Shayl Taveras
Barrington,NJ
Summary
Seasoned Risk Management Analyst with robust background in identifying, analyzing, and mitigating potential risks. Strengths include developing comprehensive risk management strategies, implementing risk assessment tools, and providing expert advice on risk mitigation. Notable impact in previous roles includes enhancing operational efficiency through strategic risk management practices and fostering a culture of proactive risk awareness.
Overview
8
8
years of professional experience
1
1
Certification
Work History
Cybersecurity Risk Management Analyst
Confidential
McLean, VA
02.2025 - Current
- Eliminated 1,138+ critical/high-risk ACL vulnerabilities in FY25, directly reducing enterprise attack surface and remediating 743 instances of SMB port/legacy OS exposure.
- Automated review and approval of device isolation exceptions, achieving 98% accuracy and streamlining cloud environment security processes.
- Authored and delivered new security guidelines in alignment with FedRAMP standards, raising audit readiness and compliance scores.
- Drove cross-functional collaboration on IoT security tools, aligning market research with stakeholder requirements to support proactive threat detection strategies.
Cybersecurity Compliance Analyst
Booz Allen Hamilton
McLean, VA
01.2023 - 02.2025
- Conducted comprehensive gap analyses of system architecture against hardware/software baselines, leading to the closure of compliance issues and a 54.8% improvement in system adherence.
- Refined ports, protocols, and services documentation, minimizing audit findings and driving continuous process improvements.
- Leveraged ICAMP, Splunk, TRM, and eMASS to automate metrics tracking, significantly reducing manual reporting hours.
- Developed new standard operating procedures for boundary reviews, expediting compliance cycles.
Senior Cybersecurity Engineer
Lockheed Martin
Moorestown, NJ
08.2019 - 01.2023
- Developed and launched scripts automating STIG compliance for Linux, Windows, and network equipment—cutting manual review time by 70%.
- Produced detailed Risk Assessment Reports, directly informing hardware/software selection and integration decisions.
- Led monthly patch management and quarterly STIG reviews, ensuring full NIST-800-53 alignment and enhancing audit outcomes.
- Executed internal Whitebox penetration tests, proactively identifying and mitigating insider threat vectors.
Cybersecurity GRC Specialist
Future Technologies, Inc
Moorestown, NJ
12.2018 - 07.2019
- Advanced Assessment & Authorization (A&A) and Certification & Accreditation (C&A) package management, ensuring 100% on-time project approvals.
- Updated internal RMF process documentation, supporting improved compliance across all system changes.
- Validated configuration modifications, safeguarding infrastructure integrity.
GRC Analyst
Syntax
Somerset, NJ
04.2017 - 12.2018
- Led SOC 1/2 and PCI DSS audits, partnering with external examiners to resolve non-compliance issues and strengthen internal controls.
- Enhanced physical and logical security by deploying biometric devices and refining access management protocols.
- Provided advanced technical support for Active Directory, VPN operations, and backup management—improving data protection and uptime.
Education
M.S. - Cybersecurity
Excelsior College
Albany, NY01.2021
B.S. - Computer Information Systems
DeVry University
North Brunswick, NJ01.2011
Skills
- FedRAMP Standards
- Cloud Security Compliance
- Security Metrics Dashboards (Splunk, ICAMP)
- EMASS & ATO Documentation
- RMF
- Risk mitigation
- NIST-800
- Patch Management Automation
- Technical Documentation & SOP Creation
- Tenable
- Python
- Bash
- Risk assessment
- Compliance auditing
Websites
Certification
- Certified Information Systems Security Professional (CISSP)
- Qualys Certified Specialist (PCI Compliance)
- Amazon Certified Web Services Solutions Architect Associate (Expired 04/2025)
- Certified Ethical Hacker (CEHv10)
- CompTIA Linux+
- CompTIA CYSA+
- Navy Qualified Validator
Timeline
Cybersecurity Risk Management Analyst
Confidential
02.2025 - Current
Cybersecurity Compliance Analyst
Booz Allen Hamilton
01.2023 - 02.2025
Senior Cybersecurity Engineer
Lockheed Martin
08.2019 - 01.2023
Cybersecurity GRC Specialist
Future Technologies, Inc
12.2018 - 07.2019
GRC Analyst
Syntax
04.2017 - 12.2018
M.S. - Cybersecurity
Excelsior College
B.S. - Computer Information Systems
DeVry University
Similar Profiles
Manal Sultan AlQahtaniManal Sultan AlQahtani
SENIOR INFORMATION SECURITY SPECIALIST at ConfidentialSENIOR INFORMATION SECURITY SPECIALIST at Confidential
Devesh UpadhyayDevesh Upadhyay
Sales Consultant at ConfidentialSales Consultant at Confidential
Alison Bishop CampbellAlison Bishop Campbell
Licensed Insurance Agent at ConfidentialLicensed Insurance Agent at Confidential
Gladys RichardsonGladys Richardson
Commercial Real Estate Paralegal at ConfidentialCommercial Real Estate Paralegal at Confidential
Brigid DunworthBrigid Dunworth
Senior Accountant at Hay Group / Korn FerrySenior Accountant at Hay Group / Korn Ferry