Click Here for the PDF Version.

Vitals:

• Phone: +1 850 691 9708
• Email: mail@justinmjohnson.com
• Location: Atlanta, GA
• Website: www.justinmjohnson.com
• LinkedIn: imjustinjohnson
• GitHub: justin-m-johnson

Cybersecurity Program Manager

Cybersecurity Program Manager with 10+ years’ experience leading large-scale cybersecurity strategies, risk management programs, and IT governance for mission-critical organizations. Expert at translating business objectives into cohesive security programs, aligning resources, and orchestrating diverse teams to achieve enterprise compliance and risk reduction goals. Skilled in designing and executing cross-functional initiatives covering Zero Trust, NIST RMF, and cloud security, with a proven record of delivering projects on time and within scope in regulated environments. Recognized for building collaborative partnerships with stakeholders, managing competing priorities, and driving measurable improvements to security posture, operational efficiency, and regulatory adherence.

Education

Western Governors University, MBA - IT Management

• Oct 2024 – May 2025
• Masters of Business Administration

Colorado State University-Global Campus, B.Sc in Cyber Security

• Aug 2016 – May 2018
• 4.0 GPA
• Magna Cum Laude

Florida State University, B.Sc in Criminology

• Aug 2007 – May 2011
• 3.7 GPA

Experience

SeKON / Alpha Omega – CDC Contract

• Ict 2024 - Present
• Atlanta, GA (Remote)
• Directed security program planning, managed a team of Security Stewards and Analysts, and drove project delivery to meet aggressive CDC and federal infosec deadlines.
• Led and mentored teams of Cybersecurity Analysts and Security Stewards, managing cross-functional initiatives advancing the CDC’s public health technology mission.
• Spearheaded strategic project management within the cybersecurity security stewards program, overseeing planning, resource coordination, and risk mitigation for compliance and security enhancement.
• Directed Authorization & Accreditation (A&A) workflows, drove NIST SP 800-37 Risk Management Framework (RMF) processes, and ensured timely, accurate compliance documentation and reporting.
• Chaired Configuration Control Board meetings governing critical configuration changes and risk management.
• Established and disseminated cybersecurity monitoring and risk mitigation best practices during organizational transitions, improving process efficiency post-acquisition.
• Served as primary interface for CDC and internal stakeholders, regularly communicating risk status, project updates, and strategic security recommendations.
• Orchestrated robust vulnerability management and compliance assessment programs to meet federal standards and CDC mandates.

SeKON – DHA Contract, Information Systems Engineer

• Aug 2020 – Oct 2024
• Atlanta, GA (Remote)
• Promoted from Information Systems Security Engineer to Information Systems Security Engineer Lead, overseeing implementation of RMF, NIST controls, and vulnerability management solutions across DHA information systems.
• Integrated CISA/DISA guidance into actionable team projects and technical processes, influencing successful ATO certifications and transition from ATO-C to ATO for multiple government systems.
• Delivered automated vulnerability scanning with integration to eMASS and Cybersecurity Dashboarding using Splunk, improving real-time monitoring and metrics for NIST 800-53 control families.
• Coordinated Quarterly STIGs/SCAPs review and continuous monitoring, ensuring systems exceeded evolving federal compliance requirements.
• Provided technical recommendations based on latest executive orders (EOs) and OMB policies, specializing in Zero Trust and NIST RMF Rev. 5 implementations.
• Authored Standard Operating Procedures and mentored other engineers/analysts, driving team upskilling and streamlined compliance documentation.

Georgia Tech Research Institute, Information Systems Security Officer

• Nov 2018 – Aug 2020
• Atlanta, GA
• Implemented RMF and compliance documentation (JSIG, NIST, POAMs).
• Weekly vulnerability scans and annual cybersecurity training for technical and non-technical staff.

Mount Vernon Towers, IT Technician

• July 2018 – Nov 2018
• Atlanta, GA
• Redesigned networks and managed day-to-day IT support for 200+ users.

Bay County Sheriff’s Office, Corporal, Field Services Division

• July 2013 – July 2018
• Panama City, FL
• Supervised and led multiple patrol deputies.

Current Certifications

• PMP, PMI
• CISSP, ISC(2)
• Azure Fundamentals, Microsoft
• Office 365 Fundamentals, Microsoft
• Security Compliance and Identity Fundamentals, Microsoft
• Security+, CompTIA
• Network+, CompTIA
• A+, CompTIA

Skills

• Leadership & Management: Team Leadership, Project Management (PMP), Stakeholder Engagement, Strategic Planning, Cross-Functional Collaboration, Mentoring & Training
• Governance, Risk & Compliance: NIST SP 800-37/800-53/800-171, NIST Cybersecurity Framework, Zero Trust Architecture (NIST 800-207), HIPAA, JSIG, RMF, A&A, Compliance Auditing
• Cloud & Security Platforms: AWS, Azure (Microsoft Certified: Azure Fundamentals), GCP, Oracle Cloud, Office 365 (Microsoft Office 365 Fundamentals), Hybrid/Multi-Cloud Security, Containerization (Docker), Virtualization (VMware, KVM, Hyper-V)
• Security Operations & Tools: Vulnerability Management (Nessus), SIEM (Splunk, ELK), Endpoint & Log Monitoring (Wazuh), Automation & Orchestration (Ansible, Terraform, GitHub Actions)
• Programming & Scripting: Python, PowerShell, Bash, Git
• Other Technical Skills: Network & Systems Administration, Continuous Monitoring, Incident Response, Security Documentation, Policy Development, Regulatory Compliance Assessment