Kelvin Brooks Cyber Professional

Available For Hire

Get to know me!

About Me

My Experience

Over his 25-year career, Mr. Kelvin Brooks has masterfully merged hands-on technical security expertise, exemplary leadership, and profound Information Technology (IT) acumen to chart the strategic course of information assets for both the City of Atlanta and Equifax. In doing so, he has diligently safeguarded these valuable information assets.

Kelvin boasts extensive experience encompassing all eight domains of the Certified Information Systems Security Professional (CISSP) framework, demonstrating a comprehensive understanding of information security. He is also well-versed in ISO/IEC 27001:2013, showcasing his commitment to international information security standards. Furthermore, his certification as a Certified Information Security Manager (CISM), which is ANSI accredited under ISO/IEC 17024, underscores his dedication to maintaining the highest professional standards in the field.

Kelvin's reputation extends beyond local boundaries, as he is not only recognized and trusted by the City of Atlanta but also revered in the national information security arena. His recognition is a testament to his unwavering reliability and unwavering trustworthiness as a professional. Furthermore, Kelvin's work ethic is characterized by a self-motivated drive, the pursuit of excellence, and an unswerving commitment to personal integrity—a profile reflected in his extensive background and accomplishments.

Additionally, Kelvin is a proud member of the FBI's InfraGard Unit in Atlanta, further demonstrating his commitment to collaborative efforts in bolstering national security and safeguarding critical infrastructure.

In sum, Kelvin Brooks' illustrious career is marked by a blend of technical mastery, leadership acumen, and unwavering dedication to the highest standards of information security. His achievements in this field have left an indelible mark on both the local and national stage.

My Accomplishments

" "▪ Successfully implemented an Information Security Management System (ISMS), is working towards an ISO/IEC 27001 Certification for the City of Atlanta, and has completed the ISO 27001 initial Audit Phase I.
▪ Oversaw the roll-out of an Information Security Awareness Program and successfully trained over 98% of the City of Atlanta workforce (over 9,000 employees).
▪ Implemented the strategic plan to deploy a Security Information and Event Management (SIEM) solution as well as managed services for Social Media Protection (Zero Fox), for an Encase forensic tool and a Vulnerability and Threat Management strategic plan (e.g., IDS, Penetration Testing, Firewall, Qualys, Fore-scout, ISE, etc.); and deployment of Minerva Malware protection Spy Cloud.
▪ Chaired the Information Security Governance Board and is responsible for the City of Atlanta Information Security Architecture overall.
▪ Actively worked with security teams to deploy best practices and Information Security policies to help meet the ISO/IEC 27001& NIST Cyber-Security Framework Standards requirements.
▪ Successfully established Cybersecurity insurance for the City of Atlanta before the breach in 2018.
▪ Chaired the Super Bowl 53 Critical Infrastructure Committee, responsible for the overall Cyber-Security plan for the City of Atlanta hosting the Super Bowl LIII.
▪ Oversaw the Department of Homeland Security Risk and Vulnerability Assessment performed for the entire City of Atlanta.
▪ Led the development of the City of Atlanta's Tabletop exercise with the Department of Homeland Security, which consisted of Local and Federal Law Enforcement partners.
▪ Actively participated in the mitigation efforts in response to the Cyber- Security Breach the City of Atlanta experienced in March 2018."
She has successfully coordinated the SecureWorks Managed Security Service Provider contract and onboarding process.
▪ Collaborated with Georgia Tech for the City of Atlanta Smart City project.
▪ Participated as lead for the Georgia Tech summer internship with the City of Atlanta cyber security group."

Presentation and Speaking Engagements

Brooks, Kelvin (2016). Keynote Panelist at Emerging Technology Leaders Summit. Latinos in Information Sciences and Technology Association (LISTA). Atlanta, Georgia, March (2016).

Brooks, Kelvin (2016). COA Speaker and Representative at DHS Cyber Security Advisors Roundtable with Transaction Alley Stakeholders, FBI, GBI, DHS, local, state and federal government. Atlanta, Georgia, April, 2016.

Brooks, Kelvin (2015). Presentation: City of Atlanta – Information Security Strategic Plan. Chief Information Security Officer (CISO) Conference. San Diego, Ca. October (2015).

Generate excitement

At my company, we offer more than just a product or service; we deliver innovation and transformation. We're excited to provide our clients with cutting-edge solutions that meet their needs and anticipate and adapt to future challenges. Our commitment to staying at the forefront of industry trends and technology ensures we deliver excitement through innovation, reliability, and results. Join us in shaping the future of Cybersecurity!

