Craig C. Shrader Global Ciso Cissp, Qte

Craig C. Shrader Global Ciso Cissp, Qte Email and Phone Number

CISO and Managing Director @ CVEEM Consulting Group, LLC
Morristown, NJ, US
Craig C. Shrader Global Ciso Cissp, Qte's Location
Morristown, New Jersey, United States, United States
Craig C. Shrader Global Ciso Cissp, Qte's Contact Details

Craig C. Shrader Global Ciso Cissp, Qte work email

Craig C. Shrader Global Ciso Cissp, Qte personal email

About Craig C. Shrader Global Ciso Cissp, Qte

Craig, a global information security leader, drives cybersecurity initiatives across sectors. As an operational CISO, he advises boards and management on today’s digitally transformed cybersecurity landscape.Cyber-risk focused, business oriented CISO with over 15 years’ experience balancing security with innovation. Craig unifies teams and drives elements critical to security programs with machine learning and artificial intelligence (ML/AI) technology in cybersecurity architecture and operations. Craig leads cyber strategy based on business risk, thereby improving the security posture and resiliency of digital footprints. Craig focuses on corporate governance and business-based security controls, providing strategic advice to executive teams and boards to handle emerging systemic risks from cyber vulnerabilities and threats. He integrated AI into cybersecurity practices, modernizing threat detection, identifying indicators of compromise, and strengthening incident response capabilities. Without digital & cyber risk oversight, a 2-3% daily outage can affect business operations.A published author, Craig has released an independent paper on AI/ML in cybersecurity strategy and operations, highlighting trends CISOs should be aware of. The paper is available upon request.As an Adjunct Professor at the College of Morris, I enrich the next generation of cyber professionals, focusing on Network Security and Information Security Management. My real-world application approach prepares students for the rigorous standards of the National Security Agency’s CAE-D designation. Together, we bolster cyber resilience to safeguard today’s digital landscapes.

Craig C. Shrader Global Ciso Cissp, Qte's Current Company Details
CVEEM Consulting Group, LLC

