Jeffrey Pisani

NAVFAC (Naval Facilities Engineering Command):

• Crafted comprehensive cybersecurity policies for clients, integrating Risk Management Framework (RMF) principles and NAVFAC CYBERSAFE requirements in alignment with DoD/Navy directives.
• Conducted onsite criticality analyses of NAVFAC systems, developing grading methodologies to evaluate and communicate the cybersecurity resiliency and posture of Field Engineering Commands (FECs).
• Oversaw compliance monitoring for 100+ systems, ensuring adherence to OPNAV cybersecurity guidance and facilitating continuous improvement.
• Played a key role in launching a director-led initiative to establish and oversee inspections and assessments which aims to provide a focused approach to the cybersecurity, resilience, and functionality Mission Critical Facility Control Systems.
• Developed and maintained Azure Workbooks to track the status and progress of inspections and assessments, enhancing transparency and efficiency across project stakeholders.
• Implemented cybersecurity supply chain risk management policies(NIST SP 800-161, DFARS), ensuring alignment with Navy, DoD, and federal standards to make our CYBERSAFE polices more robust
• Delivered comprehensive program management support, including organizing and facilitating meetings, managing calendars, and coordinating communications between clients and contractors.

Air Force Security Forces:

• Provided direct support to the Authorizing Official (AO) and AO Designated Representative, facilitating the review and adjudication of Authority to Operate (ATO) requests.
• Evaluated system security controls via eMASS, collaborating with system owners and Security Control Assessors (SCAs) to identify vulnerabilities and deliver actionable recommendations.
• Reviewed and contributed to multiple Security Assessment Reports (SARs), ensuring comprehensive documentation of findings and risk mitigation strategies.
• Assisted in the development and management of Plan of Action and Milestones (POA&M) documents to track remediation activities and maintain compliance.

• Supported our solutions team by providing technical responses to many federal bids and contracts. Strong focus on NIST/ DFARS compliances and the RMF process.
• Developed, implemented and documented security programs and policies and monitored compliance across departments.
• Reviewed violations of computer security procedures and developed mitigation plans.
• Recommend improvements in security systems and procedures.
• Researched new computer forensic tools.
• Performed risk analyses to identify appropriate security countermeasures.
• Monitored use of data files and regulated access to protect secure information through Azure Compliance tools

• Helped provide pre-assessment consulting services to government contractors and other Organizations Seeking Certification and/or assist during assessments in the event a finding is uncovered. Provided advice and counseling as well as tailored recommendations to our clients seeking CMMC certification.
• Assisted in formulating and reviewing customers cyber security policies and posture.
• Proposal writing and initial customerengagements
• Helped formulate business development strategies for a SDVOSB company.
• Completed research, compiled data and assisted in timely reporting.

Collaborated with team to optimize workflow and achieve objectives.

• Conducted research focused on national security with the goal of educating and shaping public debate on key security topics:

- State of the US's security posture

-F-35 FMS Policy and Strategic Implications.

-Border Security & Advanced Surveillance Technology.

• Developed social media content for Twitter and Facebook.
• Contributed, edited, and reviewed policy articles submitted to premiere publications such as Forbes, Real Clear Politics, Real Clear Defense, and The National Interest.
• Sorted, organized and maintained files.
• Answered and transferred incoming telephone calls, taking messages for various staff members.