Chris Stanley
Details
Hampton University
Bachelor's degree
Computer Information Systems
Wayland Baptist University - Hawaii
2005 : 2008
Business Administration and Management, General
Montgomery College
Remember... I call this fun; and continue to devour every movie, series, book, and webinar (that I can reasonably attain) about Disaster & Destruction when not actively identifying, protecting, detecting, responding, or recovering within the IT or cybersecurity domains.
2023 : Present
Air InfoSec
Cybersecurity Consultant
Do I create the CISSP exam? Not necessarily; however, all questions on an ISC2 exam (CISSP, CC, SSCP, CCSP, ISSAP, etc.) have been vetted by me and my fellow teammates who have been battle tested to tears. ISC2 has a very thorough lifecycle process from creation to retirement of exam questions that includes YOU 🫵🏼. If you are interested in creating these cybersecurity related exam questions, become an ISC2 member, and search for volunteer opportunities on our business website.
2022 :
ISC2
Exam Content Developer
My first role as a retired military veteran was not easy to find; luckily it found me. CAG accepted me with close to no experience in the Governance, Risk Management, and Compliance (GRC) sector of cybersecurity. I soaked up everything about security control standards from NIST, ISO, and CSA and proved my competence in identifying where adherence to industry best practices and regulations apply to the identification, protection, detection, response, and recovery of IT assets, threats, vulnerabilities, and risks. This allowed management to quickly remove my training wheels and throw me into the fray of assessing government agencies and universities against these security control standards. Whether an assessment ends with a high or low score, I give the news with no fluff, and everyone is content and understands what needs to be done in the short and long-term to improve cybersecurity readiness. I am always in an assessment, going into an assessment, and ending an assessment, all at the same time. This experience prepared me for the CISSP domains I had the least experience with, and allowed me to pass the CISSP exam on my first attempt. This positions could appear as a demotion compared to the other Executive Level positions previously held; however, it was necessary to gain the valuable experience of fully understanding Governance, Risk, and Compliance. I got to work with some really talented professionals at CAG who are now like family to me.
2021 : 2022
Columbia Advisory Group
Cybersecurity Consultant | Governance, Risk, and Compliance
A beautiful place to retire from the military! I promoted to Senior Chief Petty Officer three months into this tour, some time later my boss relocated for a new position; which allowed for me to move into her position as Director of IT. Small team, but with the help of over 150 junior Sailors, we were able to expedite the renovation and relocation of all personnel and IT assets to a new state-of-the-art facility just before a pandemic hit. We also improved network availability through cloud migrations and creating remote work policy and procedures in response to the pandemic. Everything that happened during this tour happened right on time. The building we previously occupied was now empty, and used as Isolated and Quarantined living quarters. This building was historic for the linguist I supported. Reading the article below, you can almost see how bittersweet it was to finally leave that old and out of date building.
2018 : 2021
US Navy
Director Of Information Technology
Best ship tour, best Chief Petty Officer's Mess, best team of Information System Technicians I ever worked with! I checked onboard just in time to lead my team through our first communications integrity and availability assessment before deployment, and we FAILED it fast and hard; so hard we aced every assessment and audit that proceeded. More than survived, we thrived during our six month deployment, pushing our communication gear to maximum capacity. I would say we kept over 50 lines of communication available for 99.999% of the time. All while sailing through dangerous territories and being constantly tested by advanced and persistent threats to cybersecurity. This tour was short, but efficient and effective in completing the mission.
2016 : 2018
US Navy
Chief Information Security Officer
Skills
Amazon Web Services (AWS), Cloud Computing, Cloud Security, Computer Networking, Computer Security, COMSEC, Cybersecurity, Data Security, Defense, Disaster Recovery, DoD, Force Protection, GRC, Hardware, Help Desk Support, Information Assurance, Information Security, Information Technology, Infrastructure, Intelligence, ISO 27001, IT Management, LAN-WAN, Microsoft Excel, Microsoft Outlook, Microsoft PowerPoint, Military, Military Experience, Military Operations, National Security, Navy, Network Administration, Network Security, NIST 800-53, Process Improvement, Program Management, Project Management, Risk Management, Security, Security+, Security Clearance, SharePoint, Software as a Service (SaaS), System Administration, Top Secret, Troubleshooting
About
I am an Exam Content Developer at (ISC)², the leading nonprofit organization for cybersecurity professionals. I have over 20 years of experience in the cybersecurity field, and I hold the CISSP and CCSP credentials, as well as an Amateur Radio Technician license. My role involves creating and reviewing questions for various cybersecurity certifications, such as CISSP, CCSP, SSCP, and ISSAP, ensuring they are relevant, accurate, and challenging.
My passion for cybersecurity stems from my military background, where I learned the importance of integrity in the exchange of information. I retired as a Navy Senior Chief in 2021, after leading, assessing, and training hundreds of Information Security Engineers for over 17 years. I also worked as an independent cybersecurity consultant for multiple government agencies, creating and modifying policies and procedures for incident response and recovery, especially for ransomware attacks. I enjoy sharing my knowledge and expertise with others, and I welcome any questions or requests regarding cybersecurity certification, compliance, and information security.