Profiles search
Ryan Hendrix
Information Security Manager (ISM)
Columbus, OH, United States
Details
Education:
Master's degree
Organizational Leadership
Western Kentucky University
2020 : 2022
Associate of Science - AS
Cybersecurity
Clark State College
2019 : 2019
Associate of Science - AS
Intelligence Studies & Technology
Community College of the Air Force
2017 : 2017
Bachelor's degree
Criminology
The Ohio State University
2008 : 2012
Organizational Leadership
Western Kentucky University
2020 : 2022
Associate of Science - AS
Cybersecurity
Clark State College
2019 : 2019
Associate of Science - AS
Intelligence Studies & Technology
Community College of the Air Force
2017 : 2017
Bachelor's degree
Criminology
The Ohio State University
2008 : 2012
Experience:
- Uphold expectations for the team and business partners to meet standards of required content and renewals of CCB resiliency documents e.g., Technology Recovery Action Plans (TRAP) and Application Impact Assessments (AIA). Be proactive and serve as a point of escalation.
- Assist application teams with coordination of resiliency test events
- Oversight and follow-up on non-compliant controls at an application and component level
- Engage regularly with peer and senior Technology and Business leaders to keep focus on resiliency; be visible and available to partners
- Lead the team through Action Plan resolution, internal opportunities and overall strengthening of CCB Recovery Plans; drive simplification of processes and procedures
- Promote the resiliency program by communicating policy or system changes clearly and concisely offering additional support and guidance
2023 : Present
JPMorgan Chase & Co.
VP, Information Security Manager
• Developed all-source threat assessments and provide intelligence support to 5 Program Executive Offices’ acquisition portfolios
• Analyzed adversary cyber capabilities and executed cross program analysis with MAJCOM and na-tional agencies for development of future weapon systems
• Produced technical acquisition intelligence documentation involved in the acquisition lifecycle
• Analyzed upcoming threats and convert intelligence into a reader-friendly reports to help program managers meet cost, schedule, and performance goals
• Prepared and presented intelligence briefings for decision support to senior level civilians and unit commanders
2016 :
US Air Force Reserve
All-Source Intelligence Analyst
• Serves as ISM for multiple applications; ensure risk impacting applications is effectively identified, quantified, communicated and managed, including recommendations for resolution and identifying the root cause/key themes.
• Proactively monitor Key Risk Indicators to identify non-compliance and assist in remediation with compensating controls to address security, risk and control gaps.
• Collaborate with team members and stakeholders on firm-mandated, cross-LOB, and regional audits to ensure compliance and risk mitigation
• Serve as subject matter expert in vulnerability management; communicate to product owners and application development teams on proper patching, vulnerability prioritization, and risk reporting.
Drive effective risk & controls management and support CCB application teams through identification of control weaknesses and recommendations for improved security; articulate the business impact and associated risk; and educate on proactive measures to remediate vulnerabilities associated with internal and external applications.
2021 : 2023
JPMorgan Chase & Co.
Information Security Manager
• Serves as a senior system analyst while leading a team of IT professionals; plans, organizes, and manage acquisition of IT hardware/software in acquisition lifecycle; audit of cryptographic holdings and address vulnerabilities within the platform.
• Managed and authored MC-130J subsystem Authority to Operate (ATO); assured authorization package documentation to standards of Aircraft AO and SPO.
• Manage, author, and prepare Architecture Analysis Report, System Security Plan, and Plan of Actions and Milestones.
• Authored multiple subsystem Cybersecurity Impact Evaluation Report (CIER); analyzed cybersecurity hygiene and attack path analysis for multiple systems.
• Authored Statement of Objectives/Statement of Work for multiple programs belonging to AC/HC/MC-130J; ensured cybersecurity requirements were factored at the beginning of the acquisition lifecycle saving cost and schedule while amplifying performance for the Program Office.
• Managed and prepared multiple Interim Authority To Test (IATT) packages for HC/MC-130J; ensured proper cybersecurity hygiene was achieved prior to testing.
• Provided cybersecurity insight to over 12 Program managers, socialize importance of factoring cybersecurity early into the acquisition lifecycle; enable programs to foster healthy cybersecurity growth for future program additions.
2019 : 2021
United States Department of the Air Force
IT Specialist (System Analysis/Computer Security)
• Managed security aspect of ACAT-1 program (HC/MC-130 Recapitalization) during various stages of the Acquisition Life Cycle, to include Critical Design Reviews, Cyber Testing, and Sustainment
• Authored Threats, Vulnerabilities, and Countermeasures document for HC/MC-130J Recapitalization (Recap). Identified 41 new vulnerabilities for the Recap Program Protection Plan (PPP) annex.
• Authored Anti-Tamper (AT) document for the Recap PPP annex. Provided all-source intelligence for threats to reverse-engineering and tampering of the Recap system. Conducted vulnerability analysis of system level architecture.
