Nicholas Davis π π Email and Phone Number
Verona, WI, US
Nicholas Davis π π's Location
Verona, Wisconsin, United States, United States
Nicholas Davis π π's Contact Details
Nicholas Davis π π work email
- Valid
- Valid
Nicholas Davis π π personal email
n/a
Nicholas Davis π π phone numbers
About Nicholas Davis π π
βΊβΊ Email: ndavis.audit@gmail.com ββI am dedicated to:βΊ Building pragmatic governance, risk and compliance (GRC) programs ββΊ Achieving compliance goals (NIST 800-53, NIST 800-171, ISO 27001, HIPAA, PCI, CMMC, CUI, FERPA) ββΊ Enterprise modernization of technical, physical and administrative controls ββΊ Risk reduction through driving a culture of engaged security education, training and awareness β
Nicholas Davis π π's Current Company Details
Nicholas Davis π π Work Experience Details
-
Director Of Information SecurityUw HealthVerona, Wi, Us
-
Cybersecurity Manager, Governance, Risk And ComplianceKomatsu Mining Mar 2024 - PresentMilwaukee, Wi, Usβ’ Develop, implement, and maintain comprehensive cybersecurity, risk, and privacy policies, processes, and controls for MTS technologies and solutions. This includes ensuring alignment with applicable laws and regulations.β’ Own and manage responses to cybersecurity posture questionnaires and client-required privacy information requests.β’ Lead the technical development and operational deployment of a bespoke AI-driven response generation framework, utilizing natural language processing (NLP) and machine learning (ML) to interpret, analyze, and address cybersecurity inquiries with accuracy.β’ Collaborate strategically with regional and global IT security teams on policy development, posture assessments, customer communications, and incident response protocols.β’ Champion the development and execution of the global Komatsu cybersecurity strategy, ensuring alignment with MTS business objectives.β’ Lead the creation and ongoing management of privacy programs for MTS technologies and solutions, encompassing data governance across all locations and jurisdictions.β’ Partner in the development of CR&P training programs for employees and contractors, fostering a culture of security and privacy awareness within MTS and the broader Komatsu organization.β’ Advocate for and promote the CR&P program to MTS engineering teams and Komatsu stakeholders, ensuring alignment with business goals. -
Director Of Information SecurityUw Health Aug 2021 - Jan 2024Madison, Wi, Usβ’ Lead a large and diverse cybersecurity team in the development, implementation, and monitoring of a comprehensive enterprise-wide information security and risk management program and roadmap, with a focus on protecting sensitive healthcare data.β’ Provide strategic guidance and consultation to executive leadership and technical leads on security issues and threats, including malware, ransomware, phishing attacks, and data breaches, that are specifically relevant to the healthcare industry.β’ Drive and influence software and infrastructure security across the organization, including penetration testing, vulnerability assessment, and security awareness training, to protect patient health information (PHI).β’ Guide the technical development of security tools and product features to reduce security risk, such as firewalls, intrusion detection systems, and encryption, appropriate for the high availability operating environment.β’ Proactively identify security issues and potential threats using threat intelligence, security analytics, and machine learning, to protect against targeted attacks.β’ Provide strategic risk guidance and consultation for corporate IT projects, including the evaluation and recommendation of technical standards and controls, such as ISO 27001, HIPAA, and PCI DSS.β’ Identify, track, and communicate detailed metrics and reporting indicating overall security risk factors, such as the number of security incidents, the cost of security breaches, and the compliance status of the organization, with a focus on meeting HIPAA requirements.β’ Align the program with NIST 800-53, HIPAA, PCI, and other industry standards and frameworks, such as the Center for Internet Security (CIS) Controls, to ensure compliance with healthcare regulations.β’ Promote a culture of strong information security, increasing overall awareness and compliance with security policies and procedures, to protect the confidentiality, integrity, and availability of PHI.
