
Doug Lewis
Biography
Doug’s commitment to enterprise security design, diversity, leadership, and top performance started many years ago and was inspired by his father who was a mathematician and college professor. This passion led to over 25 years of experience as a security architect, security risk specialist, networking specialist, systems administrator, trainer, and consultant.
His journey to provide security defense solutions for University, Corporate, and Government agencies began as a trainer and systems admin at The Computer lab in North Carolina. There, Doug gained several certifications from Microsoft, Novell, and Cisco. His Corporate IT experience includes working for a small startup in 1999 where he led IT projects to integrate and design security, servers, and networks for private schools and underprivileged students. His experience includes work as an integration specialist for Truist bank and as an IT consultant for Alphanumerics Inc. In NC Government, Doug worked ten years as a senior technology specialist at the NC Department of Commerce managing configuration hardening, end point security, Active directory, Hyper V, Linux, security tools, and network design.
Doug became the Information Security Officer for NC Department of Commerce’s Division of Employment after receiving certifications as an Ethical Hacker and CISSP in 2015. He then became the Enterprise security architect at the North Carolina Department of Revenue (NCDOR) and later, North Carolina State Employees Credit Union (SECU). As a Security Architect, Doug created a risk based process to streamline security and risk assessments, security plans, continuous monitoring, reviews, and proposals for NIST 800-53, PCI-DSS, HIPAA, GLBA, Pub 1075 Federal Tax data (FTI), FEDRamp, PII and various cloud environments. Doug designed and built vulnerability scanners, SIEMs for security monitoring, secure email gateway solutions, host based and network based IDS/IPS, endpoint malware protection and encryption, patch management solutions, MFA, MDM, DLP/Web application filtering, Next Gen firewalls, and identity management solutions. Doug wrote and designed incident response plans, a certification and accreditation process, tuned security rules for tools, was key in developing a threat hunt program, and actively created security architectural designs.
Doug is currently a Cybersecurity Risk and Compliance specialist for North Carolina State University. He creates security strategies, designs, plans, processes, and risk assessments related to University research data, NIST 800-171, CMMC, and Controlled unclassified data (CUI) to continuously improve its security posture. Doug now actively maintains five of the highest cyber security certifications including Certified Cloud Security Professional and is finished an MBA to better understand leadership and governance.
EDUCAUSE Presentations
Membership with EDUCAUSE
Status: | Yes, current member |