Sandip Patel

Sandip Patel Email and Phone Number

Partner at IntelliTrust @ Trexin Consulting
Sandip Patel's Location
United States, United States
About Sandip Patel

As the Chief Information Security Officer (CISO) at our organization, I hold a pivotal role in ensuring the integrity, confidentiality, and availability of our information assets and technology infrastructure. Leading both the Information Security and Security Operations teams, my responsibilities encompass a comprehensive array of tasks spanning technology management, process optimization, governance, and safeguarding our company's data, users, and intellectual property. This remit extends to cover not only our organization but also its subsidiaries and affiliates, underscoring the breadth of my oversight and accountability.With a distinguished career spanning over 20 years, I bring a wealth of experience to this role, with a specialized focus on financial and banking services, coupled with extensive expertise in information and cybersecurity. Prior to joining our esteemed organization, I held key leadership positions at reputable companies such as Truckstop.com, where I served as the Director of Information Security, and Plus Relocation, where I held the role of Manager of Information Security. These roles provided me with invaluable insights into the unique challenges and intricacies of securing sensitive data and critical infrastructure within dynamic and high-stakes environments.Beyond my professional endeavors, I am deeply committed to giving back to society and leveraging my skills and resources to make a positive impact. I am actively involved with the Homeownership Preservation Foundation, where I dedicate my time and expertise to assisting individuals facing financial hardships, offering guidance and support to help them navigate challenging economic circumstances. Additionally, my passion for social welfare and human empowerment led me to engage with the Isha Foundation, a spiritual organization dedicated to fostering personal and societal transformation through various initiatives aimed at uplifting communities and promoting holistic well-being.In summary, my tenure as Chief Information Security Officer is characterized by a steadfast commitment to excellence, integrity, and service. With a robust background in financial services, coupled with extensive experience in information and cybersecurity, I am well-equipped to navigate the complex landscape of technology governance and risk management. Moreover, my dedication to philanthropic endeavors underscores my belief in the importance of using our talents and resources to create positive change and empower those in need.

