Portfolio
Resume — Information Assurance & CMMC Compliance
Yana Ivanov
Information Assurance & CMMC Compliance Analyst
yanaivanov@gmail.com 917-593-2690 LinkedIn Portfolio
⬇ Download PDF Version
Profile

Professional Summary

Information Assurance and CMMC compliance professional with CMMC Registered Practitioner certification, CompTIA Security+ in progress, and 15+ years of enterprise technology experience. Specializes in defense supply chain cybersecurity — NIST 800-171, CUI handling, DFARS compliance, and FCA liability for the Connecticut defense industrial base. Combines hands-on network security lab work with published threat analysis and the ability to translate complex compliance requirements into actionable guidance for non-technical leadership. Seeking a role at a CT defense contractor with a path to security clearance sponsorship.

Most compliance professionals understand the frameworks. Few can analyze a live Lumma Stealer pcap, identify C2 beaconing, and write a threat brief a program manager will act on. I bridge that gap.

Capabilities

Certifications & Skills

Education

  • CMMC-RP — Registered Practitioner Earned 2026
  • CompTIA Security+ SY0-701 Earned 2026
  • Azure Fundamentals AZ-900 Earned 2026
  • Azure Security Engineer AZ-500 Planned
  • MS Information Systems & Management — Golden Gate University Graduate
  • BFA Visual Communication — Fashion Institute of Technology Graduate

Technical Skills

Compliance & Frameworks
CMMC 2.0 · NIST 800-171 · CUI · DFARS · SPRS · FCA liability · supply chain risk · DoD 8570/8140 · RMF awareness
Cloud & Identity
Azure fundamentals · FedRAMP · IAM · M365 security · cloud security concepts
Security Tools
Wireshark · Zeek · Nmap · tcpdump · GPG · Linux CLI · Docker · Kali Linux
Analysis
Threat intelligence · malware traffic analysis · IOC detection · executive briefing · compliance gap analysis
Development
Python automation · AI-assisted development · pcap parsing · network log analysis
Published Research

Selected Work

Volt Typhoon — Living Off the Land
China's APT campaign: years-long LOTL persistence inside US critical infrastructure. Attack chain analysis, detection gaps, and defensive recommendations.
The Weakest Link — CMMC Supply Chain Analysis
MORSECORP $4.6M FCA settlement analysis, C3PAO cost data, 50/50 cost-sharing model, mandatory training recommendation for CT defense subcontractors.
Lab Log 004 — Lumma Stealer Malware Analysis
Custom Wireshark SOC profile built from scratch. Browser fingerprinting, TLS credential exfiltration to .su C2 domain. 2.27MB confirmed exfiltrated. Zeek ssl.log revealed 4 additional C2 domains invisible to Wireshark.
CMMC Cybersecurity Awareness — 14-Module Training Tool
Interactive employee training covering all CMMC 2.0 awareness domains. Scenario-based quizzes, real case studies, completion certificate. Designed for defense contractor workforce onboarding.
View Full Portfolio →
Career History

Professional Experience

Founder & CMMC Compliance Consultant

2023 – Present
SiteWave Studio · Milford, CT
  • Developed 14-module CMMC cybersecurity awareness training covering all CMMC 2.0 domains — scenario-based quizzes, real case studies, and completion certificate designed for defense contractor workforce onboarding
  • Published professional-grade threat analysis reports on Volt Typhoon, CMMC supply chain FCA liability, and coordinated infrastructure attack scenarios as independent contributions to the defense community
  • Built open-source security tools: browser-based pcap analyzer, CVSS calculator, Glassworm detector, and zeek_triage.py automated IOC detection script with zero external dependencies
  • Conducted hands-on malware traffic analysis using Wireshark and Zeek — identified Lumma Stealer C2 infrastructure, confirmed 2.27MB credential exfiltration, and mapped TLS-encrypted domains invisible to standard filters

Senior UI/UX Designer

2022 – 2024
SylvanRoad Capital · Remote
  • Rebuilt core rental application experience for national housing platform, increasing application completion rates ~30%
  • Led end-to-end UX design across custom web and mobile applications collaborating with product managers, developers, and C-suite stakeholders

Lead UI/UX Designer

2019 – 2022
605 · Media Analytics · Remote
  • Accelerated project delivery 30%+ by establishing reusable design framework adopted across the full product team
  • Led complex B2B analytics product design from discovery through developer handoff for media measurement clients making multi-million dollar advertising decisions
  • Translated technical constraints into user decisions — directly transferable to making CMMC and NIST requirements actionable for non-technical stakeholders

Senior UX/UI Designer & Consultant

2013 – 2019
Housing Tech, SaaS & E-Commerce Clients · New York / Remote
  • 15 years designing enterprise web and mobile applications across housing tech, media analytics, and e-commerce sectors
  • Extensive C-suite and VP-level communication — presenting risk tradeoffs and strategic recommendations directly transferable to compliance and advisory roles