Summary
Work History
Education
Skills
Certifications Specialized Training
Skills
Affiliations
Certification
References
Timeline
Generic

Walter Lewis

Seattle,WA

Summary

Dynamic Information Security Manager with a proven track record at Stanley1913, leading security transformations that enhanced operational efficiency and reduced risk exposure. Expert in SOC management and incident response, fostering team collaboration to achieve strategic objectives. Recognized for implementing robust security programs and driving continuous improvement in cybersecurity compliance.

Work History

Manager, Information Security

Stanley1913
Seattle, WA
09.2023 - Current
  • Managed security transformation, including SOC replacement and SOAR deployment, reducing operational hours by 14%.
  • Redesigned vulnerability management program, deploying endpoint hardening and vulnerability management strategies.
  • Expanded the security function from a single-person operation to a multidisciplinary team of two security analysts, two security engineers, and a dedicated project manager, enhancing organizational capacity and accelerating security initiatives.
  • Deployed cloud security posture management, reducing cloud risk exposure by identifying and prioritizing critical vulnerabilities and accelerating remediation timelines by 32% through streamlined workflows.
  • Established comprehensive KPIs and OKRs for the Information Security program, aligning security initiatives with business objectives and enabling data-driven decision-making to track risk reduction, compliance, and performance improvements.
  • Founded and nurtured data communities across diverse teams, fostering collaboration, knowledge-sharing, and best practices to enhance data literacy and drive data-driven decision-making.
  • Present MBRs and QBRs to global leadership and the board of directors, providing strategic insights on performance, highlighting achievements, addressing key challenges, and proposing actionable plans to ensure alignment with overall company objectives and drive sustainable growth.

Senior Security Engineer

Stanley1913
Seattle, WA
05.2021 - 09.2023
  • Configured and launched a data security posture management tool, enabling autonomous data classification, risk assessment, and protection of sensitive information across cloud and on-premises environments.
  • Executed the migration of the enterprise email gateway to an AI-powered platform, boosting threat detection, reducing false positives, and strengthening overall email security.
  • Engineered a scalable Data Loss Prevention (DLP) platform, designing and implementing policies, detection rules, and integration workflows to protect sensitive data across endpoints, email, and cloud environments.
  • Developed a comprehensive Incident Response plan, including event triggers, communication protocols, workflows, templates, and playbooks to enhance organizational readiness and streamline crisis management.
  • Implemented ransomware prevention and autonomous recovery, enhancing endpoint resilience and reducing recovery time following security incidents from weeks to hours.
  • Rolled out security awareness training tailored for executives, admins, and employees, incorporating quarterly benchmarking to track progress and strengthen the organization’s human defense layer.
  • Operationalized next-gen extended detection and response (XDR), significantly improving threat visibility and cutting incident response times by 22% through AI-driven automation.

Senior Security Analyst, International Security Ops

Costco Wholesale
Issaquah, WA
05.2019 - 05.2021
  • Lead analyst for security operations internationally, enhancing incident response times by 25%.
  • Responsible for establishing information protection standards for eleven countries through a regular cadence of meetings to resolve compliance issues.
  • Led a global vulnerability management program, driving remediation initiatives that achieved a 33% reduction in overall security risk.
  • Integrated threat intelligence and automated detection in international SOC processes.
  • Managed the relationship between the company and the Managed Security Operations Center.

Senior Information Security Analyst

Tableau Software
Seattle, WA
08.2018 - 05.2021
  • Implemented the NIST Cybersecurity Framework in conjunction with industry best practices and created a security road map.
  • Managed Sarbanes-Oxley Quarterly Access Review process, finding and remediating issues before audit.
  • Internal/external audits showed findings down 22% over the previous quarter in 2018.
  • Redesigned existing manual security questionnaire/customer call process, providing a reliable source of the company-approved answers on a self-service platform.
  • Paired with a quarterly training session with our EMEA, APAC, and AMER sales teams on technologies and terminologies, reducing labor-hours by 27% Q4,2018.

Senior Security Analyst, International Security Ops

Costco Wholesale
Issaquah, WA
03.2017 - 08.2018
  • Lead analyst for international business units, created processes for the implementation of data protection per local and international regulatory requirements.
  • Senior Security Analyst on internal/external vulnerability scanning tools, endpoint protection, and SIEM management across a global network.
  • Instrumental in the creation of professional development plans and materials, enabling the growth of junior personnel.

