Relationship Cultivation Program Development IT Strategy Development Business Analysis Resource Development North Carolina Department of Revenue January 2019-present Deputy Chief Information Security Officer Leads information Risk and Cybersecurity organization under the direction of the CISO. Operating in a key advisory role for both IT and business functions. Articulation of Information Security risks to senior stakeholders, committees, and boards including proposed initiatives designed to mitigate risks. Acting as a key participant and influencer with all Information Security relevant committees, forums, and groups. Assisting with budget management, planning and requirements submission. Oversight and governance of Information Security initiatives. Liaising with Legal, Compliance and Data Privacy functions to ensure that all relevant legislative and regulatory requirements are acknowledged and adhered to. Management of the Information Security Team, policies, and incident response.
- Deputy Chief Information Security Officer at Technology Development
- Associate Director, Cybersecurity at North Carolina Department of Revenue
- Information Security Manager at North Carolina Department of Revenue
- Regional Manager, COO Lead Regulatory, Risk, and Controls at Deutsche Bank
2 months at this Job
- Bachelor of Science in Biological Sciences - Biological Sciences
• April 2016 - Present Director, Information Technology/Chief Information Security Officer Works directly with physicians, administration and staff to maximize efficient and effective use of our information systems related to patient care, user satisfaction, clinical productivity, and quality outcomes. Responsible for all clinical and business operations systems including Mosaic, EMA and OncoEMR EMRs, Unlimited Systems g4 Practice Management and integrated access for physicians to Cerner and Epic EMR systems for area hospitals. Responsible for HIPAA/HITECH compliance and serves as Chief Information Security Officer. OCSRI is the largest physician owned, full service, community based cancer center in Eastern Oklahoma. With 24 full-time oncologists providing Medical, Gynecological, and Radiation oncology, and MD Anderson certification,
- Director, Information Technology/Chief Information Security Officer at OKLAHOMA CANCER SPECIALISTS AND RESEARCH INSTITUTE
- Chief Information Officer/Chief Information Security Officer at NIAGARA FRONTIER TRANSPORTATION AUTHORITY
- President/Chief Information Officer/Chief Information Security Officer at CRIF LENDING SOLUTIONS
- Executive Partner / Executive Programs at GARTNER, INC
2 years, 11 months at this Job
- Master of Science in Systems Management - Executive Management Leadership Development Program
- Bachelor of Science in Mathematics - Mathematics
Executive leader and advisor to the State CIO and Governor for all statewide cybersecurity efforts · Provide leadership and guidance to new Office of Information Technology (OIT) for cybersecurity initiatives · Assist 15 state agencies with all cybersecurity OIT centralization efforts that includes 23k endpoints, 15k employees, 2 data centers, in multiple geographic regions · Author of annual cybersecurity report to the Governor · Prepared for periodic testimony to the State Legislature · Established relationships with federal, state, and local resources such as the FBI, Department of Homeland Security, Multi-State Information Sharing & Analysis Center (MS-ISAC), and National Association of State Chief Information Officers (NASCIO) · Recipient of the Thomas M. Jarrett Cybersecurity Scholarship (NASCIO 2018) Establishing the statewide cybersecurity program and Information Security Office (ISO) · Draft charter and strategy documents · Leading efforts to replace ineffective security software with modern, automated tool suite · Championing several large projects to include dynamic routing redesign, asset management · Establishing the ISO from a team of 6 to approximately 35 · Building the Information Security Operations Center (ISOC) and establishing the Information Security Response Team (ISRT) · Overhauling information security policies, procedures, and processes · Developing statewide privacy and compliance program to meet regulations such as HIPAA, PCI DSS, and FERPA · Manage an annual budget of over $17m
- Chief Information Security Officer at State of Alaska
- Director, CIO Cybersecurity at Space and Naval Warfare Systems (SPAWAR) Command (HQ)
- Cryptologic Warfare Officer at United States Naval Reserve, Naval Information Operations Command Hawaii
- (Chief) Command Information Assurance Manager at Space and Naval Warfare Systems Center
1 year, 4 months at this Job
- Master of Business Administration - Cybersecurity
- Professional Certificate - Leadership for a Democratic Society
- Master of Science in Information Assurance - Information Assurance
- - Protection & Security Management
- Certificate in UNIX System Administration
- Bachelor of Arts in International Relations - Middle Eastern Politics
Phone Number: (503) 230-5200 Chief Information Security Officer and team lead for the BPA Office of Cyber Security.
