Eric Galis Email & Phone Number
Who is Eric Galis? Overview
A concise factual answer block for searchers comparing this professional profile.
Eric Galis is listed as Business Leader with a focus on Cybersecurity and IT Risk at Cengage Group, based in Quincy, Massachusetts, United States. AeroLeads shows a matched LinkedIn profile for Eric Galis.
Eric Galis previously worked as Chief Information Security Officer at Cengage Group and VP Compliance and Security at Cengage Group. Eric Galis holds Bs, Computer Science from University Of Massachusetts Amherst.
Email format at Cengage Group
This section adds company-level context without repeating Eric Galis's masked contact details.
Review company-level records connected to Eric Galis before choosing the right outreach path.
About Eric Galis
Security and risk leader driving Cybersecurity and Technology Risk Management at Cengage. Over 19 years of experience in Information Security and Risk & Compliance. I have an avid interest and focus on process improvement, security monitoring, data protection, and system and application security. I value coaching and development of team members and providing vision and guidance of direction.I've spent time at two other education software and publishing companies, also within the security function. My focus there was around the security of the products being delivered to our customers, as well as security incident and event management.I got my start in Information Security at PricewaterhouseCoopers, focusing on the Financial Services industry. My projects there started with audit support work for technical controls, penetration testing and web application assessments, and grew to implementation of security tools and processes as well as security strategy development.Specialties: Information Risk | Security Monitoring | Network security | Data Protection and Data Loss Prevention | UNIX | Linux | Forensic imaging | Forensic analysis | IT Risk and Regulations | IT Controls | IT Business Processes
Eric Galis's current company
Company context helps verify the profile and gives searchers a useful next step.
Eric Galis work experience
A career timeline built from the work history available for this profile.
Vp Compliance And Security
CurrentLeading the security and compliance function through digital transformation, including a team of 10 practitioners in three main areas: infrastructure security and security operations; application security; and governance, risk, and compliance. We manage risk; design, implement, and operate security programs; and assess the security of our environment.
Advisory Council Member
CurrentAs an Advisory Council member I advise on the topics of interest to CISOs. This drives the topics for each series of in-person and virtual events that are held at chapters across the country, bringing security leaders together to discuss their challenges in a collaborative and safe group.
Vice Chair
CurrentBostonCISO is the preeminent peer leadership network of New England chief information security officers. Our membership is comprised exclusively of CISOs (or equivalent executive roles) from public and private companies, government, education, healthcare and nonprofit organizations.Our mission is to build a strong, professional community among New England's information technology leaders, by providing a forum to share ideas, best practices and experiences relevant to CISOs.As Vice Chair I work hand-in-hand with out Chair to develop the programing, content, and network that will most benefit our members, ensuring we continue to drive value and differentiation from other CISO networks.
Industry Advisory Council Member, Cybersecurity
CurrentBenjamin Franklin Cummings Institute of Technology, commonly known as Franklin Cummings Tech, empowers students to achieve their career goals and attain economic advancement through accessible, flexible, and hands-on technical and trade education. We deliver 21st-century education built on history dating back to a 1790 bequest from Benjamin Franklin to the City of Boston to invest in trade education and entrepreneurship.The Industry Advisory Council for Cybersecurity strives to maintain alignment between the curriculum developed and delivered by the Institution with needs of cybersecurity teams operating at companies and within the public sector. As a member I leverage my years of experience leading high-functioning cybersecurity and IT Risk Management teams to ensure graduates are ready to contribute and further our industry.
Security Committee
CurrentAs a member of the 1EdTech Security Committee, I am responsible for addressing the security concerns for all 1EdTech standards. This includes: - Reviewing the 1EdTech Security Framework - Identifying and raising security concerns that affect all 1EdTech standards - Reviewing and approving other standards, such as the Open Badges Specification
Director Of Security Programs
Led the strategic portion of our security function, focusing on developing and deploying effective security programs. Directly responsible for 2 application security analysts and indirectly lead activities of up to 10 people at a time through influence and project work.- Made risk posture transparent and measurable by building a complete risk management process.- Reduced vulnerabilities in the environment through a structured vulnerability management process, including scheduled scans covering over 90% of our environment and active remediation.- Matured application security program by establishing standard security assessment processes including static code analysis integrated into the continuous integration pipeline. Led application security team of 2 individuals.- Increased speed of detection and response to security events through the implementation of LogRhythm SIEM; led vendor evaluation, process documentation, use case definition, installation, and configuration.- Reduced phishing rates and other human-focused incidents with a security awareness program that included monthly awareness meet-ups, intranet site, short technical videos, phishing exercises, and an October security “jamboree”.- Increased clarity of security requirements through review and rewrite of security policies.- Provided security oversight to the implementation of advanced protections for email.- Created and oversaw the execution of an application security risk assessment questionnaire for Tier 1 applications.- Indirectly led the activities of two security analysts to execute the programs outlined above, resulting in increased output from both individuals.- Acted as a liaison to business partners on security concerns, including use of external tools.
