Jason Hoffman's Location
Knoxville, Tennessee, United States, United States
Jason Hoffman's Contact Details
Jason Hoffman work email
- Valid
- Valid
- Valid
- Valid
- Valid
Jason Hoffman personal email
n/a
Jason Hoffman phone numbers
About Jason Hoffman
Jason is a technology, security, risk management and privacy leader with compelling record of success in mid-size and large complex global organizations in the cloud, financial, and healthcare industries. He is also a transformational leader in building relationships with business partners and striking balance between business needs and security requirements to maximize results, reduce risk, and resolve regulatory and compliance issues. Jason exhibits excellent interpersonal skills in communicating key information to customers, suppliers, and employees at all levels. Jason is a proven partner in effectively and efficiently developing innovative high quality solutions to resolve business issues and manage risk.When not working on security challenges, Jason focuses on family, cooking and travel. He has 12 countries under his belt and can't wait to add more. He loves learning through different modalities and continues to expand his knowledge base. Past speaking engagements:- Information Systems Audit and Control Association (ISACA)- Information Systems Security Association (ISSA)- DHS/SRI Infosec Technology Transition Council (ITTC)- Secure World- MyTechnologyLawyer Radio ShowArticles:http://www.csoonline.com/article/3049374/security/survey-with-all-eyes-on-security-talent-shortage-sends-salaries-sky-high.html
Jason Hoffman's Current Company Details
Visionary Strategies
Chief Information Security Officer (CISO) | Chief Security Officer (CSO) | Risk Management Leader | Cloud Security | SaaS | Cybersecurity | Compliance | Audit | CISM | CISA | CISSP
Jason Hoffman Work Experience Details
-
Chief Information Security Officer (Ciso)Visionary Strategies Jan 2021 - PresentDeliver the following advisory services for SaaS (Cloud), banking and healthcare clients:• Executive technology and security advisor for early-stage SaaS (Cloud) companies and non-profits.• CISO/CSO for companies requiring temporary or part-time security leadership.• Security and technical advisor to venture capital (VC) and value added reseller (VAR) firms.• Serve as information security subject matter expert for executive leadership.• Develop annual strategic plans and supporting project roadmaps.• Collaborate and coordinate with internal resources to execute the security plan.Perform assessments with clients in the following areas: • Information security strategy• Information security governance• Information security program development and management• Information security risk management
-
Vice President & Global Chief Information Security Officer (Ciso)Saba Software Jul 2016 - Dec 2020Dublin, California, UsResponsibilities included: cloud security architecture; customer engagement; security operations and monitoring; incident management and response; application and product security; quality management; audit and compliance; vendor management; and managing a global team in US, Canada and India.• Implemented go-to-market security and compliance intake process via Salesforce which enabled dashboard measurement of SLAs and highlighted 60% reduction in turnaround time for customer/sales requests.• Integrated global information security functions of two acquired companies within 6 months to eliminate redundancies, streamline responsibilities and improve efficiencies in delivery of information security services without impacting both business and cloud customers.• Delivered web-based security awareness training to all global employees, leveraging Saba’s LMS and achieved 95% compliance within 30 days.• Revamped application security program by implementing static and dynamic application testing as part of SDLC, leveraging different third-party penetration testing partners and delivering developer training that helped improve overall quality of security testing efforts via reduced repeat vulnerabilities.• Built out new global security operations team (SOC) in Canada and India within 6 months, that is responsible for expanding and optimizing the vulnerability management program, automating application security scanning, tuning global SIEM to reduce false positives and producing regular security metrics reports highlighting effectiveness of Saba’s security programs.• Consolidated three separate SOC 2 audit engagements with different audit periods into a single audit engagement with no findings and achieved the publication of three separate audit reports within 30 days of the end of the audit period with no exceptions.• Revamped quality management program to comply with 21 CFR Part 11 requirements within 6 months resulting in 100% customer audit satisfaction. -
Vice President & Chief Security Officer (Cso)Marketo Jan 2016 - Apr 2016San Jose, California, UsResponsibilities included: leading global information security, governance, application security, risk management, and compliance teams; partnering with cloud operations, IT, product engineering, HR, and legal to influence decision-making, reduce risk, and effect change; and effecting governance with senior management, audit committee, and board.• Completed enterprise security risk assessment based on NIST cybersecurity framework within four weeks to help shape security strategy and roadmap.• Launched vulnerability management program that resulted in 60% reduction of vulnerabilities in less than three months.• Expanded coverage of SSAE 16/SOC 2 audit to include AICPA Trust Services confidentiality and availability principles to provide additional assurances to customers while adding only a trivial number of new controls. -
![[24]7](https://cimg.aeroleads.com/ln/logos/bc/360383f9a2cd3d0e58a69435336deccb.jpg)
