Cliford Fumbui

Cyber Security Engineer

Textron | Dec  2021 - Present

1. Developed and implemented cybersecurity strategies to mitigate IT and regulatory risks while aligning with business goals.
2. Designed secure baseline configurations, conducted technical assessments, and ensured compliance with security standards.
3. Managed cybersecurity policies, procedures, and regulatory frameworks, updating them to address evolving threats.
4. Utilized Archer GRC for risk management, compliance, vendor risk, and policy enforcement.
5. Administered security infrastructures, ensuring robust protection, availability, and continuous improvement.
6. Led cybersecurity projects, collaborating across departments to enhance security posture and system-wide protection.

Risk and Compliance Analyst

Kautex | May  2019 - Aug 2021

1. Developed and enforced cybersecurity policies aligned with ISO 27001, NIST, and RMF standards, ensuring compliance and governance.
2. Conducted security assessments, risk evaluations, and third-party vendor risk management to enhance security posture.
3. Managed POA&Ms, classified security controls using RMF (NIST 800-60 & FIPS 199), and facilitated security control remediation.
4. Oversaw cloud security protocols in AWS and Azure, ensuring best practices and compliance with regulatory frameworks.
5. Utilized GRC tools like Archer, Metric-Stream, Zen GRC, and ServiceNow for risk management, compliance tracking, and policy enforcement.
6. Supported FISMA reporting, compliance scanning, security testing, and accreditation processes for information systems.