Ben Harris

Providing tailored solutions to fit small, medium, and large-scale organization’s business and security strategy needs. Partnering with multiple organizations across every major industry to deliver strategic expertise, value, and effort. Our goal is to establish strong relationships and trust with customers as well as understand customer’s business environments and requirements

• Collaborated with cross-functional teams to develop and maintained enterprise-level cybersecurity policies, SOPs, and workflows to bring organizations into regulatory compliance
• Improved clients’ overall resiliency through Business Continuity planning (BCP) and performing Business Impact Analysis (BIA)
• Prevented financial loss while conducting analysis on fraudulent activities and investigations as part of a global operations team
• Performed gap & maturity assessments against NIST 800-53, NIST CSF, ISO 27001, and other best practice security frameworks
• Improved client cybersecurity posture through tailored risk assessments and mitigation strategies.

Provided large-scale risk management solutions for programs in support of clients including the Center for Disease Control (CDC), Centers for Medicare and Medicaid Services (CMS), Defense Health Agency (DHA), and National Institutes of Health (NIH)

• In partnership with these Healthcare services and industry leaders, my goal was to develop and deploy scalable risk management strategies to optimize the delivery of a secure and modernized EHRM with minimal disruption to the federal healthcare community
• Perform overall security audits of IT systems, environments, and organizations Security Assessments Plans as well as Concepts of Operations
• Research & report of existing or new enterprise risks, cybersecurity best practices, and updates to compliance frameworks (i.e HIPAA, GDPR, NIST 800, ISO 27001)
• Collaborate remotely via Teams meetings or teleconferences to present threat analysis reports and risk mitigation efforts
• Served as a key point of contact for clients and internal stakeholders, providing expert guidance on all aspects of cybersecurity risk management.

As a cyber security consultant for Booz Allen we are committed to providing our clients with the best cyber defense to meet the needs of their business and IT systems. Also assisting in the movement of DoD IT systems from past compliance methodologies to the newly improved Risk Management Framework, implementing FedRAMP Cloud Security (AWS services), conducting various trainings on Risk Acceptance, collaborating with team members and shareholders, Implementation of policies, standards, laws, and regulations (i.e

NIST SP 800, FIPS 199, CNSSI, Privacy Act, ISO 27001), into the various phases of SDLC.

• Identifying solutions that better suit customer needs as well as interpreting the more complex business pain points for better client understanding
• Delivered high-quality solutions for clients through comprehensive research and analysis of industry trends.
• Maintaining excellent operational security posture of enterprise-level networks and systems was the highest priority
• Presented findings and recommendations to executive-level stakeholders, effectively communicating key insights and action plans.
• Evaluated clients' needs and created plan of action to provide solutions.
• Collaborating with Engineers, Project Management teams, and other Cyber teams to discuss attacks and assess organization risks