top of page
  • White LinkedIn Icon

Hello! I'm Amanda.

 

Being an analytical thinker can be seen, at least by some, as an exhaustive process. But it is something that I do naturally and, in my view and profession, consider to be one of my best strengths. It is the strength that has assisted me most in earning my Certified Information Security Auditor and Security+ certifications, and my Master’s Degree in Information Assurance over the course of my nearly 6 years of success in the IT field. It is also the strength that makes Information Assurance and IT Security and Compliance such a natural fit for me. It is engrained in me to regularly think through decisions in order to decide what the best way forward is. I enjoy the concept of assisting organizations with the creation and implementation of policies and rules that serve to aid an organization in being their best self, and their most secure self. 

Higley-98 (1).jpg

Amanda Higley, CISA, Sec+

Experienced IT Security and Compliance Professional

 

Phone:

540-222-9802

 

Email:

amanda@amandahigley.com 

 

Address:

Silver Spring, MD

EXPERIENCE
EXPERIENCE
August 2019 - present

Policy and Compliance Analyst

M. Powered Strategies

Contract: Federal Retirement Thrift Investment Board (FRTIB) - August 2019 - November 2021

●  Workstream lead for the Audit and Compliance Branch of the Office of Technology Services (OTS), responsible for compiling and submission of Corrective Action Plan Packages for 20 Agency-owned audit findings in during FY2021 and 11 packages in Q1 of FY2022.

●  Tracked remediation of all third-party, internal, and FISMA audit findings for OTS.

●  Worked with the agency's various branches/divisions to create Corrective Action Plans (CAPs) for audit finding remediation.

●  Facilitated meetings with stakeholders and points of contact to initiate activities related to Corrective Action Plans (CAP) remediation.

●  Facilitated the submission of remediation packages for review by the Office of Enterprise Risk Management.

●  Facilitated the review and submission of audit remediation packages submitted by the organization's managed service provider

●  Communicated the workstream's progress by providing weekly recap emails to Audit and Compliance Branch Chief and projected workstream's progress in bi-weekly cadences.

●  Communicated all audit progress to MPS' team through Agile Scrum meetings.

●  Provided additional support to the FISMA Policy and Procedure and Contingency Planning workstreams as the Audit Subject Matter Expert (SME)

●  Reviewed all documentation from an Auditor's lens to recommend adjustments and changes based on industry best practices and auditory gaps.

●  Drafted Agency strategies, plans, policies, and procedures that aligned to NIST SP 800-53 Revision 5, Cybersecurity Framework (CSF), the Risk Management Framework, OMB M-19-03 publications.

June 2019 - August 2019

Information Security Volunteer

CentroNía

• Assist in Security Awareness training of critical staff in organization using KnowBe4 webinars
• Conduct risk assessment of critical departments to determine vulnerabilities
• Write up of recommendations for vulnerability remediation
 

Jun 2015 - Jul 2016

Infrastructure Technician

Empowerment through Technology and Education (ETTE)

• Documenting Client Network infrastructure using Microsoft Visio
• Creation and updating organization's Standard of Operation Procedures (SOPs)
• Assisted in completing Help Desk tasks for over 20 clients, including new employee setup and password resets using Active Directory, linking new employee profiles with network shares and new email set ups within Microsoft Exchange and Office 365
• Installation of new hardware for computers and network infrastructure (memory, hard drives, firewall installation and configurations) 
• Traveled to Clients' office locations in order to complete on-site Help Desk tasks
 

Sept 2014 - Jun 2015

Information Technology Intern

CentroNía

• Desktop deployment and configuration using Windows 7 Professional across four locations
• New employee setup using Active Directory, linking employee profiles with network shares; new email set up with Microsoft Exchange
• Installation of new hardware accessories (memory, replacement hard drives) 
• Creation of purchase orders and equipment ordering 

Sept 2010 - Nov 2012

Operations Specialist

SecureNet Payment Systems

• Underwriting of Merchant credit card processing applications
• Completed Risk assessments of merchants for financial stability 
• Demonstrated understanding and regulatory compliance with PCI-DSS credit card processing data standards

EDUCATION
EDUCATION
2014-2016

Master's Degree, Information Assurance

University of Maryland University College

Adelphi, MD

Coursework includes Information Technology Infrastructure, Foundations of Information Security Network and Internet Security, Intrusion Detection Prevention, Cryptography and Data Protection, Computer Forensics, and Information Technology Security Policy - Ethics and Legality

2006-2009

Bachelor's Degree, Biology

University of Mary Washington 

Fredericksburg, VA

Coursework includes Microbiology, Virology, and Genetics

Industry Certifications
INDUSTRY CERTIFICATIONS
Valid Aug 2020 - Jan 2024
Valid Nov 2018 - Nov 2024

ISACA Certified Information Security Auditor (CISA)

CompTIA Security+

CONTACT
bottom of page