Bradley Bemis MS, CISSP, CISA, SACP, CSSG, LPCC, ADDC, CLC
Details
Psychology
California Institute of Integral Studies
2022 : 2027
Professional Certificate : Teaching Adult Learners
UC San Diego
2021 : 2023
Master of Science - MS
Clincial Mental Health Counseling
Walden University
2018 : 2021
Bachelor of Science - BS
Information Technology
University of Phoenix
2001 : 2004
Associate of Arts and Sciences - AAS
Information Systems Technology
Community College of the Air Force
1991 : 1998
Built entire cybersecurity and information risk management programs from the ground up using framework components from CIS, NIST, SANS, ISO, HITRUST, ISF, ITIL, COBIT, COSO, AICPA, IASME, CIIP, IOTCA/IOTSF, ENISA, CSA-CCM, VERIS, and MITRE ATT&CK.
Conducted compliance readiness audits and directed ongoing remediation efforts to ensure conformity with PCI, HIPAA, SOX, GLBA, BSA, FINRA, CMMC, FISMA, FEDRAMP, DFARS, EGA, NERC, TSA, FERPA, ISO, PIPL, GDPR, CCPA, NYDFS, and state breach laws.
Produced certification and accreditation packages, system security plans, and POAMS for sensitive systems; aided development teams to incorporate security into the SDLC via AGILE, Waterfall, DevOps, and more; created and enforced system hardening standards for networks, applications, platforms, and devices; streamlined threat management and vulnerability remediation capabilities across the enterprise.
Evaluated third-party technologies, cloud service providers, and partner agreements; implemented and maintained cybersecurity tools, technologies, and services to reduce attack surface; administered and conducted penetration testing of systems, applications, databases, and networks; analyzed anomalous events and indicators of compromise; spearheaded business continuity, disaster recovery, incident response, and digital forensic initiatives.
Authored security principles, policies, standards, guidelines, and procedures in modular formats; established and updated internal online portals and SharePoint sites for distribution; maintained internal adoption and compliance metrics; worked with business leaders and HR for enforcement.
2012 : Present
SecureITExperts
Cybersecurity Professional : Governance, Risk, and Compliance Manager
Researched human-factor risk trends; reviewed DBIR, SANS, and other threat reports; conducted cultural context assessments; identified top threats requiring human defense measures; coordinated with business and IT leaders to set behavioral modification objectives.
Established PiT and continuous cybersecurity awareness, training, and education programs; created progressive awareness campaign plans – with an elevated cadence during cybersecurity awareness month; led internal and external advocacy, messaging, and outreach initiatives; leveraged a broad range of multi-channel communication services and technologies.
Used role-based and micro-training models for curriculum design; developed formal cybersecurity content and courses leveraging ADDIE and SAM methodologies, Bloom’s Taxonomy, Social-Cognitive Learning Theory, and more; provided classroom training (in-person/instructor-led), and synchronous online instruction; built e-learning modules using Storyline and iSpring, delivered SCORM-compliant modules for LMS distribution, and managed multiple LMS platforms - including iSpring, Blackboard, Canvas, Moodle, and TalentLMS.
Streamlined content delivery for executive staff, high-value targets/highly attacked persons, development communities, 3rd party vendors, and other groups requiring special handling; ran regular social engineering and phishing simulation campaigns for multi-layered testing; conducted tabletop exercises to test incident response and other cybersecurity processes.
Defined baseline metrics to analyze attitudes, skills, and behaviors; monitored key performance indicators and SMART metrics to validate, improve upon, and ensure continuous compliance with internal/external cybersecurity requirements; conducted ongoing gap analysis reporting to identify and prioritize target learning areas over time.
Currently experimenting with AI, using Chat-GPT and other AI engines to facilitate individually-customized, on-demand, real-time learning.
2012 :
SecureITExperts
Cybersecurity Professional : 'Human-Factors' Risk Researcher, Behaviorist, and Educator
Offering career counseling and coaching services to those interested in, or already pursuing work within, the professional domain of cybersecurity.
*Credentials : 30+ year cybersecurity veteran (CISSP, CISA, SACP); Certified Life Coach (CLC) and licensed mental health professional - with an extensive career counseling background, an MS in Clinical Mental Health Counseling, and currently a PhD Student in Psychology.
2021 :
SecureITExperts
Cybersecurity Support Professional : Career Development Coach
Providing mental health counseling and coaching services to IT and cybersecurity professionals who are seeking to manage increasingly complex business demands, reduce internalized stress responses, and enhance overall psychological resilience.
*Credentials : Licensed Professional Counselor Candidate (LPCC) and Addiction Counselor Candidate (ADDC) in Colorado; Certified Life Coach with an extensive mental health background; MS in Clinical Mental Health Counseling and current PhD Student in Psychology.
