This feature candidate is a cybersecurity/compliance transformation “doer” with experience championing both from the C-Level on down…! Please take a moment to review their professional summary:
PROFESSIONAL EXPERIENCE
- Built the cyber program for a multinational personal care company from scratch
- Created and delivered PCI certification (saving $200K in penalty/QSA costs per year)
- Run several INFR/GRC/Cyber transformations on-prem and cloud
- Experience with multiple security/GRC frameworks (MITRE, FAIR, NIST/FFIEC, SOC1, ISO27001; PCI, PIPEDA, CCPA, GDPR, SOX, CTPAT)
- Consolidated two company INFR into one in 3 months with minimal resources (cutover in 2d; also tacked on DR/BCP)
FUNCTIONAL/TECHNICAL SKILLS
- Hands-on with multiple tech (FW, IDPS, DLP, data-classification, Vuln Scan, EDR, AV/Malware, Anti-Phishing, SIEM, GRC Mgmt)
- Have run/participated in many audits (PCI, CCPA, SOC1, GDPR, CTPAT, SOX, etc)
- Deep analytical/reporting across IT (INFR/Cyber/App/DB performance/availability) via PowerBI, Excel, Tableau & numerous apps
- Tech implementations include:
A. DevSecOps via Spirion into AWS CI/CD
B. Spirion for data-classification
C. CarbonBlack/Red Canary & Trend Micro EDR/XDR
D. Agari & Trend Micro anti-phishing
E. Vanta to consolidate GRC/Security data-collection/reporting
CAREER GOAL: To continue their journey in cyber/infosec and compliance in a leadership capacity
PREFERRED EMPLOYMENT TYPE: Perm preferred; would consider contract-to-perm
PREFERRED LOCATION: NYC area