Jeffrey Pisani

NAVFAC (Naval Facilities Engineering Command):

• Oversaw Navy cybersecurity audit and inspection projects from start to finish—defining requirements, crafting tailored solutions, guiding implementation, and conducting post engagement reviews ultimately leading to streamlined compliance and enhanced audit readiness.
• Led a director-driven initiative to establish and oversee cybersecurity inspections for mission critical facility control systems(MCFRCS). Translated high level objectives into actionable plans by mapping audit workflows, pinpointing assessment bottlenecks, and introducing real time dashboards- accelerating compliance risk identification.
• Developed and maintained Azure Workbooks to track the status and progress of inspections and assessments with the goal of enhancing transparency and efficiency across project stakeholders.
• Implemented cybersecurity supply chain risk management policies (NIST SP 800-161, DFARS), ensuring alignment with Navy, DoD, and federal standards to make our CYBERSAFE policies more robust.

Navy Cyber Business Development:

• Drove systematic tracking and evaluation of upcoming government contract opportunities, leveraging platforms like GovWin and Jupiter to discover and assess projects aligned with the team’s technical profile.
• Conducted an independent assessment of contract requirements against internal strengths and gaps, synthesizing research findings into actionable intelligence for leadership's consideration.
• Directed information flow between research efforts and senior decision-makers, ensuring relevant opportunities received prompt attention for further pursuit.

• Coordinated technical documentation and compliance materials for federal bids and contracts, ensuring alignment with NIST, DFARS, and RMF standards.
• Assisted in documenting and rolling out new security programs and policies across departments, supporting consistent operational practices.
• Conducted risk analyses to identify potential security gaps and advised on targeted countermeasures.
• Investigated and reported computer security incidents, collaborating on well-defined mitigation strategies.
• Researched emerging computer forensic tools to enhance operational effectiveness and decision-making.
• Monitored and regulated access to sensitive data using Azure Compliance tools, safeguarding confidential information.