Chief Information Security Officer
CurrentI am currently managing various information security programs, including risk/threat/vulnerability management, security architecture, incident response, security operations/awareness, and sensitive information protection. Major Responsibilities:Establishing latest and secure cloud configuration technology and standards, monitoring APIs, conducting application penetration testing, steering implementation of end-to-end encryption on payment terminals and tokenization of online credit card numbers, building in-house penetration testing team for internal, external, web, and app security assessments, delivering monthly updates to Chairman of Board and quarterly presentations to Board of Directors, ensuring compliance with privacy laws including CCPA and GDPR, implementing robust compliance frameworks to safeguard company data and customer privacy, and spearheading global InfoSec operations across 12 countries and 4,000+ stores. Selected Accomplishments: • Deployed repeatable metrics program to track progress across multiple security program components. • Led tokenization of all e-commerce credit cards and executed Bot and Code defense on e-commerce websites.• Updated and simplified information security technology platform catalog and conducted comprehensive overhaul of vulnerability management process.• Directed InfoSec through digital transformation initiatives, including BOPIS, DIY Education, e-commerce personalization, virtual color expertise, and data lake integration.