Profiles search

Debra Glover

Cyber Security Professional
Sterling, VA, United States

Details

Experience: Vulnerability and Threat Management : Manage the security vulnerability lifecycle, from dashboard analysis, notification, and closure.

Penetration Testing : Coordinate penetration testing and manage the remediation findings.

Risk Management : Participate and contribute in Risk Management Exception discussions, actively document process and technology evidence to support Risk partners.

2020 : Present

TransUnion

Information Security Engineer Manager

Lead FedRAMP customer onboarding and migration services.

Drive Agency FedRAMP goals, define roadmaps, manage and track progress for all developed and new documentation.

Champion for Agency FedRAMP from Pre-Authorization through Authorization.

Establish Agency and 3rd party Assessment Organization (3PAO) partnerships.

Work directly with and lead FAA FedRAMP team through Authorization for sponsored Agency ATO.

Understanding of Cloud (IAAS/SAAS/PAAS) controls and migration to Cloud and FedRAMP certification.

Execute, examine, interview and test procedures in accordance with NIST SP 800-53A R4.

Develop Security Assessment Plans

2018 : 2021

SecureIT

IT Consultant

Customer Facing Security Questionnaires - Cloud Risk Assessment Tool, HECVAT, VITA, SIGLITE, Cloud Computing, EVQ, IT Assessment

3rd Party Vendor Risk Assessments

Line of Business Risk Assessments

Risk Acceptance Memos

SSAE 18 Audit Support

Data Loss Prevention Compliance

2016 : 2018

Ellucian

Senior Information Security Analyst

2014 : 2016

Freddie Mac

Information Security Risk Analyst

2011 : 2012

National Student Clearinghouse

Information Security Analyst
Company: TransUnion

About

20 years experience as a results oriented IT Security Professional responsible for enhancing the overall security posture of the organization by aligning with corporate objectives, requirements, legislation and best practices.



• Director level leadership within a global financial services corporation responsible for the administrative and functional direction of employees enhancing productivity and efficiency

• Progressive growth within Fortune 500 companies

• Simultaneous management of complex projects (Client, Corporate and Internal Initiatives) and providing deliverables on a timely basis

• Responsible for monitoring of overall compliance to internal security policies, as well as applicable regulatory areas such as FERPA, NIST, PCI DSS, SOX 404, SSAE16 Attestation and FISMA

• Working knowledge of user provisioning, role based access control, entitlement review and certification, privileged access management

• Audit, risk and compliance professional responsible for supporting comprehensive integrated audits of applications in production, pre-implementation reviews of applications in development and consulting on risk and controls related to applications

• Information security policy and procedure development based upon NIST SP 800-53