RON JOHNSON
Rogers,AR
Summary
Experienced cybersecurity and quality management professional with nearly two decades of expertise, including service as a dedicated United States Marine veteran. Passionate about safeguarding organizations in dynamic environments, specializing in cybersecurity, data privacy, compliance, and quality assurance. Proven track record in implementing technical security measures and adhering to quality regulations, driven by dedication, reliability, and a strong work ethic. Skilled consultant adept at ensuring organizations meet high standards in cybersecurity and quality management. Seeking opportunities to contribute expertise to support organizational goals. Open to networking and discussing potential collaborations.
Overview
15
15
years of professional experience
1
1
Certification
Work History
Quality Manager - Systems & Infrastructure ENG III
Walmart Global Tech
09.2023 - Current
- Responsible for supporting the Lab in developing custom solutions to aid in evidence collection while maintaining the Lab's ANAB accreditation.
- Serve as a technical expert in QA to develop, administer, operate, manage, and maintain various QA program segments as assigned.
- Assist in managing specialized and fundamental quality functions, such as software and hardware testing, analytical quality control (QC), verification of system and document changes and quality audits.
- Assure aspects of the laboratory QA, QC, and proficiency practices are sound and within established QA program guidelines.
- Assist in coordinating and managing laboratory activities in support of QA, ensuring it is properly designed and implemented in a manner that will provide reliable support for those objectives that are responsive to the mission of the Laboratory Division.
- Through audit, testing and other software QA procedures, assess laboratory needs regarding implementation and supervision of these related programs.
- Write reports on the progress and success of laboratory proficiency testing and changes to the operational environments, and present to supervisor, which may be incorporated into a more comprehensive report or stand alone and be presented to management officials.
- Updated quality control standards, methods, and procedures to meet compliance requirements
Senior GRC Analyst
Alorica
01.2022 - 09.2023
- Engaged in comprehensive audits and reviews of Technology business line operations, bolstering risk management activities and ensuring regulatory compliance.
- Demonstrated proficiency in the NIST Cybersecurity Framework, utilizing its components to develop robust information security programs aimed at protecting sensitive data.
- Conducted meticulous validation and quality assurance checks to maintain data accuracy and integrity.
- Proposed process enhancements to streamline operations and effectively address constraints and challenges.
- Crafted targeted cybersecurity awareness content to empower end-users, improving cyber hygiene practices across the organization.
- Developed dynamic cybersecurity awareness materials tailored to emerging threats, reducing operational risks for specific audiences.
- Maintained up-to-date knowledge of cybersecurity trends and threats, contributing to proactive risk mitigation strategies.
- Articulated solutions and procedures through various communication channels, ensuring clarity and understanding among stakeholders.
- Ensured strict adherence to Information Security Policies and privacy regulations, safeguarding client data integrity and confidentiality.
Governance, Risk, & Compliance Analyst
Cardinal Innovations Heatlhcare
03.2016 - 01.2022
- Led comprehensive company audits, including PCI-DSS, HIPAA, SOC 2, and internal audits, serving as the primary contact.
- Executed compliance audits under the CISO's direction, overseeing planning, testing, evidence compilation, and quality assurance.
- Collaborated with internal/external auditors and technical teams to gather audit evidence.
- Revised security policies and standards documentation to meet industry best practices and regulations.
- Coordinated with governance committees for cyber risk analysis and mitigation based on information classification.
- Performed security assessments on third-party vendors and developed mitigation plans for violations.
- Designed and implemented a company-wide cybersecurity awareness program, including training and anti-phishing campaigns.
- Evaluated security risks across business areas and conducted threat modeling exercises.
- Developed plans to safeguard computer files against unauthorized access or disclosure.
Security Analyst II
Bank Of America
04.2012 - 03.2016
- Engineered, maintained, and repaired security systems and programmable logic controls to ensure optimal functionality.
- Prepared, executed, and reported on audits of NIST SP 800-53, PCI-DSS, and FFIEC cybersecurity controls, utilizing interview, document review, and system testing methodologies to support audit activities.
- Performed event correlation using data from various enterprise sources to enhance detection capabilities continuously.
- Assisted in vulnerability scanning, analyzing scan results, and collaborating with cross-functional teams to drive remediation efforts beyond Information Security & Compliance.
- Provided valuable support in achieving and maintaining compliance with NIST SP 800-53, PCI-DSS, and FFIEC frameworks.
