Ashley W. Email & Phone Number

Dallas, Texas, US

• Document, communicate, and consult on enterprise Information Risk Management policies, processes, procedures, standards, and requirements
• Provide executive level reporting and summarization of IGRC program
• Enhanced and maintain enterprise document management systems
• Develop strategies to address security awareness and training across a global enterprise including remote staff and geographically separated locations - year around and with extensive Cybersecurity Awareness Month.
• Perform exception management activities related to enterprise policies and directives
• Interface and interact with business leadership to include Legal, Compliance, IT, and Operations

Coppell, TX, US

Coppell, TX, US

• Helped ensure the successful execution of enterprise-wide Security programs and projects
• Owned the security program’s roadmaps for the 25+ person department and communications to disseminate throughout the organization
• Drove forward and matures security programs, such as vulnerability management, application security, service and privileged account management
• Managed information security projects and procurement from inception to successful completion, fully understanding the purpose of projects, technologies, and their value-add to the organization
• Worked in tandem with the CISO, information security management, and other technology leaders on financial planning and analysis and additional fiduciary responsibilities, including identifying reductions within the.
• Defined and compiled key performance indicators (KPIs) and metrics that align with business initiatives and are deliverable to non-technical individuals

Coppell, TX, US

• Responsible for security operations – the tools, their maintenance and maturity, their program and procedures documentation, and event/ incident response
• Matured and maintained the security operations program supported by a team of four, including high-quality tools for security information and event management (SIEM), endpoint protection, email security, phishing.
• Managed the deployment of two SIEMs (including over 20 log source types, hundreds of analytics, and their tuning) and the threat and brand intelligence tool (including eight watch lists and 50 alerts)
• Owned vendor relationships for all Security Operations’ tools plus the incident response retainer – including negotiation of terms and costs, onboarding, and ongoing coordination
• Redesigned the Information Security Policy and supporting security standards (including but not limited to the Cybersecurity Incident Response Standard) by revising existing documents and creating new standards for.
• Established and maintained the Cybersecurity Incident Response Plan to provide a foundation for guiding responses to a real or perceived incident impacting computing assets, data, or networks from preparation through.

Columbus, Ohio, US

• Designed, articulated, and governed security policies, standards, processes, and procedures at the corporate entity
• Collaborated with senior business leaders to appropriately protect and risk assess information technology decisions relative to company and shareholder objectives
• Designed and directed security operations program and team that drives accountability and quality to properly govern information security, including continuous Security Operations Center (SOC) monitoring
• Negotiated $500k annual contract to transition managed security service providers
• Maintained state-of-the-art security software solutions including the acquisition, deployment, and contract negotiations with vendors
• Established, monitored, and enhanced the vulnerability management program resulting in the elimination of over 14,000 critical and high vulnerabilities (99% reduction) and consistently meet SLA of addressing all such.

Columbus, Ohio, US

• Led Alliance Data Corporate’s Global Audit team in charge of technology, financial, and operational audits including Information Security, SEC reporting, T&E, FCPA, Ethics, and Data Governance audits
• Engaged and influenced 20+ Corporate senior leaders on a quarterly basis to guide audit plan development and risk management activities
• Analyzed business processes and controls to identify risk areas to be considered for audits that could increase effectiveness and efficiency of operations or reduce risk
• Planned and performed financial, operational, and technology audits to deliver executive reports to the Board of Directors on time and under budget
• Consulted senior leadership to efficiently respond and remediate audit observations to successfully improve controls, efficiency, procedures, and policies
• Conceptualized and executed the department-wide internal quality assurance reviews and managed the external quality assurance review

Columbus, Ohio, US

Worldwide, OO

• Consulted on identity and access management and tested controls as a part of external audit and outsourced internal audit
• Led multiple engagements for global enterprises with budgets ranging from $250K to $1.2M and delivered on time and on budget
• Increased services revenue from $320K to $1.8M in fourteen months while supervising up to eleven project resources
• Built a standardized role-based access control (RBAC) security model to manage Active Directory (AD) and mainframe (RACF) access
• Developed and implemented role governance processes to support account access lifecycle for a Fortune 10 enterprise
• Managed onshore and offshore resources to deploy an identity and access management solution and the service automation of client’s access request system, including requirements and design documentation, testing.

Worldwide, OO

College Station, TX, US

• Assisted the students, faculty, and staff at the university with their information technology questions in person and via phone and email
• Preformed operating system reinstalls, virus removals, and other software related support and administered hardware diagnostic tests

Worldwide, OO

• Helped organizations identify and manage both risks and opportunities to enhance business performance, fortify controls, and improve corporate governance
• Examined records, documenting observations for the clients in a team of 2 to 15
• Communicated with and interviewed clients at various levels

Master Of Science - Ms, Management Information Systems

Bachelor Of Business Administration - Bba, Accounting