-
Contracted Expert, H2020 And Horizon Europe ProgramsEuropean Commission Feb 2018 - Dec 2023Brussels, Beβ’ Served as contracted external subject matter expert in information security, evaluating and monitoring European Commission Horizon 2020 and Horizon Europe funded projects.β’ Conducted independent written evaluations of MSCA-ITN projects.β’ Served as Project Monitor, tracking the progress of funded projects and ensuring that they met their objectives.β’ Reported on progress to the European Commission. -
Course InstructorPhoenix Ts Jun 2020 - Nov 2023Columbia, Maryland, Usβ’ Develop and deliver engaging CISSP and CCSP boot camps at PhoenixTS, equipping individuals with the knowledge and skills to excel in information security.β’ Guide students through comprehensive curriculum aligned with (ISC)Β² exam objectives, covering critical security domains and best practices.β’ Leverage real-world experience and industry insights to create a dynamic learning environment that fosters critical thinking and practical application.β’ Prepare candidates for successful completion of challenging certifications and advancement in their cybersecurity careers. -
Director Of Information Security Governance, Risk And ComplianceUniversity Of Wisconsin System Jul 2019 - Aug 2021Madison, Wisconsin, Usβ’ Led and collaborated with internal stakeholders to ensure compliance with industry frameworks, system security plans, internal policies and standards, software deployment, change control, contractual and regulatory requirements.β’ Anticipated, assessed, and mitigated operational, third-party vendor, and compliance risks from current and changing business practices, systems, policies, regulations, and laws using threat intelligence, security analytics, and machine learning.β’ Prepared briefings and executive-level reports for the Board of Regents, Internal Audit, Risk Management Committee, and CIOs on cybersecurity risks and mitigation strategies.β’ Oversaw the risk register, risk exceptions, metrics, reporting, and the management of identified risk, remediation action plans from IT audit, technology risk assessments, vulnerability scans, penetration testing, etc.β’ Coordinated information security internal audit and external audit responses, regulatory, GLBA and SOX reviews representing information security and technology risks. Coordinated responses to RFI/RFPs and client security related questionnaires.β’ Led the development, education, and adherence of change management processes to effectively ensure proper review and approval within defined service-level metrics.β’ Led the negotiation and renewal of cyberliability insurance. -
Chief Information Security Officer (Ciso)University Of Wisconsin System Mar 2015 - Jul 2019Madison, Wisconsin, Usβ’ Led the development and implementation of a comprehensive cybersecurity program for UW System institutions, including the development of an enterprise security framework based on NIST 800-53 guidance, working with campuses to deploy security controls and ensure compliance with policies, serving as a central point of contact for information security budget items and external vendors, and leading a security assessment team that conducts risk assessments and vulnerability testing.β’ Developed cloud systems information security procurement standards and acted as a centralized contact and communication point for IT Security issues.β’ Provided opinions to senior legal counsel on information security matters β’ Led the University of Wisconsin Technology and Information Security Council.β’ Managed and trained security staff, by leading the creation of position descriptions, conducting the interview process, performing candidate selection and the hiring of information security analysts, including onboarding, short- and long-term work assignments, performance management, career development, and overall direct supervision.β’ Evaluated, acquired, and implemented ongoing cloud based measured phishing awareness campaigns, serving 77,000 UW faculty and staff, across all campuses.
-
Ffiec Cybersecurity Compliance AdvisorHome Savings Bank Jul 2020 - Jul 2021β’ Provided SME advisory services to enhance enterprise cybersecurity readiness using the FFIEC Cybersecurity Assessment Toolkit.β’ Assessed cybersecurity inherent risk profile and maturity of technical, administrative, and physical controls.β’ Developed a control crosswalk document aligned with NIST 800-53 control families.β’ Produced a gap analysis and roadmap of next steps to bridge current state to desired level of maturity.β’ Produced due diligence evaluation reports on third-party subservice providers.β’ Presented current state of cybersecurity to the bankβs Board of Directors.β’ Developed cybersecurity maturity action development plan, including new technology deployments, risk mitigation activities, and supporting policies and procedures development.β’ Created and delivered in-person information security awareness and compliance training to all employees.β’ Performed a comprehensive hardware and software inventory of the bankβs IT assets, including asset risk assignment.β’ Developed, populated, and managed a comprehensive online hardware and software asset inventory tracking system for the bank.β’ Compiled a complete set of information security policies in support of the bankβs information security program.β’ Acted as the bankβs information security representative, during its annual audit exam from the State of Wisconsin Department of Financial Institutions.
-
Cybersecurity Governance, Risk And Compliance AdvisorRiver Financial Sep 2019 - Dec 2019Columbus, Ohio, Usβ’ Built an ISO 27001 standards based cybersecurity program that included a written risk assessment and information security policies to address how the company detects cybersecurity events, identifies risks, and how policies and procedures are executed, to prevent unauthorized access to consumer and company personally identifiable information (PII) and other mission critical data. The cybersecurity program developed was designed to comply with the New York Department of Financial Services Cybersecurity Regulation 23 NYCRR 500. -
Course Instructor, Information Systems 371University Of Wisconsin-Madison Jan 2018 - Jun 2019Madison, Wi, Usβ’ Taught the following topics in formal, semester long, 3 credit course, at UW-Madison:Introduction to Visual Basic and .NET Framework, getting familiar with Visual Studio, event procedures, properties, and controls, variables and data types, assignment and arithmetic operators, comparison and logical operators, control structures, loops and arrays, procedures, helper forms, menus and toolbars, error handling and prevention -
Course Instructor, Information Security 365/765University Of Wisconsin-Madison Sep 2008 - Jun 2019Madison, Wi, Usβ’ Taught the following topics in formal, semester long, 3 credit course, at UW-Madison:Security trends, risk management, access control, security architecture and design, physical and environmental security, telecommunications and network security, cryptography, business continuity and disaster recovery, legal, regulations, compliance and investigations, application security, operations security, cloud security, bring your own device (BYOD) security, the Dark Web.
