Summary
Overview
Work History
Education
Skills
Timeline
Certification
Websites
Work Preference
Generic
Tyrel Tierney

Tyrel Tierney

Cybersecurity and Compliance
Covington,LA

Summary

Dynamic leader with over 20 years of combined military and private sector security experience with domestic and international experience in operations, strategic positioning, technology development, and strategic planning with both startup and growth organizations. Experienced in network systems and security, data integrity, disaster recovery, and risk management with proven ability accurately and effectively advising Executives, Senior Management, and Stakeholders on all methodologies, processes, and risks associated with auditing and compliance activities. Experienced in team and project leadership, customer service, policy planning, troubleshooting equipment, and generating solutions.


Overview

20
20
years of professional experience

Work History

Senior Security Consultant / Assessor

JTB Technologies, LLC
01.2024 - Current
  • Scope client engagements by leading pre-sales calls and onsite visits to understand the clients' security and compliance requirements for their respective environments
  • Subject Matter Expert (SME) in cloud security, identity and access management, continuous monitoring, logging and auditing, data encryption, penetration testing, vulnerability management, and risk mitigation with respect to NIST, FedRAMP, FISMA, CMMC, HIPAA, HITRUST, and other regulatory standards and frameworks
  • Provide executive oversight during project scoping, planning, execution, and completion of Readiness, Annual, and Significant Change Assessments, with respect to NIST, FedRAMP, FISMA, CMMC, HIPAA, HITRUST, and other regulatory standards and frameworks
  • Identify and communicate FedRAMP cloud security requirements related to container security, boundary protection, FIPS 140-2 validated encryption, Multi factor Authentication (MFA), DNSSEC, and related security controls to all relevant stakeholders
  • Conduct comprehensive reviews of client’s documents and technologies to identify the scope of the authorization boundary to ensure industry specific security guidelines (NIST, FedRAMP, FISMA, CMMC, HIPAA, HITRUST, and other regulatory standards and frameworks) are properly implemented to protect the confidentiality, integrity, and availability of client’s data

Senior Manager / Security Consultant

Coalfire Systems, Inc.
09.2021 - 01.2024
  • Served as the Senior Cybersecurity Consultant for Red Hat, Amazon Web Services (AWS), and International Business Machines (IBM); responsible for performing security assessments and providing expert security guidance related to implementing security controls and protecting data within cloud technologies and cloud platforms
  • Selected as the Subject Matter Expert (SME) to educate internal and external stakeholders on proper implementation of security controls for industry specific information technology assets (NIST, FedRAMP, FISMA, CMMC, HIPAA, HITRUST, and other regulatory standards and frameworks), to include policies, procedures, data classification, configuration management, and vulnerability management
  • Communicate information technology security, trends, best practices, regulatory and industry standard compliance issues (PCI, NIST, ISO, IEC, SABSA, OWASP) to all relevant stakeholders
  • Conduct comprehensive reviews of client’s documents and technologies to identify the scope of the authorization boundary to ensure industry specific security guidelines (NIST, FedRAMP, FISMA, CMMC, HIPAA, HITRUST, and other regulatory standards and frameworks) are properly implemented to protect the confidentiality, integrity, and availability of client’s data
  • Ensure all Security Authorization documents are updated annually or as changes occur within the Authorization Boundary
  • Perform contingency planning, disaster recovery, and incident response tests annually or as needed

Senior Information Assurance Engineer

Millennium Corporation
10.2019 - 09.2021
  • Advise the System Owner and ISSM on all security considerations in application systems procurement and development, implementation, operation and maintenance, and disposal
  • Assist the System Owner and ISSM during the system categorization process, ensuring all information and data types and provisional impacts comply with NIST SP 800-60v2, and the appropriate system categorization (CIA) is applied to each information system
  • Maintained thorough knowledge of all configurations, architecture, installed software, accounts (both Operating System and Application), data flows, ports, protocols, and other relevant data for each Information System
  • Work closely with development teams, Solution Architects, and System Administrators during each step of the Risk Management Framework (RMF) to ensure applicable NIST, DoD, and Department of Navy (DoN) security controls and requirements are addressed during development and operations
  • Assist Validators / Assessors throughout the Security Assessment and Authorization process, to include creating Security Assessment Plan (SAP), Security Assessment Report (SAR) and Risk Assessment Report (RAR) in accordance with DoD, and DON guidelines
  • Monitor and respond to Information Security Vulnerability Management (ISVM) and report potential threats and vulnerabilities to appropriate stakeholders
  • Create, monitor and update the status of POA&Ms to ensure weaknesses are resolved in accordance with scheduled milestones
  • Coordinate with the System Owner and ISSM to ensure a comprehensive security impact analysis of system safeguards is performed before and after all system changes

