Certification
- ICCS (Certificate) Computer Study (CS) - Network Sec. (NCC Institute, UK)
- IDCS (Certificate Diplomat) in Computer Study - System Development (NCC Institute, UK)
- IAD (Certificate Diploma) in Computer Study - Programming Methods (NCC Institute- UK)
- Certified Information Security Manager - ISACA (CISM) - US
- Scrum Master - Certified ScrumMaster (CSM) - US
Accomplishments
- Accomplished and delivered various projects as Sr. IT & Information System Security (Cybersecurity), Governance/GRC Analyst & Specialist with over fifteen years of experience specializing in Information Security and Compliance.
- Proven track-record in cybersecurity strategy, framework & policy, cybersecurity solution architecture/framework, security risk management (RMF), risk assessment (NIST 800-37 & 30), A&A processes as independent security auditor, supply chain risk management (SCRM) and the security processes.
- Proven expertise in implementing security controls such as NIST 800-53B, 53 rev5, NIST 800-218 (SSDF), and ISO 27000 series standards & frameworks.
Clearance
Active Public Trust
Timeline
Sr. Information Systems Security (Cybersecurity) Analyst/Specialist
Evolver Federal/CSS
06.2024 - 11.2025
Sr. Information Systems Security (Cybersecurity) Analyst
Intelipath Services Group Inc.
05.2017 - 06.2024
Sr. Cybersecurity Analyst, Sr. BA, Sr. International BD Director, Business IT & Security Project lead
IMCI Technologies
01.2013 - 05.2017
Business Analyst, Sr. Business Development, Director, IT Consultant, and Project Manager
Farahsun International Co.
01.1999 - 01.2010
Master of Science (MSc) - Cybersecurity (Information System Assurance) Policy & Management
UMGC
Bachelor of Science - Cybersecurity (Information System Assurance)
UMGC