• Created highly effective cyber security program while maintaining costs reductions
• Implemented 24 X 7 Cyber Security Operations Center with proven measurable effectiveness.
• Created, deployed and managed team of penetration testers and red team cells to conduct offensive research on electric grid operations technology and corporate administrations.
• Created and implemented program and managed team to analyze cyber intelligence, detect, track and isolate advanced persistent threats.
• Created and implemented program and team to track vulnerabilities to mitigation and to report
• Created and oversaw the implementation of internal phishing program.
- Chief Information Security Officer at Bonneville Power Administration
- Lead Information Security Officer at Bonneville Power Administration
- Information Security Officer at Bonneville Power Administration
- Cyber Security Box Administrator at Tek Systems
6 years, 4 months at this Job
- Bachelor's Degree
Chief Information Security Officer Executive Leader with 9 years of cybersecurity and data privacy management experience.
• Successful Security Operations Center threat monitoring and incident response team averaged an industry leading average time to discovery (of threats) of several hours and average time to containment of less than one day.
• Grew the information security function from less than 1% of to 5% of IT Spend by proving value to executive leadership and turning the function into a business-focused value proposition (e.g. securing our product – vehicles).
• A customized talent acquisition and retention methodology and a focus on best-in-class leadership were responsible for record breaking success in team attrition – only 3 resources left the team in 9 years. Manager, Distributed Systems Managed outsourcing vendor responsible for 2,000 servers, 2,000 TB data, and services.
• Stabilized the operations 1,800 servers, 700 TB of storage, and a variety of infrastructure services at datacenters across the United States and Canada – reduced downtime by 100% over 18 months.
• Transitioned a $50 million dollar outsourcing contract from IBM to HP.
• Managed a capital/expense budget in excess of $100 million annually. Enterprise Architect Developed global strategy for infrastructure, middleware, and security.
• Developed integration architectures for Nissan’s Dealer Portal and Order Management Systems.
• Implemented a Software Development Lifecycle (“SDLC”) framework across business domains.
- RISK MANAGEMENT EXECUTIVE | CHIEF INFORMATION SECURITY OFFICER at NISSAN NORTH AMERICA, INC
- Integration Architect & Team Lead at INTERNATIONAL BUSINESS MACHINES
13 years, 2 months at this Job
- B.S. - Business Administration & Information Systems
Lead the bureau-wide IT and ICS cybersecurity program to include personnel, budget, policy enforcement, incident response and security awareness and lead a staff of highly technical cybersecurity specialists
• Serve as the senior expert and principle cybersecurity advisor and consultant to the Chief Information Officer (CIO), executive leadership and senior stakeholders
• Recruit a diverse team of cybersecurity specialists, develop high performing teams, provide individual and team coaching, lead workforce planning efforts and manage personnel issues
• Partner with the DHS ICS Cyber Emergency Response Team (CERT), implement a customized technical assessment methodology and develop new tools for network monitoring and anomaly detection
• Partner with the US Army Corps of Engineers Critical Infrastructure Cybersecurity Division to share best practices and collaborate on cybersecurity initiatives
• Lead the FISMA compliance program, advise senior management and staff on National Institutes of Standards and Technology (NIST) requirements, conduct internal audits, manage Plan of Action and Milestones (POA&M), and ensure all systems have an Authority to Operate (ATO)
• Lead the CDM program and implement, configure and monitor a suite of CDM tools, to include a Security Information and Event Management (SIEM) solution, and lead enterprise incident response activities
• Lead a Security-as-a-Service team of Information System Security Officers (ISSO) responsible for developing System Security Plans, advising system owners on cybersecurity issues and performing continuous monioring of systems to ensure that security controls are operating as intended