ISSO / Security Control Assessor

Knight Point Systems, LLC
09.2016 - 09.2019
  • Coordinated with Engineers and Systems Owners to accurately update System Design documents for each appointed Information System
  • Ensured the Configuration Management Database (CMDB) and all system policies and procedures were continuously updated to accurately reflect the system accreditation boundary
  • Performed oversight of Information System Vulnerability Management (ISVM) inquiries and ensured that the inquiries were addressed and reported within the allotted timeframe
  • Generated Plan of Actions & Milestones (POA&Ms) for each non-compliant security control
  • Supported NIST Risk Management Framework (RMF) based Assessment and Authorization (A&A) activities
  • Monitored and prepared required actions and documents pertaining to the system lifecycle, to include security evaluation findings and residual risks
  • Reviewed and processed Interconnection Security Agreements (ISAs), Policy Waivers, Approval to Test (ATT), and Interim Approval to Operate (IATO) documents

Information Knowledge Manager

U.S. Army
06.2008 - 09.2016
  • Oversaw management of a variety of Department of Defense security standards and regulations including cybersecurity and identity authentication
  • Built and managed SharePoint active directories and security permissions on 3 separate domain networks serving 150 personnel
  • Maintained communication pathways to ease sharing and collaboration on classified, restricted, and unclassified documents while continuing to ensure security integrity
  • Led and managed architectural design, development, and integration efforts of enterprise solutions for communications information systems (CIS) support unit
  • Developed solutions for collaboration, portal use, enterprise search, enterprise content management, processes and business intelligence
  • Improved SharePoint portal with an Information Knowledge Management uplift initiative while preserving the current database; established and reserved the SharePoint environment in an alternate location
  • Worked in the alternate network control center, which monitored all of the North Atlantic Treaty Organization’s (NATO) Nuclear, Air Command and Control (C2), and Ballistic Missile Defense networks in support of 29 nations throughout NATO
  • Coordinated troubleshooting and maintained LAN/WAN networking equipment such as firewalls, routers, hubs, switches, CSU/DSU’s, Modems, ISDN, MPLS, Frame-Relay, BME, and associated diagnostic equipment
  • Supervised the installation, operation, and maintenance of tactical satellite-based shelters utilizing CISCO routers for NIPR, SIPR, Voice, Data and VTC capabilities
  • Managed and ensured the reliability of circuits, trunks, links, systems, and facilities
  • Maintained Tactical Line of Sight (LOS) Tropospheric (TROPO) scatter communications systems and associated equipment

Education

Bachelor of Arts -

American Military University
08-2016

Advanced Leadership And Management Development - Educational Leadership And Management

United States Army
01-2014

Skills

  • Incident response
  • Application Security Assessment
  • Cloud Security Management
  • Malware Threat Assessment
  • Windows Server, Linux, Python, SQL, AWS, Azure, Cisco Routers, Firewalls, Virtualization
  • Microsoft Office Suite, Adobe Creative Suite, Jira
  • TCP/IP Protocol Management
  • MySQL, PostgreSQL, MongoDB, Oracle
  • Nessus, Burp Suite, DISA STIG, Containers
  • Problem-solving, Communication, Teamwork, Time Management, Adaptability, Critical Thinking
  • US Federal Information Assurance
  • Department of Defense (DoD) Information Assurance
  • Risk Management Framework (RMF)
  • NIST, FedRAMP, FISMA, CMM

Timeline

Senior Security Consultant / Assessor

JTB Technologies, LLC
01.2024 - Current

Senior Manager / Security Consultant

Coalfire Systems, Inc.
09.2021 - 01.2024

Senior Information Assurance Engineer

Millennium Corporation
10.2019 - 09.2021

ISSO / Security Control Assessor

Knight Point Systems, LLC
09.2016 - 09.2019

Information Knowledge Manager

U.S. Army
06.2008 - 09.2016

Bachelor of Arts -

American Military University

Advanced Leadership And Management Development - Educational Leadership And Management

United States Army

Certification

ISC2 – (CISSP)

ISC2 – (CGRC)

Mile2 – (CISSO)

A2LA – (BCR)

ITIL – Foundation v3

Work Preference

Work Type

Part TimeContract Work

Work Location

RemoteHybrid

Similar Profiles

  • Yoshiko Musgrove

    Yoshiko MusgroveYoshiko Musgrove

    Specialist Representative at JTB Hawaii Travel, LLCSpecialist Representative at JTB Hawaii Travel, LLC

    View Profile
  • Yuki Shibamoto

    Yuki ShibamotoYuki Shibamoto

    Sales Representative at JTB Global Marketing and TravelSales Representative at JTB Global Marketing and Travel

    View Profile
  • Vibha Negi

    Vibha NegiVibha Negi

    Senior Operations Executive at JTB India Pvt LtdSenior Operations Executive at JTB India Pvt Ltd

    View Profile
Tyrel TierneyCybersecurity and Compliance