Deputy Chief Information Security Officer

**Deputy Chief Information Security Officer**

**"I have focused on overseeing Cybersecurity in the financial sector for the past ten years. I work with executive leadership and present to board members to emphasizing the value of security while helping deliver business goals and objectives. I am looking for a challenging new leadership opportunity in Cybersecurity with an innovative company that is passionate about its employees and clients."**

Job Title Deputy Chief Information Security Officer Top 3 Skills CISO, Cybersecurity, IT Systems Administrator Location Salt Lake City, Utah **Key Skills + Experience**

**Employment History** ****Deputy Chief Information Security Officer September 2019 Present****

**As Deputy Chief Information Security Officer, I am responsible for overseeing the organization's cybersecurity department, which consists of Security Operations, Digital Forensics, Threat Intelligence, Application Security, Network Security, Vulnerability Management, and Security Engineering and Architecture. I am responsible for the budget, metrics and keeping executive leadership and board members up to date on current risk profiles, evolving threats, and priorities. I also work, coordinate, and present to both federal and state regulators from California, Federal Reserve Bank, and EMEA regarding laws and regulations around FFIEC, CCPA, GDPR, and others.**

****Information Security Committee Member January 2019 Present****

**I volunteer as a member of the information security committee for the Utah Food Bank. I help provide security guidance, direction, and oversight into information technology implementations and day to day operations.**

****Executive Board Member September 2020 Present****

**An Executive Board Member to a community group which consists of other enterprise information risk leadership to collaborate, share, and discuss emerging cybersecurity and privacy risk.**

****Senior Director of Cybersecurity August 2018 September 2019****

**As a Sr. Director of Cybersecurity, I oversaw security operations, engineering, application security, network security, and organizational threat modeling. My responsibilities consist of identifying and mitigating risks and in a manner that meets both regulatory and corporate requirements while ensuring end-user enablement and implementing an advanced defense-in-depth security posture. My teams were able to accomplish this by focusing on proactive security, maintain a secure software development life cycle (SDLC), continual validating our security posture and a solution stack, implementing an effective security monitoring platform, and collaborating with system stakeholders.**

****Director of Cybersecurity March 2017 August 2018****

**As a Director of Cybersecurity, my team was tasked with identifying and managing cyber risks, compliance with regulatory requirements, and alignment with the enterprise's corporate strategy. I work with internal and federal auditors and regulators in helping maintain Payment Card Industry Data Security Standards (PCI-DSS), Sarbanes-Oxley (SOX), Gramm-Leach-Bliley Act (GLBA), and Federal Financial Institutions Examination Council (FFIEC) Cyber Security compliance requirements.**

****Cybersecurity Architect October 2012 November 2017****

**As a Cybersecurity Architect, my primary focus was to oversee our security defense-in-depth, measure key performance indicators, and solve security issues or deficiencies. I also help manage the organization's vulnerability management, application security, intrusion prevention, data loss prevention, endpoint detection and response, and various other functions. I also participated in architecture review board sessions, which consisted of key stakeholders from both risk functions and technology to ensure changes to the organization's infrastructure was done securely.**

****System Administrator October 2007 October 2012****

**As an IT Systems Administrator, I help oversee and govern security endpoints deployments and business continuity procedures, ensuring successful data backups had occurred. I have become proficient in Windows & Redhat administration. I assisted with active directory maintenance, data center management, DNS oversight, system provisioning, and I managed the companies email gateways. I also help with AS/400 & iSeries upgrades and journaling replication.**

****Supervisor of Support Services November 2004 October 2007****

**Oversaw the university hospital's support services group, which consist of eight couriers. Primary responsibility was coordinating the delivery of surgical equipment, medical devices and assisting with its business continuity exercises.**

****Founder March 2004 October 2007****

**Owner of a computer repair, parts resell, and networking company that helped support a 70+ client base. Primary fixed endpoint computer systems and implemented small LAN networks for multiple companies.**

**Education**

* **Master of Professional Studies in Information Sciences, Cybersecurity, and Information Assurance January 2016 December 2018**

* **Bachelor of Science (BS), Network and System Administration/Administrator January 2011 January 2013**

* **Computer Science November 2020 November 2020**

**Certifications**

* **Certified Information Security Manager May 2017**

* **Certified Information Systems Security Professional August 2014 August 2023**

* **Penetration Tester November 2013 November 2021**

* **Security+ November 2012 November 2022**

* **Microsoft Certificated Information Technology Professional October 2010**

* **Cisco Certified Network Associate May 2013 May 2015**

* **VMware Certified Professional 5 March 2012 May 2015**

* **Project+ May 2010**

* **Microsoft Windows 7 Configuration October 2010**

* **Web Design Specialist January 2013**

* **JavaScript Specialist January 2013**

* **Foundations Associate January 2013 November 2020**

**References available upon request.**