-
Pki Project LeadUniversity Of Wisconsin-Madison Mar 2004 - Feb 2015Madison, Wi, Usβ’ Led the implementation of a campus-wide digital certificate program that included dual factor authentication, email encryption, and electronic document signing.β’ Managed the day-to-day operations of the program, including requirements gathering, authoring of RFPs, system design, deployment, and implementation.β’ Negotiated with vendors and developed system solutions that met the needs of the campus community.β’ Authored help desk documentation and provided end user training.β’ Promoted the campus PKI service to faculty, staff, and students.β’ Led efforts to secure organizational infrastructure associated with personal digital certificates, software code signing certificates, and SSL certificates.β’ Used Qualys to perform periodic vulnerability/patch assessments of servers on the UW-Madison campus.β’ Developed an asset inventory of SSL web server certificates in use across the campus environment.β’ Represented the UW-Madison digital certificate initiative in higher education at the national level.β’ Hosted the First Annual Educause PKI Deployment Forum at UW-Madison.β’ Identified and promoted opportunities to expand usage of digital certificate and other related security technologies throughout the UW-Madison campus.β’ Analyzed, defined, and documented security requirements for sensitive FERPA and HIPAA related data, in transit and at rest.β’ Prepared and delivered presentations, demonstrations, and proof of concept prototypes for data encryption solutions deployed throughout the campus community.β’ Documented IT Security controls and processes for securing the enterprise.β’ Periodically assessed controls and processes for compliance with the security program.β’ Coordinated IT Security audit efforts with the State of Wisconsin Legislative Audit Bureau, Internal Audit, and external auditors as needed.β’ Identified threats and vulnerabilities, and then provided recommendations to address and mitigate risks.β’ Led campus-wide information security awareness program.
-
Subject Matter Expert Consultant In Information SecurityGe Digital Apr 2017 - Jun 2017San Ramon, California, Usβ’ As a subject matter expert (SME), assisted GE Digital in creating a cybersecurity skills framework that describes and categorizes the desired skills and learning paths for GE's cybersecurity employees.β’ The framework includes earning paths in specialty cybersecurity areas, based on tasks, knowledge, skills, and abilities (KSAs), as well as internal and external relevant certifications, and knowledge of appropriate government and industry standards.β’ The framework is designed to support GE's Predix system needs and covers proficiency levels for beginner, intermediate, and advanced cybersecurity positions.β’ The formal document deliverable provides a common roadmap of skills, knowledge, and expertise required for cybersecurity job performance and career advancement within GE. -
Cybersecurity AdvisorPhoenix Nuclear Labs, Llc Oct 2016 - Dec 2016Fitchburg, Wisconsin, Usβ’ Provided Phoenix Nuclear Labs with cybersecurity consulting services, including operational, tactical, and strategic recommendations.β’ Developed a comprehensive cybersecurity framework based on NIST 800-53 to help ensure the security of the enterprise's proprietary information.β’ The framework provided guidance on cybersecurity strategic direction, tactical management, operational data protection methods (such as data encryption), employee security awareness, and disaster recovery. -
Information Assurance ConsultantFacility Gateway Corporation Oct 2015 - Nov 2015Madison, Wi, Usβ’ Provided Facility Gateway Corporation with information assurance consulting services, including operational, tactical, and strategic recommendations.β’ Developed a comprehensive security plan based on NIST 800-53 to help ensure the technical, administrative, and physical security of a managed data center facility. -
It Security Risk AdvisorTds Telecommunications Corp. Oct 2012 - Feb 2013Madison, Wi, Usβ’ Provided strategic guidance and applied tactical skills in the implementation of information security systems and associated controls, for internal and customer use, including encryption, authentication, regulatory compliance and system event monitoring solutionsβ’ Provided advice for PCI DSS and HIPAA compliance initiatives, including the development, authoring, and vetting of corporate information security policies and proceduresβ’ Researched competitive security providers, new security technologies, and pursued potential security partnerships, enabling new value-added service solutions β’ Created and delivered an in-person HIPAA compliance training module for employee education, as part of the overall security awareness program -