Cveem Consulting Group, Llc

View
CISO and Managing Director
Morristown, NJ, US
Craig C. Shrader Global Ciso Cissp, Qte Work Experience Details
  • Cveem Consulting Group, Llc
    Ciso And Managing Director
    Cveem Consulting Group, Llc
    Morristown, Nj, Us
  • Hsbc
    Ciso & Country Cybersecurity Lead - Canada
    Hsbc Jun 2024 - Present
    London, Gb
    Responsible for driving the execution of Group Information and Cybersecurity strategy within Canada and helping to deliver in-country cyber objectives aligned with the Group Cyber organization.
    View
  • Collage Of Morris
    Adjunct Professor Cybersecurity
    Collage Of Morris Sep 2021 - Present
    Teach 2nd year students in required Information Security Management course. Teach in a program designated by the NSA entitled A Center of Academic Excellence in Cyber Defense (CAE-D). Courses taught include Network Security and Information Security Management.
  • Cveem Consulting Group
    Ciso & Managing Partner
    Cveem Consulting Group Jun 2017 - Jun 2024
    Orchestrator of pragmatic compliance driven security policies & cloud controls in accordance NIST, CIS, ISO and pertinent regulations. Published author on Machine learning and artificial intelligence in cybersecurity monitoring and SOC. Security advisory and technical consultation helping business leaders solve strategic and deployment problems for information security and operating practices. Change agent, Visionary, Critical thinker, Inquisitive. He is an investigative CISO teaching cybersecurity at a collage level. Craig has worked in important industries which shaped his cybersecurity experience from non-profit, public sector, banking, high tech, managed services and financial services. He provides consistent direction to build a security team and selected “best manager” by Amex team. Design and manage security architecture implementing tools and technology to detect threat attempts with ML and AI solutions (SIEM MSSP, UBA, EDR, IPS/IDS, DLP, IAM, vendor tools) for response in network or AWS cloud. Subject matter expert and Compliance Officer on security regulations, best practices and frameworks including: CCPA, BSA/AML, FDA 21 CFR part 11, FDIC, Fed Ramp, FFIEC, FinCEN, FRB, FTC, GDPR, GLBA, GMP – Security HIPAA, HITRUST, ISO2700, NIST, NY DFS 23 NYRR part 500, OCC, ONC, PCI- DSS, SANS 20, SOC 2 , SOX.
  • American Water Resources Holdings Inc
    Deputy Chief Information Security Officer
    American Water Resources Holdings Inc Feb 2023 - Feb 2024
    Oversee / responsible for all security operations and technology function critical for the protection of information and assets. Published Information Security Systems Architecture for AWS Cloud instance. Led analysis of security policies, controls and administrative personnel for a Cybersecurity Framework 2.0 assessment of environment. Developed several important programs to reduce risk including 3rd party risk, a security awareness program and an enterprise monitoring architecture including an MSSP vendor for detection and threat management. Aligned corporate departments and business units to develop and implement a security vision in the assessment of enterprise risk and controls communicating acceptable levels of security risk.
    View
  • Keystone Human Services
    Chief Information Security Officer
    Keystone Human Services Jul 2022 - Jan 2023
    Harrisburg, Pennsylvania, Us
    Lead information security for a large non-profit serving people with disabilities in 4 Mid-Atlantic states and two international countries. Manage 14 corporate locations, 3 international offices and 380 homes for people with a disability with over 3000 employees.
    View
  • Truist Financial Corporation
    Information Security Officer
    Truist Financial Corporation Nov 2021 - Oct 2022
    Responsible for determining the project security posture and compliance with banking security and operational controls in this unique AWS designed application. Guide architects, design engineers and delivery engineers for the best practices for Cloud security.
  • Blue Foundry Bank
    Chief Information Security Officer
    Blue Foundry Bank Feb 2020 - Sep 2020
    Rutherford , New Jersey, Us
    Head of Information Security and Compliance for a Community Bank responsible for People | Process | Technology and Tools in Security Policies, Cyber operations including monitoring, Security Awareness and Training, and Compliance. Managed security operations with significant team under funding.• Transition Bank operations with GRC centric change and toward compliance with FDIC regulations. Kept Bank in compliance with signed FDIC findings.• Responsible to CEO and Board for quarterly Cyber Security metrics and incidents and achieved distinction and respect of Vice President peers.• Recommended MSSP services to compliment internal staff to cover 24X7 monitoring operations. Established firewall, end-point and SIEM MSSP services.• As IT Team Lead for infrastructure and security, completed 2020 Internal Audit and FDIC audit. Audit was successful and gained accolades from Chief Audit Officer for first time audit accomplishments.
    View
  • City Of New York, Department Of Citywide Administrative Services
    Lead Consultant For Strategy, Policy & Cyber Security Transformation
    City Of New York, Department Of Citywide Administrative Services May 2019 - Jan 2020
    Develop roadmap and execution of strategy & culture for cyber security policies for 13 Lines of Services and 3000 people. Responsible for vision, strategy and special projects for forensics, data classification policy and training, governance with Deputy Commissioners, Directors and executives in other LOS. Created policies to promote security awareness.• Responsible for transforming cyber programs for information classification / encryption, awareness strategy, and tools like Darktrace and ForcePoint working directly with agency Line of Service and IT development directors.• SME for Information Classification & Management Policy and training for PII, PHI, City of New York Financial data. Conducted PCI-DSS audit of all agency credit card use and presented to Department of Finance auditors.• Thought Leader for Agency cyber strategy for GRC, legal, security personnel, executive awareness and developing security policy and procedures moving Agency’s security implementation. Advisory and mentoring to executive staff.• Wrote and implemented the Agency Incident Response Plan and tested with LOB and IT systems engineering.
  • Mega International Commercial Bank
    V-Ciso - Grc
    Mega International Commercial Bank Mar 2018 - Jan 2019
    Makati , Metro Manila, Ph
    Consulting v-CISO assigned to attain compliance with GDPR, GLBA and New York DFS 23 NYRR part 500. High Value Information Classification Program• Consulting v-CISO assigned to attain compliance with NY DFS 23 NYRR part 500, GLBA and GDPR regulations.• Developed plans and policies for GRC and AML, GDPR Privacy Policy Plan and procedures, divisional vulnerability assessments, systematic safeguards/controls, in accordance with GDPR, CCPA, FFIEC, and GLBA regulations. Obtained NY DFS approval for regulatory controls for the high value asset inventory. • Analyzed eight Bank division’s business procedures for high value asset and risk identification creating a comprehensive inventory of classified information and operating assets to produce enhanced risk management and privacy protection.• With identification High Assets, aligned to priority of processing environments then with asset management and vulnerability scanning and patching to ensure critical environments are constantly protected.• Worked directly with Divisional Teams on Bank IS policies and implementing GRC and industry best practices for process and associated security controls within the Bank and with bank 3rd party vendors and accountants.
    View
  • Strategic Products And Services (Sps)
    Sr. Director & Ciso, Corporate Infrastructure Operations
    Strategic Products And Services (Sps) 2016 - 2017
    Eagan, Minnesota, Us
    Managed personnel and infrastructure systems for operations and enterprise security for a $350M PE portfolio. Established security roadmap for corporate and managed services networks. Managed corporate and managed services infrastructure.• Transformed in 3 months corporate IT and datacenter operations affected by systems instability to stable and dependable operations. Was promoted for responsibility of all IT, managed services accounts and security to VP.• Led transformation projects for strategic initiatives for productivity and efficiency of IT support processes. Became lead committee participant driving standards and operational best practices.• Established strategy and roadmap for Information Security for combined corporate and managed services operations worldwide after promotion to create a security group for combine operations. • Conducted security architecture overhaul after email malware breach and incident response for intrusions to network. Actions and remedies protected the security envelope. Directed threat modeling plan part of the Incident response. • Responsible for SOC operations and incident response in corporate and shared services network. Maintained services for Tier 2 and Tier 3 engineering services.
    View
  • Datamotion, Inc.
    Ciso | Vp Operations | Saas | Customer Service
    Datamotion, Inc. 2013 - 2015
    Morristown, New Jersey, Us
    Executive responsible for systems and for hybrid and AWS datacenter operations and information security roadmap, strategic technology planning, operations, information security and governance for SAAS implementation of 1.6M users and customer service to clients. Responsible for technical services post sale. Executive voice to customer and regulators for information security and evangelist for encryption within infrastructure for encrypted data in-use, in motion and at rest.• Developed the comprehensive security program protecting PHI and executed with evidentiary documentation for compliance, which passed an HITRUST / HIPAA healthcare audit and operational certification in 2013, 2014 and 2015. • Responsible for federally audited SaaS operations for HIPAA, PHI, and PII within NIST & COBIT frameworks.• Developed Risk Management plan complete with specific vulnerability and threat models for each risk identified.• Implemented application security procedures using code review, threat management within development and QA testing.• Guided clients through GRC security practices for SAAS products. Was the lens to clients for security policy and client / regulatory questionnaires and certification audits.• Organized, trained, mentored and grew security team in a scalable way meeting threat management and business needs.• Managed & mentored 24X7 Support team for IT and SOC with responsibility for incident management and response.
    View
  • Infosys Consulting, Inc.
    It Transformation Leadership, Cio, Cto, Customer Ciso
    Infosys Consulting, Inc. Jul 2008 - May 2013
    Bangalore, In
    IT Transformation and Innovation Leader | Outsourcing | ConsultingEngagement lead for program delivery and IT transformation in a global delivery model for professional services. Managed infrastructure and development customer portfolios in a GDM deployment model with India, China and Mexico. Directed roadmap delivery initiatives for IT Transformation: Enterprise program delivery for ITIL SM policies, compliance, Data Strategy and Architecture, BI/DW and informational transformations with focus on value realization for the client.• Responsible to C-level stakeholders as both Program Director and technology solutions advisor.• Directed compliance integration program creating bank for GMAC based on EU privacy and German privacy laws. • Recognized leader of outsourced GDM programs. Improved productivity by 18- 21% and reduced operating costs by 23%.• Created OS and Application security overhaul patching 175 apps code for MS vulnerabilities for 22 global business units. Managed 250-person teams on-site and offshore.
    View