Sandip Patel's Current Company Details
Trexin Consulting

Trexin Consulting

View
Partner at IntelliTrust
Sandip Patel Work Experience Details
  • Intellitrust
    Svp / Ciso
    Intellitrust Nov 2024 - Present
    IntelliTrust is apart of a group of companies dedicated to bring CyberSecurity and Technology advisory services and solutions to niche and specialty industries and areas.
  • Trexin Consulting
    Lead Security Consultant
    Trexin Consulting Nov 2024 - Present
    Minneapolis, Mn, Us
    View
  • Hadrian
    Advisory Board Member
    Hadrian May 2023 - Present
    Amsterdam, Nl
    Hadrian understands that CISOs and their teams can't be expected to attend to every potential threat across the attack surface. Our autonomous technology identifies real threats and prioritizes where action is needed, connecting urgent tasks to existing workflow tools and processes so that the important stuff gets handled first.
    View
  • Redshelf
    Vp | Infrastructure | Security | It
    Redshelf Apr 2024 - Nov 2024
    Chicago, Illinois, Us
    View
  • Beyond Finance
    Chief Information Security Officer
    Beyond Finance Jun 2020 - Apr 2024
    Chicago, Il, Us
    As a seasoned cybersecurity executive, I've spearheaded transformative initiatives to fortify organizational defenses and ensure data integrity. My achievements include:Establishment of a comprehensive Data Governance Program, setting rigorous standards across the data lifecycle.Orchestrated a seamless migration to AWS, fortifying infrastructure security in alignment with best practices.Directed successful certifications, including SOC2, ISO 27001, and HITRUST Audits, validating compliance and trustworthiness.Implementation of a Zero Trust Model, leveraging technologies like CASB, WAF, DDOS, and Cloudflare for remote workforce security.Deployment of automated pen-testing service, Hadrian.io, to bolster system and web application resilience.Developed Business Continuity Plan and Disaster Recovery strategy for AWS and Snowflake Data Warehouse.Selection and implementation of an MSSP SOC, augmenting threat detection capabilities and overall security posture.Conducted comprehensive gap analysis, crafting a prioritized roadmap for remediation in collaboration with business and IT stakeholders.Implemented Information Security Program aligned with NIST 800-53, NIST 800-171, and ISO 27001 frameworks.Established a robust 3rd party risk program, categorizing vendors based on criticality.Co-managed a $120M IT budget, optimizing expenditure and managing asset depreciation.Leveraged Jumpcloud DaaS and MDM for identity and software management.Implemented Automox for security vulnerability patching and device configuration management.Chair the Risk Committee, presenting risk priority efforts to the Board of Directors.Developed a successful Security Awareness and Training program, significantly reducing phishing click rates and ensuring proper data usage.Managed the IT Operations team, overseeing Cloud IDP, JC DaaS, AWS infrastructure, security patching, and network infrastructure.
    View
  • Truckstop.Com
    Director Of Information Security / Information Security Officer
    Truckstop.Com Feb 2017 - Jun 2020
    New Plymouth, Id, Us
    Responsible for all aspects of information security across the Truckstop.com enterprise. Supporting, developing and maintaining a robust security strategy with pertinent security policies, protocols and SOP’s across all Truckstop infrastructure both cloud and physical, products and services.Manages and oversees security aspects of systems to protect data from unauthorized access. Implementing IT security tools and technology to support security processes; and performing periodic security assessments and control reviews to assess the effectiveness of network security, web security, host-based security, application-level security, and database security. Accountable for implementing and monitoring adherence to established IT security policies/procedures/standards. Manages resolution for security incidents. Coordination with key functions including IT Operations, IT Applications, IT Integrations, and IT Leadership.
    View
  • Plus Relocation
    Manager, Information Security
    Plus Relocation Jun 2016 - Jan 2017
    Minneapolis, Mn, Us
    ● Establishing and maintaining an information security and data privacy program to ensure that data information assets are adequately protected to meet company and client requirements● Maintain and publish up-to-date information security policies, standards and guidelines. Oversee the approval, training, and dissemination of security policies and practice● Ensure EU Privacy Shield law Compliance is built into business process and alignment with systems, applications and architecture● Manage create the risk-based process for supplier risk management, including the assessment and treatment for risks that may result with key partners and resources● Manage and update information security and risk management awareness training programs for all employees, contractors and approved system users● Assist in RFP and growth processes relative to security content to address potential needs or gaps.● Work directly with key resources to facilitate IT risk assessment and risk management processes● Provide regular reporting on the current status of the information security program to key partners● Develop information security protection goals, objectives, and metrics● Manage an information security management framework to create and maintain third party certifications and compliance● Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls● Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation● Develop and implement business continuity and disaster recovery programs. Developing and managing annual information security audit plans● Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action● Manage regulatory and compliance policies● Manage security frameworks and standards
    View
  • Bluestem Brands, Inc.
    Senior Information Security Consultant
    Bluestem Brands, Inc. Oct 2015 - Jun 2016
    Eden Prairie, Minnesota, Us
    - Works with IT management to develop and improve IT processes and controls and coordinate internal and external audit of IT controls- Works with IT and business colleagues to ensure audit readiness and to prepare for internal and external audits- Contributes to the IT Security Program, ensuring alignment to information security standards and frameworks- Partners with team and communicate status; work with business partners and colleagues on program subject area- Identifies and improves security processes and standards across IT- Participates in the implementation and support of a new identity management solution- Supports the Data Privacy Program including operational reviews for compliance; collaborate with Legal, Compliance and HR- Keeps up to date on current and emerging threats and facilitate IT security and privacy training and awareness- Assists with vendor security assessments, including cloud security against industry standards- Suggests new standards, tools, policies and procedures to improve security, compliance and risk management activities- Assists with benchmarking innovative solutions as a method of monitoring progress to ensure value is being created and is consistent with organizational needs, objectives and standards
