Security Plan
This comprehensive Security Plan was developed and refined over the course of multiple projects to address the security needs of a growing organization. The plan outlines key security controls, policies, and implementation strategies, aligning with industry frameworks such as NIST 800-53 and PCI DSS. It focuses on safeguarding assets, ensuring compliance, and mitigating risks while supporting the organization’s growth and operational needs.
Change Control Management Policy
This Change Control Management Policy establishes guidelines for managing IT changes within SnowBe Online’s environment. It includes a comprehensive framework to evaluate, approve, and implement changes to ensure operational stability, security, and compliance. Key features include:
This policy aligns with industry standards such as NIST and demonstrates best practices for structured IT change management.
Simple Maturity Spreadsheet and Prioritization
This project involves the creation of a maturity assessment and prioritization plan using the CMMC v1.0 (Cybersecurity Maturity Model Certification) framework. The spreadsheet evaluates compliance across critical domains, such as Access Control, Incident Response, and System Integrity, identifying gaps in processes and practices.
Key Features:
The deliverable serves as a strategic roadmap for achieving targeted cybersecurity maturity levels, ensuring compliance and enhanced security posture.
This case study, sourced from Security Hive, demonstrates the importance of vulnerability management in protecting critical healthcare systems. The study focuses on:
Results:
Relevance to My Expertise:
This case study aligns with my hands-on experience in vulnerability scanning, penetration testing, and implementing security controls using tools such as Nessus and Metasploit. It highlights the critical role of proactive vulnerability management, a key area of focus in my cybersecurity journey.
I’m actively seeking opportunities to apply my skills and contribute to an organization’s security initiatives. If you’re looking for a detail-oriented cybersecurity professional with a passion for securing systems, I’d love to connect.