Leo Cuellar Email and Phone Number

Q: What is Leo Cuellar's email address?

Leo Cuellar's email address is leo.cuellar@sos.oregon.gov

Q: What is Leo Cuellar's direct phone number?

Leo Cuellar's direct phone number is +15032273341

Director of Cyber Security at @ Everus

Longview, WA, US

Leo Cuellar's Location

Longview, Washington, United States, United States

Leo Cuellar's Contact Details

Leo Cuellar work email

le****@****gon.gov View
Valid
le****@****ion.com View
Valid

Leo Cuellar personal email

fa****@****ail.com View
Valid

Leo Cuellar phone numbers

About Leo Cuellar

Results-driven and strategic IT security leader with a proven track record in mitigating business risks associated with critical data. Overseeing the entire spectrum of information security, I bring a wealth of experience in strategic leadership, policy development, compliance, and incident management. My expertise lies in creating and maintaining robust IT security programs that safeguard against data disclosure, alteration, and denial.🔐 Security Program Leadership:As a seasoned professional, I've provided strategic leadership for Information Technology Security (ITSec) programs, collaborating closely with executive leadership to define objectives. I specialize in forming and managing ITSec organizations, fostering collaborative work environments, and overseeing governance processes. My commitment is to stay ahead of information security issues and regulatory changes.📑 Policy, Compliance, and Audit Expertise:I excel in the development and implementation of effective policies and standards. My proactive approach involves leading internal assessments and evaluations, recommending compliance controls, and coordinating security audits. I work seamlessly with internal audit teams, legal, HR, and external consultants to ensure comprehensive security and compliance programs.🎓 Outreach, Education, and Training:Addressing the evolving landscape of security issues, I've resolved intricate security challenges with a deep understanding of IT environments. I am passionate about creating and delivering education and awareness programs on security issues, best practices, and vulnerabilities. My focus includes initiatives on identity theft protection, mobile and social media security, and online reputation management.🚨 Risk and Incident Management:I serve as the primary control point during information security incidents, implementing and administering technical security standards. By managing security services and tools, I effectively address and mitigate security risks. My leadership extends to assessing and evaluating information security risks, ensuring compliance, and establishing processes for the secure implementation of technologies.I am actively seeking opportunities to contribute my skills and expertise to organizations committed to safeguarding their critical data and navigating the complex landscape of information security. Let's connect and explore how I can bring value to your team.

Leo Cuellar's Current Company Details

Everus

View

Director of Cyber Security

Longview, WA, US

Leo Cuellar Work Experience Details

Director Of Cyber Security

Everus

Longview, Wa, Us

View
Director Of Information Security

Public Partnerships | Ppl Apr 2023 - Present

Alpharetta, Ga, Us

As Director of Information Security at Public Partnerships LLC, I have played a pivotal role in securing the launch and ongoing operations of a multi-million healthcare venture across the US. I spearheaded the development and leadership of a dedicated Information Security Program, IT Risk Management, and Compliance team, ensuring adherence to stringent requirements. My responsibilities encompass overseeing robust security within Azure infrastructure environments, collaborating with business units to streamline risk assessment and management, and presenting security posture to C-level executives. Through effective leadership and a commitment to secure practices, I am confident in my ability to safeguard sensitive data and mitigate risks within this dynamic healthcare landscape.

View
Chief Information Security Officer

Oregon Secretary Of State Apr 2022 - Mar 2023

Salem, Oregon, Us

As the former CISO for the Oregon Secretary of State, I spearheaded robust cybersecurity across the agency, safeguarding elections, audits, archives, and corporation registrations. I led a team in securing a critical $4 million voter registration service and provided strategic vision for the entire IT landscape. My one-year tenure was marked by decisive leadership, focused on ensuring the security of sensitive data and infrastructure for the state's vital functions.

View
Director Of Cyber Security Practice, Ciso

Cri Advantage, Inc. Jul 2020 - Apr 2022

Boise, Id, Us

At CRI Advantage as Executive Director of Cybersecurity/vCISO, I led a team of consulting CISOs, VPs, and Directors, guiding diverse business organizations towards robust cybersecurity postures. I thrived in engaging with clients at all levels, translating complex strategic and tactical considerations into actionable plans aligned with their long-term goals. Skilled in implementing industry best practices like ISO 27001, NIST, and CIS controls, I led pre-sales, conducted solution assessments, and delivered transformative cybersecurity solutions, empowering clients to thrive in today's dynamic threat landscape.

