Richard Lombardi
Moorefield Station,VA
Summary
Information Security Governance Officer with extensive experience in risk management and strategic planning at the Federal Home Loan Bank. Demonstrated success in enhancing regulatory compliance and driving impactful cybersecurity initiatives. Proven ability to foster collaboration across teams and mentor future leaders. Established strong relationships with C-suite executives to support organizational goals.
Overview
13
13
years of professional experience
1
1
Certification
Work History
INFORMATION SECURITY GOVERNANCE OFFICER
Federal Home Loan Bank – Office of Finance
Reston, VA
02.2023 - Current
- Led strategic realignment of cybersecurity governance function following selection by CIO. Strengthened collaboration across first, second, and third lines of defense during critical transition.
Chosen based on demonstrated leadership-by-influence capabilities to enhance organizational effectiveness. Participated in a year-long executive mentorship program through American Corporate Partners to refine leadership skills. - Effectively led a nine-person cybersecurity team, establishing a role as the CISO’s trusted proxy for cross-functional initiatives.
- Forged trusted partnerships with C-suite executives and senior directors in IT, Risk, Compliance, and Legal to oversee cybersecurity governance.
- Navigated strategic challenges and escalated critical issues while leading through influence.
- Secured essential outcomes by coordinating efforts across multiple departments.
- Functioned as a central leadership figure for cybersecurity initiatives, driving alignment with enterprise priorities.
- Direct the Vulnerability Management Program, implementing risk-tiered SLAs, executive KPIs, and remediation governance aligned with CVSS, CISA KEV, and asset criticality.
- Oversee the enterprise Baseline Security Configuration Program to address a regulatory Matter Requiring Attention (MRA); develop policies, tracking systems, and reporting structures across OS, network, and cloud environments.
- Establish scalable governance architecture for policies, standards, and controls—replacing legacy systems and improving regulatory audit posture.
- Chair the FHLBanks IT Governance Working Group, coordinating policy alignment and governance practices across 11 institutions with varying board structures and regulatory interpretations.
- Lead enterprise tabletop exercises and incident response simulations; revise CSIRP playbooks to align cybersecurity, DR/BCP, and executive communication procedures.
- Regularly advise the CISO on governance risks, modernization implications, and culture-building initiatives to elevate cybersecurity visibility and business alignment.
- Mentor emerging cybersecurity leaders, providing coaching on influence, stakeholder engagement, and cross-functional leadership.
Department Head, Cybersecurity & Risk Training Pro
Information Warfare Training Group Pacific
San Diego, CA
01.2021 - 01.2023
- Led 91-member team of cybersecurity, IT risk, and compliance professionals, managing technical readiness and controls effectiveness across enterprise C5I systems, facilitating global operations.
- Consolidated two training directorates into a unified cybersecurity readiness program, establishing governance structures and performance metrics that strengthened alignment with enterprise risk frameworks.
- Managed the execution of over 300 enterprise training and certification events, supporting compliance validation across 43 organizational units, and strengthening overall mission readiness.
- Established and deployed a Cybersecurity Readiness Framework, ensuring consistency in audit checklists, SOPs, and control interpretations across all reviewed units.
- Collaborated with senior stakeholders from Risk, Legal, and Compliance to ensure training content and assessment scenarios align with evolving regulatory and internal policy demands.
- Spearheaded development programs for over 130 technical professionals, strengthening risk awareness, audit readiness, and leadership skills across the future GRC workforce.
- Acknowledged as top director among peer department heads for mission impact, training effectiveness, and strategic transformation.
DIRECTOR OF INFORMATION TECHNOLOGY & COMMUNICATION
SEAL Team SEVEN / Special Operations Task Force T
Coronado, CA
01.2019 - 01.2021
- Led a 30-person cyber and infrastructure team supporting enterprise communications, cybersecurity, and network operations across 10 dispersed sites, enabling full mission command for over 500 deployed personnel.
- Managed $155M in mission-critical IT assets; modernized communications architecture, recovered underutilized equipment, and avoided over $7M in costs through lifecycle.
- Architected and deployed a secure, multi-agency network enclave 18 months ahead of schedule and at zero cost; achieved ATO under NIST RMF standards, enabling strategic collaboration between the U.S. and allied forces.
- Standardized cybersecurity and governance controls across all sites; aligned security operations with ISO 27001, NIST CSF, and COBIT 2019 to improve risk management, audit performance, and operational resilience.
- Executed enterprise-wide incident response and COOP protocols, including rapid relocation and full recovery during a real-world missile threat, restoring comms, surveillance, and operations within 30 minutes.
- Directed cybersecurity readiness and C4ISR support for 300+ operations and exercises; deployed secure communications and ISR platforms to enhance situational awareness and interoperability during joint missions.
- Built a collaborative electromagnetic spectrum governance framework to improve reliability, deconfliction, and risk mitigation across congested RF environments—partnering with the Joint EW Center and CENTCOM.
- Earned SOCOM Communicator of the Year (2021) for visionary leadership, governance excellence, and delivering operational impact under high-risk, high-tempo global conditions.
DIRECTOR, INFORMATION SECURITY COMPLIANCE & AUDIT
DIRECTOR, INFORMATION SECURITY COMPLIANCE & AUDIT
Djibouti, Africa
02.2017 - 03.2018
- Oversaw enterprise-level internal audit and compliance operations across 25 business units and over 5,000 users in a multi-clearance environment, guiding a 12-person team responsible for cryptographic key management, secure communications assurance, and internal control oversight.
