Profiles search

James Sang, CISM, CISSP

Cybersecurity Team Lead & Advisor at NTT DATA Services
Catonsville, MD, United States

Details

Experience: • Support the Federal government to comply with the NIST Risk Management Framework (RMF), NIST guidelines, and FISMA regulations.

• Perform oversight and management of the Information Security Assessments and Authorization (A&A) processes.

2022 : Present

NTT DATA Services

Cybersecurity Team Lead & Advisor

• IT Project Management - Continuous Diagnostics & Mitigation (CDM) Project @ DOC : Project Manager skills, including project scope, goals, time frame, staffing requirements, and allotment of resources.

• Experienced in Information Security Assessment & Authorization (A&A) activities : IS System Security Plans (SSP), Contingency Plans, Business Impact Analyses (BIA), Plan of Action and Milestones (POA&Ms), Security Assessment Report (SARs), Security Assessment Plan (SAPs) and others, to ensure that systems receive the appropriate level of security approvals in order to deploy and operate (ATO).

• Continuous Diagnostics and Mitigation of IT systems in line with the Rik Management Framework (RMF).

2018 : 2021

US Federal Government

Information Security & Project Management

Worked closely with clients to develop and manage comprehensive information systems security programs, including development, updating and/or maintenance of information security programs and policies, standards, and procedures.

2013 : 2018

CKSecurity Solutions (CKSS),

Information Systems Security Manager & Consultant

Information Security Analyst at the FAA Information Systems Security (FAA ISS) Compliance Program. Also, concurrently, Contracting Officer's Technical Rep (COTR/COR).

2010 : 2012

Federal Aviation Administration

Information Systems Security Analyst & Contracting Officer’s Technical Representative (COTR)

Performed :

Systems administration

Network Administration

3rd Level engineering tasks escalated from level 1 and/or level 2.

Cyberssecurity Assessments and Authorization Processes.

2002 : 2009

BAE SYSTEMS FAA SETA-II Program

Lead Information Systems Administrator
Company: NTT DATA Services

About

• Information Security Officer with experience in Information Systems Management, IT Project Management, and Cyber Security (Information Assurance) with over 15 years of experience.



• Subject Matter Expert with all aspects of Governance, Risk, & Compliance (GRC), Risk Management Framework (RMF), including Information Assurance Compliance and Security Assessments & Authorization (A&A).



• Experience in A&A activities such as preparing System Security Plans (ISSPs), Incident Recovery & Contingency Plans, Policies, Procedures, and Privacy Impact Assessments to ensure that systems receive the appropriate level of security approvals in order to be authorized to operate (ATO).



• Experience with various regulations: FISMA /FEDRAMP & NIST Guidelines, HIPAA- HITECH, Data Privacy Laws (GDPR, EU), California Consumer Privacy Act (CCPA), and Payment Card Industry/ Data Security Standards (PCI DSS).



• Project Manager skills, highly effective at risk and operation management and strives to maintain an audit-readiness posture.



• Continuous Diagnostics and Mitigation of IT systems, Data Loss Prevention (DLP), and Intrusion Detection & Prevention systems.

• Full understanding of LAN/WAN networking and all TCP/IP protocols, Data Center Management, Storage Area Networking, and Windows Systems.