Michael Ferrand Email & Phone Number

Dunedin, FL, US

United States

I am thrilled to announce that I am joining PayPal as the new CSPO Manager for the Americas. This is an exciting opportunity for me to return to the global financial technology industry, where I have over 15 years of experience. I look forward to contributing to PayPal's innovative efforts and continuing my journey in this dynamic field.

Tampa, Florida, United States

• Managed Cyber Threat Intelligence Operations rollout. Managing cloud platforms securing applications from code to deployment. Prioritizing risk and response by managing FDA CFR 21 Part 11 compliance. Managing.
• Enterprise CTI Operations, Reporting, and Governance
• Authored bi-weekly Cyber Security report for the enterprise
• Threat Hunting leveraging XDR and SIEM solutions
• Enhancing security for cloud-native application development \ deployment
• Security Operations (SIEM - Datadog, XDR - CORTEX, PAM & IAM - CyberArk, DLP – Zscaler, Cloud Security – Prisma Enterprise & FedRAMP)

Tampa, Florida, United States

• Security oversight and governance of all digital solutions, including security architecture review and approval. Managed product approval for digital enterprise. Managed vendor security assessments and risk management.
• Authored Enterprise Vendor Risk Management Policy
• Managed Enterprise Penetration Testing Program and Governance (outsourced)
• Managed Digital Security contracts and Security Addendums
• Managed ICS\OCS (Industrial \ Operational Control System) security
• Developed reporting for security operations, including incident reports, vulnerability, PenTest, Compliance, CTI, User activity reports, and reports for executive management by department.

Tampa, Florida, United States

• Responsible for leading Product Security Program for NielsenIQ. Managed penetration testing for all critical applications, including remediation efforts. Managed Palo Alto Prisma Cloud rollout. Managed OKTA IAM.
• Managed four direct reports in application security group
• IAM & PAM (CyberArk)
• Managed OKTA application integration program
• Member of the Cyber Security Leadership Team
• Performed new vendor product evaluations and assessments

Tampa/St. Petersburg, Florida Area

• Managed daily operations and strategic priorities for MetLife Investments IT. Managed global cross-functional AD/AT/AM teams (India, Argentina, Mexico).
• Served on Senior Leadership Team for MetLife Investments
• Strategic planning and yearly financial portfolio management of $125 M in IT spend
• Managed department with 350+ resources responsible for application development, testing and operations within five Global Technology domains for MetLife Investments
• Managed DevOps co-location strategy and resource alignment across India, Argentina, and Mexico
• Governed activities involving BCP global incidents

Greater Nashville Area, TN

• Supervised company’s global network operations for eight primary data centers located in United States, Asia-Pacific, and EMEA. Managed international team of Network Operation leads located in US, Switzerland, United.
• Managed Network Security Operations Team for UBS Enterprise, 6 direct reports
• Managed Network Operations tool stack. Splunk, NetScout, TBD Fusion
• Managed product selection and onboarding for UBS IT Operations
• Managed network security and network segmentation for PROD, UAT and QA
• Senior Member of Solution Architectural Review Board

Tampa/St. Petersburg, Florida Area

• Directed company’s global data center program. Multi-year effort designed to enhance data center footprint and active-active recovery capabilities. Managed $55 M IT project portfolio with related EOL and KTLO activities.
• Managed enterprise products encompassing infrastructure, application, and security. This included all related budget planning and deployment activities.
• Directed teams across multiple IT disciplines including network, testing, development, security, data, storage, facilities, and other key IT functions
• Managed enterprise finance systems and enforced role-based access and controls
• Member DRP team working on 55 Water Street recovery after Hurricane Sandy (1 Year recovery effort)NOTE: This was a contract to hire position. Hudson Consulting working at DTCC one year prior.

Tampa/St. Petersburg, Florida Area

Prior to being hired full time with DTCC, I was a contractor through Hudson Consulting.Hudson Consultant, Senior Project Manager in the DTCC IPMO.Project manager assigned to seven major initiatives within DTCC. - Managed enterprise IBM AIX upgrade to version 7.x- Managed enterprise Oracle 11g upgrade- Managed storage solution decommission effort and cost.

Tampa, Florida

• Senior Technical Program Manager - Contractor Assigned to WellCare's engineering and infrastructure division managing several large healthcare IT projects across multiple domains.
• Directed the successful migration of Oracle to AIX while decommissioning Sun Solaris environments.
• Reduced Oracle licensing and hardware maintenance costs by more than $850K annually.
• Managed deployment of Citrix XenApp and XenDesktop (VDI) for 6,000+ seats across the US.
• Managed CISCO Unified Communications upgrade (8.6) and NICE Call Center recording system installation.

Boca Raton, Florida, United States

• As a Senior IT Security Engineer within ADT\TYCO, I fulfilled a dual role encompassing security engineering and project management responsibilities, focusing on enhancing the company's global security and risk.
• Spearheading network security and data segmentation initiatives implementing robust measures for data loss prevention, intrusion prevention and detection, dual-factor authentication, and mobile device management.
• Successfully deploying multiple Cloud SaaS security solutions to bolster enterprise proxy controls, encompassing social media management, URL blacklisting, and advanced data loss prevention (DLP) mechanisms.
• Taking the lead in security governance by approving new network connections, defining security policies, and overseeing critical access controls to safeguard organizational assets.
• Authored Privacy and Data Classification guidelines and controls, providing comprehensive frameworks to ensure compliance and data protection within ADT\Tyco's global operations.

Deerfield Beach, Florida

• Managed the enterprise-wide adoption of data-centric initiatives, serving as the primary liaison and advocate for key projects related to Data Classification, Email Encryption, Data Masking, and Data Protection.
• Collaborated closely with stakeholders to articulate project objectives, define requirements, and ensure alignment with organizational goals and regulatory mandates.
• Led efforts to establish robust governance frameworks for Data Classification, overseeing the categorization and protection of sensitive information assets across the JM Family enterprise.
• Implemented stringent controls and policies to safeguard data integrity, confidentiality, and availability, mitigating risks associated with data breaches and compliance violations.
• Spearheaded the implementation of Email Encryption and Data Masking solutions, leveraging cutting-edge technologies and encryption protocols to safeguard sensitive communications and protect confidential data from.
• Facilitated seamless integration of encryption and masking mechanisms into existing IT infrastructure, ensuring minimal disruption to business operations while enhancing data security posture.

For509: Enterprise Cloud Forensics And Incident Response (I01_05_Cm_9195)

Cloud Infrastructure and IR data sources Microsoft 365 and Graph API Investigations Azure Incident Response AWS Incident Response.

Executive Training

Management | Operational Risk and Cost Controls

College Of Management

Activities and Societies: Computers and Network engineeringPrimary undergraduate focus in Management, Law and East Asian Studies.

Management, Law And Human Resources

Activities and Societies: Cycling and KaratePrimary focus in Management, Law and East Asian Studies. Started Japanese language studies..