Location: Atlanta, Georgia | Phone Number: 404-516-6857
Email: resume@cameronmosley.net | Website: www.cameronmosley.com
Summary
Information security leader with 10 years of progressive IT experience helping small to medium size businesses improve their security posture.
I have worked both technical and managerial security roles. Currently, I specialize in Governance, Risk, and Compliance (GRC), which focuses around achieving alignment between security and business objectives. I've helped companies to design and implement security controls and frameworks compliant with industry standards such as ISO 27001 and SOC 2, and I've helped companies to achieve compliance with government regulations such as GDPR and CCPA.
While my day to day career is focused in GRC, I also enjoy the technical side of security as well and I dedicate a lot of time outside of work to tinkering with security tools and learning new tech for fun. Security is a lifelong passion of mine so I'll be using a lot of my free time this year to study offensive security (CTFs, certs, coding and scripting, etc). Never stop learning! 🛡️
Certifications
Downloads
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified in Risk and Information Systems Control (CRISC)
CompTIA Advanced Security Practitioner (CASP+)
eLearnSecurity Junior Penetration Tester (eJPT)
Project Management Professional (PMP)
CompTIA PenTest+ ce
ITIL Foundation v4
Complete list of certifications is available upon request. I can also provide certificate IDs for further verification
Education
Master of Business Administration – MBA, Information Technology Management
Western Governors University - (2024)
Bachelor of Science – BS, Cybersecurity and Information Assurance
Western Governors University - (2023)
Work Experience
Principal, IT Security and Compliance - (July 2023 - Present)
Progress - Burlington, Massachusetts
-
Improve alignment between business, IT, and security organizations by developing coordinated GRC program components and performance measurements that directly support overall business objectives.
-
Produce and maintain information security documentation including, but not limited to
policies, procedures, standards, guidelines, and diagrams.valuate security practice vs. policies to assess coverage and identify gaps
IT Governance, Risk, and Compliance Manager - (April 2022 - July 2023)
MarkLogic - Redwood City, California
*MarkLogic was acquired by Progress in 2023
-
Evaluated security practice vs. policies to assess coverage and identify gaps
-
Facilitated and lead remediation activities for any security audit and control findings as they relate to risk, regulatory, and compliance requirements.
-
Developed and delivered information security training and awareness materials.
-
Managed change controls and procedures for security-related projects.
IT Governance Security Manager - (August 2019 - October 2021)
Frontline Managed Services - Atlanta, Georgia
*Frontline Managed Services was known as Intelliteach until they rebranded in 2021
-
Successfully led and passed multiple ISO 27001 audits including scope expansions.
-
Led information security projects, including planning and deployment of new processes and technologies in areas of intrusion detection and response, antivirus, and application security for 4 company acquisitions.
-
Built and implemented the company’s vulnerability management program from the ground up.
-
Conducted internal security audits and inspections to validate effectiveness of information security solutions and controls to ensure data security and integrity.
IT Security Administrator - (February 2018 - June 2019)
QASymphony - Atlanta, Georgia
*QASymphony was acquired by Tricentis in 2019
-
Successfully implemented new security standards including vetting new software, identifying asset owners, standardizing equipment, and account management.
-
Assisted with implementing security controls that led to QASymphony obtaining their first SOC 2 attestation.
-
Managed corporate IT and relationships with 3rd party providers delivering support services.
-
Performed daily reviews of security notifications and alerts regarding brute force attempts, account changes, malware, and access requests.
Information Technology Team Lead - (July 2014 - February 2018)
Intelliteach - Atlanta, Georgia
-
Managed a team of 20+ analysts to provide support for 100+ law firms and over 1000 clients.
-
Responded to security incidents such as viruses, suspicious emails, attachments, and stolen equipment.
-
Controlled access to emails, documents, RSA tokens, managed accounts in active directory, etc.
Skills & Other
-
Experience with ISO 27001, SOC 2, GDPR, PIPEDA, HIPAA, CCPA, CMMC, and NIST frameworks.
-
Skilled at developing, documenting, and communicating information security projects.