Profiles search
Christian F.
Co-Founder, Leader of Cybersecurity Programs
Washington D.C., DC, United States
Details
Education:
Master of Science - MS
Cybersecurity Policy and Management
University of Maryland Global Campus
2020 : 2022
Master’s Certificate
National Security : Security and Intelligence Analysis
American Public University System
2015 : 2016
DTS Tower Climber Course
Tower Climber
Warriors 4 Wireless
2013 : 2013
Peacekeeping
History
Peace Operations Training Institute
2012 : 2013
Bachelor of Arts (B.A.)
Military History : Research and Analysis
American Public University System
2011 : 2013
Cybersecurity Policy and Management
University of Maryland Global Campus
2020 : 2022
Master’s Certificate
National Security : Security and Intelligence Analysis
American Public University System
2015 : 2016
DTS Tower Climber Course
Tower Climber
Warriors 4 Wireless
2013 : 2013
Peacekeeping
History
Peace Operations Training Institute
2012 : 2013
Bachelor of Arts (B.A.)
Military History : Research and Analysis
American Public University System
2011 : 2013
Experience:
Chief Executive Officer (CEO) and Co-Founder of Cryptorama, a hypergrowth prone technology startup that will disrupt the social media market in an innovative way by focusing on Crypto | Stocks Social information and interactions impact. Managing the company as a C - Corporation and overseeing the growth and development of Cryptorama (vision), management of personnel, main designer, strategic planning, investor relations, release evaluations, public and partnership relations.
• Manage C suite and company personnel of (4) executive co-founders and (4) collaborators, carefully selecting an experienced and skilled team to form a solid foundation
• Successfully led bootstrapping and Pre-Seed fundraising closing at $145,000, currently leading capture of Seed investments
• Ensuring feedback from our Investor and Advisors is thoroughly considered and executed
• Designed 'System and Method for Investment Data Management' USPTO patent #63286724, leading its design as a CTO into a Closed Beta for the company's MVP, CryptoChat
• Built vision and strategy well documented in a detailed Business Plan, Financial Projections, Executive Summary, and several Pitch Decks - ensuring growth and leading to a successful year (1) and ongoing year (2)
• Continuously building growth with investors relations, potential partners, summits, conferences, and technology competitions
2021 : Present
Cryptorama
Chief Executive Officer, Co-Founder
As an Associate Chief Information Security Officer (CISO), Associate Director of Cybersecurity Operations - lead the organizations Vulnerability Management Program as an Information System Security Manager (ISSM), and both the Cybersecurity Incidents Program and the Data Loss Prevention Program as the Cyber Incident Response Lead for the organization.
• Manage the Cybersecurity Incident Response Capability for all cybersecurity incidents within the organization
• Ensure the incident response and analysis program follows NIST compliance and records retention requirements
• Resolve issues to reduce current and upcoming cyber vulnerabilities within the infrastructure through Tenable Security Center (Nessus/ACAS), to include compliance checks with DISA Security Technical Implementation Guides (STIGs)
• Monitor Data Loss Prevention (DLP) mechanisms, to include investigating and enforcing alerts
• ATO accrediting deputy representing the CISO on ATO packages
• Analyzing ATO packages as an ISSM, performing self-assessments and artifact reviews/revisions
• Monitor the organization’s compliance with Federal and Treasury security standards and guidelines
2020 :
U.S. Department of the Treasury
A-CISO, Cybersecurity Incident Response Lead, Information System Security Manager (ISSM)
Information System Security Manager (ISSM), supporting the Defense Information Systems Agency (DISA), Cyber Security Center (CSC) under the Risk Management Division. Supporting the Department of Defense (DoD) through ongoing ATO processes by designing new monitoring strategies through the Risk Management Framework (RMF). Implementing strategies of Computer Network Defense (CND), physical and personnel security, Mission Continuity, and Information Assurance (IA) services and support for over 40,000 Military Service and Department of Defense Headquarters personnel.
• Assessing and Authorizing Information Systems through the entire A&A Authorization to Operation (ATO) cycle performing various ISSM tasks through eMASS
• Performed as a Government Task Lead (GTL), initiative of a team consisting of 6 personnel, enhancing the Continuous Monitoring, implementing strategies, controls and activities
• Recommended solutions on policy and guidance gaps affecting Continuous Diagnostics Mitigation (CDM), vulnerability analysis through ACAS, and RMF implementation on the eMASS
• Onboard newly assigned or reauthorized systems onto Splunk Enterprise, monitor and recommend dashboard updates, validate assets tracking
• Plan, coordinate and provided certification and ATO support for systems and networks under DISA’s customers
• Developed, coordinated and implemented Information Assurance, and Continuous Monitoring (NIST 800-137) regulations per DOD policy and subsequent agency/component regulations
2019 : 2020
Department of Defense (DISA)
Information System Security Manager (ISSM)
Conducted tasks in support of the ISO within the CRISP (Continuous Readiness Information Security Program) calendar, issued Action Items (AI), and Authorization to Operate procedures for multiple systems as a System Steward, overall focused on Authorization to Operate procedures for multiple systems RiskVision, and later on eMASS.