Senior Cybersecurity Engineer

Broad Institute of MIT and Harvard
Cambridge, MA
11.2014 - 03.2017
  • Designed a secure SDLC and role-based training program, cutting app vulnerabilities by 37%.
  • Served as Lead Engineer on government contracts requiring FISMA and FedRAMP compliance, designing and implementing secure cloud architectures, conducting risk assessments, and ensuring systems met rigorous federal security standards.
  • Successfully deployed MFA enterprise-wide under a compressed timeline, meeting compliance deadlines while enhancing secure access and minimizing user disruption.
  • Led enterprise-wide Vulnerability Management program using Nessus, driving proactive identification, prioritization, and remediation of security vulnerabilities across hybrid environments to reduce organizational risk.
  • Key person for the Broad Institute’s organization-wide ISO compliance initiative, coordinating cross-functional teams to develop and implement security, availability, and confidentiality controls, resulting in successful attestation and enhanced institutional trust with partners and stakeholders.
  • Engineered an OpenStack cloud infrastructure to secure an 80PB research environment.
  • Integrated SIEM and EDR tools, boosting threat detection accuracy by 45% and reducing average incident response time by 19%.
  • Managed Palo Alto Networks firewalls across enterprise environments, including policy configuration, threat prevention, and routine maintenance to ensure optimal network security and compliance.

Information Systems Security Engineer, Defense Contract

Ticom Geomatics Inc.
Austin, TX
02.2013 - 06.2014
  • Served as Information Systems Security Engineer (ISSE) for the U.S. Navy’s unmanned aerial systems program, ensuring compliance with DoD cybersecurity policies and RMF requirements throughout system design, development, and deployment.
  • Collaborated with engineering teams to integrate security controls into mission systems, conducted risk assessments, and validated cybersecurity solutions to protect classified data and maintain operational readiness.
  • Installed and managed security updates and patches for classified and unclassified systems, reducing the risk of attacks on critical classified systems on Linux and Windows systems.

Deputy CISO

USAF Space Command & USAF Cyber Command
03.2010 - 03.2013
  • Directed daily cyber ops for USAF Cyber Command, leading 40+ Airmen across multiple disciplines in support of U.S. Code Title 50 cyber operation missions in coordination with U.S. Cyber Command.
  • Provided guidance and interpretation of the Intelligence Community Directive (ICD) and the Risk Management Framework (RMF) to support system authorization, security control implementation, and compliance with the Intelligence Community’s cybersecurity standards.
  • Led the sensitive compartmented information floor (SCIF) systems accreditation process from planning to Interim Authority to Operate pending USAF OCIO ATO. Ensuring full compliance with DCID, later ICD standards.
  • Provided senior government officials updates and briefings on the ongoing Special Technical Operation (STO), in support of Command and Control, Intel, Surveillance, and Reconnaissance (C4ISR) operations.
  • Guided procedural and operational management and maintenance of the $5.5B classified Air Force network.
  • Reviewed and approved DCID/ICD-compliant system accreditation packages for SCIF systems.

Information Security Manager

USAF
various locations
03.2002 - 03.2010
  • Oversaw Theater Battle Management Core System integration to enhance mission-critical operations.
  • Led $20M information security program, securing communications for ten installations.
  • Managed $150M Joint Worldwide Intelligence Communications System, supporting 16 sites across Europe and deployed locations.
  • Supervised technicians, focusing on professional and personal growth.
  • Administered training and technology budgets aligned with strategic objectives.
  • Ensured secure communication through Defense Messaging Systems across multiple classification domains.
  • Developed robust information security policies and conducted risk assessments to identify system vulnerabilities.
  • Monitored network traffic for anomalies and ensured compliance with regulatory standards.

