Curtis Letson, Cissp Email & Phone Number

Littleton, CO, US

Pasadena, California, US

Member of advisory board for Charter School program in Colorado supporting undercserved and at risk youth

Des Moines, Iowa, US

Co-Chair of the Colorado council for grateful giving leadership

San Francisco, California, US

• Lead global security program, managing $3M budget and effective team, reducing vulnerabilities by 40%.
• Implemented new incident ticketing process, cutting mean response time by 20%.
• Enhanced security awareness with advanced training and phishing tests.
• Established Global Governance and Risk committee, driving significant risk reduction.
• Orchestrated company-wide risk assessment, reducing potential threats by 25%.
• Overhauled IT security policies, achieving 100% compliance in audits.

The SANS CISO Network is open exclusively for CISOs and senior security professionals around the world and our aim is to help ease the pressure of working as a security decision-maker by providing an environment in which ideas and lessons-learned can be shared amongst a peer group of influencers and thought leaders.

Denver, Colorado, US

• Led creation of a new security program, managing a $2M budget and a 3-person team to enhance security posture.
• Implemented a security incident ticketing process, reducing mean time to resolution by 20% in the first 6 months.
• Enhanced Security Awareness program, achieving a 40% reduction in phishing clicks.
• Developed metrics and reporting process to meet regulatory requirements and inform senior management.
• Integrated advanced AI in threat detection, reducing false positives by 30%.
• Streamlined security protocols, enhancing system efficiency by 15%.

Englewood, CO, US

• Led an 8-person team managing a $2.2M budget, implementing NIST framework for enhanced security.
• Achieved zero SOX findings from a previous 10% within two years through strategic collaboration.
• Launched phishing awareness campaigns, reducing clicks on phishing sites by 50%.
• Improved vendor contract review turnaround by 30%, ensuring compliance with SOC 2, SOX, and ISO 27001.
• Key liaison with CLO on state-level legal compliance for IT and Cyber programs.
• Analyzed and revamped cyber risk management strategies, reducing potential threats.

Rockville, Maryland, US

• Led IT operations and security teams, managing a $5M budget and 68 professionals across various domains.
• Increased Security Desk ticketing efficiency by 35%, reducing operational downtime and enhancing processes.
• Implemented hybrid data center projects, optimizing on-premises and cloud networks.
• Ensured compliance with PCI, GDPR, NIST, and SANS CSC Top 20 standards.
• Reduced product downtime by 50% in 6 months through daily scrums and targeted sprints.
• Boosted IT security by leading a $5M budget and 68 IT pros, reducing downtime by 50%.

Highlands Ranch, Colorado, US

• Led IT and security teams to establish robust cybersecurity programs, managing $3.5M budget and 18 staff.
• Reduced IT response time from 3 days to 1 day, lowering business risks by 20% and enhancing analytics.
• Cut SOX audit findings by half within 18 months by strengthening security measures.
• Implemented OT technologies in 19 locations, ensuring security and operational support.
• Pioneered OT tech integration in 19 sites, enhancing security monitoring.
• Managed a $3.5M budget, leading 18 staff in upgrading IT infrastructure.

Teaneck, NJ, US

• Managed Security Operations Center, led 12-member team, managed $6M budget, improved patching efficiency by 50%.
• Developed strategy aligning policies with legal requirements, reduced security incident response by 24 hours.
• Created Security Risk and Compliance Board, reduced company risk by 20%, acted as POC for M&A security reviews.
• Spearheaded 80+ security initiatives, enhanced processes, and SDLC evaluations, improved team reputation.
• Boosted security efficiency by 50% through strategic patch management.
• Led 80+ initiatives, enhancing security processes and SDLC evaluations.

Littleton, Colorado, US

➟ Provided business proposal write-up consultation.➟ Served as Certification & Accreditation (C&A) subject matter expert (SME).➟ Functioned as lead negotiator for IT Security contract proposals.

Denver, CO, US

➟ Applied Scrum, Agile Project management skills to complete 3 projects while leading an 8-person Security Compliance Testing Team.➟ Managed negotiation with New York State Board of Elections for contract sign-off.➟ Drove successful completion of 2 state and 1 international certification test plan for security testing.➟ Re-architected Tester procedures to.

Armonk, New York, NY, US

➟ Led a 10-person Audit Compliance & Assurance Team.➟ Designed, tested, and implemented Tivoli Compliance Insight Manager automated audit tool.➟ Re-architected Review tester procedures to improve process times by 20%.➟ Conducted Compliance testing for audit findings against numerous security documents that included ITSEC, HIPAA, FFIEC, etc.➟ Provided.

➟ Managed a 6-person Plan of Action & Milestones Team.➟ Performed Risk Analysis and Gap Analysis of each system.➟ Identified Network vulnerabilities within a TCP/IP environment and implemented mitigation tasks.➟ Audited Security documents related to each system to identify areas of non-compliance, which included SSP, RA, COOP, DR Plans, CP Plans, ISA.

C&A, ICR, ISA audit & Compliance focus

➟ Served as admin for multiple websites; enforced network security protocols for each site to ensure data integrity.➟ Managed multiple projects from start to finish.

Charlotte, NC, US

➟ Contributed as a member of the nationwide Implementation and Integration Team sent to California for the computer system integration project.➟ Recognized as the technical expert in switch-over management; improved switch-over training by 25%.

Associate Of Applied Science, Computer Network Security

Education record

Bachelors, Computer Science