Vp/Managing Director Of Cybersecurity Risk And Controls
Current• Provided oversight and editing for the re-write of 36 technology and cybersecurity policies and standards to align with the NIST CSF framework.• Managed a cybersecurity risk quantification project that determined loss probability, residual risk and proved out an approximate 90% risk reduction due to effective controls.• Led the company through the process of obtaining its first SOC2, Type II Certification and normalized the process that covers over 125 controls across 9 departments.• Created a metrics dashboard for my programs increasing visibility into resource utilization, areas of needed improvement, and budget justification.• Drove strategy for the third-party due diligence program by automating and streamlining procedures which resulted in measurable processing time improvements, allowing the team to review over 350 vendors per year. • Administered the Cybersecurity portion of the Economic Social Governance initiative resulting in raising our score by two levels.• Managed a fully remote cyber risk team with high employee engagement scores and scope that crossed 7 cybersecurity functions.