ROY M. SMITH II
Cybersecurity Compliance Director
Laurel,MD
Summary
Cybersecurity professional, recognized as change agent with subject matter expertise in risk management, compliance, IT Governance and technology audit. Expert at ensuring compliance for Department of Defense and Civilian Federal Government environments and mission critical applications. Skilled and well versed in Federal Information Security Modernization Act (FISMA), National Institute of Standards and Technology Publications (800 Series), Payment Card Industry (PCI) Data Security Standards, System and Organization Controls and other publications in support of security compliance.
Overview
20
20
years of professional experience
3
3
Certifications
Work History
Director of Information Security
CWTSatoTravel
01.2016 - Current
- Lead the development and implementation of comprehensive compliance policies, ensuring alignment with industry standards and regulatory requirements
- Successfully manage external compliance audits/assessments resulted, in 95% compliance rating (800-171, 800-53, PCI and SOC)
- Execute US Government environments risk assessments, identifying potential compliance risks, and implementing mitigation strategies
- Responsible for client Security relationships with over 20 US Federal Government contracts
- Manage the incident response and recovery efforts, collaborating with cross-functional teams
- Responsible for all Plan of Action and Milestones (POA&Ms) reports for identified vulnerabilities in support of all US Government Civilian and Department of Defense contracts.
Information Security Manager
CWTSatoTravel
01.2009 - 01.2016
- Principal Information System Security Officer for General Services Administration (GSA) E2 Solutions, FedRooms applications and several Department of Defense contracts
- Managed several Cyber Security based initiatives within the organization using project management principles while working with DevOps and Cybersecurity teams in support of company mission, and customer priorities
- Prepared program Certification and Accreditation documentations
- Ensured compliance with contractual and task order requirements necessary to secure and sustain federal client agency business
- Managed remediation tracking with cross functional teams (Business/Technical (Cloud) teams)
- Conducted annual Incident Response and Disaster Recovery exercises
- Responsible for the vulnerability management program for customer facing federal government applications.
Test Lead
CWTSatoTravel
01.2008 - 01.2009
- Developed and maintained detailed test plans and test cases for our Department of Justice customer
- Conducted root cause analysis for identified defects and work closely with development teams to ensure timely resolution
- Configured, managed and administered the test environment for optimal performance
- Performed risk analysis and mitigation for all testing issues to support the goals of the Program Manager and development teams
- Collaborated with an Implementation team of business analysts, software developers and project managers to establish the Department of Justice bureau 'go live' criteria
- Advised the Program Manager on all critical issues while helping to provide effective resolution on any identified issues
- Lead weekly Integration meetings and provide status updates on all test related matters.
IT Control Manager
Freddie Mac
01.2006 - 01.2008
- Risk mitigation liaison within the technology services organization responsible for supporting the needs of client teams as well as members of the internal and external audit teams
- Managed assessments and audits implemented recommendations and remediation plans for internal and external audit findings
- Supported internal/external audits and regulatory examinations for corporate compliance
- Monitored IT controls in support of Audit, Office of Federal Housing Oversight and corporate initiatives.
Senior Business Application Analyst
Freddie Mac
01.2004 - 01.2006
- Project lead for various projects within Mortgage Purchase Operations while overseeing the day-to-day operations and reporting functions for a group of 30 employees
- Collaborated with the internal audit department to review and validate department procedures to improve inefficiencies within the current process.
Education
Master of Science–Management Information System -
Bowie State University
Bachelor of Science–Business Administration - undefined
University of Maryland Eastern Shore
Skills
Application security
undefinedCertification
Certified Information System Security Professional (CISSP), 2013
Timeline
Director of Information Security
CWTSatoTravel
01.2016 - Current
Information Security Manager
CWTSatoTravel
01.2009 - 01.2016
Test Lead
CWTSatoTravel
01.2008 - 01.2009
IT Control Manager
Freddie Mac
01.2006 - 01.2008
Senior Business Application Analyst
Freddie Mac
01.2004 - 01.2006
Master of Science–Management Information System -
Bowie State University
Bachelor of Science–Business Administration - undefined
University of Maryland Eastern Shore
Similar Profiles
ODILIA HUNTODILIA HUNT
Defense and Government Travel Consultant at CwtsatotravelDefense and Government Travel Consultant at Cwtsatotravel
Lonell WilliamsonLonell Williamson
Senior Closeout Specialist - Project Manager at Jefferson Solutions – Department of Transportation Federal Railroad AdministrationSenior Closeout Specialist - Project Manager at Jefferson Solutions – Department of Transportation Federal Railroad Administration
Claudia CamposClaudia Campos
Leasing Consultant at Knott RealtyLeasing Consultant at Knott Realty
Andrew GiglioAndrew Giglio
Assistant Manager at Bob Evans RestaurantAssistant Manager at Bob Evans Restaurant
Keshane HinckleyKeshane Hinckley
Special Agent Trainee at United States Secret ServiceSpecial Agent Trainee at United States Secret Service