Doug English Email and Phone Number
As the Chief Information Security Officer (CISO) at Compass, I have over 25 years of experience building and leading diverse teams to transform Security and IT programs across various regulated industries, including healthcare, biotechnology, hospitality, and real estate. I have managed teams of 35+ people and budgets of $50M. Additionally, I hold a CISSP certification and a Bachelor of Science in Business Information Systems from the University of North Carolina at Wilmington.As Compass' CISO, I am the strategic leader safeguarding our industry-leading real estate platform and the sensitive data of our agents and clients. I spearhead the development and execution of a comprehensive security strategy encompassing architecture, engineering, operations, and governance. I focus on proactively mitigating threats, ensuring regulatory compliance, and fostering a culture of security awareness across the organization.During my previous role leading Information Security & IT at Sonder, I spearheaded the development and implementation of the company's initial information security program. This led to a significant 70% reduction in cyber risk and ensured SOX ITGC compliance, instrumental in Sonder's successful entry into the public markets in 2022. I also achieved a 30% reduction in security incidents and a 15% improvement in system availability by prioritizing risk mitigation and implementing DevSecOps practices and tools.My mission is deeply rooted in enabling business growth and innovation. I am committed to building a robust and resilient security posture that aligns with the company's objectives and embodies its core values. I thrive in collaborative environments, working closely with cross-functional teams, stakeholders, and customers to deliver security solutions that enhance trust, compliance, and customer satisfaction. My proven track record includes leading, recruiting, and developing high-performing security teams that secure cloud infrastructure and platforms, design efficient security operations, implement effective risk management programs, and leverage security frameworks such as ISO, NIST, CIS, and CSA.
Compass
View- Website:
- mandyanddavid.com
- Employees:
- 201
-
Chief Information Security OfficerCompass Apr 2024 - PresentNew York, Ny, Us
-
Head Of Information Security & ItSonder Inc. Sep 2019 - Mar 2024San Francisco, California, Us-- Orchestrated the build-out and modernization of a 20+ member IT/Security organization, delivering a comprehensive strategy, security architecture, business systems, security operations, and governance programs to meet objectives.-- Pioneered and executed Sonder’s first information security strategy, reducing cyber risk by an impressive 70% and ensuring SOX ITGC compliance, which increased investor confidence, leading to Sonder’s IPO through a SPAC in 2022.-- Engineered security architecture for a rapidly growing business, focusing on Identity and Access Management, Cloud Infrastructure, SaaS Management, and DevOps Platforms while implementing threat modeling and vulnerability assessments to reduce Sonder’s attack surface by 30%.-- Standardized and scaled Sonder’s guest-building network infrastructure across 20 global markets and 275+ properties to provide robust and secure guest wireless network access at hotel properties. -
PrincipalSecuremaven Oct 2018 - Aug 2019-- Security consulting and vCISO services for early-stage companies, non-profits, and educational institutions. -
Director, Cyber Security Risk Management & GovernanceSplunk Jan 2018 - May 2019San Francisco, California, Us-- Directed a high-performing team of 15 security professionals, leading global cyber risk management, Splunk Cloud compliance, customer trust programs, and 3rd-party risk to achieve an impressive 20% reduction in cyber threats and risk across the organization.-- Applied a risk-based approach to security controls, processes, people, and technology, empowering business stakeholders to make informed risk decisions to align risk appetite with business priorities, resulting in a 38% reduction in cyber risk.-- Identified, responded to, and remediated cyber security and compliance risks related to the supply chain, vendors, third parties, M&A targets, and customers to maintain optimized risk tolerance levels for Splunk Cloud. -
Corporate Systems Compliance & It Security OfficerPra Health Sciences Jul 2015 - Dec 2017Raleigh, North Carolina, Us-- Led and accelerated global IT security programs focused on identifying threats, including implementing an MSSP to mature security operations, resulting in a 44% reduction in enterprise risk and improved incident response times.-- Designed and implemented a unified IT controls framework covering Sarbanes-Oxley (SOX), SOC2, NIST CSF, GDPR, ISO 27001, and HIPAA/HITRUST, leading to year one SOX compliance after PRA went public in November 2014.-- Delivered an Identity and Access Management (IAM) solution; Governance, Risk, and Compliance (GRC) platform; and threat and vulnerability management solutions to remediate 85% of identified critical risks and SOX ITGC gaps. -
