Chris Williams MBA
Details
Project Management
Greenville Technical College
2011 : 2011
Master of Business Administration - MBA
Business Administration and Management, General
Webster University
2007 : 2009
M.B.A.
Business Administration
Webster University
2007 : 2008
Bachelor of Applied Science - BASc
Cybersecurity
Limestone University
2005 : 2007
B.S.
Computer Science (Systems and Security Management)
Limestone University
2005 : 2007
2. Develop and oversee operational information systems security implementation policy and guidelines;
3. Ensure all CUI Managers receive the necessary technical and security training to carry out their duties;
4. Maintain a repository of all security authorizations for systems under their purview;
5. Coordinate cybersecurity compliance inspections, tests, and reviews;
6. Ensure proper measures are taken when an cybersecurity incident or vulnerability is discovered;
7. Ensure data ownership and responsibilities are established and specific requirements (to include accountability, access and special handling requirements) are enforced;
8. Ensure development and implementation of an effective cybersecurity education, training, and awareness program;
9. Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures;
10. Manage, maintain, and execute the information security continuous monitoring plan;
11. Conduct risk assessments and audits to identify potential security vulnerabilities and implement measures to mitigate those risks.
12. Manage security incidents and breaches, including conducting investigations, implementing corrective actions, and communicating with stakeholders.
13. Ensure compliance with relevant laws, regulations, and industry standards related to information security.
14. Provide technical and procedural guidance and support to other departments on information security best practices and protocols.
15. Serve as a member of the Configuration Control Board (CCB)
2023 : Present
Alutiiq, LLC
Senior Cyber and Information Security Manager
Wide breadth of experience in multiple areas of Cybersecurity, cyber security frameworks such as NIST CSF/800-53 or ISO27001, assessing technical security controls to an established maturity framework, assessing people and process security controls to an established maturity framework
2022 : 2023
Capgemini
Cyber Security Consultant
2014 : 2022
Fluor Corporation
Senior Information Security And Risk Auditor
Joined the 10-member IT Audit team as the sole U.S. Senior Risk and Security Auditor, and reporting to the Director of IT Audit. Manage IS and technology audits and assessments, ensuring compliance with policies and processes to enhance confidentiality, integrity, and availability. As the team’s security SME and first line of defense for cyber threats, oversee the Vulnerability Management Program, design cyber security strategy solutions, and lead the Audit team in security assessments. Manage IT internal controls compliance audits, including SAP security.
Oversee the vulnerability management program, assessing applications, information protection controls, and equipment health to identify risk exposure. Led the effort to assess the company’s cybersecurity strategy, utilizing a CIS process to identify vulnerabilities and recommend changes to mitigate risk. Integral in reducing security breaches 30%. Assumed expanded responsibilities to include financial and SAP auditing after the functions were brought in house. Leverage deep knowledge of the risk management lifecycle and security control testing design to perform risk assessments, threat modeling, and information security auditing to reduce vulnerabilities. Facilitated testing of the Disaster Recovery (DR), Business Continuity Planning (BCP) and Business Impact Analysis (BIA) process.
2014 : 2022
Fluor Corporation
Senior Risk and Security Auditor
2011 : 2014
Advance America
Network Security Engineer
Skills
Active Directory, Application Security, Border Gateway Protocol (BGP), CCNA, Cisco Technologies, Cloud Computing, Computer Network Operations, Customer Service, Cybersecurity, Cybersecurity Incident Management, Data Centers, Disaster Recovery, Documentation, Firewalls, IDS, Information Security, Information Security Management, Information Technology, Infrastructure, Internal Audits, ISO 27001, IT Audit, IT Controls, IT Risk Management, IT Security Assessments, IT Security Best Practices, IT Security Policies, IT Security Policies & Procedures, IT Strategy, LAN-WAN, Network Engineering, Network Security, Payment Card Industry Data Security Standard (PCI DSS), Physical Security, Risk Assessment, Routers, Routing, Security, Security Architecture Design, Security Audits, Security Awareness, Security Management, Security Operations, SOC 2, Software Documentation, Switches, Troubleshooting, VPN, Vulnerability Assessment, Web Application Security
About
Throughout my career as a cyber security and network engineering/defense professional, I have leveraged both IT expertise and business acumen to detect critical security issues and develop solutions significantly reducing intrusions, viruses, and threats. My background spans security infrastructure/architecture design, cyber security program development, IT and cyber security vulnerability assessment, intrusion detection/prevention, risk mitigation, and threat modeling. I hold an MBA, a BS in Computer Science/Computer and Information Systems Security, and numerous certifications, including. CISM, CRISC, CISA, CDPSE, CCSK, CCENT, CCNA, and CCNA Security.
Currently, I am the Senior Risk and Security Auditor for Fluor Corporation, a global EPC and maintenance firm. As the IT Audit team’s security SME, I oversee the Vulnerability Management Program and act as the first line of defense for IT and cyber security matters. Since 2014, I have assessed, identified, and recommended/implemented numerous critical security solutions reducing risk exposure and increasing confidentiality, integrity, and systems availability.
Previously, I was a Network Security Engineer with Advance America, a nationwide lending organization, implementing network infrastructure and security to improve network architecture, reliability, and performance optimization. Earlier roles included Network Security Engineer with IBM and Data Technician for Nuvox.
I hold an MBA and BS in Computer Science/Computer and Information Systems Security, as well as numerous certifications, including CISM, CRISC, CISA, CDPSE, CCSK, DPSE, CCENT, CCNA, and CCNA Security.
Profile Photo
