Vice President, It Security
Atlanta, Ga
Reporting to the CIO, I established the global IT security program, scaled internal and external teams, and managed an 8-figure budget. I managed security strategy, cloud security, cybersecurity, DevSecOps, threat & vulnerability management, risk assessment, risk management, and security operations.► Formed the global IT security leadership team, mission, vision, and security roadmap and launched the first cloud security initiative.► Raised the Cybersecurity Capacity Maturity Model (CMM) score by 1.25 points, exceeding the goal. Implemented NIST CSF, built a new vulnerability management program, and created a compliance program for PCI, SOX, SWIFT, GDPR, CCPA, and the China Cyber Security Law. Rebuilt the IAM program; deployed endpoint protection and response.► Increased overall security tool availability from ~75% to 99.99%.► In first 2 weeks, eradicated incoming phishing and spam emails by sourcing a solution vendor, forming an implementation team, leading roll-out of an email filtering program, and guiding the company through the change.► Achieved record SLA compliance and 7-figure savings in 1 year by outsourcing 24x7 security operations, security engineering, and QA testing. Oversaw contract negotiation, advised on metrics, headed transition, integrated security into SDLC, and increased SDLC automation.► Enabled consistency in security projects, minimized scope creep, and drove governance. Redesigned project processes from kick-off to approval, documentation, tracking, scope management, goal-setting, and timelines.► Transformed employee engagement to exceed that of all teams companywide through a culture of transparency, open communication, and inclusion. Led highest participation on the engagement survey.► Engendered a corporate culture and leadership team that viewed security through a risk lens, yielding lower insurance, IT, and other costs. Initiated a reevaluation of IT risks, alignment of risk to cost, and risk mitigation.