• Authored MC-130J Common Terrain Following (MCTF) PPP. Document provided full security plan for MCTF, Critical Program Information (CPI) evaluation, and acceptable anti-tamper implementations. Coordinated requirements to a geographically separated unit at Robins AFB, GA.
2018 : 2019
Odyssey Systems
Acquisition System Security Specialist
- Assist application teams with coordination of resiliency test events
- Oversight and follow-up on non-compliant controls at an application and component level
- Engage regularly with peer and senior Technology and Business leaders to keep focus on resiliency; be visible and available to partners
- Lead the team through Action Plan resolution, internal opportunities and overall strengthening of CCB Recovery Plans; drive simplification of processes and procedures
- Promote the resiliency program by communicating policy or system changes clearly and concisely offering additional support and guidance
2023 : Present
JPMorgan Chase & Co.
VP, Information Security Manager
• Developed all-source threat assessments and provide intelligence support to 5 Program Executive Offices’ acquisition portfolios
• Analyzed adversary cyber capabilities and executed cross program analysis with MAJCOM and na-tional agencies for development of future weapon systems
• Produced technical acquisition intelligence documentation involved in the acquisition lifecycle
• Analyzed upcoming threats and convert intelligence into a reader-friendly reports to help program managers meet cost, schedule, and performance goals
• Prepared and presented intelligence briefings for decision support to senior level civilians and unit commanders
2016 :
US Air Force Reserve
All-Source Intelligence Analyst
• Serves as ISM for multiple applications; ensure risk impacting applications is effectively identified, quantified, communicated and managed, including recommendations for resolution and identifying the root cause/key themes.
• Proactively monitor Key Risk Indicators to identify non-compliance and assist in remediation with compensating controls to address security, risk and control gaps.
• Collaborate with team members and stakeholders on firm-mandated, cross-LOB, and regional audits to ensure compliance and risk mitigation
• Serve as subject matter expert in vulnerability management; communicate to product owners and application development teams on proper patching, vulnerability prioritization, and risk reporting.
Drive effective risk & controls management and support CCB application teams through identification of control weaknesses and recommendations for improved security; articulate the business impact and associated risk; and educate on proactive measures to remediate vulnerabilities associated with internal and external applications.
2021 : 2023
JPMorgan Chase & Co.
Information Security Manager
• Serves as a senior system analyst while leading a team of IT professionals; plans, organizes, and manage acquisition of IT hardware/software in acquisition lifecycle; audit of cryptographic holdings and address vulnerabilities within the platform.
• Managed and authored MC-130J subsystem Authority to Operate (ATO); assured authorization package documentation to standards of Aircraft AO and SPO.
• Manage, author, and prepare Architecture Analysis Report, System Security Plan, and Plan of Actions and Milestones.
• Authored multiple subsystem Cybersecurity Impact Evaluation Report (CIER); analyzed cybersecurity hygiene and attack path analysis for multiple systems.
• Authored Statement of Objectives/Statement of Work for multiple programs belonging to AC/HC/MC-130J; ensured cybersecurity requirements were factored at the beginning of the acquisition lifecycle saving cost and schedule while amplifying performance for the Program Office.
• Managed and prepared multiple Interim Authority To Test (IATT) packages for HC/MC-130J; ensured proper cybersecurity hygiene was achieved prior to testing.
• Provided cybersecurity insight to over 12 Program managers, socialize importance of factoring cybersecurity early into the acquisition lifecycle; enable programs to foster healthy cybersecurity growth for future program additions.
2019 : 2021
United States Department of the Air Force
IT Specialist (System Analysis/Computer Security)
• Managed security aspect of ACAT-1 program (HC/MC-130 Recapitalization) during various stages of the Acquisition Life Cycle, to include Critical Design Reviews, Cyber Testing, and Sustainment
• Authored Threats, Vulnerabilities, and Countermeasures document for HC/MC-130J Recapitalization (Recap). Identified 41 new vulnerabilities for the Recap Program Protection Plan (PPP) annex.
• Authored Anti-Tamper (AT) document for the Recap PPP annex. Provided all-source intelligence for threats to reverse-engineering and tampering of the Recap system. Conducted vulnerability analysis of system level architecture.
• Authored MC-130J Common Terrain Following (MCTF) PPP. Document provided full security plan for MCTF, Critical Program Information (CPI) evaluation, and acceptable anti-tamper implementations. Coordinated requirements to a geographically separated unit at Robins AFB, GA.
2018 : 2019
Odyssey Systems
Acquisition System Security Specialist
Company:
JPMorgan Chase & Co.
Years of Experience:
7
Skills
All-Source Intelligence, Cybersecurity, Decision Support, Information Technology, Leadership, Military Weapon Systems, Program Analysis, Security Management, Systems Analysis, Threat Assessment
About
Experienced Intelligence and Cybersecurity Analyst with a demonstrated history of working in the banking and military industry. Skilled in Decision Support, Leadership, Computer Security, Military Weapon Systems, and Threat Assessments. Strong military and information protection services professional with a Master's degree focused in Organizational Leadership from Western Kentucky University.
Profile Photo
