JORDAN C. MCCORMICK-|-
| linkedin.com/in/jordan-mccormick
I am an information security professional with 10 years of experience in enterprise IT management, specializing in
identity and access management, asset configuration, and inventory management. I have a strong background in
developing security policies and ensuring compliance with industry standards, including PCI, HIPAA, SOC 2, and ISO
27001 frameworks. I am passionate about technology and dedicated to building trust through genuine connections,
meeting individuals where they are to inspire collaboration and drive meaningful results.
EDUCATION
NORTH GEORGIA COLLEGE & STATE UNIVERSITY
Bachelor of Science, Criminal Justice
DAHLONEGA, GA
INDUSTRY CERTIFICATIONS
● Certified Information Systems Security Professional (CISSP)
● Exposure Management Certification
● OneTrust Certified GRC Professional
● Security + ce
PROFESSIONAL EXPERIENCE
Senior Systems Security Engineer
CARENA SERVICES INC
●
●
●
●
●
●
AVANEER HEALTH
Other position held: Corporate IT Team Lead
●
●
●
●
●
●
●
●
Remote
Provided IT management and security consulting services.
Developed IT strategies for customers regarding IT infrastructure and collaboration platforms.
Identified cost saving initiatives and presented options to reduce IT spend for customers, resulting in a 30-40%
savings.
Established documentation of system configurations, procedures, and troubleshooting guides, and provided
regular reports on system performance, uptime, and key metrics.
Instantiated platforms/services and implemented security best practices to include enforcement of password
complexity requirements, MFA, SSO, role-based access, etc.
Established and automated on-boarding and off-boarding processes for customers.
IT Security Business Analyst
●
March 2024 to present
March 2023 - July 2024
Remote
Sept. 2022 - Feb. 2023
Acted as a liaison between IT, Product, and Engineering to assist in the analysis of technical/operational
problems and development of recommended security controls.
Developed, implemented, and managed corporate IT Security policies and procedures for the organization
based on NIST SP 800-53.
Facilitated SOC 2 and HIPAA evidence gathering for Corporate IT controls during audit cycles.
Facilitated a gap analysis in preparation for HITRUST e1/i1 assessment.
Defined and matured operational processes aligned with corporate policies, in areas including vulnerability
management, incident response, disaster recovery, and business continuity.
Created standard operating procedures for routine business processes with information security and privacy
requirements.
Responsible for vendor management due diligence and financial tracking for Corporate IT softwares and
services.
Facilitated simulated phishing campaigns and provided security awareness training to the organization.
Performed quarterly logical access audits and remediated findings.
Director, Information Technology
EMMASSON INC.
●
●
●
●
●
●
●
PATIENTCO
●
●
●
●
●
●
Remote
Directly collaborated and managed platform and product development for Emmasson.
Developed, implemented, and managed identity and access management for the organization.
Developed, implemented, and managed configuration management and facilitated asset security.
Developed and facilitated security awareness training, business continuity development, and disaster recovery
planning within the organization.
Developed, implemented, and managed security and compliance programs for the organization using CIS 20
and transitioning to ISO 27001.
Developed, implemented, and managed onboarding and offboarding processes and procedures for staff.
Evaluated, implemented, and managed remote hosted (cloud) software services, including Google Workspaces,
Microsoft Business, Sentinel One, Dropbox, Slack, SplashTop Remote Assistance, and Hexnode MDM.
Enterprise IT Manager
●
●
●
January 2021 - September 2022
October 2018 - December 2020
ATLANTA, GA
Developed, implemented, and managed an Enterprise Service Management Program.
Managed identity and access management for onboarding and offboarding of staff.
Ensured completion of regularly scheduled logical access audits and reviews to ensure compliance and proper
de-provisioning of access.
Managed enterprise IT Configuration Management and facilitated asset security.
Managed and oversaw network monitoring and security operations for corporate networking infrastructure.
Assisted in security awareness training, business continuity development, and disaster recovery planning
within the organization.
Assisted External Security and Compliance Firm prepare and gather evidence for multiple audit cycles
including HIPAA, SOC II, and PCI.
Successfully transitioned 85 employees fully remote as a result of COVID-19 pandemic through effective
BCP/DR procedures, asset inventorying and endpoint configuration management, and utilizing cloud-based
Saas security and support tools.
Managed remote hosted (cloud) software services, including GSuite, Solarwinds, Bitdefender Enterprise,
Sentinel One, Dropbox, Slack, TeamViewer, and Workspace One (Airwatch).
IT Operations
ADVENTURES IN MISSIONS
May 2015 - October 2018
GAINESVILLE, GA
Other positions held: IT Service Desk & Security Manager, IT Service Desk Manager, IT Service Desk Technician
Oversaw all aspects of the IT Support Team and management systems using an ITIL-centric approach.
Managed remote-hosted (cloud) software services, including GSuite, Samanage, Panda Cloud Security,
CloudLock, and DMARCian.
● Conducted hiring, performance evaluations, and scheduling for the IT Support Team.
● Identified and implemented organization-wide collaboration and communication best practices.
● Assessed, developed, and refined all IT Support workflows and processes.
●
●
