Sandon Nachmann

Raleigh, NC · sandon321@gmail.com

I'm an AWS Certified Solution Architect with 20 years of experience and a proven track record for leading and developing Security, IT, and Project Management programs and departments.

As the current Information Security Officer and Network Manager for NCSEAA I know what it means to wear many hats. Setting policy, creating a vision, troubleshooting firewall routing issues, and pentesting custom web apps in Kali are all part of a typical work week.

Most importantly I work hard and play harder. I'm constantly pushing myself and those around me to think outside the box, achieve the impossible, and never settle for status quo!

Visits:


Experience

Information Security Officer & Network Manager

NCSEAA
  • Create and execute the vision and strategic roadmap for the Information Security and Network Infrastructure team in order to ensure the confidentiality, integrity, and availability of all information at NCSEAA.
  • Administer the NCSEAA security program, and coordinate with agency staff during annual Federal FISMA Audit to ensure compliance with all NIST 800-53 standards.
  • Manage $500K department budget, ensuring sufficient resources are available and allocated to projects.
  • Operate Azure Cloud Infrastructure via ExpressRoute connected VNET with 35 VM’s, load balanced Barracuda firewall cluster, and Barracuda WAF.
  • Oversee administration of Barracuda Firewalls, Cisco Firepower IPS, AlienVault SIEM, Cisco Umbrella Web/URL filtering, Cisco AMP. As well as Qualys, Imperva, Veracode, & Titania Nipper Vulnerability Scanning program.
  • Perform penetration testing on custom Dev web app servers using Kali Linux, ensuring OWASP best practices.
December 2019 - Present

Security Consultant

MCNC
  • Provide guidance and direction to 300 K-12, University, College, and Charter schools in North Carolina to achieve compliance with laws and regulations (HIPAA, PCI, FERPA, GLBA).
  • Evaluate customer cybersecurity program effectiveness against industry accepted frameworks (ISO 27002:2013, NIST 800-53, NIST 800-171, NIST Cybersecurity Framework, CIS Critical Security Controls).
  • Lead the design and execution of security engagements, review assessment findings, and present mitigating controls in detailed reports to optimize information security controls.
  • Act as “virtual CISO” working alongside school leadership to provide guidance and expertise in all areas of security.
  • Provide Palo Alto system/threat monitoring. Respond to system wide security events & provide incident response.
  • Review AWS VPC network segmentation, EC2 Security groups, NACL’s, and route tables for least privileged access. Assess public facing EC2 instances and S3 access controls.
July 2018 – December 2019

Director Strategic Projects

Coastal Credit Union
  • Coordinated project deliverables throughout 1-year merger and acquisition of Freedom credit union, having a total project budget of approximately $2.5M.
  • Managed 6-month RFP for the selection of new core credit card processing system which consisted of contract reviews, pro-forma cost analysis, vendor demo’s, and recommendations to senior management.
  • Developed corporate project management training program which set the standards for managing projects across all business units. Taught program to 80 personnel inclusive of VP’s, Mgr.’s, & PM’s.
  • Directed team of 15 BA’s, Engineers, Developers, and SME’s through the implementation of Interactive Intelligence’s CIC phone dialer solution. This provided predictive dialing, real-time account lookup, and interactive recording of agent calls for collection department consisting of 50 personnel.
March 2015 - July 2018

IT Project Manager

MBM Customized Foodservice
  • Managed the deployment of SelectorPro warehouse selecting technology at 35 distribution centers throughout the country, having a total budget of approximately $15M.
  • Executed the rollout of RF Warehouse Scanning devices to distribution centers throughout the country. This resulted in real-time visibility into inventory, reduced labor expense, and improved accuracy and efficiency.
  • Served as liaison between non-technical business units and IT, communicating technical information and plans.
  • Worked with Clarizen and MS Project, project portfolio management tools.
  • Defined project scope, milestones and deliverables that support business goals in collaboration with senior management and stakeholders.
April 2014 – March 2015

IT Integration Manager

Teachers Federal Credit Union
  • Implemented Docusign eSignature suite on an enterprise level for member and employee-based documents. This led to increased efficiency, paper cost savings, and member level satisfaction.
  • Utilized advanced knowledge of SQL, SSRS, Crystal Reports, MS Access, and Excel for managing systems development, maintenance, and enhancements.
  • Researched and implemented new technologies, development tools, and commercial software products to enhance organizational efficiency and functionality.
  • Development of technology products, service standards and other efforts that impact lending operations for a $5.4-billion-dollar credit union.
August 2012 – April 2014

Security / Business Continuity Manager

Teachers Federal Credit Union
  • Performed comprehensive risk assessments on all aspects of security inclusive of IT Security Testing, Physical security, and regulatory compliance (PCI-DSS, FFIEC, GLBA).
  • Establishment of Board of Director approved Information Technology Policy that complied with federal regulations and best practices, and provided security for the credit union and its members data.
  • Conducted all forms of BCP testing including call trees, tabletops, as well as oversee and evaluate bi-annual HP-UX mainframe failover testing to company hot-backup site.
  • Utilized Kali Linux, Armitrage, Nmap, Nessus, and Aircrack-ng to validate security controls in place.
October 2008 – August 2012

PC / Project Technician

Teachers Federal Credit Union
  • Installed and configured OS software and upgrades on the 50+ Windows and Unix-variant servers (OpenBSD, FreeBSD, HP-UX), as well as the 800+ user desktop pc’s.
  • System administration of Cisco routers, Cisco ASA, Nortel switches, Snort IDS, Sendmail, DNS (bind).
  • Maintained and updated corporate Apache web site using Dreamweaver and Photoshop.
  • Managed a team of eight SME’s to implement a corporate CRM solution using Harland’s Touché Sales & Service.
  • Met with IT Manager reporting the status of current projects, identifying issues and assessing their impact, and proactively recommending solutions.
August 2000 – October 2008

Education

Dowling College

Master of Business Adminsitration
Corporate Finance

Dowling College

Bachelor of Science
Computer Science

Certifications

Certified Ethical Hacker (CEH)

EC-Council
#ECC7209158364
August 2020

AWS Certified Solutions Architect Associate

Amazon Web Services
#2TKTT9W2MBQEQV3P
August 2019

AWS Certified Cloud Practitioner

Amazon Web Services
#81TH0GK2JEVQQZ92
May 2019

Certified ScrumMaster

SCRUM Alliance
#722932
November 2017

LEAN Six Sigma Green Belt Certified

Purdue University
#PU595GB146711X
January 2015

Interests

Cloud Resume Challenge

This resume is being developed as part of the https://cloudresumechallenge.dev.

The Cloud Resume Challenge covers a wide area of topics that includes full-stack software development, version control, infrastructure as code, automation, continuous integration and delivery, cloud services and “serverless”, application security, and networking.

As of now the challenge is not yet complete. My cloud resume and this page is still a work in progress!