Jacob Carroll (Mba, Cissp, Cisa, Cipp-Us, Cdpse) Email & Phone Number

San Diego, CA, US

United States

Providing technical and programmatic IT Risk Management services through contracting with clients to assist in achieving of their roadmap priorities. Broad vCISO role responsibilities include the development of Governance, Risk and Compliance (GRC) programs and the performance of risk assessment activities across cybersecurity, audit and data privacy.

Greater Minneapolis-St. Paul Area

Bridging Tenants, LLC is a premier investor of residential real estate, located in Minneapolis, MN. Our distinguished services include: residential property investing, renovations and remodeling, and full-service property management.

Greater Minneapolis-St. Paul Area

Supported the integration efforts of Clearwater's acquired cybersecurity companies and managed the delivery of cybersecurity consulting services to numerous clients across the Healthcare sector. Directly responsible for client management and the execution of cybersecurity consulting engagements that included the development of internal risk management.

Greater Minneapolis-St. Paul Area

Co-founder of Backbone Consultants, a premier professional services firm specializing in cybersecurity, IT audit, and data privacy. Primary responsibilities included: business operations, services development, sales pipeline generation, consulting delivery, team member development, and customer outreach.Clients Included: Medtronic, Cargill, United Health.

Greater Minneapolis-St. Paul Area

Responsible for ushering in and promoting ISACA's initiatives related to Cybersecurity Nexus (CSX) education and certification paths.

Greater Minneapolis-St. Paul Area

• As an Information Protection Security Consultant it was my role to actively assist Target's various business lines in the secure onboarding of emerging technologies that would drive competitiveness. This position.
• Provided various security requirements and implemented supporting controls to negate potential security and privacy risks prior to the introduction of new technologies and or processes; Created and delivered formal.
• Provided business line leaders with various remediation recommendations to mitigate risk either through the introduction of additional security measures or through the modification of business process; and if unable.
• Supported the response to a company-wide data breach by performing remediation activities including the security review of point of sales systems and implementation of an application whitelisting solution to tightly.

Greater Minneapolis-St. Paul Area

• As an Information Security Specialist Sr. my role at U.S. Bank included the implementation of a new corporate-wide identity and access management IAM/IDM platform (Oracle). My role in this initiative was to redevelop.
• Performed ongoing quality assurance reviews to ensure the accuracy of role-based access control (RBAC) provisioning.
• Compiled the initial population of high-risk applications to be onboarded to the new user provisioning platform, brought new applications into scope quarterly based upon critical assurances: SOX, GLBA, PCI and BASEL.
• Facilitated the first company-wide user access review process for established application RBAC assignments and assisted in the remediation of unauthorized user access across various technologies.
• Identified segregation of duties conflicts and evaluated existing controls and proposed new ways to further mitigate risks to the business.
• Managed a 12 person user testing group to analyze the functionality of the new provisioning platform by evaluating test case results, documented and reported defects and functionality flaws to program leaders.

Greater Minneapolis-St. Paul Area

• As a Sr. Information Risk Analyst, it was my role to conduct detailed ITGCC walkthroughs and security testing for various technology environments across multiple lines of business at U.S. Bank. My primary role.
• Tracked control gap analysis and delivered recommendations to the business line in order to remediate any identified security and compliance risks within the Archer GRC platform.
• Documented business processes surrounding access management and the processing of customer sensitive information (PII).
• Established metrics for monthly business reporting in order to perform trend analysis for strategic decision-making associated with risk remediation efforts.

Greater Minneapolis-St. Paul Area

• As an Experienced IT Auditor, my role consisted of completing detailed information technology audits for various technology platforms across multiple lines of business at U.S. Bank. Additional audit testing included.
• Executed detailed audit plans for critical IT systems and business processes in support of SOX, SOC1 / SOC2 and PCI compliance audits; captured results within the TeamMate audit platform.
• Independently executed technology audits for critical infrastructure, performed client follow-up and drafted formal engagement reports to communicate the results of testing internal control designs and operating.

Greater Minneapolis-St. Paul Area

• As an Enterprise Risk Services Consultant, it was my primary role to complete independent audits for SOX/ITGCC, SAS70, and Special Purpose audits. My daily job responsibilities included:
• Established an in-depth understand of the processes surrounding key business functions by conducting detailed interviews with process owners.
• Performed detailed tests of general computing control environment (ITGCC) to determine adequacy of control design and the operating effectiveness of client controls.

Master Of Business Administration (Mba), Business Administration And Management, General

Bachelor'S Of Business Administration, Management Information Systems, General

Activities and Societies: Beta Upsilon Sigma, College of Business - Leadership Institute Coordinator