View
Information Security Executive, Iso

Allsocial Oct 2019 - Jul 2020

As the Information Security Officer at AllSocial, I built a comprehensive security program for our ambitious cloud-based startup, guarding 28 micro-services as we consolidate them into a unified social media powerhouse. I applied my expertise in Akamai, Splunk, Identity Management, and Access Controls to ensure our infrastructure is secure and effective. Leading a $2 million security investment portfolio, I orchestrate transformative upgrades to our IT architecture, keeping us ahead of the curve. In this dynamic environment, it's about enabling innovation while navigating the complex legal and regulatory landscape.
Director Of It Risk And Compliance

Taos Nov 2017 - Oct 2019

Responsible for the development and delivery of a comprehensive information security and privacy program for SOC2 and ISO27001 certs. Coordinated the development of information security policies, processes, standards and procedures, and working with key IT managers, compliance managers, data custodians and governance groups in the development. Managed risks related to information security, business continuity planning, crisis management, privacy, and compliance.
Grc Expert

Reciprocity, Inc Aug 2017 - Nov 2017

San Francisco, California, Us

Providing GRC expertise in International, Regulatory, Internal Audit, and other compliance frameworks to support development and customer operation of ZenGRC, a Governance, Risk, and Compliance (GRC) Enterprise Software Solution.

View
Ciso

Virtual Information Executives Jun 2017 - Nov 2017

Portland, Or, Us

VIE is a group of experienced executive leaders who are passionate about driving value from IT. We help clients through IT assessments, Interim C-level assignments, IT strategy creation, IT governance and IT organization development.

View
It Security Program

Iovation Jul 2015 - Jul 2017

Portland, Oregon, Us

Manage the development and delivery of a comprehensive IT governance, risk and compliance program, including policies, standards and procedures. Ensure continuous technology compliance with regulatory and contractual requirements by testing IT controls, monitoring, identifying, reporting and conducting risk metrics to protect sensitive data. Provide strategic and tactical technology compliance direction for IT initiatives, including the evaluation and recommendation of technical controls. Provide technical vision and hands-on management of day-to-day tactical activities and long-term strategic direction for all technology-related compliance direction. Translate business and security objectives into achievable controls, including building and supporting the technical implementation of those controls. Provide security input for network and software architectural changes, and new projects. Lead internal vulnerability management efforts, including network vulnerability scanning, web application security testing, and other specific security assessment efforts. Collaborate with information security, DevOps and engineering teams to identify Platform needs and issues with respect to security. Collaborate with third party security partners to implement best practices and processes to support our customer integrations and implementations. Define security architecture in collaboration with iovation architects and DevOps engineering team. Integration with Development teams to author Agile stories, estimate story points, assist with sprint planning and retrospectives. Architect, design and build platform addressing security needs. Perform advanced security technical troubleshooting for cloud and e-commerce environments.

View
Partner And Founder, Ciso

Verutus Jun 2015 - Jul 2017

Advising client Executives and Leaders in the integration of multiple mission-critical organization information technology compliance requirements and cybersecurity governance, risk management, and compliance functions.
It Compliance & Security Director

Peak Hosting Apr 2015 - Jun 2015

Tualatin, Oregon, Us

As the IT Security & Compliance Manager, I managed the Information Security & Compliance team responsible for coordinating and executing the company's audit controls to ensure compliance with Information Security Policy and industry standards, including SarbanesOxely (SOX), Payment Card Industry (PCI), Federal Information Security Management Act (FISMA), Health Insurance Portability and Accountability Act (HIPAA), and FTC Red Flag rules. Additionally, I maintained ownership and control of all audit processes, directly supported customer inquiries and external audit activities, and reported directly to the Chief Operating Officer. I participated in top-level strategic planning of the Information Security organization’s short, mid and long range goals. I managed the Information Security Policy and supporting standards, processes, and best practices, ensuring they were consistent with authoritative sources and corporate strategic objectives. I provided appropriate metrics to measure information security risk to the corporation and ensured reports and findings are delivered in a timely and appropriate manner to upper management and executive leadership.