Vice President, Global Chief Information Security Officer (Ciso)[24]7 Sep 2013 - Dec 2015San Jose, California, UsResponsibilities included: leading global information security, application security, risk management, compliance, privacy, and internal audit teams; partnering with cloud operations, IT, product engineering, HR, and legal to influence decision-making, reduce risk and effect change; effecting governance with senior management, audit committee and board; managing call center fraud; and interface with global Fortune 500 enterprises before and after they become a client.• Reorganized separate teams under single organization to eliminate redundancies, streamline responsibilities and improve efficiencies in delivery of services.• Established dedicated budget and cost center for information security and justified augmentation of staff from 13 to 26 in 15 months, to address and effectively manage newly identified security risks.• Increased effectiveness of security governance through continuous communication and guidance via newly created cross functional security risk council.• Completed 92% more internal audits within 12 months of taking over function compared with audits in previous year with same number of headcount.• Developed application security dashboard that resulted in more senior management visibility and reduction of security related vulnerabilities, additional budget for third-party penetration tests, and stronger commitment to application security as part of SDLC. -
Head Of Group Security, Global Chief Information Security Officer (Ciso)Autonomy (Now Hp) Mar 2010 - Sep 2013Cambridge, Cambridgeshire, GbResponsibilities included: leading Autonomy’s internal security program (physical, logical, and product); leading compliance program; interfacing with global enterprises before and after they become a customer; partnering with cloud operations, IT, networking, engineering, HR, and legal to influence decision-making, reducing risk and effecting change; reviewing RFPs; and negotiating customer agreements.• Rebuilt neglected security program in nine months and developed cohesive security strategy resulting in unqualified SAS 70 Type 2 audit opinion with no exceptions.• Improved identity access management system through several innovative recommendations achieving over 3,000 hours of productivity improvement in first year.• Streamlined customer assessment process improving efficiency of completion time by 33%.• Implemented vulnerability management solution which provided immediate visibility of security vulnerabilities and achieved corrective action for 100% of the identified external vulnerabilities within four months.• Refined and aligned security policies and standards with ISO 27001 and PCI to facilitate more efficient audits and ensure compliance with best practices. -
Vice President, TechnologySecurity Innovation Network (Sinet) May 2009 - Mar 2010Jackson, Wy, UsResponsibilities included providing technical strategic direction, web site content delivery, social media management, and conference support. -
Director Of Security Risk ManagementKaiser Permanente Feb 2007 - May 2009Oakland, California, UsResponsibilities included development and delivery of Kaiser’s Enterprise Information Security Risk Management Program and managing Kaiser's enterprise-wide awareness and training programs related to information security.Promoted to drive the development, implementation and maintenance of an effective enterprise risk management program; established enterprise-wide security/risk awareness and training programs related to information security; key leader in identifying opportunities to integrate risk management principles into the information security strategy which included policy and standards framework and compliance related activities; provided thought leadership to executive management and business leaders throughout the company, as well as to security vendors and peers throughout the healthcare industry and security profession.• Established foundation for a sustainable risk management program by developing and publishing the first security risk management strategy and roadmap, security risk management framework, security risk management standard and security risk assessment methodology.• Created a culture of risk awareness by developing and delivering a professional web-based training course to executives, project managers and supervisors on the principles of risk management.• Assessed HIPAA security risk for all eight regions in less than six months, saving over $200,000.• Developed and delivered web based security/risk awareness training content to over 60,000 employees in one year. -
Vice President & Chief Information Security Officer (Ciso)Greater Bay Bank (Now Wells Fargo Bank) Apr 2004 - Oct 2006UsResponsibilities focused on the overall coordination, management and oversight of all security activities within the Bank.Led all security activities within the Bank; developed, recommended, implemented and enforced enterprise-wide security policies, standards, guidelines and procedures including Sarbanes Oxley (SOX) compliance; managed Bank’s security program by providing leadership to the security team and influencing lines of business; identified, evaluated, procured and deployed new technologies to reduce risk and improve effectiveness of security; led the development and implementation of incident response process, electronic investigations and risk assessments. • Established first dedicated budget and cost center for information security and justified augmentation of security staff in order to address newly identified security risks.• Increased effectiveness of security awareness through continuous communication and guidance via newly created security council in order to partner with all business units.• Developed comprehensive security risk assessment to address regulatory compliance, best practices and emerging threats which resulted in the approval of several capital projects to deploy needed security solutions.• Implemented vulnerability management solution which provided immediate visibility of existing security vulnerabilities and achieved corrective action for over 50% of the identified vulnerabilities within six months.• Deployed Internet content filtering and monitoring solution which resulted in increased employee productivity and security, and decreased potential risk and liability (100% of web sites violating company policy were blocked). -