Craig C. Shrader Global Ciso Cissp, Qte Education Details

  • University Of Pennsylvania
    University Of Pennsylvania
    Community And Regional Planning
  • University Of Arizona
    University Of Arizona
    Biology & Chemistry
  • Stanford University Graduate School Of Business
    Stanford University Graduate School Of Business
    Entrepreneurship/Entrepreneurial Studies
  • University Of Arizona
    University Of Arizona
    Biology / Chemistry
  • Digital Directors Network
    Digital Directors Network
    Corporate Governance

Frequently Asked Questions about Craig C. Shrader Global Ciso Cissp, Qte

What company does Craig C. Shrader Global Ciso Cissp, Qte work for?

Craig C. Shrader Global Ciso Cissp, Qte works for Cveem Consulting Group, Llc

What is Craig C. Shrader Global Ciso Cissp, Qte's role at the current company?

Craig C. Shrader Global Ciso Cissp, Qte's current role is CISO and Managing Director.

What is Craig C. Shrader Global Ciso Cissp, Qte's email address?

Craig C. Shrader Global Ciso Cissp, Qte's email address is cc****@****ail.com

What schools did Craig C. Shrader Global Ciso Cissp, Qte attend?

Craig C. Shrader Global Ciso Cissp, Qte attended University Of Pennsylvania, University Of Arizona, Stanford University Graduate School Of Business, University Of Arizona, Digital Directors Network.

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.