Global Information Security OfficerBiomerieux Jan 2013 - May 2015Marcy-L'Étoile, Auvergne-Rhône-Alpes, Fr-- Directed global security programs overseeing risk management, compliance, security engineering, architecture, and incident management for 9,000+ employees at 100+ sites across 45 countries, resulting in a 25% reduction in IT risk through the utilization of cyber risk management and an MSSP Security Operations Center (SOC).-- Designed comprehensive security metrics enabling C-level management to track the effectiveness of security controls, security operations, asset management, and business continuity through 4 targeted dashboards.-- Developed 100% security policy coverage for employees and partners across business applications, infrastructure, and R&D while integrating concepts such as cloud, SaaS, social, BYOD, and managed services to reduce enterprise cyber risk. -
Manager, Global Network Services & Na Service DeskBiomerieux Sep 2008 - Jan 2013Marcy-L'Étoile, Auvergne-Rhône-Alpes, Fr-- Maintained operation and integrity of LAN, WAN, security, Internet, voice, video, and collaboration technologies across 45 countries and 100+ global sites. Owned and administered a budget of 7.5M€ ($10M).-- Network/Voice/Video Architecture: Transformed architecture and systems across 85 locations resulting in 28% savings.-- IT Outsourcing Management: Sourced and implemented transformation for IT infrastructure and support operations.-- Service Desk Operations: Incorporated a new ITIL-based service desk and call center to support 1,800 users and nine North American sites, improving incident and service request resolution times by 50%.
-
Director Of Information TechnologyLexisnexis May 2004 - Sep 2008New York City, Ny, Us-- Security Governance: Served as Divisional Corporate Security Officer responsible for risk management, security controls, policy, and compliance programs. -- Revamped IT strategy and operations for the LexisNexis Practice Management business unit, saving 20% across IT costs.-- Managed IT Security M&A activity through two acquisitions that delivered unified and secure business applications for LexisNexis. -
Manager, Information Technology (Time Matters)Lexisnexis Jun 2001 - May 2004New York City, Ny, Us-- Developed a reliable, robust data center environment for revenue-generating hosting of the LexisNexis/Time Matters Java application portfolio.-- Designed and audited IT security and disaster recovery plans to ensure business continuity and secure client systems and data.
-
Network Manager / Sr. Network EngineerLevel 8 Systems Feb 1999 - Jun 2001Us-- Led a team of network engineers to establish LAN/WAN connectivity including routers, switches, firewalls, network circuits, exchange servers, and network infrastructure servers (DHCP, DNS, WINS, and NT Domain Controllers).-- Acquisitions: Served as Cross-Functional Team lead for the IT Operations group, assessing new acquisitions and integrating the systems/networks into the corporate network and security model. -
Systems AdministratorUnitedhealth Group / Insite Clinical Trials 1998 - 1999Us-- Designed security policies, working practices, and SOPs to comply with FDA regulations for IT systems managing patient data.-- Network Administration: Managed corporate systems including servers, E-mail, desktops, firewalls, and performance tools, maintaining high performance of critical systems.
Doug English Education Details
-
University Of North Carolina WilmingtonBusiness Information Systems -
(Isc)2It Security Certification
-
Duke University - The Fuqua School Of BusinessExecutive Education - Global Leadership Program
Frequently Asked Questions about Doug English
What company does Doug English work for?
Doug English works for Compass
What is Doug English's role at the current company?
Doug English's current role is CISO | Information Security & IT Executive | Modernizing Cybersecurity & IT.
What schools did Doug English attend?
Doug English attended University Of North Carolina Wilmington, (Isc)2, Duke University - The Fuqua School Of Business.
Who are Doug English's colleagues?
Doug English's colleagues are Andrew Ruberson, Heather Schreiber, Ramon J. P., Megan Moran, Chris Mills, Carolyn Levitan, Tony Floyd.
Free Chrome Extension
Find emails, phones & company data instantly
Aero Online
Your AI prospecting assistant
Select data to include:
0 records × $0.02 per record
Download 750 million emails and 100 million phone numbers
Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.
Start your free trial