• Lead the ICS cybersecurity program for the Department of Interior and advise bureau cybersecurity leads on the challenges associated with ICS cybersecurity and the threat landscape
• Develop and deliver threat/vulnerability information, incident reports, audit findings and other situational awareness information to technical and non-technical audiences
• Collaborate with stakeholders to educate, advise and influence activities with security implications and integrate cybersecurity into all mission functions
• Lead multidisciplinary geographically dispersed teams comprised of subject matter experts from IT, Operational Technology (OT), cybersecurity, privacy, human resources, functional business areas and contract staff
• Represent the Bureau on industry committees, groups, and task forces concerned with security issues, policies, standards, guidance, and practices
• Establish appropriate security policies, standards and guidelines to reduce the attack surface and protect critical infrastructure assets based on the threat landscape
• Lead external assessments and audits (Office of Inspector General, DHS, Western Electric Reliability Council (WECC), General Accountability Office (GAO), Office of Management and Budget (OMB))
• Interpret patterns of non-compliance to identify systemic weaknesses, measure aggregate risk and determine impact to the enterprise security posture
• Prevent and defend against unauthorized access to systems, networks, and data and conduct risk and vulnerability assessments of planned and installed information systems
• Monitor external data sources for changes in the threat landscape and correlate vulnerabilities to the enterprise asset inventory to evaluate risk and estimate impact
• Establish and lead Computer Security Incident Response teams
• Verify that application software/network/system security postures are implemented as stated, document
- Chief Information Security Officer (CISO) at Bureau of Reclamation
- at BUREAU OF RECLAMATION
- IT Security Specialist at
- IT Security Specialist at BUREAU OF LAND MANAGEMENT
4 years, 4 months at this Job
- Bachelor of Arts - Computer Information Systems / Political Science
Owns accountability for global information security policies and procedures
● Guides company's privacy practices as key member of the company's global Privacy Committee ○ Charged with protecting employee and customer privacy consistent with regulations such as GDPR
● Owns accountability for all internal and external IT investigations
● Addresses Board of Directors regularly to communicate company risks, opportunities, and to return feedback into the company program
● Deployed security technology and processes to monitor and defend company cloud tenants and data to support "cloud first" strategy
● Developed strategy to secure the migration of the company's legacy data center to a hosted data center during Arconic's creation - a company "split" (separation) from Alcoa Inc.
● Formalized information security awareness program ○ Organized regular training / communication / attack simulations sent to employees around the world ○ Addressed global audiences in business unit town halls about the value of information security
● Developed enhanced protection program of company process control environments
● Lead mapping and gap analysis of existing security framework, ISO 27001, to newer NIST 800-53 standard to better align with our customer base and governmental regulation requirements
● Serves as company HIPAA security officer
- Chief Information Security Officer at Arconic
- Manager, Global Security Risk and Architecture at Alcoa
- Adjunct Faculty at Software Engineering Institute/Carnegie Mellon University
- Forensics Specialist Engineer at Software Engineering Institute/Carnegie Mellon University
2 years, 1 month at this Job
- Master's - Information Security and Technology Management
- Bachelor's - Computer Science and Information Systems
Chief Technology Officer (CTO), and Chief Information Security Officer (CISO) Responsible for all Technical Operations, Regulatory Compliance, and Information Security at PCS, Kris has worked as an industry leader in the Information Technology field for over 25 years providing services to many of the top Fortune 500 companies. Kris has achieved numerous other professional technical certifications which include Certified Information Security Systems Professional (CISSP), HCISPP, ITIL Foundations Certification, and SANS Global Information Assurance Certification (GIAC).