Director Of Security Engineering
During a time of great organizational change, grew from Security Analyst to Director in 4 years. I was recognized for my ability to build effective teams: As director, I built and led a team responsible for delivering security engineering services globally in a newly-matrixed organization; As manager I rebuilt a team of six after the departure of the previous leader.- Led a team responsible for delivering security engineering services globally.- Recruited a team of 7 individuals tasked with designing the security engineering function, processes, and artifacts from the ground up.- Responsible for identifying and documenting the coverage, maturity, and efficacy of current security controls.- Built business case and rationale for investment for all security control improvement investments.- Drove the requirements gathering, proof of concept, business case development, and funding request for four simultaneous security projects.- Acted as business owner of the implementation of CyberArk for privileged user management to control shared accounts.- Delivered a Certificate Management Service that reduced cost as well as risk of outage or compromise.- Defined global security investment roadmap, including aligning priorities with risk.- Identified and created security standards to align with policy, regulations, and risks.- As Product Owner for employee-facing identity and access application, provided guidance on strategy and oversaw feature design and prioritization.
Manager Of Information Security
Rebuilt and led team of 6 individuals responsible for the confidentiality, integrity, and availability of web-based applications serving over 5 million customers in higher education and K-12.Coached team through large, corporate wide transition, aligning them with the proper areas in the new organization to maximize their contribution and retention.Served as interim Director of Information Security for the same business unit for 6 months, reporting to upper management on risks, project statuses, and incidents, as well as defining security budget.Decreased average vulnerability time to close by increasing visibility of open vulnerabilities within products.Decreased the denial of service recovery time for critical applications from hours to under 15 minutes without additional expenditure.Led the implementation and operationalization of a security event and incident management system, which helped the team identify and respond to multiple security events.Led a project to drive a backlog of over 1,500 security vulnerabilities to closure.Helped architect security for an internally developed cloud deployment and automation platform.
Information Security Senior Analyst
Updated and communicated key information security policies and guidelines, including patch management, vulnerability management, and secure system build.Directed, oversaw, and reviewed the work of a Junior Information Security Analyst.Acted as security consultant for architectural design including cloud and DevOps, identifying and addressing security concerns and risks in the design.Active member of IT engineering group responsible for automation of system and build deployments, performing system reviews, build reviews, and providing guidance on securing automation processes.Oversaw external third-party assessments.Responded to over ten different security and availability incidents, providing forensic review and security guidance for re-establishing service.Performed operational duties including reviewing security alerts, firewall rule change review, and system reviews.
Manager
Consultant with experience in IT security, data loss prevention, risk and compliance, and IT strategy.
Assistant Network Administrator
UNIX Scripting, Solaris administration, grid computing and grid FS research and deployment.
Assistant Multimedia Designer/ Consultant
Designed website for Engineering News.In charge of general web upkeep.Successful troubleshooting of PC and Mac problems.
Eric Galis education
-
University Of Massachusetts Amherst
Frequently asked questions about Eric Galis
Quick answers generated from the profile data available on this page.
What company does Eric Galis work for?
Eric Galis works for Cengage Group.
What is Eric Galis's role at Cengage Group?
Eric Galis is listed as Business Leader with a focus on Cybersecurity and IT Risk at Cengage Group.
Where is Eric Galis based?
Eric Galis is based in Quincy, Massachusetts, United States while working with Cengage Group.
What companies has Eric Galis worked for?
Eric Galis has worked for Cengage Group, Ciso Executive Network, Bostonciso, Franklin Cummings Tech, and 1Edtech (Formerly Ims Global).
How can I contact Eric Galis?
You can use AeroLeads to view verified contact signals for Eric Galis at Cengage Group, including work email, phone, and LinkedIn data when available.
What schools did Eric Galis attend?
Eric Galis holds Bs, Computer Science from University Of Massachusetts Amherst.
Search by job title, company, industry, location, and seniority. Export verified B2B contact data when you need it.
Start free trial