This document provides a summary of Susan R. Tyson's professional experience and qualifications. She has over 20 years of experience in information technology, information security, customer support, and operations management. Her most recent roles include Director of Identity and Access Management at Black Knight Financial Services, where she leads an IAM team, and previous Director of Information Security roles at Aetna Insurance and Northrop Grumman, where she managed IAM implementation and compliance with security standards. She holds certifications including CISSP and CISM.
Experienced CISSP CISM Director Identity Access Management
1. Susan R. Tyson, CISSP CISM
Security Clearance: Secret
(321) 720-9094
SusanRTyson@gmail.com
Professional Profile
With more than 20 years of mid-to-upper level management experience concentrated in
Information Technology (IT), Information Security, Customer Support, and Operations.
Certifications, Specializations, and Skills
CISSP CISM ITIL Foundation
ITIL Practitioner / Support
and Restore
ITIL Executive Management CTPRP candidate (Certified
Third Party Risk
Professional)
COBIT Foundation Six Sigma Greenbelt
Expert in team leadership, process improvement, consulting, training, and administration of
diverse service organizations.
Director, Identity and Access Management, Black Knight Financial Services, Jacksonville,
FL 11/15 – present
Lead Identity and Access Management team
Implementation of multiple new IAM systems
Centralized Identity and Access Management (SailPoint)
Privileged Access Management (Thycotic Secret Server)
Manage multiple remediation efforts for IAM
Ensure compliance with Access Control policies and standards
Director, Information Security, Aetna Insurance, Virtual 02/15 – 10/15
Lead Solution Build team for Identity and Access Management.
Manage engineers in designing and developing IAM solutions.
Implementation of multiple new IAM systems:
Security risk analytics
Governance
Automated provisioning
Risk, attribute, and role based access control
Participate in third party vendor risk assessment team.
Act as Lead for threat, and incident response (rotating role).
Manage offshore contract workers.
Ensure compliance policies related to SOX, HIPAA and PCI standards.
2. Manager, Identity and Access Provisioning, Information Security, Northrop Grumman,
Virtual 2005 – 2015
Selected to create new department responsible for providing multiple customers with
centralized access control services.
Led Identity Provisioning Operations, Architecture, and Engineering and Development
teams.
Led enterprise-wide virtual organization with employees throughout the United States
Managed staff of up to 50 employees, processing 10,000 – 15,000 requests per month.
Participated in SOX audits.
Created policy and procedure to ensure compliance with SOX and HIPAA standards.
Wrote long range strategic plan for Security organization.
Scored in the top quartile in Gallup Employee Engagement Survey – recognized by
Sector President
Organized and led enterprise-wide integrated process teams.
Acted as liaison to individual sector and business unit customers to create and provide
services to meet customer requirements.
Participated in the design and implementation of an enterprise provisioning system to
automate access control.
Participant of Core team for Lean Six Sigma Service Desk/Access Administration
project. Streamlined Access Administration processes, increasing efficiency, and
reducing staffing by 20%.
Managed team responsible for end point security.
Worked with various functional organizations to ensure coordination of services and
performance management for customer service delivery.
Established KPIs and metrics for service delivery.
Created Incident Management and Problem Management processes as part of
development team.
Participated as Greenbelt on Corporate HR Onboarding Six Sigma project.
Participated as Stakeholder in Security and Identity Management project.
Participated as Stakeholder in Provisioning project (employees and partners).
Responsible for all corporate audit and compliance activities for access control.
Manager, Computer Operations, Northrop Grumman, Melbourne, FL 1999 – 2005
Managed personnel in four areas: Help Desk, Computer Operations Center, Media
Library, and Software License Management.
Consulted with Business Management customers to identify IT needs and to make
recommendations for improving IT tools and processes.
Acted as liaison between IT and Business Management to define requirements and
resolve issues.
Aced as facilitator on Data Management process management team.
Participated on multiple project teams including: Office 2003 Rollout project team; work-
flow creation for employee termination notifications; administrative assistant account
administration special needs project; enterprise-wide Peregrine Service Center
improvements team.
3. Prepared and presented proposals to Capital Review Board.
Hired, trained, evaluated, and mentored personnel.
Created and documented policies and procedures. Ensured documents were produced,
maintained, and accessible for all four areas of responsibility.
Participated in process flow improvement sessions (LEAN process) between multiple
Northrop Grumman organizations, resulting in 50% improvement in cycle time for
procurement process for IT related equipment.
Interfaced with customers to define customer requirements.
Assisted customers in defining operating standards and metrics.
Additional Professional Experience
Adjunct Instructor 2005 - present
Florida Institute of Technology – Management Information Systems
Technical Consultant
CustomerSoft, Inc
Stillwater, OK
Education
Florida Institute of Technology, Melbourne, FL – Masters, Business Administration
University of Maryland, College Park, MD – Graduate Certificate in Information Assurance (in
progress)
St. Mary's University, Minneapolis, MN – Bachelor of Science, Telecommunications
Management
Publications
Tyson, S., & Bean, L. (2005, May/June). Systems access hotspots: Are auditors ignoring danger?
Journal of Corporate Accounting and Finance, 3-
9. http://onlinelibrary.wiley.com/doi/10.1002/jcaf.20112/abstract.
Susan R. Tyson, CISSP, 321-720-9094. Page |