Evelyn T. Email and Phone Number

Global Audit & Assurance Business Information Security Officer | Opinions are my own at @ Deloitte

Evelyn T.'s Location

New York, New York, United States, United States

About Evelyn T.

Evelyn is an accomplished information security executive with over 15 years of experience. Her focus is on delivering technology solutions that meet business needs within a progressively complex environment where the demand for instantly accessible information must be balanced against increased regulatory requirements and sophisticated threat actors. Based in New York City, her office is responsible for information security for Deloitte's Audit & Assurance business.Prior to Deloitte, she worked as PwC International Limited's Application Security Strategy and Consulting lead.She was involved in a number of information security projects as a Security Advisor and Assurance Security Architect. Moreover, during these projects she served as the principal security consultant on the architecture and redeployment of a Public Key Infrastructure serving over 200,000 users and 400,000 end entities in a multi-national organization. Ms. Thompson was responsible for providing guidance and consultation to assurance business application development, integrating security requirements into product specifications, approving feature specifications, and responding to requests for information regarding assurance application security. She holds BA in Political Science from Eckerd College and MS in Information Assurance from Norwich University. She is Certified Secure Software Lifecycle Professional (CSSLP), Certified Information Systems Security Professional (CISSP), and Information Systems Security Management Professional (ISSMP).

Evelyn T.'s Current Company Details

Deloitte

View

Global Audit & Assurance Business Information Security Officer | Opinions are my own

Evelyn T. Work Experience Details

Global Audit & Assurance Business Information Security Officer | Office Of The Ciso

Deloitte Oct 2016 - Present

Worldwide, Oo

Responsible for the security of all Deloitte Audit business applications. Develop and operate the information security and assurance processes protecting the confidentiality, integrity, and availability of Audit client data and systems. Define, document, and drive accountability for the suitability and effectiveness of Audit application security controls.

View
Application Security Strategy & Design Lead

Pwc Oct 2015 - Oct 2016

Gb

Direct oversight of the PwC application security vision, mission, and strategy; maturity roadmap, operating model, and budget. Spearheaded the development and management of the global application security transformation program. Lead a team of security architects charged with maintaining baseline security requirements and consulting with development organizations across 70 member firms. Collaborate with the Head of Application Security on service delivery and technology impact to strategy. • Developed and provisioned code review, penetration testing, and secure design capabilities using HP Fortify on Demand and insourced staff in cost-effective delivery locales. • Developed organization structure for 20 staff and 15 offshore headcount, with a $10+ million budget over three years. • Developed and implement the process to discover, monitor, and manage estate of over 100,000 externally-facing IP addresses, 2000 domain names, and associated DNS services.

View
Information Security Services Team Lead

Pwc Apr 2013 - Sep 2015

Gb

Coach, mentor, and manage staff responsible for all global application security penetration testing. This high performing team tests applications, designs compensating controls, evaluates business cases for risk acceptance, and reports on the security posture of business applications. Design, execute, and manage the financial performance of processes in support of global information security objectives.• Developed operating model to deliver security operations capabilities globally with a shared services model. Researched and analyzed experiences and contract structure in US and European member firms. Using in-person and remote collaboration, gained consensus on operations concept with US, UK, DE, and HK member firm CISOs.• Identified critical risks in Public Key Infrastructure (PKI); external assessment identified over twenty significant deficiencies in people, process, and technology. Developed business case for remediation program and managed its execution over two years. The final external assessment found no material deficiencies and rated the design and effectiveness as "excellent".• Developed methodology for cloud supply chain assurance and assisted in implementation. Selected to present methodology at 2013 Information Security Forum Annual Congress in Paris, France.

View
Security Advisor, Assurance Business Applications

Pwc Aug 2011 - Apr 2013

Gb

Security architect for Assurance line of service business applications. Provide development teams with policy and standard guidance, analyze development backlog for security impact, and review code in advance of formal security testing. Identify improvement opportunities, lead technical reviews of application design and infrastructure configuration to ensure compliance with policy. Provide security guidance to IT transformation programs. • Championed change in organization culture, to place technical risk within a business context. This resulted in greater risk owner and executive involvement in application security and began the change in priority from policy compliance to risk management.• Consolidated infrastructure security, architecture, code review, and penetration testing processes into a single orchestrated process. This significantly reduced the review duration, resulting in: up to 30% greater efficiency, allowing an increase in application review volume without increasing headcount and significant improvement in customer satisfaction.• Developed and implemented objective methodology for rating vulnerabilities resulting from complex business logic flaws. Virtually eliminated risk owner escalations to security leadership to debate criticality ratings.

View
Vice President Of Operations

Jacobson Window Company Dec 2007 - Jun 2011

Manage a staff of 9 direct and an additional 16 indirect reports. Responsible for operations across inside sales, major accounts, manufacturing, procurement, logistics, and HR.• Automated inventory and procurement processes, reducing raw material inventory by 15%.• Performed cost and process analysis; eliminated four management headcount.• Outsourced Controller/CFO function.• With external assistance, evaluated prior years’ tax reporting and payments; file amended corporate tax returns realizing significant historical and future savings.• Developed exit strategy and liquidation plan; met all customer obligations, protected shareholder equity, and minimized tax obligation.
Director Of Information Technology

Jacobson Window Company Oct 2005 - Dec 2007

Transform the technology of window and door manufacturer. Implement and manage: TCP/IP network, client-server environment, multi-site VPN, end-user VPN, IP-based telecom / unified communications. Develop, procure, and maintain: customer relationship management (CRM) software, order entry/billing software, and raw material management / forecasting software.• Provided mobile workforce with tools to quote, record customer acceptance, and place orders on the job site, resulting in 25% increase in sales calls.• Reduced telecom expense by 35% by leasing hardware, consolidating and eliminating redundant services, and implementing integrated voice and data technology.
Web Application / Database Developer

Contract Jun 2001 - Dec 2005

Provide turnkey web application design, development, and operations expertise to small and medium enterprises. Conduct user interface analyses, optimization, and acceptance testing. Manage full SDLC for clients in Federal/DoD, higher education, and licensed professions.

View
Programmer / Analyst

Nortel Networks Nov 1998 - May 2001

Ca

Subject matter expert for Nortel Networks field services business applications. Analyze application inventory, functions, and usage against required business capabilities. Consolidate or decommission redundant / low-value applications, identify region-specific applications suitable for global usage.In support of global wireless field services, manage full SDLC of web applications utilizing ASP, Visual Basic, VBScript, ADO, JavaScript, and T-SQL. Collect and maintain requirements, write feature specifications, troubleshoot logic flaws, and supervise documentation.• Perform project reboot, integrate multiple adversarial development teams, and combine development backlog for two business applications.• Implement Agile/XP development methodology to streamline feature deployment and user acceptance in a diverse and non-technical workforce.• Realized over 80% reduction in data entry following the transition of paper-based management activities to a web-based system.

View

Evelyn T. Education Details

Norwich University

Information Assurance
Eckerd College

Political Science

Frequently Asked Questions about Evelyn T.

What company does Evelyn T. work for?

Evelyn T. works for Deloitte

What is Evelyn T.'s role at the current company?

Evelyn T.'s current role is Global Audit & Assurance Business Information Security Officer | Opinions are my own.

What schools did Evelyn T. attend?

Evelyn T. attended Norwich University, Eckerd College.

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles

Get direct phone numbers & mobile contacts

Access company data & employee information

Works directly on LinkedIn - no copy/paste needed

Get Chrome Extension - Free

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.