Adjunct Faculty Lecturer, Information Security And E-CommerceCardinal Stritch University Sep 2009 - Jun 2011Milwaukee, Wi, Usβ’ Taught the following topics in formal, semester long, undergraduate level course, at Cardinal Stritch University:Electronic funds transfer, digital supply chain management, internet marketing, online transaction processing, analysis and application of payment card industry (PCI) standards, electronic data interchange (EDI), inventory management systems, automated data collection systems -
Course Instructor, It Security AwarenessMadison Area Technical College Aug 2009 - Jun 2011Madison, Wi, Usβ’ Taught the following topics in formal, semester long, undergraduate level course, at MATC:Legislation, local, state and federal privacy regulations, liability of individuals and institutions, related to data confidentiality, integrity and availability, risk management, security policies, common threats and countermeasures. -
Digital Identity AdvisorCuna Mutual Group Dec 2009 - Dec 2010Madison, Wi, Usβ’ Provided cybersecurity-minded guidance to senior management on the implementation of a digital signing solution for mortgage loan applications, with the goal of enhancing the security and efficiency of the credit union's lending process.β’ Consulted with senior leadership on the benefits of digital signing, including its ability to improve compliance, reduce fraud, and speed up the loan approval process.β’ Modeled potential solutions for upper management and assisted in the preparation of a request for information (RFI) to vendors.β’ Produced recommendations and next steps for organizational leadership, with a focus on ensuring the security and reliability of the digital signing solution. -
Senior Systems EngineerAmerican Family Insurance Jun 2001 - Apr 2004Madison, Wi, Usβ’ Directly managed and delivered mission-critical network system security projects, with a focus on identifying and mitigating vulnerabilities.β’ Developed and implemented technical, administrative, and physical controls to protect corporate servers from cyberattacks.β’ Held primary technical responsibility for enterprise-wide remote user authentication systems, ensuring that only authorized users had access to corporate systems.β’ Managed the corporate PKI digital certificate system and dual factor hardware token-based RADIUS authentication system, providing strong authentication and access control for users.β’ Designed, planned, and implemented a corporate PGP secure data transmission and management system, enabling secure data exchange with external business partners over the Internet.β’ Authored standards and procedures for the integration of PGP data exchange with external business partners, ensuring that data was exchanged securely and in compliance with corporate security policies. -
Information Systems AnalystRayovac Corporation Aug 1998 - Jun 2001Middleton, Wi, Usβ’ Provided a wide range of general corporate IT support, with a focus on information technology (IT) infrastructure and applications.β’ Provided remote access support, ensuring that users had secure access to corporate systems and applications.β’ Supported Microsoft Office applications, helping users to use them effectively and efficiently.β’ Supported the mainframe, ensuring that it was running smoothly and that users could access critical data and applications.β’ Provided help desk telephone support, resolving user issues in a timely and efficient manner.β’ Provided desktop support, installing and configuring hardware and software, and troubleshooting problems.β’ Supported custom applications, ensuring that they were developed and maintained in accordance with IT standards and best practices.β’ Repaired and upgraded hardware, keeping systems up to date and running smoothly.β’ Performed basic ABAP programming in SAP, developing and maintaining code that was efficient and secure.
Nicholas Davis π π Education Details
-
University Of Wisconsin-MadisonInformation Systems -
University Of Wisconsin-MadisonFrench Language
-
University Of Wisconsin-MadisonJournalism
-
St. John'S International SchoolGeneral Studies
Frequently Asked Questions about Nicholas Davis π π
What company does Nicholas Davis π π work for?
Nicholas Davis π π works for Uw Health
What is Nicholas Davis π π's role at the current company?
Nicholas Davis π π's current role is Director of Information Security.
What is Nicholas Davis π π's email address?
Nicholas Davis π π's email address is nd****@****isc.edu
What is Nicholas Davis π π's direct phone number?
Nicholas Davis π π's direct phone number is +160834*****
What schools did Nicholas Davis π π attend?
Nicholas Davis π π attended University Of Wisconsin-Madison, University Of Wisconsin-Madison, University Of Wisconsin-Madison, St. John's International School.
Free Chrome Extension
Find emails, phones & company data instantly
Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Aero Online
Your AI prospecting assistant
Select data to include:
Total price:
$0.00
0 records Γ $0.02 per record
Download 750 million emails and 100 million phone numbers
Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.
Start your free trial