Education

I hold a Master’s degree in Business Administration from Strayer University, where I specialized in Marketing and Finance. I developed a strong understanding of marketing strategies, financial analysis, and project management methodology during my studies.

Skills

As a Chief Information Security Officer (CISO), I safeguard an organization's digital assets and information. To help me excel in this position, I possess a diverse set of skills and competencies, including:

1. **Information Security Expertise**: A deep understanding of information security principles, best practices, and the evolving threat landscape is essential.

2. **Risk Management**: Identifying, assessing, and mitigating cybersecurity risks to protect the organization from potential threats.

3. **Regulatory Compliance**: Proficiency in understanding and adhering to data protection and privacy regulations, such as GDPR, HIPAA, and others relevant to your industry.

4. **Security Frameworks**: Familiarity with security frameworks like NIST, ISO 27001, and CIS and the ability to apply them to organizational security strategies.

5. **Technical Knowledge**: A solid technical foundation, including knowledge of networking, operating systems, encryption, and cybersecurity tools and technologies.

6. **Incident Response**: The capability to develop and implement incident response plans and manage security incidents effectively when they occur.

7. **Security Architecture**: Expertise in designing and implementing secure information systems and architectures.

8. **Security Awareness Training**: The ability to educate and train employees on security best practices to create a security-conscious organizational culture.

9. **Vendor Management**: Skills in evaluating and managing third-party security risks and vendor relationships.

10. **Business Acumen**: Understanding of business operations, strategies, and the ability to align security initiatives with overall organizational goals.

11. **Leadership**: Strong leadership skills to build and lead a cybersecurity team, manage budgets, and effectively communicate security matters to executives and the board.

12. **Communication Skills**: The ability to convey complex technical security issues clearly and understandably to non-technical stakeholders.

13. **Crisis Management**: Proficiency in crisis management and the ability to make critical decisions during security incidents or breaches.

14. **Governance and Compliance**: Ensuring adherence to security policies and standards and driving a culture of compliance within the organization.

15. **Continuous Learning**: A commitment to staying updated on emerging cybersecurity threats, technologies, and best practices.

16. **Ethical Hacking and Penetration Testing**: Familiarity with ethical hacking techniques and penetration testing to identify vulnerabilities and weaknesses in the organization's systems.

17. **Legal and Ethical Knowledge**: Understanding of the legal and ethical aspects of cybersecurity, including privacy laws and ethical hacking standards.

18. **Vendor Evaluation**: The ability to assess the security of potential technology vendors and solutions before implementation.

19. **Project Management**: Skills in managing security projects, ensuring they are completed on time and within budget.

20. **Team Building**: Building and nurturing a strong, skilled, and motivated security team.

Being a CISO is a multifaceted role that demands a combination of technical, leadership, and strategic skills to effectively protect an organization's digital assets. Adapting and evolving as the cybersecurity landscape changes and presents new challenges is crucial.

Learn more

Certifications

I hold the following certifications:

• Certified Information Systems Security Professional (CISSP)

• Certified Information Security Manager (CISM)

• Certified Chief Information Security Officer (CCISO)

• Certified Ethical Hacker (CEH)

• Certified Data Privacy Solutions Engineer (CDPSE)

• Certified Information Systems Auditor (CISA)"

Resume

Positions from current and previous employment:

2015 – 2023 Chief Information Security Officer | City of Atlanta, Atlanta, GA

▪ Formulated and executed the information security strategy, safeguarding all city information and technology assets.
▪ Directed a multidisciplinary team to secure applications, infrastructure, and data tiers.
▪ Established and maintained policies governing technology use to protect resources.
▪ Provided routine oversight of security controls, developing action plans and budgets.
▪ Built and nurtured a skilled IT risk management and security team.
▪ Led initiatives to identify, develop, and maintain risk reduction processes.
▪ Led information-related compliance audits and participated in governance committees.
▪ Liaised across departments, offering strategic insight into security matters.
▪ Promoted information security's value through motivational activities.
▪ Developed an enterprise-wide security awareness training program.
▪ Chaired the Information Security Governance Board.
▪ Proficient in the latest information security technologies and tools.
▪ Managed security, assessments, and incident forensic work.
▪ Experienced with government security requirements, including classified systems.
▪ Contributed to the All-IT Steering and Governance Boards.
▪ Collaborated effectively across organizations to achieve outcomes.
▪ Maintained meticulous incident reports for regulatory compliance and internal reviews.
▪ Demonstrated expertise in crisis management, coordinating with stakeholders and law enforcement during emergencies.
▪ Adeptly managed security budgets, optimizing resource allocation to support initiatives.
▪ Ensured adherence to regulatory compliance (e.g., GDPR, HIPAA, PCI-DSS) and industry standards (e.g., ISO 27001, NIST, ITIL, COBOT).
▪ Oversaw physical security measures, including access control systems, cameras, and personnel.
▪ Led incident response efforts, from security incidents and investigations to corrective actions.
▪ Conducted security audits, vulnerability assessments, and penetration tests to fortify security posture.
▪ Orchestrated information security programs encompassing data protection, encryption, access controls, and classification.
▪ Spearheaded cloud migration (Azure/AWS/GCP) initiatives, seamlessly transitioning and securing critical assets.
▪ Led PCI assessments, ensuring the City of Atlanta's adherence to PCI DSS standards.
▪ Collaborated cross-functionally to implement remediation plans and address compliance gaps.
▪ Demonstrated proficiency across diverse technical domains, encompassing OSI model, IT infrastructure, cloud technologies, application development, database systems, web technologies, mobile innovations, network architecture, enterprise systems, and directory services.
▪ Exhibit adeptness with various security technologies, including firewalls, intrusion detection systems, cyber-attack tools and countermeasures, encryption protocols, certificate authorities, web filtering, anti-malware solutions, anti-phishing measures, and identity and access management frameworks. Accomplished in deploying multi-factor authentication mechanisms.