- VP, Information Technology and Chief Information Security Officer (CISO) at Parker Counseling and Education Services
- VP and Chief Information Security Officer (CISO) at Centura Health
- Manager, IT Security and Compliance at SquareTwo Financial
- Security Administrator at Cardinal Health / Medicine Shoppe Intl
8 years, 4 months at this Job
- Masters - Information Assurance and Cybersecurity with Specialty in Network Defense
- BS - Psychology
Adjacent Technologies is an award winning IBM Business Partner and consulting company specializing in cloud and on-premise Enterprise Content Management and Document Imaging solutions. CHIEF INFORMATION SECURITY OFFICER Jun 2014-Present
• Built both internal and external information and physical security programs and procedures from the ground up for the organization to support cloud and premise based architectures
• Develop policies and procedures to enhance security profile and risk management across a variety of platforms
• Work with Enterprise Clients to evaluate information security posture and develop security standards for both in-house and cloud application deployments
• Perform audits and security reviews for PCI, HIPAA, GLBA and FFIEC readiness for Enterprise Clients
• Responsible for performing penetration testing and vulnerability analysis using industry standard methodologies and tools
• Provide oversight of technical solutions for endpoint (malware/spam) protection, intrusion detection, intrusion prevention, access controls, remote vpn connectivity and firewall implementation
• Architect of BIA, Risk Assessment, Vendor Management and Policy Management solutions across the company using Cobit Framework
• Chair Incident Response Team and provide direction for the reporting and handling of information security threats
• Perform and lead efforts for third party vendor reviews and audits
• Lead efforts for continuous business resiliency and recovery to minimize downtime
• Organize and facilitate disaster recovery efforts and maintain proper DR equipment and resources
- CHIEF INFORMATION SECURITY OFFICER at Adjacent Technologies
- SR. VICE PRESIDENT/DIRECTOR OF TECHNOLOGY/CISO at Emprise Bank
- SR. VICE PRESIDENT/DIRECTOR OF TECHNOLOGY/CISO at CornerBank
- FOUNDER/TECHNICAL AND SECURITY DIRECTOR at Horizon Internet Technologies, Inc
4 years, 9 months at this Job
- - Atmospheric Science
8250 Woodfield Crossing Blvd
Indianapolis, IN 46240 April 2018 - Present
Hours Per Week: Full Time
Chief Information Security Officer Duties
• Establishing and maintaining a corporate wide information security management program that ensures information assets are adequately protected.
• Identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise
• Proactively work with business units to implement practices that meet defined policies and standards for information security.
• Develop, implement and monitor a strategic and comprehensive enterprise information security management program to ensure that the integrity, confidentiality and availability of information is owned, controlled or processed by the organization.
• Create, communicate and implement a risk-based process for identifying and managing third-party provider security related risks.
• Responsible for hiring, training, staff development, performance management and annual performance reviews of Information Security staff.
• Facilitate information security governance through the implementation of a hierarchical governance program, including the formation of an Information Security Steering Committee.
• Provide regular reporting on the current status of the information security program to senior business leaders and the board of directors.
• Create and manage information security awareness training programs for all employees, and contractors.
• Ensure that security programs are in compliance with relevant laws, regulations and policies to minimize or eliminate risk and audit findings.
• Provide strategic security guidance for corporate programs and projects at all stages of development.
• Manage major security incidents and events to protect corporate assets, including intellectual property, regulated data and the company's reputation.
• Liaise with the information security team and IT, compliance, audit, legal and HR management teams as required.
• Liaise with external agencies, such as law enforcement, FHLB Security Sub Committee and other advisory bodies as necessary, to ensure that the organization maintains a strong security posture.
• Crisis Management Team Member. Related Experience
• Chaired the Information Security Steering Committee and maintained the charter document.
• Responsible for the Enterprise Information Security Policy (Board approved).
• Monthly CEO Security Briefings
• Presented annual Board of Director Information Security training to ensure the Board received training appropriate for their oversight role.
• Business Continuity Working Group Member
• Developed a process for more efficiently identifying Third Party Information Security Risk and effectively responding to and developing management action plans that address the critical risks. Accomplishments
• Developed Information Security Strategic Plan for 2019.
• Developed and implemented a Data Loss Prevention Plan (Committee Approved).
• Implemented a clean desk policy and developed governance processes.
• Implemented preventative security controls for: Social Media, Personal E-mail, and Corporate the Personal E-mail forwarding.
• Implementing Data Tagging, Endpoint DLP and Network DLP as part of the Corporate Priority for Data Protection for 2019.
• Implementing a Virtual Desktop Environment (VDI) to mitigate the risk of data loss on endpoints.
• Implementing Multi Factor Authentication and/or strong authentication for endpoints and administrative access across to environment to mitigate the internal traversing of the network environment with malicious intent.
• Engaged (RFP and SOW) vendors for periodic penetration testing that included: Red Team, Social Engineering, WiFi, Application Testing, Internal Attempts and External Attempts.
- Chief Information Security Officer at Federal Home Loan Bank of Indianapolis
- Information Security Program Manager at
- Senior Information Security Analyst at
- Associate National Bank Examiner at Federal Job
11 months at this Job
- Bachelor's Degree - Finance