• Assessing and Authorizing Systems through the entire A&A Authorization to Operation (ATO) cycle performing various System Steward tasks through RiskVision and eMASS
• Conducted Security Self-Assessments on system security controls for compliance per both NIST 800-53, DVA 6500 policy, and VA Office of Information Security SOPs
• Created and updated recommendations to achieve fully compliant plans stored within VA’s General Support System (GSS) RiskVision
• Enhanced Continuous Monitoring support for various Information Systems (IS) and Applications by Cloud Service Providers (CSP) such as AWS, through updated STIGs and Plan of Actions and Milestones (POAM) findings
• Provided Continuous Diagnostics and Mitigation (CDM) by Web Application Security Assessments (WASA) and Nessus scans through the Network Enterprise Wellness Tool (NEWT)
• Developed and updated IT security policies, governing the planning of deliverables such as building SSPs (System Security Plan), PTA (Privacy Threshold Assessment), PIA (Privacy Impact Assessment), POAMs (Plan of Actions and Milestones), RBDs (Risk Based Decision) and AORs (Authorization of Risk)
2017 : 2019
Department of Veterans Affairs (DVA) – (SAIC)
Senior Cyber Security Engineer
Providing INFOSEC support as a liaison between the client area, technical organization and business groups for Wells Fargo’s EAM (Enterprise Access Management), Privileged Access Program, and Privileged Access Account Inventory (Human & Non-Human).
• Planning, validating and conducting, the analysis of highly complex business problems such as Corrective Actions (CA), risk reduction tasks and GAP analysis within automated systems : Avant Garde (AVG), Remedy, DevicePro2 and the electronic Service Account Repository (eSAR)
• Providing technical assistance in identifying, evaluating, monitoring (Continuous Diagnostics and Mitigation [CDM]), implementing CA defined controls, WFC-817 policy audit (compliance), Role-Based Access Controls (RBAC) to determine Privileged Access
• Supporting STIGs, System Administrator related tasks for user groups, by providing training, assess user needs, and system monitoring
2016 : 2017
Wells Fargo
Senior Information Security Engineer
• Manage C suite and company personnel of (4) executive co-founders and (4) collaborators, carefully selecting an experienced and skilled team to form a solid foundation
• Successfully led bootstrapping and Pre-Seed fundraising closing at $145,000, currently leading capture of Seed investments
• Ensuring feedback from our Investor and Advisors is thoroughly considered and executed
• Designed 'System and Method for Investment Data Management' USPTO patent #63286724, leading its design as a CTO into a Closed Beta for the company's MVP, CryptoChat
• Built vision and strategy well documented in a detailed Business Plan, Financial Projections, Executive Summary, and several Pitch Decks - ensuring growth and leading to a successful year (1) and ongoing year (2)
• Continuously building growth with investors relations, potential partners, summits, conferences, and technology competitions
2021 : Present
Cryptorama
Chief Executive Officer, Co-Founder
As an Associate Chief Information Security Officer (CISO), Associate Director of Cybersecurity Operations - lead the organizations Vulnerability Management Program as an Information System Security Manager (ISSM), and both the Cybersecurity Incidents Program and the Data Loss Prevention Program as the Cyber Incident Response Lead for the organization.
• Manage the Cybersecurity Incident Response Capability for all cybersecurity incidents within the organization
• Ensure the incident response and analysis program follows NIST compliance and records retention requirements
• Resolve issues to reduce current and upcoming cyber vulnerabilities within the infrastructure through Tenable Security Center (Nessus/ACAS), to include compliance checks with DISA Security Technical Implementation Guides (STIGs)
• Monitor Data Loss Prevention (DLP) mechanisms, to include investigating and enforcing alerts
• ATO accrediting deputy representing the CISO on ATO packages
• Analyzing ATO packages as an ISSM, performing self-assessments and artifact reviews/revisions
• Monitor the organization’s compliance with Federal and Treasury security standards and guidelines
2020 :
U.S. Department of the Treasury
A-CISO, Cybersecurity Incident Response Lead, Information System Security Manager (ISSM)
Information System Security Manager (ISSM), supporting the Defense Information Systems Agency (DISA), Cyber Security Center (CSC) under the Risk Management Division. Supporting the Department of Defense (DoD) through ongoing ATO processes by designing new monitoring strategies through the Risk Management Framework (RMF). Implementing strategies of Computer Network Defense (CND), physical and personnel security, Mission Continuity, and Information Assurance (IA) services and support for over 40,000 Military Service and Department of Defense Headquarters personnel.