View
Information Security Director

Knowledge Universe Mar 2014 - Mar 2015

Lake Oswego, Or, Us

- Manage and develop the Information Security program, including strategy, policies, process, and metrics. Identify and assess emerging information risks, adjusting plan accordingly. Collect and monitor information security metrics, assessing the health of the business and company.- Identify, prioritize, and implement services and products to enable or improve information security capabilities (e.g., identity management, disaster recovery, compliance monitoring, intrusion prevention, awareness and education).- Vendor management, manage onsite and offsite vendors in providing products and services related to the information security program. Includes contract negotiations, budget management, and evaluation of service and support.- Information Risk and Vulnerability Management, oversee internal and external security risk and vulnerability assessments, recommend/implement approved countermeasures. Partner with stakeholders to communicate recommendations and develop agreed upon action plans.

View
Application Security Expert

Nike - Consumer Digital Tech Nov 2010 - Mar 2014

Beaverton, Or, Us

Responsible for ensuring a secure online consumer experience of Nike’s web and mobile applications, and online services. Lead IT security and operations work in support of business and company goals. Subject matter expert of frameworks, methods, design patterns, and tools needed to deliver organizational security strategy, processes, information, and information technology assets for a secure consumer experience. Lead strategic planning to achieve company goals by prioritizing security initiatives and coordinating the evaluation, deployment, and management of current and future technologies. Work with business and IS leadership to understand information security requirements and risks. Contribute to the creation, design, implementation and maintenance of enterprise security architecture strategy. Deliver technical solutions for all security related issues and providing a deep knowledge of a wide range of security related topics spanning multiple hardware and software platforms. Coordinate security audits to ensure compliance with security policies. Conduct assessments and security investigations, penetration tests and security audits coordinating remediation efforts with customers, Information Services staff and management. • Instanced and codified information security into a new organization; including all aspects of organizational processes to development to operations.• Deliver security reviews and risk and control assessments across the IT environment (operational and project environments). • Conduct risk assessments, vulnerability assessments, internal audits, reviews, and serve in a security consulting role in technical and business related matters related to security, integrity, compliance, and remediation. • Lead the development of business security policy and standards, incident response plan, and vulnerability assessments and management.• Relationship management, achieving “trusted advisor” status with directors and senior management.

View
Security Auditor

Concur Technologies Jun 2009 - Oct 2010

Bellevue, Wa, Us

Responsible for the assessment of information technology security controls that support Concur Technologies. Provide review and audit of all information systems in compliance with Concur’s internal controls; ISO27001, ISO 20000, PCI, and SAS70 controls. Interface with all levels of Middle and Senior Management, external auditors, and vendors. Responsible for auditing information systems, business processes, procedures, and records, and develops an opinion on their compliance to Sarbanes-Oxley, ISO27001, ISO 20000, SAS70, and PCI controls and requirements. Perform application vulnerability and penetration scans on Concur applications/infrastructure. Develop and work with teams and organization across the company to determine mitigating plans. Develop written reports and create status dashboards that describe the results of internal audits at a high level. • Created, implemented and managed a high-level matrix of internal and external controls for compliance across several frameworks; including ISO27001, FISAP, Sarbanes Oxley, PCI DSS, CA SB 1386, WA SB 6043.• Conducted risk assessments, vulnerability assessments, internal audits, reviews, and serve in a security consulting role in technical and business related matters related to security, integrity, compliance, and remediation. • Led the development of business security policy, risk management, incident response, and vulnerability management strategies and processes

View
Lead Systems Planner & Designer (Security)

Starbucks May 2006 - Jul 2008

Seattle, Wa, Us

My position contributes to Starbucks success by leading and participating in the delivery of information technology (IT) solutions and continuously improving overall processes for planning and solution delivery. Develops highly complex assessments, mid-level architectures and systems designs, and deployment plans for multiple IT projects and detailed plans and designs for solution delivery. Works with systems and strategy teams in the evaluation of proposed solutions, development of standards and common processes, and planning and deployment strategies. Provides the IT Systems Planning and development teams in the creation of security design standards and review standards for software, infrastructure and other components of the IT systems. Review systems designs for compliance to standards and make suggestions to improve security.

View
It Security Analyst (Contract)

King County Metro Jan 2006 - Apr 2006

Wa, Seattle, Us

This is a senior information security position with a strong technology background that leads the development of the King County’s IT Risk management program. As a member of the Information Security and Privacy program, I work with staff across the county, through the county’s technology governance process and directly with technology staff in county agencies. I am responsible for selecting, planning deployment, and overseeing deployment of the security controls to meet the needs of King County and the 15 independent information technology groups. I use my expertise in network and host security and in project management to plan and oversee the selection and deployment of selected security controls countywide.

