Alan Shultz

Cybersecurity

About

Houston Texas 77008 US

alan.shultzfamily@gmail.com

(281) 620-8581

ShultzHouston

Auditing

Expert

GIAC Systems and Network Auditor Certification (GSNA)

Cybersecurity

Expert

CompTIA Security+

Summary

Federal cybersecurity auditor with expertise in penetration testing as well as FISMA and FedRAMP compliance.

Experience

U.S. Department of Commerce: Office of Inspector General

[+0000bjeca Objeca] - Present

Project Manager / Lead Auditor

Audit the U.S. Department of Commerce's cybersecurity posture and develop public audit reports.

Identified significant FedRAMP compliance issues within Federal information systems.
Lead the annual FISMA maturity review of the U.S. Department of Commerce.

The National Aeronautics and Space Administration (NASA)

[+0000bjeca Objeca] - [+0000bjeca Objeca]

Security Control Assessor

Assessed Federal information systems and recommended corrective actions to address security weaknesses.

Other Relevant Experience

[+0000bjeca Objeca] - [+0000bjeca Objeca]

PC Technician, Compucom
Quality Assurance Specialist, Atlantic Coffee Solutions
Executive Assistant, IBM consulting executive

Education

Tulane University

[+0000bjeca Objeca] - [+0000bjeca Objeca]

Master's Cybersecurity Management

University of Alabama at Birmingham

[+0000bjeca Objeca] - [+0000bjeca Objeca]

Bachelor's Information Systems Management

Awards

2022 IG Award for Excellence

U.S. Department of Commerce Office of Inspectors General

Awarded for outstanding accomplishments in penetration testing of the U.S. Census Bureau.

2023 IG Award for Excellence

U.S. Department of Commerce Office of Inspectors General

Awarded for outstanding accomplishments in auditing Federal High Value Assets (HVAs).

2023 CIGIE Award for Excellence

Council of the Inspectors General on Integrity and Efficiency

Awarded for development of IG FISMA metrics used to asses the maturity of cybersecurity programs across the Federal Government.

2024 CIGIE Award for Excellence

Council of the Inspectors General on Integrity and Efficiency

Awarded in recognition of both important oversight work at DOC and contributions across the Federal OIG community as a whole.

Publications

Data Quality Challenges and Ineffective Program Management Hinder the Department's Enterprise Cybersecurity Capabilities

[+0000bjeca Objeca]

DOC OIG REPORT NO. OIG-25-006-A

Project manager and lead auditor.

Security Weaknesses in the Department's Mission-Critical High Value IT Assets Leave the Assets Vulnerable to Cyberattacks

[+0000bjeca Objeca]

DOC OIG REPORT NO. OIG-23-030-A

Auditor.

Simulated Internal Cyber Attack Gained Control of Critical Census Bureau Systems

[+0000bjeca Objeca]

DOC OIG REPORT NO. OIG-23-004-1

Auditor.

Missing Security Controls Put the Department's Cloud-Based High Value Assets at Risk

[+0000bjeca Objeca]

DOC OIG REPORT NO. OIG-22-031-A

Auditor.

The Department Needs to Improve Its System Security Assessment and Continuous Monitoring Program to Ensure Security Controls Are Consistently Implemented and Effective

[+0000bjeca Objeca]

DOC OIG REPORT NO. OIG-22-017-A

Auditor.