- Contributed to the maintenance of incident response documentation, including the Incident Response Plan and Playbooks, ensuring preparedness for security incidents.
- Collaborated with stakeholders to enhance security maturity and awareness throughout the organization.
- Supported end-to-end incident response activities related to various security risks and threats, including ransomware, system compromise, account takeover, and phishing attacks.
- Reviewed security procedure violations and developed effective mitigation plans.
- Designed and spearheaded the implementation of a comprehensive enterprise security strategy, focusing on network and hardware security, disaster recovery, and data protection across all major systems.
SOC Analyst
Palmetto Health Hospital
01.2009 - 03.2012
- Provided comprehensive software and hardware support to address end-user technical issues, ensuring uninterrupted operations and maintaining data integrity.
- Conducted daily Windows troubleshooting and resolved processing errors to meet service level goals for uptime.
Coordinated thorough testing of applications, hardware, and software infrastructures to optimize performance and security. - Collaborated closely with support teams to troubleshoot data center outages and IT issues, minimizing downtime and ensuring continuous operations.
- Played a vital role in developing in-network infrastructure and implementation strategies, fostering seamless communication across multifunctional teams.
- Demonstrated technical proficiency by disassembling and soldering CPUs, circuit boards, cooling systems, wiring, and power supplies as needed.
- Managed desk calls and assigned tickets using the Remedy ticketing system, ensuring timely issue resolution and effective stakeholder communication.
Education
Bachelor of Science - Information Technology
University of South Carolina
Columbia, SC05.2011
Skills
- Cybersecurity
- Quality Management
- Risk Management
- Security Assessments
- Security Policy Development
- Identity & Access Management
- Network Security
- Security Operations
- Incident Response
- Forensics Analysis
- Business Continuity Planning
- Developing Security Plans
- Compliance Standards (eg, GDPR, HIPAA, PCI-DSS, NIST)
- Network Infrastructure Monitoring
- Technical Documentation
Frameworks
- ISO 17025
- ISO 27001
- ISO 9001
- DOD 8570
- NIST 800-53
- NIST CSF
- NIST RMF
- FERC
- NERC
- HIPAA
- PCI DSS
- HITRUST
- GLBA
- GDPR
- SOC
- SOX
- MITRE ATT&CK
- FISMA
Additional Information
- UNITED STATES MARINE CORPS
Certification
Certified Information Systems Security Professional (CISSP)
Certified Information Privacy Professional (CIPP)
Certified Governance, Risk, and Compliance (CGRC)
Forensic Internal Auditor (ANAB)
PCI QSA
Global Information Assurance (GIAC)
Certified Cloud Security Professional (CCSP)
HealthCare Information Security and Privacy Practitioner (HCISPP)
Top Secret Security Clearance
Agile Certification
Microsoft Certified Architect
Cisco Certified Network Associate (CCNA)
Microsoft Certified Professional (MCP)
CompTIA Security +
CompTIA Network +
CompTIA +
Dell
Hp
Timeline
Quality Manager - Systems & Infrastructure ENG III
Walmart Global Tech
09.2023 - Current
Senior GRC Analyst
Alorica
01.2022 - 09.2023
Governance, Risk, & Compliance Analyst
Cardinal Innovations Heatlhcare
03.2016 - 01.2022
Security Analyst II
Bank Of America
04.2012 - 03.2016
SOC Analyst
Palmetto Health Hospital
01.2009 - 03.2012
Bachelor of Science - Information Technology
University of South Carolina
Similar Profiles
Vishwas SrivastavaVishwas Srivastava
Software Development Engineer - III at Walmart Global Tech India Pvt LtdSoftware Development Engineer - III at Walmart Global Tech India Pvt Ltd
NAVEEN KUMAR S RNAVEEN KUMAR S R
Service Manager - Platform Enablement at Walmart Global TechService Manager - Platform Enablement at Walmart Global Tech
Shanmuga Priyan MuruganShanmuga Priyan Murugan
Technology Services Engineer III at Walmart Global TechTechnology Services Engineer III at Walmart Global Tech
Rajya Lakshmi KornapatiRajya Lakshmi Kornapati
Staff Software Engineer at Walmart Global Tech IndiaStaff Software Engineer at Walmart Global Tech India
Abdel RodriguezAbdel Rodriguez
Laboratory Supervisor - Food Contact Products at UL SolutionsLaboratory Supervisor - Food Contact Products at UL Solutions