Charles Tango Email & Phone Number

Houston, TX, US

Seattle, WA, US

New York, US

Washington, DC, US

San Diego, CA, US

San Francisco, California, US

Armonk, New York, NY, US

Richmond, Virginia, US

CISO and head of IT Risk for Altria and its family of companies globally, including Philip Morris USA, Ste. Michelle Wine Estates, US Smokeless Tobacco, John Middleton Co., Nu Mark, and Nat Sherman.

Richmond, Virginia, US

Encourage technology innovation and collaboration in the greater Richmond area.

Midlothian, Virginia, US

Stamford, CT, US

• As the Chief Information Security and Risk Officer, responsible for the departments managing Information Security, Operational Risk, Vendor Risk Management, Business Continuity, and Model Risk Management. Report.
• Creating the Operations and Technology Risk Management department, including all policies, procedures, and staffing requirements; bringing together all domains related to IT and Operational Risk.
• Developing the bank’s future Enterprise Risk Management framework which integrates all IT, Operational, Market, and Credit Risk into one end-to-end process for senior management and board consumption.
• Launched an eGRC platform to manage and automate the functions of IT & Operational Risk, including Information Security and RCSA.
• Develop and oversee critical IS functions including Incident Management, Application Security, Network Security / Intrusion Detection, Training & Awareness, Vulnerability Management, Identity Management, Data Loss.
• Launched a comprehensive Security Information & Event Management (SIEM) platform and program through-out the bank's IT environment.

New York, New York, US

• Program Manager – Enterprise Supplier Risk Management (ESRM) Strategic Enhancement Program (StEP)Manage 50+ full time employees, contractors, and consultants who support the Program Office (PO). The StEP portfolio.
• Provided Subject Matter Expertise for the development of the risk scoring methodology for process which identifies Citi’s cross-discipline IT / Operational risks and tiers them based on materiality.
• Developed an industry quantitative leading Risk Tiering model to determine a Supplier’s Inherent and Residual risk.
• Establishing quantitative and qualitative Risk Tolerance measures, thresholds, and breach responses, in alignment with COSO.
• Oversaw the development of several critical enhancements which will be implemented in 2013, including:o Restructuring of the Supplier Risk Management Governance Modelo Design and development of a future-state ESRM.
• Successfully established the StEP PO, including budgeting and business justification to O&T senior leadership, which:o Oversees all aspects of program and project executiono Sets strategic risk management objectives.

New York, New York, US

• Lead IS and IT Risk Management initiatives for Citi Technology Infrastructure (CTI), which supports systems and network connectivity for Citigroup business lines globally. Prepared financial forecasts for IS projects..
• Dramatically reduced risk, with significant projected resource savings, by standardizing risk management across all business units and incorporating into an event driven ISRA process supporting annual GLBA attestations.
• Established and consistently maintained compliance with ISO 27001 certification requirements for GIS. Achieved certification through improvements to internal and governance processes.
• Subject Matter Expert (SME) for ISO 27001 certification of data centers worldwide. Developed and implemented repeatable programs. Played key role in Citi becoming one of the first financial industries to achieve ISO.
• Represented CTI and worked with Engineering and corporate governance groups to set Infrastructure Defense Program’s tactical and strategic goals. Objectives through 2011 included: security for Virtualization, Cloud.
• Produced productivity increases as large as 30% and reduced defects as much as 95% for programs, by developing KPIs to measure and trend IS programs globally.

• Department Head, Security Managed ServicesSecurity Operations Center ManagerCreated and led Managed Services division for large security products VAR. Hired and supervised multiple direct reports. Managed issue.
• Built group into reliable revenue stream and managed products on behalf of customer via Security Operations Center (SOC), either remotely through data center or at client locations.
• Developed all SOC policies and procedures, including incident response, reporting, KPIs, and SLAs.
• Increased sales and led development of packaged security offerings, including managed 3rd-party firewalls, intrusion detection systems, e-mail, virus scanning, web proxies, and more.
• Assisted with sales by preparing and conducting technical presentations.

New York, NY, US

• Senior Systems & Security EngineerActed as Director of Security and Director of Technology Infrastructure. Oversaw network and IS operations management. Managed vendor relations to support hardware, software, support.
• Reduced ISP costs 15% and achieved larger decreases in Oracle, Sun, and Cisco support.
• Managed complete corporate network and data center network redesign initiatives.
• Improved and updated all security and disaster recovery policies and procedures.
• Designed successful Sun Server Farm for distributed processing of financial applications.
• Improved efficiency by implementing uptime monitoring for 24x7 production data center.

US

• Data Center Operations and Security Team Lead Directed data center operations at ISP/telecom/internet company. Coordinated multiple engineers. Planned and managed technology upgrades. Provided security policy.
• Designed and implemented 24x7 enterprise e-commerce data center to provide global support.
• Played major role in 2 data center migration initiatives.
• Enhanced functionality of an ad-serving environment handling >2 billion impressions per month.
• Carried out design and implementation of web hosting/co-location environment that processed more than 10 million unique visitors per month.
• Implemented VPN, firewalls, and IDS for multiple data centers.

Education record

Bachelor Of Science In Business, Business / Mis