- Conducted 173 formal audits across 33 geographically distributed accounts, validating over 6,000 secure key transactions while ensuring zero audit escalations under NSA and DoD inspection standards.
- Generated executive-level audit reports for regional leadership and federal oversight entities; collaborated with second and third lines of defense to formulate and monitor remediation plans for high-risk findings under ongoing national security scrutiny
- Established region-wide, mandatory role-based compliance training program for all incoming cryptographic custodians; realized complete elimination of repeat audit deficiencies by addressing procedural gaps and enforcing standardized control practices.
- Streamlined encryption lifecycle governance model across all operating units, aligning access control and key management procedures with DoDM 5105.21 Vol. 1-3, CNSSI 4005, and NIST SP 800-57, enhancing audit traceability and reducing regulatory risk.
- Operated as chief compliance advisor to executive stakeholders, interpreting intricate technical findings into mission-aligned corrective actions and facilitating swift closure of audit issues across diverse lines of accountability.
- Secured position as #1 senior manager out of 25 regional leaders for excellence in audit execution and leadership influence across logistics, operations, and communications.
TECHNICAL ADVISOR, EMSO & RISK
DISA Joint Spectrum Center
Annapo, Mary
01.2015 - 02.2025
- Directed spectrum governance for over 350,000 users across the Department of Defense.
Aligned policies with FCC, NTIA, and NATO to enhance regulatory compliance.
CYBERSECURITY & COMMS DEPT HEAD
Destroyer Squadron Twenty-One
San Diego, CA
01.2012 - 02.2014
- Directed cryptographic compliance for 9 units; transformed GRC program and secured top inspection outcomes.
Education
MBA - Project Management
Capella University
Minneapolis, MN01-2021
Bachelor of Science - INFORMATION SYSTEMS MANAGEMENT
Excelsior College
Albany, NY06-2016
Skills
- Risk management
- Regulatory compliance
- Policy development
- Team leadership
- Training development
- Communication strategies
- Strategic planning
- Data analysis
- Relationship building
- Professionalism
- Adaptability and flexibility
- Active listening
- Organizational skills
- Project management
- Multitasking
- Security protocols
- Operational planning
- Conflict resolution
- Problem-solving abilities
- Team building
- Risk assessment
Certification
CERTIFICATIONS & EDUCATION
Certifications: CISM | CISA | CRISC | CGEIT | PMP | PMI-RMP | CASP+ | CEH | CNDA | Security+
Graduate Executive Certificates:
·Executive Certificate in Leadership & Management
University Of Notre Dame
·Master Certificate in Lean Enterprise Solutions
Villanova University
Master Certificate In Strategic Organizational Leadership
Villanova University
·Certificate in Leading Teams and Organization
University Of Notre Dame
Executive Leadership Strategies
University Notre Dame
Accomplishments
Recipient of the USNI Copernicus Award (2014) for excellence in C4I innovation and leadership, recognized for advancing joint warfighting communications and information systems in support of Navy and DoD mission objectives.
Honored as United States Special Operations Command Communicator of the Year (2020) for exceptional leadership, technical proficiency, and mission-critical communications support in joint special operations environments. 2020
Awarded the Bronze Star Medal (Baghdad, Iraq – 2008)
Timeline
INFORMATION SECURITY GOVERNANCE OFFICER
Federal Home Loan Bank – Office of Finance
02.2023 - Current
Department Head, Cybersecurity & Risk Training Pro
Information Warfare Training Group Pacific
01.2021 - 01.2023
DIRECTOR OF INFORMATION TECHNOLOGY & COMMUNICATION
SEAL Team SEVEN / Special Operations Task Force T
01.2019 - 01.2021
DIRECTOR, INFORMATION SECURITY COMPLIANCE & AUDIT
DIRECTOR, INFORMATION SECURITY COMPLIANCE & AUDIT
02.2017 - 03.2018
TECHNICAL ADVISOR, EMSO & RISK
DISA Joint Spectrum Center
01.2015 - 02.2025
CYBERSECURITY & COMMS DEPT HEAD
Destroyer Squadron Twenty-One
01.2012 - 02.2014
MBA - Project Management
Capella University
Bachelor of Science - INFORMATION SYSTEMS MANAGEMENT
Excelsior College
Similar Profiles
Pamela Willis-O'ReillyPamela Willis-O'Reilly
Administrative Manager, Facilities at Federal Home Loan Banks Office of FinanceAdministrative Manager, Facilities at Federal Home Loan Banks Office of Finance
Andrew Borgerding, MBAAndrew Borgerding, MBA
Credit Operations Sr. Manager at The Federal Home Loan Bank of CincinnatiCredit Operations Sr. Manager at The Federal Home Loan Bank of Cincinnati
Cooper SmithCooper Smith
Collateral and Safekeeping Analyst at Federal Home Loan Bank of TopekaCollateral and Safekeeping Analyst at Federal Home Loan Bank of Topeka
Gerrid LandayanGerrid Landayan
Data Center Technician at BytedanceData Center Technician at Bytedance
Casey LynottCasey Lynott
Sr. Director of Client Services at 3Pillar GlobalSr. Director of Client Services at 3Pillar Global