Daniel Galligan Email & Phone Number

New York, NY, US

Paris, FR

Oversight of PCI compliance program, security awareness initiatives, crisis management process, and data protection initiatives across the Americas Zone.

Paris, FR

• Implementation and oversight of information security program across L'Oréal USA, representing $7.5 billion in revenue at the L'Oréal Group.Local implementation and oversight of information security program across.
• Revised and implemented enhanced security policies and improved processes.
• Involved in development and implementation of security awareness campaigns.
• Security oversight for key legacy move-to-cloud initiatives.

Paris, FR

• Monitoring and assessing information security risk across digital initiatives, inclusive of digital marketing, e-commerce, and social media channels for a Global 500 CPG entity and the world leader in the beauty and.
• Successfully reduced overall risk through adoption of security technology and process improvements, including implementation of credit card payment tokenization across all e-commerce sites, encryption and anonymization.
• Security design and review of high profile initiatives including CRM big data transformation, AWS cloud data center implementation for B2B and B2C, customer care center engagement platform, loyalty implementation, and.
• Full digital stack security oversight, including over 20 e-commerce sites, 200+ e-marketing properties, social media, advertising technology, CRM, mobile, and retail. Key platforms include Demandware, Amazon Web.
• Performed information risk assessments of new initiatives and vendor relationships impacting digital channels. Provided RFP support for strategic initiatives and routinely presented findings to senior management..
• Ongoing review of changes to e-commerce and oversight of vulnerability remediation.

Paris, FR

Paris, FR

Paris, FR

New York, NY, US

• Lead senior auditor responsible for day to day management of audit and consulting engagements and oversight of local and international staff on 10-15 concurrent engagements during peak busy seasons for fiscal years.
• Performed internal audits of controls surrounding financial processing for a health information services provider, of an outsourced mainframe environment of a hospitality company, and of change management processes for.
• Performed review of processes and controls in place over the quality and integrity of clinical trial data for a major international pharmaceutical company.
• Performed information assurance assessment (based on ISO 27002) of an independent medical review organization on behalf of a major international retailer.
• Performed IT and application controls testing for a large medical device manufacturer in a complex, decentralized IT environment including JD Edwards, PeopleSoft, and MFG Pro.
• Performed a review of security controls surrounding a complex Active Directory environment at a Fortune 50 PBM, including ArcSight SEIM configuration.

St. Louis, MO, US

• (Medco Health Solutions, Inc. - merged with Express Scripts in 2012)Oversight and management of a vendor security and compliance program for a Fortune 50 pharmacy benefit manager in support of security risk mitigation.
• Collaborated with senior stakeholders (including Global Security, Compliance & Ethics, Strategic Sourcing, and Internal Audit) in developing vendor risk management lifecycle.
• Performed assessments of security controls for the applications, infrastructure, and facilities supporting critical business functions for business partners and vendors.
• Communicated findings for vendors to security and compliance management.
• Identified issues in vendor risk and compliance and advised management in the implementation of preventative and compensating controls and processes.
• Reviewed business continuity and disaster recovery posture of vendors.Consultant via Interactive Solutions, LLC (now IS Partners, LLC), Horsham, PA

US

• Consultant in the Enterprise Risk Management practice of SMART with a focus on assisting clients by performing IT audit services in support of Sarbanes-Oxley compliance and SAS 70 attestation projects. Client.
• Developed documentation of controls and processes surrounding clients’ IT environments in accordance with industry standards including COBIT.
• Tested design and operating effectiveness of IT General Controls to ensure compliance with Sarbanes-Oxley and in support of SAS 70 attestations.
• Tested design of IT controls in support of financial audit of a claims services provider.
• Audited diverse IT environments including MAS 500, AS/400, Active Directory, Microsoft Dynamics/Great Plains, Windows Server, SQL Server, and Oracle instances.
• Advised clients on improvements to controls environment and operations.

Walldorf, BW, DE

Developed database for US risk managers housing SAP projects and associated risk management activities. Maintained data and reported using internal SAP Operational Risk Management tool. Maintained US Risk Management presence on internal corporate portal. Assisted in ad-hoc reporting for compliance and in support of internal controls. Compiled quarterly and.

Philadelphia, PA, US

Supported and repaired student and faculty computers. Maintained computer labs. Assessed security issues and implemented repairs. Assisted in management of helpdesk.

Bachelor Of Science, Decision & System Sciences

Education record