Summary
Overview
Work History
Education
Skills
Websites
Certification
Awards
Clearance
Timeline
Generic

Royce Allen

Washington

Summary

Experienced IT and cybersecurity senior executive, strategist and enterprise architecture professional providing consulting services for 25+ years leading global information technology and security in automation, risk management, cloud transformation and enterprise technology programs for government, commercial, and private sectors. Proven record leading cloud security adoption (AWS, Azure, GCP hybrid), DevSecOps automation, and Zero Trust architectures. Expert in modernizing legacy ecosystems into cloud-native architectures, implementing CI/CD pipelines, and standardizing security tools to improve reliability, efficiency, and compliance. Advised boards and executive leadership, building scalable security strategies to business priorities managing multimillion-dollar budgets, leading high-performance and geographically distributed teams. Deep expertise regulatory compliance (i.e. HIPAA, PCI, SOC 2, NIST, FISMA, CSF, CMMC, DFARS, HITRUST, NISPOM, FedRAMP GLBA, FAIR, ISO 27001), incident response, and aligning security programs with business objectives to enable growth, resilience, and trust.

Overview

13
13
years of professional experience
1
1
Certification

Work History

Deputy CIO CISO Privacy Officer

U.S. Department of Commerce, National Technology Information Service
Washington
09.2024 - 04.2025
  • Led the strategic leadership in the design and management of enterprise architecture, infrastructure, system integration, risk management, security, cyber and privacy roadmaps to enable secure, data-driven operations across the federal landscape.
  • Directed end-to-end initiatives to deliver advanced AI/ML analytics platforms, modernize IT infrastructure, and strengthen the agency’s cybersecurity and privacy posture.
  • Manage $7.9M IT budget of 22 contracts; reduced budget by $1.2M without effecting network refresh and operations.
  • Partnered with executive leadership and industry leaders to align technology investments with mission objectives, improve governance, and promote innovation.
  • AI/ML Platform Development: Directed the design, development, and deployment of an AI/ML platform the financial management and accessibility systems in a hybrid cloud environment using various products and tools delivering reliable and ethical analytics to enhance decision-making for customers and security operations.
  • Introduced security-by-design into technology efforts, developed and deployed AI/ML platform, leveraged ServiceNow and ITIL framework analytics to enhance decision-making for ITSM.
  • Managed cross-functional teams and integrated innovative technologies to deliver scalable, mission-aligned solutions.
  • Strategic IT & Security Leadership: Designed and executed a comprehensive IT and security strategy and roadmap; aligned key performance indicators (KPIs) to organization's goals and objectives.
  • Conducted quarterly reviews and updates to ensure continued relevance, optimizing technology investments to support business growth and operational efficiency.
  • Incident Response & Resilience: Developed and operationalized robust IT, cybersecurity, privacy and risk frameworks, to reduce and improve enterprise risk exposure.
  • Automated workflows using analytic capabilities to address personnel shortage.
  • Directed enterprise SOC and CSIRT functions, leading 24×7 monitoring, threat intelligence, incident response, lead and participate in SOC exercises, disaster recovery and executive tabletop drills.
  • Maintained zero breaches while strengthening operational playbooks, regulatory reporting, and resilience.
  • Governance & Policy Automation: Established an IT and security governance committee; integrated risk, legal, and technology stakeholders for alignment with regulatory and policy - prioritize investments and align strategic initiatives with risk findings.
  • Data Protection & Compliance: Implemented advanced data privacy protocols and compliance mechanisms, post-quantum crypto strategy ensuring secure handling of sensitive information in accordance with federal mandates and best practices.
  • Mitigated organizational risk through proactive safeguards and controls.
  • Oversaw IT operations and managed divisions including digital government, infrastructure, ERP, and data center, ensuring performance effectiveness, service quality, and operational efficiency.
  • Team Leadership & Organizational Impact: Supervised and mentored senior IT managers and junior employees; developed performance standards and goals and ensured project milestones were consistently achieved.
  • Built and mentored high-performing, cross-functional IT and security teams, fostering a culture of innovation, accountability, and continuous improvement.
  • Increased team productivity and morale, leading to improved project outcomes.
  • Executive Collaboration & Innovation: Collaborated with senior leadership to define a unified IT and security vision, securing buy-in for strategic initiatives.
  • Identified and deployed emerging technologies that improved efficiency, resource optimization, and future scalability.
  • Partnered closely with the DIR, Legal/Contracts, Risk Management, and Chief Data Officer.

