Richard Colonna Email and Phone Number

As the CISO for EarthCam, I have been tasked with creating an Information Security program from the ground up, by onboarding key personnel, developing policies, developing a defense strategy and implementing key information security processes, including vulnerability management, incident response protocols, access control policies, and continuous monitoring systems, all in pursuit of SOC 2 Type 2 and ISO 27001 certifications.

As the Head of Cybersecurity and Infrastructure at The Burgiss Group LLC, I am entrusted with the monumental responsibility of building our cybersecurity program from the ground up. Drawing on my strategic vision and technical prowess, I lead the development and execution of comprehensive security protocols and infrastructure frameworks. Identifying critical risks and vulnerabilities, I spearhead the implementation of proactive measures to safeguard our assets and data. Collaborating closely with cross-functional teams, I ensure that our cybersecurity initiatives align seamlessly with our organizational objectives, fostering a culture of security awareness and compliance across the company. Remaining steadfast in my dedication to staying ahead of emerging threats positions our cybersecurity program as a cornerstone of Burgiss Group LLC's resilience and success in navigating today's intricate digital landscape.•Established a comprehensive Global Risk and Compliance (GRC) strategy from the ground up, resulting in a 30% reduction in technology security risks, saving $3 million in costs, and ensuring full compliance.•Achieved a 30% reduction in response time to Vendor Risk Management requests by implementing a streamlined process, resulting in improved efficiency and timely compliance with industry standards.•Implemented endpoint security strategy across all company devices, resulting in a 40% decrease in data breach incidents and safeguarding $5 million worth of critical systems and information assets.•Led the coordination of projects, ensuring adherence to security controls. Achieved a 20% reduction in project delays by tracking progress weekly. Collaborated with teams, resulting in 100% compliance with audits.•Reduced system vulnerabilities by 60%, saving $2 million through improved patching procedures and integrating security into development lifecycle.

As a the VP of Risk and Business Controls at JPMorgan Chase & Co, I directed three pivotal teams: Risk Management, Vendor Management, and Operation Controls. With a focus on safeguarding the integrity and stability of operations within the ECS Business Unit, I orchestrated comprehensive risk mitigation strategies. In Risk Management, my team assessed and mitigated potential risks, protecting against financial, operational, and reputational harm. In Vendor Management, we meticulously evaluated third-party relationships, balancing risk and value. Within Operation Controls, we established and enforced internal controls, ensuring operational excellence and reducing errors or fraud. Through my leadership, these teams upheld accountability, transparency, and regulatory compliance, contributing to the organization's reputation and trust with stakeholders.•Innovated risk remediation plans leading to the elimination of 80% of identified control gaps within the ECS unit.•Cultivated a collaborative culture with technology teams, resulting in a 30% increase in risk awareness and proactive engagement, leading to more effective risk mitigation strategies.•Managed third-party vendor relationships to ensure contractual obligations and service quality standards were consistently met, resulting in a 95% compliance rate and seamless service delivery. •Orchestrated cost-effective procurement strategies for a $20M independent third-party software budget.•Conducted comprehensive assessments of over 100 third-party vendors, successfully identifying and mitigating security risks, resulting in a 50% reduction in potential security incidents.•Directed the Third-Party Oversight (TPO) team, enhancing evaluation protocols for vendor-related risks, resulting in a 40% improvement in risk identification and mitigation strategies.

As the Network Operations Manager, my primary responsibility was to ensure the smooth operation of a complex network infrastructure, which includes managing two MPLS networks, multiple campus switching networks, an OC10 Metropolitan Area Network (MAN), and an offshore support team. My role focuses on optimization, troubleshooting, and maintenance to guarantee uninterrupted connectivity and optimal performance across all network segments. Leading both onshore and offshore teams, I provide guidance and support to uphold the highest standards of network reliability and efficiency. Additionally, I collaborate closely with internal stakeholders and external vendors to identify emerging technologies and implement best practices, driving continuous improvement and innovation within the network operations domain. Through strategic oversight and proactive management, I played a critical role in maintaining the integrity and effectiveness of the organization's network infrastructure, vital for seamless communication and data transfer.