2013 – 2015 Information Security Manager | City of Atlanta, Atlanta, GA

▪ Managed Information Security Management function, providing leadership and direction.
▪ Led the design and operation of the Information Security Management System (ISMS).
▪ Served as a "center of excellence" for information security management.
▪ Authorized the implementation of security policies, standards, and procedures.
▪ Ensured compliance monitoring and improvement activities.
▪ Designed and conducted information security awareness and training.
▪ Led risk assessments, control selection, and contingency planning.
▪ Supported compliance measures, including HIPI, PCI, and more.
▪ Led Design of Data Loss Prevention Software.
▪ Deployed MS BitLocker for Encryption data protection on systems
▪ Deployed MFA solutions for an additional layer of security for employees and vendors
▪ Implemented password managers to help employees generate, store, and manage complex passwords.
▪ Leveraged technical prowess in cutting-edge security technologies, tools, and forensics for ongoing security maintenance, assessment, and incident response.
▪ Partnered adeptly across departments to achieve work completion, fostering collaboration among diverse teams."
▪ Stayed updated with evolving security practices, standards, and professional networks through continuous learning and participation in industry organizations.
Established a robust Information Security Management System (ISMS) to fortify security posture.
Evaluated and managed security vendors and service providers, aligning solutions with organizational security needs."

2011 – 2012 Interim Chief Security Officer | City of Atlanta, Atlanta, GA

▪ Devised loss prevention, fraud prevention, and privacy policies.
▪ Coordinated security efforts across departments and groups.
▪ Identified security initiatives and standards.
▪ Managed vendor network securing assets.
▪ Safeguarded intellectual property and computer systems.
▪ Ensured physical safety and developed safety procedures.
▪ Directed global security policy, standards, and guidelines.

2007 – 2011 Senior Security Engineer | City of Atlanta, Atlanta, GA

▪ Administered city-wide Cisco Wireless network.
▪ Managed Cisco VOIP network and Call Manager.
▪ Implemented Cisco Identity Services Engine (ISE).
▪ Expertise in WLAN configurations and routing protocols.
▪ Proficient with Solar Winds NCM tool.
▪ Designed network performance reports.
▪ Led network performance enhancement projects.
▪ Maintained network security, firewalls, and more.
▪ Managed city-wide 311 VOIP call center.
▪ Deployed the City's Video Integration Center.

2005 – 2007 Exchange System Engineer/Consultant | City of Atlanta, Atlanta, GA

▪ Upgraded Active Directory domains and MS Exchange clusters.
▪ Implemented Microsoft Operation Management Server (MOM).
▪ Managed virtual server environments with VMWare and MS Virtual Server.
▪ Implemented wireless email services and Blackberry environments.
▪ Administered Symantec NetBackup and Backup Exec.
▪ Led and mentored Systems Administration and Helpdesk staff.

1998 -2005 Security Engineer/System Analyst | Xerox Connect, Inc., Alpharetta, GA

▪ Designed and deployed client LAN upgrades and integration.
▪ Led Windows AD domain migrations and upgrades.
▪ Assisted in evaluating network components and protocols.
▪ Administered WEB servers and maintained user domains.
▪ Implemented RAID and DHCP/WINS configurations.
▪ Collaborated in Lotus Notes and Novell server migrations.
▪ Led disaster recovery planning and implementation.
▪ Supported Equifax in backup and disaster recovery solutions.
▪ Designed and administered SQL 2000 and Microsoft SMS."