Principal Security Architect

IBM
Washington
04.2024 - 09.2024
  • Served as Principal Security Architect within IBM’s Cybersecurity Services Division, driving security architecture initiatives across federal programs.
  • Led the design and implementation of advanced security solutions to protect infrastructure, applications, and data across hybrid environments.
  • Collaborated with research teams to map FedRAMP and GRC workflows and evaluated IBM security tools delivering security control automation.
  • DevSecOps Automation & Product Authorization: Assessed and authorized IBM technologies based on risk and threat modeling to support secure automation, ensuring compliance, efficiency, and scalability.
  • Advocated for AI-driven risk and threat modeling across hybrid environments, supporting automated risk identification and prioritization within the DevSecOps lifecycle.
  • Cross-Functional Collaboration & Innovation Enablement: Partnered with cyber security center, federal customers and internal teams to integrate AI, cloud, and development technologies, improving workflow accuracy.
  • Modified cyber operations scenario and solutions bridged critical knowledge gaps between security and operations.
  • Delivered measurable improvements in efficiency, cost reduction, and project timelines.
  • International Business Machines Corporation’s (IBM) Cybersecurity Services Division

Director Chief Enterprise Security Architect

U.S. Department of Veterans Affairs
01.2017 - 12.2023
  • Headed the Department of Veterans Affairs’ Enterprise Security Architecture (ESA) organization and program as Director and Chief Enterprise Security Architect (CSA), managing the security posture of one of the largest healthcare and financial IT infrastructures in the federal government.
  • Implemented architecture and engineering services across VA’s $6.4B annual IT portfolio, supporting over 1,600 systems and 1,100 applications.
  • Provided strategic leadership for digital transformation and IT modernization initiatives for Zero Trust Architecture (ZTA), TIC3.0, supply chain risk management, cloud, mobile, data center consolidation, software development, IoT, and AI security.
  • Managed a $32M annual budget and directed a blended team of 75+ federal and contractor staff, safeguarding data for over 19.6 million veterans.
  • Enterprise Security Architecture & DevSecOps Enablement: Collaborated with 14+ product lines each consisting of 15+ members across time zones to lead secure development and deployment of scalable solutions.
  • Integrated engineering, compliance, and automate business/security workflows using SAFe, ITIL, and Agile methodologies.
  • Led the deployment of containerization technologies such as Docker and Kubernetes to enhance scalability and efficiency, resulting in a 47% improvement in application deployment times.
  • Immediately, secret management training and awareness developed, and hosted over 1700 developers to bring awareness of secret credential exposure.
  • Zero Trust Architecture Leadership: Directed the VA’s Zero Trust strategy and implementation; hosted five-day workshop conducted maturity assessment enterprise-wide to determine ZT and quantum readiness and roadmap alignment with EO 14028.
  • Delivered reference architecture and launched a ZTA sandbox to evaluate IAM, DLP, and supply chain risk management security controls for the administrative and healthcare systems.
  • Represented the VA in national forums (e.g., ATARC), chaired several committees and appointed as designated speaker (technology topics) for the CIO and CISO.
  • Rapid Crisis Response During COVID-19: During the pandemic, I led an accelerated digital transformation at the VA, compressing a three-year plan into just 90 days to maintain uninterrupted services for 19.6 million veterans.
  • Through decisive leadership and daily executive engagement, I secured critical resources and rapidly deployed Zero Trust Architecture, cloud, and telehealth solutions.
  • This high-impact response ensured operational continuity during a period of unprecedented demand.
  • Cloud Security & Emerging Technology Innovation: Led the deployment of enterprise cloud (Hybrid) services and established the VA Cloud Security (FedRAMP) and HITRUST Program, now used as a federal model.
  • Accelerated the deployment of 80+ cloud services, cutting FedRAMP authorization time by 50%.
  • Modernized IT infrastructure to enhance cybersecurity across a large federal organization.
  • Led the adoption of blockchain, AI, and advanced analytics, used to automate the de-identification of HIPPA and PII data and extracted data from healthcare images used for developing behavior analytics for PTSD patients.
  • Delivered security architecture documents (strategies, whitepapers, reference architecture, designed patterns) across various technologies (i.e. cloud, data center consolidation, generative AI/ML, blockchain, DevSecOps, and healthcare applications).
  • Global Leadership & Workforce Development: Managed a diverse enterprise architecture portfolio, aligning IT investments with strategic goals and customer needs.
  • Implemented a robust IT portfolio management framework to prioritize initiatives, allocate resources, and track progress.
  • Engaged stakeholders to ensure projects met mission objectives, resulting in a 50% increase in project completion rates and a 65% improvement in security risk mitigation and customer satisfaction.
  • Delivered projects on time and within budget, driving operational efficiency and organizational effectiveness.
  • Hosted global technical team of 1,120+ personnel across 1,400 locations, driving high-quality service delivery in a complex federal environment.
  • Fostered a collaborative culture, launched performance initiatives, and achieved a 25% increase in productivity and retainment rate of 100%.
  • Boosted job satisfaction and team engagement, directly impacting mission delivery.
  • Portfolio & Governance Excellence: Managed an enterprise-wide architecture portfolio aligned IT investments with mission priorities and stakeholder needs.
  • Created enterprise risk and compliance dashboards, aligned security engineering efforts with the VA’s risk appetite and compliance requirements (NIST CSF, FedRAMP, FISMA).
  • Leveraged dashboards for GRC portfolio management and governance frameworks; increased project completion by 50% and improved security risk mitigation and customer satisfaction by 65%.
  • Developed risk metrics and conducted regular briefings with senior leadership to communicate evolving threat landscapes and their business impacts.
  • Consistently delivered projects on time and within budget, enhanced operational performance and enterprise accountability.

