/ resume
Available for advisory & leadership roles

Jose D SotoInformation Security Leader

GRC & IT Modernization

From Army Signal Corps to government security leadership — I build secure, well-run IT that holds up under audit and scale.

View ExperienceDownload Résumé
U.S. Army Signal Corps Veteran insignia
01

About

Portrait of Jose D Soto

My career started in the U.S. Army Signal Corps, where I learned that solid communications and security aren't optional — people depend on them. That foundation shaped how I've approached every system I've built since.

Since then I've run IT as a business function — first as an IT Manager at a distribution company, then as IT Director at a law firm — before moving into government, where I now lead information security for a District CFO office. Along the way I've designed networks, automated the repetitive parts of operations, and built compliance programs that stand up to federal audit.

What ties it together is teaching. Whether it's a junior engineer, a leadership team, or a community group, I like turning hard technical material into something people can actually use.

What I bring

Five lenses, one operating discipline

  • Engineering

    Hands-on network, infrastructure, and automation work — the kind that keeps systems quietly running.

  • Business

    Running IT as a business function in private-sector director and manager roles, tied to outcomes and budget.

  • IT Leadership

    Leading security teams, setting strategy, and making the vendor decisions that shape day-to-day operations.

  • Public Service

    Information security and compliance leadership inside government, built to withstand federal audit.

  • Teaching

    Mentoring engineers and teaching in the community — turning hard technical material into something usable.

02

Experience

  1. Government2021 – Present

    Information Security Leader

    DC Office of the Chief Financial Officer

    • Lead information security architecture and the GRC and compliance program for a District CFO office handling sensitive financial data.
    • Own compliance posture against IRS Publication 1075 and NIST SP 800-53 controls, including audit readiness and gap remediation.
    • Drive IT modernization and security vendor strategy across endpoint, backup, and identity platforms.
    • Reduced critical audit findings by over 40% within the first two years by consolidating tooling and tightening control mapping.
  2. Private Sector2018 – 2021

    IT Director

    The LaBovick Law Group

    • Ran all of IT for a multi-office law firm: infrastructure, security, support, and vendor management.
    • Built and maintained practice-critical systems and lead and intake management workflows.
    • Migrated the firm to a cloud-first stack, cutting unplanned downtime by roughly half and improving remote access reliability.
  3. Private Sector2015 – 2018

    IT Manager

    J.J. Taylor Distributing

    • Managed IT operations and infrastructure for a distribution business across multiple locations.
    • Replaced aging server and network hardware with a standardized, vendor-supported platform that reduced support tickets and extended equipment life.
  4. Military2010 – 2015

    Signal Corps

    U.S. Army — III Corps, Fort Cavazos

    • Operated and maintained tactical and strategic communications systems in support of III Corps operations.
    • Led a team responsible for the setup, operation, and tear-down of mobile communications nodes under field conditions.
    • Provided communications support for large-scale training exercises and real-world operations, ensuring command continuity across distributed units.
03

Skills

Network & Infrastructure

  • BGP / multi-homed routing
  • Cisco Catalyst
  • Cisco FTD firewalls
  • VLANs
  • WAN & dark-fiber design
  • Proxmox
  • Synology NAS
  • Docker

Security & Compliance

  • Security architecture
  • Zero Trust / ZTNA
  • IRS Publication 1075
  • NIST SP 800-53
  • GRC tooling (Vanta)
  • Endpoint security (CrowdStrike)
  • Identity (Azure / Microsoft 365)

Automation & Endpoint

  • PowerShell
  • NinjaOne RMM
  • Action1
  • Deployment scripting
  • Office deployment (ODT)

Service Management & Platforms

  • HaloITSM
  • HaloPSA
  • HaloCRM
  • Microsoft 365 administration
04

Leadership

How I lead

I lead information security inside government, where every control has to stand up to a real federal audit, not just satisfy a checklist. I build programs and infrastructure that genuinely hold up rather than ones that only look compliant, and I push my teams to think the same way. Just as much of the job is developing the people who do the work and putting technical risk in terms senior leadership can act on.

  • Team leadership

    Hiring, developing, and leading security and IT staff.

  • GRC & compliance programs

    Programs built to pass federal audit, not just satisfy a checklist.

  • Vendor & budget strategy

    Evaluating and selecting enterprise platforms with multi-year cost and contract awareness.

  • IT modernization

    Moving organizations off legacy approaches toward governed, scalable infrastructure.

  • Executive communication

    Translating technical risk into business terms for senior leadership.

05

Teaching & Community

Why I teach

Teaching is how I make the work last. The systems I build will eventually get replaced — the people I help get sharper stick around and go on to build the next thing. Whether it's a new hire, a junior engineer, or a room of executives, I care about turning hard technical material into something they can actually use.

Teach

Security, GRC & automation

Network and infrastructure security, compliance and GRC, PowerShell and IT automation, and security for leadership. Delivered as internal training and on-the-job knowledge sharing, plus talks at legal conferences and mastermind groups.

Mentor

Developing the next bench

Working one-on-one with junior engineers and analysts — code reviews, design conversations, and career coaching — to grow them into stronger, more independent practitioners.

Community

Veterans into IT & security

Mentoring transitioning service members as they move from military careers into IT and security roles — translating their experience into language hiring managers understand and helping them find their first technical footing.

06

Contact

Get in touch

If you want to talk security, compliance, IT modernization, or mentoring — I'm easy to reach. The fastest way is email, but pick whichever channel works for you.

EmailLinkedInDownload Résumé (PDF)