Profiles search
Craig Williamson
Independent Risk & Cybersecurity Advisor
Omaha, NE, United States
Details
Experience:
2021 : Present
Self-employed
Independent Risk & Cybersecurity Advisor
2021 : 2021
Kiewit
TG Sr Analyst, Information Security Governance, Risk & Compliance
2017 : 2021
Sirius Computer Solutions
Security Consultant
Assess organizational compliance through the use of a consistent and thorough IT audit process based on identified risk management frameworks.
Execute third-party business partner assessments using questionnaires derived from common risk management frameworks.
Understand and identify business processes specific to clients’ environment; apply appropriate risk management practices and recommendations.
Review assessment findings and recommendations; quantify risk; provide actionable remediation activities through delivery of comprehensive assessment reports.
Research and analyze current defensive technologies, attack techniques, regulatory requirements, and how they would apply to clients’ security and compliance efforts.
Create and deliver white papers and presentations based on research findings.
Select and mold approaches, methods and tools to support service offerings.
Provide project management and guidance for clients during the entirety of the contracted engagement.
2013 : 2016
Continuum Security Solutions
Consultant
Provides technical and administrative support for the development and implementation of compliance review/audit processes related to information security. Specific duties include : responsible for protecting University information generated, stored, and transmitted electronically; assesses security risks and threats to University information systems.
Implement and maintain an information technology security program focused on the security of protected health information. Maintain PCI and HIPAA security compliance tracking and other security recordkeeping activities. Assist with staff security training. Remain current with changes in the information resources security legislation and regulation.
Assist with the development, implementation and maintenance of a risk assessment model. Assists in developing, testing, and implementing security plans, products, control techniques, and procedures in accordance with security policies. Evaluate risk and recommends corrective actions to ensure data security. Conduct continual reviews of information resources security policies, procedures, and compliance. Prepare reports of findings for review by management. Conduct periodic audits of various applications and systems to ensure information security processes and procedures are effective. Develop and distribute reports that include findings and recommended remediation steps.
2011 : 2013
Creighton University
Information Security Analyst
Self-employed
Independent Risk & Cybersecurity Advisor
2021 : 2021
Kiewit
TG Sr Analyst, Information Security Governance, Risk & Compliance
2017 : 2021
Sirius Computer Solutions
Security Consultant
Assess organizational compliance through the use of a consistent and thorough IT audit process based on identified risk management frameworks.
Execute third-party business partner assessments using questionnaires derived from common risk management frameworks.
Understand and identify business processes specific to clients’ environment; apply appropriate risk management practices and recommendations.
Review assessment findings and recommendations; quantify risk; provide actionable remediation activities through delivery of comprehensive assessment reports.
Research and analyze current defensive technologies, attack techniques, regulatory requirements, and how they would apply to clients’ security and compliance efforts.
Create and deliver white papers and presentations based on research findings.
Select and mold approaches, methods and tools to support service offerings.
Provide project management and guidance for clients during the entirety of the contracted engagement.
2013 : 2016
Continuum Security Solutions
Consultant
Provides technical and administrative support for the development and implementation of compliance review/audit processes related to information security. Specific duties include : responsible for protecting University information generated, stored, and transmitted electronically; assesses security risks and threats to University information systems.
Implement and maintain an information technology security program focused on the security of protected health information. Maintain PCI and HIPAA security compliance tracking and other security recordkeeping activities. Assist with staff security training. Remain current with changes in the information resources security legislation and regulation.
Assist with the development, implementation and maintenance of a risk assessment model. Assists in developing, testing, and implementing security plans, products, control techniques, and procedures in accordance with security policies. Evaluate risk and recommends corrective actions to ensure data security. Conduct continual reviews of information resources security policies, procedures, and compliance. Prepare reports of findings for review by management. Conduct periodic audits of various applications and systems to ensure information security processes and procedures are effective. Develop and distribute reports that include findings and recommended remediation steps.
2011 : 2013
Creighton University
Information Security Analyst
Company:
Self-employed
Profile Photo
