Susana Reyes CISA | CRISC | CISSP | CDPSE | CMMC RP
Information security management practices protect the assets of the organization through the implementation of physical, administrative, managerial, technical, and operational controls to ensure that the core concepts of availability, integrity, and confidentiality are supported by adequate security controls designed to mitigate or reduce the risks of loss, disruption, or corruption of information.
As you are aware, the economic and national security of our nation depends on ensuring that the data entrusted to your organization is protected from unauthorized access by adversaries. CMMC requires an organizational committment to ensure information security practices are integrated into the company's culture.
My goal is to be your trusted and valued partner in your CMMC maturity journey.
U.S. Military Veteran and certified information technology professional with over fifteen (15) years of experience leading and managing information technology, security, governance, risk, compliance, and data privacy programs, projects and initiatives.
- Experience with information security management governance and audit frameworks, standards, controls, and risk assessment methodologies (ISO/IEC 27001/02, NIST Cybersecurity Framework, and NIST 800-171)
Experience with legal and/or regulatory compliance requirements related to Sarbanes-Oxley (SOX), HIPAA, PCI-DSS, and privacy regulations (GDPR and CCPA)
Experience in security assessments of SaaS/PaaS/IaaS vendors/suppliers based on Cloud Security Alliance, Cloud Controls Matrix
Experience performing security, risk and/or privacy assessments and producing executive management reports and action plans
Experience with information security policy writing and maintenance
Experience with security awareness communication and training programs
Demonstrated leadership competencies including building partnerships, customer focus, decision making, driving results, innovation, facilitating change and continuous improvement
Experience building, leading, and managing teams through job description, interviewing and hiring, mentoring, coaching, fostering teamwork, career development, and performance management
Strong analytical, problem-solving, presentation, project management, time management, planning and organizational skills