Ross Coudeyras Email & Phone Number

Leading privacy regulation efforts (US and GDPR)

Leading SaaS Information Security and Compliance

• Managing the regular compliance and renewal of security and privacy certifications (SOC 2 Type II, ISO, Privacy Shield/EU-US DPF, SSPA, GDPR, CCPA/CPRA, etc.)
• Maintaining policies, standards, and procedures documents and monitor the lifecycle of those documents to develop best practices and standards for Information Security
• Implementing and maintaining internal security controls to protect Remesh systems and associated data
• Administering and monitoring security controls to ensure compliance with security policies and standards
• Evaluating third-party security policies and documentation to ensure all partners comply with our security policies and standards
• Coordinating the regular execution and documentation of penetration tests and security audits

I am teaching a new course: IST 415 Cybersecurity: Laws, Policy, and Society.IST 415 will survey common legal, organizational, and human-centered topics and techniques needed to secure digital data and resources in today's interconnected world. Topics will include personal, organizational, and societal security issues, as well as legal and compliance.

• Responsible for information technology and security risk, governance, and compliance duties
• Established and nurtured business relationships with cross-departmental stakeholders to help drive maturity, capability, and formality into Spreetail’s current framework
• Assessed, built, validated, documented, and supported the implementation of internal controls as part of on-going compliance efforts (e.g., NIST, SOX, ISO27001, etc.)
• Identified and reported control nonconformities that affecedt Spreetail’s strategic compliance objectives and made recommendations to stakeholders, aimed to reduce the likelihood of control failure
• Assisted the team with reviewing and tracking outstanding information security findings and remediations, especially as they relate to policy, procedures, and risk gaps
• Participated in driving education and awareness of information technology and cyber security-related risks to the business, its employees, various teams and reviewing the Information Security Controls implemented in.

• CampusGuard provides security and compliance services focused on the needs of campus based organizations including educational institutions, healthcare providers, and state and local agencies. While there are many.
• The open nature of the physical and technical environment
• Departmental decentralization that can limit central policy enforcement
• Data-rich information systems that create natural targets for intruders
• Over-tasked IT staff who sometimes struggle to focus on security measures
• Multiple often competing constituents

Lincoln, Nebraska Area

• Led audit and assessment projects, including SOC 2 Type II (across six subsidiaries); SOX; penetration testing; internal audit security controls; change management; on/off boarding of users
• Used risk analysis as a guiding principle in the assessment, development, and recommendation of security controls to meet compliance and laws/regulatory requirements (i.e., HIPAA, HITECH, state, and federal privacy.
• Conducted security and risk assessments of applications, software, and hardware both internal and external to NRC Health, including due diligence on-site audit visits to sub-service organizations and legal agreements.
• Developed, implemented, and promoted a company-wide security awareness and education program
• Created, supported, and maintained a centralized repository of security controls aligned with client Service Level Agreements (SLAs), as well as policies, standards, procedures, and guidelines
• Developed action plans, schedules, status reports, and other communications intended to track and improve the status of information security, including security vulnerabilities, risk-mitigating initiatives, policy.

Lincoln, Nebraska Area

• Led IT governance in business continuity planning and DRP testing
• Verified and ensured system operations complied with security policies and procedures while performing system administrator activities of on-premise Microsoft Exchange; virtual desktop/server VMWare; and SCCM.
• Administered access and permissions to system resources, created and maintained user accounts and permissions, recommended and implemented security practices to minimize risks and vulnerabilities, hardened and patched.
• Implemented, maintained, and monitored backup services, enterprise directory services, server related network/storage infrastructure, disaster recovery, and data recovery procedures
• Adhered to standards and procedures for project management, change requests, configuration management, and incident/request management
• Interfaced with vendor support on behalf of the end users, data owners, and stakeholders

Lincoln, Nebraska Area

• Managed audit & assessment projects, including SOC 2 Type II
• Participated in backup and disaster recovery planning, implementation, and testing
• Led SaaS system operations compliance activities, including security policies and procedures involving complex web hosting configuration components: F5 load balancers, IIS web servers, MS SQL database servers, Akamai.
• Responsible for all code deployments, including development, test, stage, and production product environments. Worked with development, QA, and support teams to coordinate maintenance activities and provided weekly.
• Monitored and optimized system performance taking both proactive and reactive measures to correct and prevent issues. This included 24x7 on-call role to provide support for customer-facing application environments
• Created and maintained documentation of enterprise infrastructure topology and system configurations

Lincoln, Nebraska Area

• Designed, planned, installed, administered, and supported technology systems, servers, virtualization platforms, desktop/mobile platforms, and /or related hardware, operating systems, and software, including 2,500+.
• Created workstation images used as a baseline to ensure security best practices
• Led identity and user management

Crete, Nebraska

• Installed software and performed machine maintenance while providing support and consultation to clients and co-workers regarding project status, tasks, network status, and/or other related issues through excellent.
• Trained new help desk technicians

Crete, Nebraska

• Led staff information technology development
• Planned, coordinated, and performed Apple and Windows computer repair and support for K-12 staff and students across five locations. This included Microsoft Windows and Apple platforms: Windows Server 2003, 2008.