Education

Bachelor of Science - Cybersecurity

Eastern Oregon University
La Grande, OR

Skills

  • SOC Management
  • SIEM Implementation
  • XDR Solutions
  • Threat Intelligence
  • Incident Response
  • Ransomware Prevention & Recovery
  • Threat hunting
  • MFA Technologies
  • Firewall Configuration
  • Cloud Security (Azure)
  • CISA ZTMM
  • NIST
  • CIS
  • ISO
  • PCI-DSS
  • CMMC
  • SOX
  • GDPR
  • CCPA
  • PIPEDA
  • LGPD
  • ICD
  • Vulnerability Management
  • Security Automation
  • Risk Management
  • Security Engineering
  • Technical Escalation
  • Data Loss Prevention (DLP)
  • Cloud Security Platform (CSP)
  • Data Security Posture Management (DSPM)
  • Cloud Infrastructure Entitlement Management (CIEM)
  • Security program management
  • Cloud security management
  • Vulnerability assessment
  • Incident response planning
  • Data loss prevention
  • Cybersecurity compliance
  • Risk management
  • Security operations leadership
  • Threat intelligence integration
  • Team collaboration
  • Strategic communication
  • Performance measurement
  • Project coordination
  • Stakeholder engagement
  • Continuous improvement
  • Project management
  • Customer service
  • Time management
  • Decision-making
  • Goal setting
  • Workforce management
  • Brand management
  • Team leadership
  • Cross-functional teamwork
  • Staff management
  • Employee onboarding
  • Operations management
  • Policy implementation
  • Regulatory compliance
  • Documentation and reporting
  • Work prioritization
  • Relationship building
  • Performance evaluations
  • Project planning
  • Expectation setting
  • Performance management
  • Policy and procedure development
  • Vendor management
  • Networking strategies
  • Recruiting and interviewing
  • Expense tracking
  • Staff development
  • Conflict resolution
  • Coaching and mentoring
  • Partnership development
  • Emergency response
  • Staff training and development
  • Clear communication
  • Verbal and written communication
  • Trend analysis
  • Key performance indicators
  • Business planning
  • Business administration
  • Change management
  • Resource allocation
  • Complex Problem-solving

Certifications Specialized Training

  • Certified Information Systems Security Professional (CISSP), 382227
  • Certified Cloud Security Professional (CCSP), in progress
  • Cisco Certified Network Associate (CCNA), CSCO12856244 (expired)
  • Certified Scrum Professional, 000522171
  • European Union General Data Protection Regulation (GDPR)
  • California Consumer Privacy Act (CCPA)
  • Lei Geral de Proteção de Dados (LGPD)
  • MGT517: Managing Security Operations: Detection, Response, and Intelligence
  • SEC573: Automating Information Security with Python (training only)
  • CEH (training only)
  • ITILv4 Foundation (training only)

Skills

SOC Management, SIEM Implementation, XDR Solutions, Threat Intelligence, Incident Response, Ransomware Prevention & Recovery, Threat hunting, MFA Technologies, Firewall Configuration, Cloud Security (Azure), CISA ZTMM, NIST, CIS, ISO, PCI-DSS, CMMC, SOX, GDPR, CCPA, PIPEDA, LGPD, ICD, Vulnerability Management, Security Automation, Risk Management, Security Engineering, Technical Escalation, Data Loss Prevention (DLP), Cloud Security Platform (CSP), Data Security Posture Management (DSPM), Cloud Infrastructure Entitlement Management (CIEM), Ransomware prevention and recovery

Affiliations

  • ISC2 Seattle Chapter member
  • Big Brothers Big Sisters of America
  • American Athletic Association Basketball Coach

Certification

Certified Information Systems Security Professional (CISSP) – 382227

Certified Cloud Security Professional (CCSP) – in progress

Cisco Certified Network Associate (CCNA) - CSCO12856244(expired)

Certified Scrum Professional (000522171)

MGT517: Managing Security Operations: Detection, Response, and Intelligence

SEC573: Automating Information Security with Python (training only)

CEH (training only)

ITILv4 Foundation (training only)

References

References available upon request.

Timeline

Manager, Information Security

Stanley1913
09.2023 - Current

Senior Security Engineer

Stanley1913
05.2021 - 09.2023

Senior Security Analyst, International Security Ops

Costco Wholesale
05.2019 - 05.2021

Senior Information Security Analyst

Tableau Software
08.2018 - 05.2021

Senior Security Analyst, International Security Ops

Costco Wholesale
03.2017 - 08.2018

Senior Cybersecurity Engineer

Broad Institute of MIT and Harvard
11.2014 - 03.2017

Information Systems Security Engineer, Defense Contract

Ticom Geomatics Inc.
02.2013 - 06.2014

Deputy CISO

USAF Space Command & USAF Cyber Command
03.2010 - 03.2013

Information Security Manager

USAF
03.2002 - 03.2010

Bachelor of Science - Cybersecurity

Eastern Oregon University

Similar Profiles

CREATE PROFILE