SM Tech Risk Sample - Deloitte United States



|First & Last Name |

|email@; phone number |

|Summary of Qualifications |

| |

|Information Security and Risk Management leader with 16+ years leadership and management experience within Big 4 professional services and industry. |

|Highly effective at driving security and compliance programs, increasing data protection and reducing risk exposure. Known for the ability to |

|collaborate with C-suite to build consensus and deliver solutions which support leadership strategy. Effective leader of diverse teams of 12+ and |

|managing budgets of $7 - $10MM. |

| |

|Leadership & Communication |

|Security Architecture |

|Cyber Security & Incident Response (IR) |

|Qualitative & Quantitative Risk Assessment |

|Security program training & awareness |

| |

|Security & Compliance Programs (SOX, PCI, GLBA, NERC, NEI) |

|Security Governance, Risk & Controls (GRC) |

|Identity & Access Management (IAM) |

|Staff supervision & development |

| |

| |

|Professional Experience |

|Senior Manager, Deloitte & Touche, LLP - location 3/2015 – Present |

|Practice development and service delivery leader within Deloitte’s North America Security and Privacy services. Manage project financials, staffing, |

|execution and delivery of $3-5 MM in revenue annually for US based clients. Lead teams of 30+ professionals, providing training, supervision and |

|coaching while conducting performance reviews and advising on career development. |

| |

|Developed risk management and governance strategies by working with multiple stakeholders within organizations to achieve key business objectives, |

|including process optimization, financial reporting, and third-party compliance. |

|Worked directly with Audit Committees and Chief Executives as a trusted advisor to define strategic operational risks and objectives, technology needs,|

|and to identify and address the procedural and cultural challenges within the organization which might impede or delay the achievement of the strategic|

|objectives. |

|Helped global $43B biomedical client establish a Global Security and Privacy office to centralize governance, strategy and execution. Developed 3 year|

|strategy and project road map for driving process and technology improvements over 44 security domains. |

|Planned and conducted ISAE 3402 (SAS 70) and internal control over financial reporting audits for a broker/dealer. Ensured appropriate adherence to |

|new SEC Custody Rules. Audited and tested operations, custody, and IT controls. |

|Co-developed Risk Assessment Framework (RAF) for a $20B financial institution, addressing risk across Compliance, IT Security, IA and Operational Risk |

|Management (ORM) functions. Developed End-to-End Risk Assessment process for identifying, aggregating and prioritizing risk exposure. |

|Redesigned global Identity Management solution for a $135B pharmaceutical company automating compliant identify lifecycle for all user communities. |

|Corrected audit findings, security exposures, and processing delays. Enabled self-service, audit transparency compliance and exception reporting. |

| |

|Title, company – Location 3/2013 to 2/2015 |

| |

|Led operations for pure-play energy demand aggregator, including managing its supply chain; led coordination among operations, marketing, IT and senior|

|management; led launches of new web based services; led supplier management. |

| |

| |

|Manager, Security Services, Deloitte & Touche, LLP location 8/2006 – 2/2013 |

|Specialized in Identity and Access Management (IAM), enterprise network and application security. |

|Served as a subject matter resource for European engagement teams facing upcoming PCAOB inspections. |

|Lead cyber security assessments and designs for enterprise clients. Designed secure architectures for internet facing assets, DMZs, data exchanges, |

|business connections, and integrated applications. |

|Developed first security services training program for 80+ professionals in Midwest region, subsequently implemented nationally for 400+ professionals.|

| |

|Earned key customer references, qualifications and success stories for Identity Management implementation service. Successes were published by Sun |

|Microsystems marketing groups. |

|Innovated and lead offshore development of implementation utilities which reduced assessment times and project risks. |

| |

|Senior Consultant, Security Services, Firm name - location. 5/2000– 8/2006 |

|Specialized in architecture and implementation of network security, and threat and vulnerability management. |

|Telecommunications sector: built corporate information security departments. Developed security policies, standards and designs for divisions with |

|internet facing systems, hosting facilities and Telco exchanges. |

|Dotcom industry: implemented LAN/WAN security architecture at start-up companies. Specialized in Cisco Secure Networks, PIX/Firewall-1, and SSO via |

|Netgrity SiteMinder. |

|National SME for Cisco Security as Cisco Certified Networking Professional (CCNP). Developed security standards, architecture blue prints, and |

|implementations. |

|Delivered SAS70 and HIPAA assessments for telecom hosting data centers and health care providers. |

| |

| |

|Education and Certification |

|University or College , location |

|BA Degree, Major: Communication Technology (Date optional) |

|Certifications: CISSP |

|Speaking Engagements |

|Facilitated marketing events and round table discussions with leadership sponsors and vendor alliances. |

|Lead recruiting efforts and presentations at targeted universities. |

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download