*Clinical Concentrations : Family, Relationships, Career, Finances, Life, Stress, Anxiety, Depression, Trauma, Addiction, Self-Esteem, Perfectionism, Panic Attacks, Sleep Disorders, Eating Disorders, Body Dysmorphia, Chronic Pain, and Chronic Illness.
*Main Interventions : The trauma-informed use of clinical interventions from ACT, DBT, Mindfulness-based CBT, Internal Family Systems, Inner-child Work, Focusing, Somatic Experiencing, Exposure Therapy, the Gottman Method, Solution and Brief Solution Focused, Motivational Interviewing, Nonviolent Communications, Applied Behaviorism, Breathwork, Psychedelics, and more; along with various forms of mindfulness, meditation, and contemplative practice.
2021 :
SecureITExperts
Cybersecurity Support Professional : Stress and Resilience Therapist
FTE : Darden Restaurants, Governance Risk and Compliance Lead (2022-2023)
Contract : SeaWorld Parks and Entertainment, Manager, Cybersecurity Operations (2020-2021)
Contract : BBA Aviation/Signature, Data Protection and PCI Compliance Lead (2018-2019)
FTE : SAIC Corp., Principal Security Analyst for Strategy, Policy, and Training (2016-2017)
FTE : Aspect Technologies, Senior Analyst for Policy, Compliance, and Marketing (2015-2016)
Consulting Client List : Starbucks, Teavana, REI, Boeing, Alaska Airlines, U.S. Navy, World Vision, Western Peterbilt, Integra, Comcast, Moxie, Intellius, ThruVid, Webroot, Oki, Overlake Hospital, Jefferson Healthcare, Lake Forest Health, UW Medicine, Childrens Hospital, Sunrise Health, Columbia Hospitality, Silver Cloud, Diamond Parking, Multnomah County, SECU, WSECU, AAOA, Veca, and several others.
2012 : 2023
Concurrent Engagements : SecureITExperts
Cybersecurity Professional (2012-2023)
Skills
Analytical Skills, Awareness, Career Development Coaching, Computer Security, Consulting, Culture Change, Cybersecurity, Cybersecurity Awareness, Training, Behavior, and Culture, Cybersecurity Governance, Risk, and Compliance, Information Security Awareness, Information Security Management, Leadership, Marketing, Mental Health Counseling, Mindfuness, Neuroscience, Organizational Culture, PCI DSS, Process Improvement, Project Management, Psychology, Regulatory Compliance, Research, Risk Management, Security, Security Awareness, Training, Writing
About
Bradley Bemis
SACP, CISSP, CISA
CYBERSECURITY PROFESSIONAL
***Applying people-centric approaches to the management of human-factor risks***
I have nearly 35 years of technology, leadership, communications, marketing, training, and mentoring experience in the cybersecurity industry. I hold a BS is in Information Technology, and twin AAS degrees in both Technology and Personnel Management.
My main body of work focuses on the intersection between cybersecurity, behaviorism, and adult learning. I also engage in FTE, contracted, and consulting roles related to cybersecurity governance, risk, and compliance (GRC) work.
Note: I provide mental health counseling and life coaching services for cybersecurity and IT professionals who may benefit from help with stress and anxiety, communication issues, and career planning — or other common life challenges.
-----
Bradley Bemis
PhD Student-Psychology
MS, LPCC, ADDC, and CLC
THERAPIST/COACH/GUIDE
Licensed Professional Counselor Candidate (LPCC) – Colorado
Addiction Counselor Candidate (ADDC) - Colorado
Professional/Certified Life Coach (CLC) – Life Purpose Coaching
Contemplative Wisdom and Somatic Practice Guide – Nondual
***Offering mental health services that are grounded in trauma-informed contemplative and somatic practice, ongoing advances in modern neuroscience, and evidence-based models of psychological healing***
I’m a therapist, coach, and guide living in Denver Colorado - and I’ve been working with people, in a helping context, since 2014.
I earned my Masters of Science degree in Clinical Mental Health Counseling from the CACREP-accredited CMHC program at Walden University, and am currently a PhD student studying Psychology at the California Institute of Integral Studies (CIIS) – focusing on Consciousness Studies and Contemplative Neuroscience.
As a therapist, my main area of clinical interest is stress and anxiety; along with common trauma precursors and often co-occurring presentations of depression, addiction, eating disorders, panic disorders, and sleep disorders.
My background and experience with clinical interventions includes the trauma-informed use of clinical interventions from ACT, DBT, Mindfulness-based CBT, Internal Family Systems, Inner-child Work, Focusing, Somatic Experiencing, Exposure Therapy, the Gottman Method, Solution and Brief Solution Focused, Motivational Interviewing, Nonviolent Communications, Applied Behaviorism, Breathwork, Psychedelics, and more; along with various forms of mindfulness, meditation, and contemplative practice.