• Assessing and Authorizing Information Systems through the entire A&A Authorization to Operation (ATO) cycle performing various ISSM tasks through eMASS
• Performed as a Government Task Lead (GTL), initiative of a team consisting of 6 personnel, enhancing the Continuous Monitoring, implementing strategies, controls and activities
• Recommended solutions on policy and guidance gaps affecting Continuous Diagnostics Mitigation (CDM), vulnerability analysis through ACAS, and RMF implementation on the eMASS
• Onboard newly assigned or reauthorized systems onto Splunk Enterprise, monitor and recommend dashboard updates, validate assets tracking
• Plan, coordinate and provided certification and ATO support for systems and networks under DISA’s customers
• Developed, coordinated and implemented Information Assurance, and Continuous Monitoring (NIST 800-137) regulations per DOD policy and subsequent agency/component regulations
2019 : 2020
Department of Defense (DISA)
Information System Security Manager (ISSM)
Conducted tasks in support of the ISO within the CRISP (Continuous Readiness Information Security Program) calendar, issued Action Items (AI), and Authorization to Operate procedures for multiple systems as a System Steward, overall focused on Authorization to Operate procedures for multiple systems RiskVision, and later on eMASS.
• Assessing and Authorizing Systems through the entire A&A Authorization to Operation (ATO) cycle performing various System Steward tasks through RiskVision and eMASS
• Conducted Security Self-Assessments on system security controls for compliance per both NIST 800-53, DVA 6500 policy, and VA Office of Information Security SOPs
• Created and updated recommendations to achieve fully compliant plans stored within VA’s General Support System (GSS) RiskVision
• Enhanced Continuous Monitoring support for various Information Systems (IS) and Applications by Cloud Service Providers (CSP) such as AWS, through updated STIGs and Plan of Actions and Milestones (POAM) findings
• Provided Continuous Diagnostics and Mitigation (CDM) by Web Application Security Assessments (WASA) and Nessus scans through the Network Enterprise Wellness Tool (NEWT)
• Developed and updated IT security policies, governing the planning of deliverables such as building SSPs (System Security Plan), PTA (Privacy Threshold Assessment), PIA (Privacy Impact Assessment), POAMs (Plan of Actions and Milestones), RBDs (Risk Based Decision) and AORs (Authorization of Risk)
2017 : 2019
Department of Veterans Affairs (DVA) – (SAIC)
Senior Cyber Security Engineer
Providing INFOSEC support as a liaison between the client area, technical organization and business groups for Wells Fargo’s EAM (Enterprise Access Management), Privileged Access Program, and Privileged Access Account Inventory (Human & Non-Human).
• Planning, validating and conducting, the analysis of highly complex business problems such as Corrective Actions (CA), risk reduction tasks and GAP analysis within automated systems : Avant Garde (AVG), Remedy, DevicePro2 and the electronic Service Account Repository (eSAR)
• Providing technical assistance in identifying, evaluating, monitoring (Continuous Diagnostics and Mitigation [CDM]), implementing CA defined controls, WFC-817 policy audit (compliance), Role-Based Access Controls (RBAC) to determine Privileged Access
• Supporting STIGs, System Administrator related tasks for user groups, by providing training, assess user needs, and system monitoring
2016 : 2017
Wells Fargo
Senior Information Security Engineer
Company:
Cryptorama
Years of Experience:
14
Spoken Language:
English, Spanish
Skills
AFATDS (Automated Field Artillery Data System), Analysis, Army, Bilingual-English/Spanish, Computer Security, Engineering, FIPS, Fitness, HIPAA, History, Honor Guard, Information Assurance, Information Security, Information Security Management, Information Technology, Intelligence, Leadership, Management, Microsoft Office, Military, Military Affairs, Military Experience, Military History, Military Operations, Military Science, National Security, NIST, OSHA 10, Policy, Program Management, Research, Risk Management, Risk Management Framework, RMF, SDLC, Security, Security Clearance, Strategy, Systems Engineering, Technically Competent, Technology, Tower Climbing, Training, Veterans, Wireless, Wireless Solutions
About
CEO/Co-Founder of Cryptorama, Associate Chief Information Security Officer (A-CISO), Associate Director of Cybersecurity Operations, and Information System Security Manager, authorizing, procuring, managing and acquiring over (100) operational, critical and public use on-prem and SaaS systems from start-to finish. Validated with an active federal clearance, DoD approved baseline certifications, along with over 12 years of relevant Information System Security experience, 7 years of Military Experience as an AFAT Data Systems Operator and 12 years as an experienced leader of many personnel. Motivated to manage and lead personnel towards improved organizational performance that will ensure success in achieving more than its goals. Highly competent, motivator and ambitious leader able to achieve and create new standards. Strong collaborative skills interacting with personnel of all levels.
Profile Photo