Chief Office of Oversight and Compliance

National Security Agency
01.2015 - 01.2017
  • Served as Chief, Office of Oversight and Compliance at the National Security Agency (NSA), where I directed the agency’s Information Assurance (IA) and Cybersecurity (CS) Compliance Program during a pivotal era of institutional reform and heightened public scrutiny.
  • Created and implemented global risk assessments and compliance review processes, aligning cybersecurity controls with the NSA’s risk tolerance and operational priorities.
  • Developed and implemented metrics to measure the effectiveness of risk mitigation efforts to achieve stella results from audits.
  • Compliance Program Modernization & Global Oversight: Redesigned the compliance strategy to instill a culture of accountability and transparency across the agency.
  • Developed and implemented a global compliance training and assessment framework, increasing directorate-wide compliance adherence from 40% to 100%.
  • Trained internal and external stakeholders, including DoD, USCYBERCOM, and Defense Industrial Base (DIB) entities, leading to the resolution and closure of all outstanding OIG actions within a year.
  • Legal Alignment & Violation Resolution: Worked in close coordination with NSA’s Office of General Counsel to address complex compliance issues and develop effective reporting protocols.
  • Authored and disseminated information assurance and cybersecurity reports across the intelligence community.
  • Served as an independent reviewer to ensure consistent handling of violations.
  • Directed investigations with Risk Management, Internal Audit, and Compliance Standards teams, delivering corrective action plans and formal reporting processes to authorized enforcement entities.
  • Policy Development & Data Governance: Created and updated cybersecurity policies to prevent data misuse and reinforce operational integrity.
  • As Chair of the Analytic Working Group, led the development of IA/CS data governance standards and policies for data labeling, data catalog, data access and data dissemination.
  • Oversaw and refined compliance policies to ensure alignment with emerging technologies, sustaining comprehensive readiness and accountability initiatives across the agency eight sites globally.
  • Training & Cultural Transformation: Designed and implemented an agency-wide training program focused on addressing systemic compliance risks.
  • Delivered 100% completion rates and institutionalized a culture of continuous learning and ethical data stewardship.
  • Positioned NSA to meet internal and external oversight expectations while advancing national cybersecurity mission objectives.

