Alan Shultz

Cybersecurity

About

Houston, Texas 77008

alan.shultzfamily@gmail.com

(281) 620-8581

ShultzHouston

Auditing

Expert

GIAC Systems and Network Auditor Certification (GSNA)

Cybersecurity

Expert

CompTIA Security+

Summary

Federal cybersecurity auditor with expertise in penetration testing as well as FISMA and FedRAMP compliance.

Experience

U.S. Department of Commerce: Office of Inspector General

January 2020 - Present

Project Manager / Lead Auditor

Audit the U.S. Department of Commerce's cybersecurity posture and develop public audit reports.

Identified significant FedRAMP compliance issues within Federal information systems.
Lead the annual FISMA maturity review of the U.S. Department of Commerce.

The National Aeronautics and Space Administration (NASA)

August 2019 - December 2020

Security Control Assessor

Assessed Federal information systems and recommended corrective actions to address security weaknesses.

Other Relevant Experience

November 2011 - August 2019

PC Technician, Compucom
Quality Assurance Specialist, Atlantic Coffee Solutions
Executive Assistant, IBM consulting executive

Education

Tulane University

June 2019 - December 2020

Master's Cybersecurity Management

University of Alabama at Birmingham

June 2016 - May 2019

Bachelor's Information Systems Management

Awards

2022 IG Award for Excellence

U.S. Department of Commerce Office of Inspectors General

Awarded for outstanding accomplishments in penetration testing of the U.S. Census Bureau.

2023 IG Award for Excellence

U.S. Department of Commerce Office of Inspectors General

Awarded for outstanding accomplishments in auditing Federal High Value Assets (HVAs).

2023 CIGIE Award for Excellence

Council of the Inspectors General on Integrity and Efficiency

Awarded for development of IG FISMA metrics used to asses the maturity of cybersecurity programs across the Federal Government.

2024 CIGIE Award for Excellence

Council of the Inspectors General on Integrity and Efficiency

Awarded in recognition of both important oversight work at DOC and contributions across the Federal OIG community as a whole.

Publications

Data Quality Challenges and Ineffective Program Management Hinder the Department's Enterprise Cybersecurity Capabilities

December 2024

DOC OIG REPORT NO. OIG-25-006-A

Project manager and lead auditor.

Security Weaknesses in the Department's Mission-Critical High Value IT Assets Leave the Assets Vulnerable to Cyberattacks

September 2023

DOC OIG REPORT NO. OIG-23-030-A

Auditor.

Simulated Internal Cyber Attack Gained Control of Critical Census Bureau Systems

November 2022

DOC OIG REPORT NO. OIG-23-004-1

Auditor.

Missing Security Controls Put the Department's Cloud-Based High Value Assets at Risk

September 2022

DOC OIG REPORT NO. OIG-22-031-A

Auditor.

The Department Needs to Improve Its System Security Assessment and Continuous Monitoring Program to Ensure Security Controls Are Consistently Implemented and Effective

January 2022

DOC OIG REPORT NO. OIG-22-017-A

Auditor.