Elvis Moreland CISSP-ISSEP, CGEIT, CISM
(Available Nationwide)
General Specialty
Cybersecurity Engineering & ArchitectureCybersecurity Governance & Management
Cybersecurity Legal Compliance
Cybersecurity Risk Assessments
Cybersecurity Risk Management
Data Security and Privacy Management
Specialty Focus
Centers for Medicare & Medicaid Services (CMS) Acceptable Risk Safeguards (CMS ARS)Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA)
Cyber Risk Institute (formerly Financial Services Sector Coordinating Council (FSSCC)) Cybersecurity Profile
Cybersecurity and Infrastructure Security Agency (CISA) Critical Infrastructure Sector Cybersecurity Regulations
Cybersecurity FCA Expert Witness
Cybersecurity Laws and Regulations
Cybersecurity Standards & Guides & Frameworks
Department of Defense (DOD) Cybersecurity Directives and Instructions
DOD Cyber Security Model Certification (CMMC)
DOD Federal Acquisition Regulation Supplement (DFARS) 252.204-7012 Safeguarding Covered Defense Information and Cyber Incident Reporting
DOJ/FBI Criminal Justice Information Services (CJIS) Cybersecurity Regulation
Executive Orders on Improving National and Critical Infrastructure Cybersecurity
Federal Communications Commission (FCC) Cybersecurity Guidelines
Federal Financial Institutions Examination Council (FFIEC) Cybersecurity Regulation
Federal Information Security Modernization Act (FISMA)
Federal Risk and Authorization Management Program (FedRAMP)
FTC Safeguards Rules for Data Security and Privacy
Gramm-Leach-Bliley Act (GLBA) Cybersecurity Provision
Health Insurance Portability and Accountability Act (HIPAA)
Internal Revenue Service Publication 1075 (IRS 1075) Information Security Guidelines
ISO/IEC 27001 Information Security Management System (ISMS)
ISO/IEC 27002 Information Security Management System (ISMS)
ISO/IEC 31000 Risk Management
National Credit Union Administration (NCUA) Cybersecurity Regulation
New York Department of Financial Services (NYDFS) Cybersecurity Regulation
NIST 800-171 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
NIST 800-30 Guide for Conducting Risk Assessments
NIST 800-37 Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy
NIST 800-47 Managing the Security of Information Exchanges
NIST 800-53 Security and Privacy Controls for Information Systems and Organizations
NIST Cyber Security Framework (CSF)
NIST Risk Management Framework (RMF)
SEC Cybersecurity Governance
SEC Cybersecurity Incident Disclosure
SEC Cybersecurity Risk Management
SEC Cybersecurity Strategy
Primary Areas of Expertise
Cybersecurity Legal Compliance, Cybersecurity Governance & Management
An award-winning data security and privacy risk management executive with expertise in developing security and privacy programs for both private and public organizations within major critical infrastructure sectors. A security career that began in 1999 as the first command information security officer. A curious leader with proven management and operational expertise to: -implement leading governance frameworks and GRC controls -develop cyber risk management policy, process, and standards -design enterprise security programs and system security plans -assess and identify both data and privacy risks -determine enterprise risk management priorities -coordinate corrective actions and plans -manage continuous diagnostics; and -administer vendor relations.
A strategic change agent and innovative problem solver in fast-paced and fluid environments. A team builder that mentors and empowers staff through vision, training, guidance, and motivation.
Professional certifications plus in-depth expertise in the following data security and privacy risk management domains: Governance; Engineering, Assessment (Audit); Risk Management, Compliance, and Continuous Quality Assurance. Specialization in developing quality-based management systems using NIST, ISO, and CERT/CC standards resulting in efficient and cost-saving risk management programs, policy, process, and capabilities.
Education:
- Oakland City University
Bachelor of Science (B.S.), Management - Community College of the Air Force
Associate of Science (A.S.), Health Information Management - SANS Technology Institute
Certificate, Information Security Management System ISO/IEC 27001/27002
Lead Auditor - SANS Technology Institute
Certificate, Implementing and Auditing the Top Critical Security Controls In-Depth (GCCC)
Certifications:
- ISSEP – Information Systems
Security Engineering Professional - CISSP – Certified Information
Systems Security Professional - CGEIT – Certified in Governance of
Enterprise Information Technology - CompTIA Subject Matter Expert
- Certified Information Security
Manager (CISM)
There are currently no reviews for this expert
Get In Touch With Elvis Moreland CISSP-ISSEP, CGEIT, CISM
Legal
Experts
Direct
Review Elvis Moreland CISSP-ISSEP, CGEIT, CISM.
You must be logged in to post a review.