Profiles search

Erik Avakian, CISSP, CRISC, CISA, CISM, CGCIO, ITILv3

Cybersecurity Professional, Award Winning CISO and Public Speaker
Enola, PA, United States

Details

Education: Finance, Bentley University, 1989-1992
Experience: Chief Information Security Officer, Commonwealth of Pennsylvania, 2010-2022

• Establishes and implements the security strategy, technical standards and security policies across the commonwealth.



• Manages and directed all aspects of operations and efforts for the commonwealth's information security and incident response teams



• Serves as a central focal point for coordination and communication among Commonwealth agency security officers and with external entities



• Prevents and defends against cyber attacks, reduces the commonwealth’s vulnerability to cyber attacks, minimizes damage and recovery time from attacks, and neutralizes remaining threats.



• Remains abreast of the current security threat landscape and security best practices



• Participates in security information sharing with entities such as the Multi State Information Sharing and Analysis Center, the Department of Homeland Security, the United States Computer Emergency Readiness Team, local government communities and municipalities.



• Handles cyber incident response and mitigation throughout the Commonwealth



• Ensures compliance monitoring and management over a multitude of enterprise security architectures to maintain and fortify the commonwealth's multi-layered security posture.



• Routinely validates the security of the Commonwealth resources by performing regular network penetration tests, conducting ongoing risk assessments, conducting and participating in cyber exercises, provide ongoing reporting for compliance initiatives and perform risk assessment and analysis

Deputy Chief Information Security Officer, Commonwealth of Pennsylvania, 2007-2010

Security Consultant, Commonwealth of Pennsylvania, 2005-2006

Security Administration / Architecture / Policy / Incident Response

Network Engineer, Getronics, 2005-2005

Network Engineer, Net Runners, 2004-2005
Company: Info-Tech Research Group
Years of Experience: 19

Skills

administration, Application Security, Business Continuity, CISA, CISM, cissp, Compliance, Computer Forensics, computer security, Customer Service , Cyber Defense, Cyber Security, Data Privacy, Encryption, Enterprise Architecture, Enterprise Risk Management, Firewalls, Governance, Government, incident handling, Incident Management, incident response, Information Assurance, Information Security, Information Security Management, Information Technology, IT Audit, ITIL, it management, IT Service Management, IT Strategy, leadership, Management, Network Security, PCI DSS, Physical Security, Policy, Privacy Law, program management, Project Management, Risk Assessment, Risk Management, Risk Mitigation, Security, Security Audits, Security Awareness, Security Policy, strategic planning, Vulnerability Assessment, Vulnerability Management, Penetration Testing, Enterprise Risk

About

A Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), and Certified Government Chief Information Officer (CGCIO) with over 20 years experience in implementing large scale enterprise deployments and security services and solutions for large scale Fortune 100 sized environments.



Certifications

Certified in Risk and Information Systems Control (CRISC)

Certified Information Systems Security Professional (CISSP)

Certified Information Systems Auditor (CISA)

Certified Information Security Manager (CISM)

Certified Government Chief Information Officer (CGCIO)

ITIL V3 Foundations in IT Service Management



Honors Awards and Recognition

2022 Recognition from PA Governor Tom Wolf for 16 Years of Outstanding Public Service

2022 Recognition from MS-ISAC for 8 Years of Distinguished Service, Loyalty and Dedication

2020 Finalist: NASCIO Award for Cybersecurity Risk Indicators

2019 GovTech Top 25 Doer, Dreamer & Driver Award

2018 StateScoop Top 50 in Cybersecurity Award

2017 Winner: NASCIO award for Risk Based Multi-Factor Authentication

2017 Winner: NASCIO Thomas M. Jarrett Cybersecurity Scholarship Award

2017 Recognition from PA Governor Tom Wolf for Outstanding Achievement in Security

2015 GovTech Top 10 Influencers in Government Award

2015 Finalist: NASCIO Award for Advanced Cyber Analytics

2014 Winner: 2014 Cybersecurity Leadership and Innovation Awards for Protecting Citizen Data

2013 Finalist: NASCIO Award for Managed Enterprise Internet and Security Services

2013 Finalist: NASCIO Award: Managed Enterprise Internet and Security Services

2011 Winner: GovTech Award: Outstanding Leadership and Innovation

2009 Winner: MS-ISAC Best of the Web: Cybersecurity.state.pa.us

2009 Winner: ISE Project of the Year: Safeguarding Citizen Data

2009 Finalist: NASCIO Award: PA Security Incident Response Process

2008 Winner: OA/OIT: Employee of the month for outstanding service

2008 Winner: SC Magazine: Best Security Team of the Year

2007 Winner: NASCIO Award: Pennsylvania Information Security Architecture



Specialties: Leadership, Security Governance, Strategy, Risk Management, Compliance, Assessment, Data Protection, Team Building, IT Policy, Incident Management, Response, Metrics, Enterprise Architecture, Auditing, Monitoring, Financial Management, Budgeting, Project Management, Training, Mentoring, Financial Analysis, Contract Negotiations, Process Improvement, Procurement, Change Management, Physical Security