Security Plan

I developed a comprehensive enterprise security plan for a simulated organization called SnowBe Online. This plan addresses technical, administrative, and physical safeguards. It defines access controls, identity management, change control, patch management, and data protection strategies that align with standards such as PCI DSS, FIPS 140-2, and NIST best practices.

Key components of the plan include detailed role-based responsibilities, the implementation of least privilege access, a secure software development lifecycle (SDLC) policy, and a password and authentication framework. This project showcases my ability to design effective security programs and create structured documentation to guide secure operations within an organization.