Chief Scalable Analytics & Program Management

National Security Agency
01.2012 - 01.2015
  • Directed the cybersecurity analytics development programs, overseeing strategy, execution, and innovation across mission-critical initiatives.
  • Managed the integration of advanced analytics tools and cyber techniques, delivering scalable solutions for defense and intelligence partners worldwide.
  • Championed data-driven decision-making by enhancing analytic infrastructure, governance, and agency wide.
  • Collaborated with foreign partners, academia and federal agencies on cyber operations and enterprise modernization.
  • Cyber Analytics Development & Workforce Transformation: Led the turnaround of an underperforming division during restructuring, creating a professional development roadmap for 50+ staff that boosted morale and output.
  • Delivered 150+ advanced cybersecurity algorithms and tools, establishing the team as one of NSA’s top cyber analytic units.
  • Oversaw DevSecOps and software security programs across GitHub, DevOps, and Jenkins with SAST/DAS and SCA.
  • Engineering Framework & Automation: Designed an optimized software engineering framework that accelerated the delivery of cyber solutions.
  • Directed rapid prototyping and development, streamlining operations and shortening deployment cycles.
  • Authored detailed use cases and executed secure information-assurance automation tasks utilizing machine learning techniques such as clustering, statistical analysis, and text mining within hybrid cloud environments.
  • Big Data & Technology Integration: Managed a major big data initiative to automate and enhance analytic workflows, improving discovery and decision-making.
  • Developed and implemented cybersecurity analytics platforms that strengthened risk detection and response capabilities for cyber exercises globally.
  • Strategic Partnerships & Enterprise Funding: Secured critical IT initiative funding by building strategic partnerships across the Intelligence Community (IC).
  • Engaged senior leadership from ODNI, DoD, and other agencies to design enterprise-level security controls and justify investment in innovative cyber capabilities.
  • Delivered compelling briefings and ROI analyses that helped secure long-term funding and foster interagency alignment.
  • Strengthened collaboration across federal and industry stakeholders, enhancing the visibility, credibility, and performance of NSA’s cybersecurity programs.

Education

M.A. - Organizational Management

Webster University

B.S. - Computer Networking

Strayer University

Skills

  • IT/Cybersecurity Transformation Leadership
  • Zero Trust
  • Risk-based program execution
  • Enterprise IT transformation strategy
  • Cybersecurity modernization
  • Resilience
  • Agile delivery
  • Iterative delivery
  • Innovation enablement
  • Emerging technology integration
  • Mentoring
  • Coaching
  • Open Communication
  • Inclusiveness
  • Program Planning
  • Program and Portfolio Management
  • PMO Leadership
  • Portfolio optimization
  • Resource optimization
  • KPI development
  • Risk dashboard development
  • Program performance metrics
  • ROI
  • Governance
  • Risk
  • Compliance
  • Enterprise risk governance
  • Maturity modeling
  • Federal regulatory compliance management
  • Policy automation
  • Control assurance
  • Data privacy
  • Data protection leadership
  • Cybersecurity Technical Expertise
  • Cyber risk mitigation
  • Threat analytics
  • IT/OT convergence
  • Security architecture
  • Cloud Automation
  • DevSecOps Automation
  • Data protection
  • IAM
  • Incident response leadership
  • Information Technology Infrastructure Library (ITIL)
  • Change Management
  • Emerging Tech
  • Artificial Intelligence
  • Machine Learning
  • Virtual Reality
  • Augmented Reality
  • Internet of Things
  • Blockchain
  • Third-Party Risk Management

Websites

Certification

  • ITIL Foundation
  • GRC
  • SABSA Framework
  • CISM (in progress)
  • CCNA

Awards

  • FedHealthIT Women in Leadership Impact (2022/2023)
  • FedHealthIT100 Award (2021)
  • Women of Color Rising Star Engineering Award (2008)

Clearance

TS

Timeline

Deputy CIO CISO Privacy Officer

U.S. Department of Commerce, National Technology Information Service
09.2024 - 04.2025

Principal Security Architect

IBM
04.2024 - 09.2024

Director Chief Enterprise Security Architect

U.S. Department of Veterans Affairs
01.2017 - 12.2023

Chief Office of Oversight and Compliance

National Security Agency
01.2015 - 01.2017

Chief Scalable Analytics & Program Management

National Security Agency
01.2012 - 01.2015

M.A. - Organizational Management

Webster University

B.S. - Computer Networking

Strayer University

Similar Profiles

  • ROB KRUMWIEDEROB KRUMWIEDE

    Chief Information Officer (CIO-CISO) at WassermanChief Information Officer (CIO-CISO) at Wasserman

  • ANOU BANGHITANOU BANGHIT

    VP Chief Information Officer (CIO) / CISO at The Royal Healthcare Group (ROHGC)VP Chief Information Officer (CIO) / CISO at The Royal Healthcare Group (ROHGC)

  • Sohel TalukderSohel Talukder

    Chief Information Officer (CIO) at Sthapati Associates Ltd.Chief Information Officer (CIO) at Sthapati Associates Ltd.

  • BRIAN DIAZBRIAN DIAZ

    Chief Information Security Officer (CISO) at Specter AerospaceChief Information Security Officer (CISO) at Specter Aerospace

CREATE PROFILE
Royce Allen