Esteban Brown Email and Phone Number

Promoted to Director of Information Security, supervising up to 30 Full-Time Employees (FTEs) and leading staff hiring, training, development, and performance management. Holds full CAPEX and OPEX budget responsibility. Accountable for managing day-to-day global IT operations spanning all the Americas, EMEA, and ASIA PAC.

Promoted to Manager of Information Security and Compliance to supervise up to 20 employees and contractors. Embraced the role as a hands-on cybersecurity manager, driving the complex configuration and deployment of sophisticated security technologies, including creating MITRE ATTACK framework use cases.

As Senior Information Security Program Leader, provided daily direction, guidance, and support to the Identity Access Management Team (IAM). Obtained ISACA membership under Tennessee's chapter for SmileDirectClub, supporting IT governance, risk management, and audit functions.

Hired as Senior Information Security Engineer as the first information security team member. Assisted leadership with hiring and getting the team fully staffed. Served as a solutions architect to design and implement all network security solutions. Earned an exceptional performance review for significant IT security improvements.

Ascended through the ranks, garnering several promotions and expanding leadership responsibilities. As Senior Information Security Compliance Specialist, directed the development, execution, and maintenance of compliance programs, maintaining conformity to industry standards, regulations, and best practices.➣ Orchestrated the deployment of the Keylight Lockpath eGRC Tool, configuring modules such as policy management, IT risk management, vendor risk management, business continuity, and audit management using the Dynamic Content Framework (DCF). The GRC tool delivers specialized reporting with scalability and enhanced security features and automatically integrates data, power workflows, and assessments. ➣ Pioneered a Global Technology Framework called “Keystone,” adopting a NIST CSF for the organization, and establishing an Enterprise Cybersecurity Framework. ➣ Played a pivotal role in the organization's dedication to information security and regulatory compliance.➣ Drove the creation of a global enterprise Governance, Risk, and Compliance (GRC) program, overseeing compliance with multiple mandates, including JSOX, PCI, GDPR, and HIPAA.➣ Led the annual testing and filing of the PCI DSS Report of Compliance for Bridgestone’s CFNA bank.

As a Senior Information Security Engineer, transitioned conventional firewalls to next-generation equivalents and adopted advanced malware protection solutions in the Americas region. Enhanced the global deployment of IT security solutions in the LATAM region by fostering elevated collaboration with regional IT teams. ➣ Winner of the Bridgestone Americas CEO Award for exceptional IT security improvements between in 2015.➣ Overcame language barriers and cultural differences, resulting in a 25% reduction in deployment delays.➣ Negotiated with multiple domestic VARs, resulting in a 38% reduction in LATAM's IT security budget.➣ Led cross-border IT security standardization projects, using language skills in English, Spanish, and Portuguese.➣ Completed the SANS Institute Intrusion Detection In-Depth and CISSP certification programs.

As Corporate IT Auditor, evaluated IT risk factors and identified vulnerabilities, ensuring compliance with industry standards and regulations. Led in-depth testing of IT controls to ensure operational effectiveness and address weaknesses. Relocated to the corporate office in Nashville, TN, on an L1A Executive Visa.➣ Boosted the completion of IT global audits by 32%, identifying risks and reducing weaknesses.➣ Prepared detailed audit documentation, including findings, recommendations, and supporting evidence.➣ Completed the MIS IT Audit School Program in Chicago, IL.

Hired as Senior Information Security Engineer as the first information security team member. Assisted leadership with hiring and getting the team fully staffed. Served as a solutions architect to design and implement all network security solutions. Earned an exceptional performance review for significant IT security improvements. ➣ Pioneered the development of SDC's Cybersecurity Program, addressing a critical gap in the organization.➣ Deployed security solutions within a year, utilizing a risk-based approach to enhance security posture.➣ Conducted comprehensive security and compliance assessments of on-premises and cloud network infrastructure. Identified gaps and remediated up to 60% of issues within 12 months.➣ Instituted foundational security policies, standards, and a robust security awareness program, laying the groundwork for a secure organizational environment.