Information Security OfficerVerisign, Inc. Oct 1999 - Feb 2004Reston, Virginia (Va), UsManaged department of highly skilled professionals responsible for all disciplines of security including audit, information, network, physical and personnel security audit; drove policy, audit and assessment programs; created and enhanced various corporate security and privacy policies, standards, guidelines, procedures and best practices based on various industry security, audit and privacy standards including but not limited to ISO 17799, WebTrust, SysTrust, PCI-DSS, HIPAA, SOX, Gramm-Leach-Bliley Act (GLBA) and California Privacy SB 1386; simultaneously managed and coordinated multiple SAS 70, WebTrust, SysTrust, PCI and ISO 17799 audits, and assisted with SOX audit; led presentations to customers, media, investors and politicians describing the company’s security practices; regularly assessed and remediated security risks in the software development lifecycle (SDLC) and quarterly disaster recovery (DR) exercises; designed, implemented and maintained 24/7 management of security that mitigated threats to personnel, property and information of the main campus and remote offices.• Instrumental in VeriSign receiving unqualified SAS70 Type II audit opinion and WebTrust Seal for five successive years and SunTone Certification, demonstrating to VeriSign’s customers its commitment to security.• Designed and implemented all physical security elements of VeriSign’s new headquarters, world-class data center and several remote offices, including iris scan biometrics, digital DVRs and 24/7 guards.• Thwarted a career criminal which resulted in a felony conviction.• Managed the security implementation, build-out and facility security assessments of world-class data centers for VeriSign’s international affiliates in Rio de Janeiro, Berlin and Toronto to ensure adherence to VeriSign’s Security and Audit Requirements.• Completed RFP for new contract security force achieving an annual savings of $120,000. -
Security Risk AdvisorWells Fargo Bank Jun 1998 - Oct 1999San Francisco, California, UsResponsibilities included consulting with business units to identify and remediate security risks, analyze root causes of audit findings, support enterprise-wide business resumption program and develop companywide information security standards.With the goal of reducing risk, responsibilities included consulting with business units to identify and remediate security risks; analyzed root causes of audit findings, developed a plan of action and tracked findings to final resolution; supported enterprise-wide business continuity program (BCP); developed companywide information security standards.• Created and facilitated company-wide security risk assessment methodology and process, allowing management to self assess security risk for every application.• Developed and administered database application to track audit findings, management responses and final resolution, and provide automated reporting for senior management resulting in significant annual cost savings and improvement in productivity.• Designed and maintained departmental intranet web site promoting security and risk management company-wide.
Jason Hoffman Skills
Information Security
Security
Network Security
Information Security Management
Cloud Computing
Risk Management
Pci Dss
Business Continuity
Disaster Recovery
Governance
Saas
Computer Security
Strategy
Vendor Management
Security Audits
Security Policy Development
Vulnerability Management
Vulnerability Assessment
Project Management
Enterprise Risk Management
Information Technology
Leadership
Process Improvement
Iso 27001
Sas70
It Audit
Security Awareness
Business Continuity Planning
Thought Leadership
Security Architecture Design
Contract Negotiation
Data Privacy
Application Security
Ciso
Physical Security
Collaborative Leadership
Team Leadership
Mergers And Acquisitions
Hipaa
Metrics
Global Security
Compliance Management
Incident Management
Creative Problem Solving
Ssae 16
Six Sigma
Talent Management
Mentoring
Coaching
Jason Hoffman Education Details
-
University Of California, Santa CruzEconomics And Legal Studies -
University Of PhoenixGraduate Studies In Business Administration
Frequently Asked Questions about Jason Hoffman
What company does Jason Hoffman work for?
Jason Hoffman works for Visionary Strategies
What is Jason Hoffman's role at the current company?
Jason Hoffman's current role is Chief Information Security Officer (CISO) | Chief Security Officer (CSO) | Risk Management Leader | Cloud Security | SaaS | Cybersecurity | Compliance | Audit | CISM | CISA | CISSP.
What is Jason Hoffman's email address?
Jason Hoffman's email address is ja****@****nce.com
What is Jason Hoffman's direct phone number?
Jason Hoffman's direct phone number is +192578*****
What schools did Jason Hoffman attend?
Jason Hoffman attended University Of California, Santa Cruz, University Of Phoenix.
What skills is Jason Hoffman known for?
Jason Hoffman has skills like Information Security, Security, Network Security, Information Security Management, Cloud Computing, Risk Management, Pci Dss, Business Continuity, Disaster Recovery, Governance, Saas, Computer Security.
Free Chrome Extension
Find emails, phones & company data instantly
Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Aero Online
Your AI prospecting assistant
Select data to include:
Total price:
$0.00
0 records × $0.02 per record
Download 750 million emails and 100 million phone numbers
Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.
Start your free trial