View
It Security Consulting Lead

Hewlett Packard Co Feb 1999 - Nov 2005

Houston, Texas, Us

I am the IT Security Consulting Lead in the IPG group on the Service Design & Development team. I'm responsible for providing HP internal development teams with security consulting services including HP Security Policy and Standards, the fundamentals of the ISO 17799 standards, HP's security tracking processes and tools, and industry security best practices. I manage the delicate balance between business partner needs and security constraints/requirements, and determine required security measures to be incorporated to reduce or eliminate the risks identified with information or IT services. I also align to specific new Eservices and product releases as an integral part of project team. I provide ad-hoc security engagement services to answer questions relating to information security. I create and maintain security documentation templates, security plans and security consulting processes that align with other IT processes.

View
It Engineer

Analogy Inc. 1997 - 1999

Led project management efforts for the migration, installation, and upgrade of networks. Responsible and accountable for network and systems security. Developed configuration management process and implemented procedural changes to improve the worldwide networking infrastructure(mixed environment of UNIX (HP-UX) and Windows NT servers). Provided operational expertise to engineering groups and worked to maintain visibility of their needs and allocation of resources as needed to maintain the engineering environment. Conducted ongoing analysis to improve support processes and develop support procedures.
It Coordinator

Voicestream Wireless 1996 - 1997

Led development efforts of in-house software programs. Facilitated requirements gathering and compilation of departmental needs in purchasing packages for computer and software requirements. Program management of IT department's internal programming projects. Security and system administration for mixed computing environment over a mixed network and responsible for the network connectivity and network security.
Information Systems Coordinator

Puget Sound Blood Center 1991 - 1996

Seattle, Washington, Us

Project management for migration, installation and upgrade of networks. System administration for mixed computing environment over multiple network media. Provided requirements gathering, specifications, and purchase ordering for departmental hardware, software and network products. Project management of departmental programming projects. Installed and configured Internet and remote access connections for remote departmental access.

View
Computer Systems Programmer/Sergeant

Us Air Force 1987 - 1991

Randolph Afb, Tx, Us

System administration of divisional AT&T UNIX Network. Responsible for network security and computer systems. Project management for IT software development projects with IT organization of the 15th A.F. Headquarters. System administration of Honeywell mainframes computing systems. Facilitated the computer systems training of military members of all ranks; majority of upper echelon officers.

View

Leo Cuellar Skills

Security Information Security Network Security Computer Security Pci Dss Program Management Security Audits It Service Management Information Security Management System Administration Sdlc Iso 27001 Risk Assessment Unix It Strategy Governance Risk Management Team Leadership Data Center Cissp Firewalls Security Management Linux Business Continuity Incident Management It Operations Compliance Security Policy Web Application Security Troubleshooting Sarbanes Oxley Act Cisa Security Engineering Secure Authentication It Security Operations Application Security Assessments Disaster Response Security Consulting Owasp Application Security Architecture Policy Secure Sdlc Web Application Firewall Global It Operations Critical Incident Debriefing Web Application Security Assessment Architecture It Governance Critical Incident Response Apple

Leo Cuellar Education Details

University Of Oregon

Applied Information Management
University Of Washington

Philosophy

Frequently Asked Questions about Leo Cuellar

What company does Leo Cuellar work for?

Leo Cuellar works for Everus

What is Leo Cuellar's role at the current company?

Leo Cuellar's current role is Director of Cyber Security.

What is Leo Cuellar's email address?

Leo Cuellar's email address is le****@****gon.gov

What is Leo Cuellar's direct phone number?

Leo Cuellar's direct phone number is +150322*****

What schools did Leo Cuellar attend?

Leo Cuellar attended University Of Oregon, University Of Washington.

What skills is Leo Cuellar known for?

Leo Cuellar has skills like Security, Information Security, Network Security, Computer Security, Pci Dss, Program Management, Security Audits, It Service Management, Information Security Management, System Administration, Sdlc, Iso 27001.

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles

Get direct phone numbers & mobile contacts

Access company data & employee information

Works directly on LinkedIn - no copy/paste needed

Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.

Security Check