Mabel Thong Email & Phone Number

San Diego, California, US

• IT Security Awareness, Compliance & CertificationCompetencies:
• ISO, SOC2 Compliance and Certifications
• Policy, Standards and Regulations Integration
• Program Management, Roadmaps, Change Management
• Communications, Collaboration
• Continuous Improvement

Tampa, FL, US

• Lead security programs by providing security expertise cloud-based offering teams. Collaborate with cloud architects, functional-area specialists, and security analysts evaluating best practices for information.
• Drive security programs by developing the project scope, resource allocation ensuring program meets deliverables for security certifications.
• Guide and track progress on projects, program objectives and identify areas of improvement from stakeholder feedback.
• Interlock with different security groups (Privacy and Data Protection, CSIRT, Customer Information Clearing House) within Cisco to support commercial certification and federal security authorizations.

Santa Clara, CA, US

• Provide oversight to features development in chip technologies and defect tracking and testing that improving collaboration during hardware/software application design and lifecycle. Define scope, criteria, resource.
• Drive programs to completion, engage resources and build detailed schedules. Provide guidance to functional departments and teams to achieve expected objectives throughout the development lifecycle.
• Manage stakeholder risks and interdependencies by ensuring progress of defect resolution and chip improvements.
• Provide regular status reporting and get inputs from engineering team. Document lessons learned and improvements on future projects and collaborating with stakeholders to remove barriers to resolution.
• Identifying and resolve key customer issues.

Armonk, New York, NY, US

• Manage Security Certification Programs for ISO 27001, SOC 2, PSIRT for Cloud offers. Identify compliance gaps with governance, risk management policies, and operation procedures. Conducted risk analysis and prepared.
• Reduced access management risk and liability by facilitating informative training workshops for Separation of Duties, Business Continuity, Disaster Recovery programs, to mitigate separation of duties conflicts.
• Designed a security community wiki to provide a central repository to publish security policies and information, defining policy standards and best practices for various security certifications, including ISO 27001.
• Minimized data loss and service interruptions from Cybersecurity attacks by administering and enforcing security compliance in accordance with IBM Cloud security policies, processes, and standards.
• Received Eminence and Excellence Award for achieving ISO 27001 and SOC 2 Type 1 and 2 certifications (2016) in partnership with globally distributed software development teams (Canada, China, India, UK).Managed.
• Executed successful consolidation of several products into a single product delivery. Ensured polished product delivery in alignment with requirements and deadlines by supervising global packaging team and coordinating.