Christian Davies
Education:
Master of Science (MSc)
Information Systems and Telecommunications
The Johns Hopkins University - Carey Business School
2005 : 2007
Graduate Certificate,
Information Security & Risk Management
The Johns Hopkins University - Carey Business School
2005 : 2007
Experience:
Enterprise Portal Services Project (EPS) :
04/01/2021 - Present Senior Information Security Specialist Columbia, MD
Department of Health & Human Services - CMS – (C-HIT, LLC)
Supports the Enterprise Portal Services (EPS) Team on all Security related issues while working closely with the Chief Security Architect, System Architect and Project Manager to plan and design security into the technical solution for Enterprise Portal Services. Supports CMS Security and ISSO and responsible for assuring all CMS security and privacy considerations and requirements are addressed, to ensure the system is designed and ready for the annual Adaptive Capabilities Testing (ACT) and maintains the system Authority to Operate (ATO). (50hrs/Wk.)
Works independently and collaboratively to resolve challenges facing the security team quickly and completely.
Performs Security Audits such as CMS Adaptive Capabilities Testing (ACT).
Performs Web Application Penetration and Continuous Diagnostic Monitoring (CDM) testing.
Provides mitigation and/or addressing the security specific vulnerabilities and document via Plan of Action and Milestones (POA&M).
Supports ad hoc security requests from the customer and program management.
Proactively lead multiple priorities and efficient in proposing solutions to complex, time-critical problems.
Experience working within DevSecOps teams performing application code reviews and providing enterprise security expertise to application/system development teams.
Manages changes to scope and schedule and resolves conflicts, and tracks and documents reasons for the changes.
2019 : Present
C-HIT
Senior Information Security Analyst
2018 : 2022
Applied Insight LLC
Information Systems Security Analyat
Company: C-HIT
Years of Experience: 6
8+ years of experience in highly regulated environments in various sectors, especially in the US Federal Agencies.
Experience with Project Management, Information Assurance/Security Assessment, & Authorization (NIST Based), FISMA Compliance/ISO 2700/COBIT, FEDRAMP Cloud Security Compliance), Process Improvement Methodology; System Development Life Cycle (SDLC); IT Security & Compliance Management, etc.