Karen Goolishian

Karen Goolishian supports SecureStrux as a Senior Cybersecurity Analyst providing assessments for customers both within the Department of Defense (DoD) and commercial sector. Her extensive experience includes cybersecurity compliance CUI under NIST SP 800-171, project oversight, Risk Management Lifecycle template development based on NIST, DAAPM and DoD guidelines, and conducting GAP Analysis and validation. Karen works with our team to conduct RMF implementations for new and existing applications and systems to meet requirements.  

Over the course of her accomplished career in cyber compliance, system and database administration, and vulnerability assessment, Karen says she “loves helping clients through the maze,” and relies on best practices to include being personally vigilant, acting as a watchdog on behalf of her clients, and sharing her expertise with others.  

Prior to joining the team at SecureStrux, Karen supported cybersecurity assessments for the Department of the Navy, United States Air Force, United States Marine Corps as well as the Army with KBR. She has effectively led vulnerability and cyber inspection teams throughout her tenure and is recognized as a Qualified Navy Validator (QNV) Level II and a Marine Corps Enterprise Network Validator.  

Karen’s technical expertise has been certified by ISC2, ISACA, and CompTIA. She is a certified Project Management Professional (PMP), a Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC) and is currently pursuing a Certified Cloud Security Professional (CCSP) certification from ISC2. She earned an M.S. in Information System Security from American Sentinel University in Aurora, Colorado.  

At a very early age, Karen was inspired to work in and create a ‘culture of excellence.’ She says, “My father was a Marine, and instilled the principle in me that if you aren’t doing it better than everyone else, you are wasting your time… Cyber is important to the protection of our nation.”  

Her commitment to fortifying national defenses in the cyber realm has led Karen to cultivate a deep level of expertise in supporting cybersecurity assessments and interventions for her clients.  

When asked about what businesses can do to build their ranks with greater diversity in cyber and tech, Karen says there are many ways: STEM programs are helpful to expand reach for all ages; Businesses can help to offset training costs and consider certificate options for new recruits; Engaging with youth groups, hosting internships, and formalizing mentoring programs can go a long way.  

“Everybody has a shot- It doesn’t matter your background. We need to lower the barriers to entry by accepting industry credentials over college degrees, and we can better manage costs and the clearance process to deliver good ROI for entry-level hiring and training.” 


What I’m loving right now:  

Book: “Call Sign Chaos, Learning to Lead” by Jim Mattis and Bing West. 

HobbyPADI Master Scuba Diver Trainer (MDST)