Harvey Newstrom
NIST Security Compliance
 (Download in Word, PDF, text formats)
Credly Logo Credly.com/users/Harvey-Newstrom
LinkedIn Logo LinkedIn.com/in/HarveyNewstrom
mail@HarveyNewstrom.com
🔗 HarveyNewstrom.com
🌐 Melbourne, FL, USA
📞 321-544-3642
📆 1/1/2024
 Credentials 
• NIST Coauthorships:   
   NIST SP 800-53, 800-53A, 800-53B   
• ISC2 Security Certifications:
   CISSP, ISSAP, CSSLP, ISSMP
• ISACA Compliance Certifications:   
   CISA, CISM, CRISC, CGEIT
• IBM Cloud Certifications:
   Architect, Security, Compliance
• Education:
   BPS-Business, AS-CompSci
 Subject Matter Expertise 
• Auditor, Assessor, Architect, ISSM   
• 800-53 Security Controls
• 800-53A Control Assessments
• 800-53B Control Baselines
• CNSSI-1253 Classified
• 800-171, -171A, -172 Unclassified
• 800-18 System Security Plan
• 800-37 RMF System Life Cycle
• 800-30 Risk Assessment
• 800-39 Risk Management
 Federal Agencies 
• Intelligence Agencies:
   CIA, NSA, NRO, FBI, DNI
• Defense Agencies:
   DHS, DoD, DISA, DCMA
• Research Agencies:
   DARPA, DoE, SNL
• Regulatory Agencies:
   NIST, NARA, GSA, OMB,
   GAO, SEC, DoT, FAA, FMCSA,
   EPA, USDA, USFS

 Experience 
NIST Security Compliance, IBM, Global Telework (8/2021 - present)

• Compliance expert in FedRAMP/FISMA, ISO, SOC, HIPAA, PCI, NIST 800 series, ISO 27000 series, GDPR, etc.
• Developing cost-effective security program, standards, requirements, policies, processes, procedures, audits.
• Conducting regular audits on systems and host third-party audits for certifications and compliance certificates.
• Providing security information, reporting, marketing, problem solving, solution architecting, and training.
• Collaborating with security architects, technical teams, DevOps, auditors, and customers.

Senior Principal Security Architect, SAIC, Global Telework (4/2004 - 7/2021)

• Provided subject matter expertise in the design, implementation, and assessment of NIST compliant security.
• Documented security programs, standards, requirements, policies, processes, procedures, assessments, audits.
• Lead NARA development of first unified security architecture, cited as “best” federal architecture by OMB.
• Assisted NIST integrating much of my security architecture work into NIST SP 800-53, 800-53A, and 800-53B.
• Implemented security programs at USFS, IRS, EPA, DCMO, DHS, GSA, DOT, others based on NARA/NIST work.

Principal Security Consultant, Newstaff, Nationwide Travel (9/2000 - 4/2004)

• Rejoined consulting firm to help Fiderus establish security consulting practice, sign and fulfill first contract.
• Helped IBM teams supporting Fleming, K-mart, and Cox Cable with nationwide network and security projects.

Senior Security Consultant, IBM, Nationwide Travel (8/1998 - 8/2000)

• Developed consulting assets, trained consultants, became top selling security and privacy consultant.

Security Consultant, Newstaff, Florida Travel (7/1995 - 7/1998)

• Cofounded consulting firm to provide network and security support services to IBM.
• Helped IBM Investigate and resolve campus-wide system shutdowns originally thought to be hacker attacks.
• Helped IBM design new South Florida secure network and transition legacy networks to new infrastructure.
• Helped develop proof-of-concept infrastructure for new IBM Security and Privacy consulting practice.

Lead Security Engineer, Harris, Melbourne, FL (1/1985 - 12/1994)

• First Metronet ISSO, lead first corporate security program, lead beta test lab, helped develop security products.

https://HarveyNewstrom.com/newstrom/resume.html
Creative Commons License © 1995-2024 Harvey Newstrom Contact Site
Last updated Wednesday January 10, 2024
Privacy No Data Retention No Third-Party Share No Ad Share No Disclosure