    View
  • Pwc
    Senior Associate - Health Industries Advisory - Cybersecurity & Privacy
    Pwc Aug 2015 - Oct 2015
    Gb
    • CyberSecurity & Information Security Consulting providing clients risk and security services for various Fortune 100 companies including;• Security Program Maturity Assessments, Security Policy Framework Development, IT Audit, IT Risk Assessments, Threat and Vulnerability Management, Third-Party Assurance, PCI Compliance, Enterprise Risk Management, IT General Controls Review, Fraud Risk Assessments, Identity & Access Management, Vendor Security Risk, and Sarbanes-Oxley Compliance
    View
  • Homeownership Preservation Foundation
    Senior Security Technical Consultant
    Homeownership Preservation Foundation Jul 2014 - Aug 2015
    Farmington Hills, Michigan, Us
    Information Security:• Lead SSAE SOC 2 Type I and Type II audit prep/evidence gathering/onsite audit process/gap analysis• Manage list of security enhancements & gaps, work with VP of IT & Security , and Info Sec Committee• Lead Info Security team for review, improvement, and expansion of Information Security policies, procedures, and standards• Manage, review and remediate Vulnerability Scans - Alert Logic, NexPose• Manage, review and remediate Penetration Testing and issues found• Manage Incident Response plan & execution, including procedure and documentation• Manage and conduct third-party IT assessments, including counseling agencies and IT partners• Lead role in Business Continuity / Disaster Recovery plan development, implementation and testing• Implement and manage security-based projects such as DLP or MDM implementation• Lead role in Security and Operational Risk assessment exercises, and mitigation strategies• Contribute to employee security awareness and training programsCompliance & Operations:• Lead role in completing IT Security Assessments from Stakeholders• Lead role in Stakeholder onsite audits/assessments• Create and execute processes to ensure HPF systems are in compliance with Information Security policies• Review and analyze contracts for Information Security impact, and assist in identifying actions to comply• Review, understand and share any regulatory compliance that is appropriate to HPF and its parters/vendors• Participant on internal Compliance team, representing HPF ITInfrastructure/Network Administration:• Server/network administration, including patch management, performance management• System architecture and configuration management to support HPF’s security policies and Disaster Recovery planning• Workstation management, active directory domains and group policies• SharePoint administration & security understanding & management• Infrastructure management & security risks, such as Wireless Access
    View
  • Assurity River Group (Acquired By Wipfli Llp)
    Information Security Consultant
    Assurity River Group (Acquired By Wipfli Llp) Oct 2013 - Jul 2014
    - Client base is constructed of financial/banking and legal sectors- IT Governance - Information Security Charter, Program and Policy Development in accordance with ITAR, FFIEC, HUMACHA, WACHA, GLBA, PCI-DSS, ITIL, COBIT, IRS 1075, IRS Circular 230, and NIST regulatory bodies.- Review and Analysis of Client SSAE 16 Reports - SOC1, SOC2, SOC3, Due Diligence Reports, SAS70 and SAS90 Reports- Conduct IT Audits and information security reviews for financial institutions such as banks, credit unions and law firms in accordance with FFIEC, HUMACHA, WACHA, GLBA, PCI-DSS, ITIL, COBIT, IRS 1075, IRS Circular 230, and NIST regulatory bodies.- Revise and analyze risk in IT operations and systems, hardware configurations, physical security and operating procedures across organization. - Consult and comply with set controls, policies, procedures and standards while carrying out IT activities. - Search technology and reduce risks in every information security segment. - Suggest measures to improve IT related procedures, operations, processes and systems throughout organization. - Implement penetration testing along with ethical hacking. - Suggest and execute IT technologies, strategies and policies to guard customer’s information assets. - Implement security risk analysis for current and new systems to find system weaknesses or disclosures. - Recommend solutions for explaining risks and reducing exposure areas. - Prepare security program plans and execute IT controls, processes, audit tools, interfaces and utilities for authentication. - Support and provide consultancy for audit compliance actions. - Implement periodic, on-demand project audits plus vulnerability analysis. - Determine compliance through user accounts, application usage, system file and outside scans. - Perform independently in team implementing security and privacy engagements. - Review client networks and applications.
  • Heidrick & Struggles
    Senior Information Security Professional
    Heidrick & Struggles Jun 2013 - Sep 2013
    Chicago, Il, Us
    Deliver consulting services to clients to help them achieve IT Security-related business goals around PCI-DSS and ISO security models. Works with a variety of people from different internal organizational units bringing them together to manifest controls that reflect workable compromises as well as proactive responses to current and future security risks. Works closely with CIO, VP, Director, Professional Services, other consultants and clients.Provides hands-on consulting services to clients that will offer enhanced levels of information security.Conducts Risk Assessments and Information Security Program Assessments.Interprets information security policies, standards, and other requirements as they relate to a specific internal information system, and assists with the implementation of these and other information security requirements.Completes assigned functions as stated in engagement proposals, or other statements of work.Understands and communicates engagement objectives internally and to the client. This includes both overall engagement goals and specific consultant objectives.Leverage subject matter expertise and consulting experience to help the client create information security solutions.Develops and communicates security strategies, solutions and plans to client executive team, staff, and stakeholders.Works closely with the client to fully secure information, computer, network, and processing systems.Creatively and independently provide resolution to security problems in a cost-effective manner.Assess and communicate any and all security risks associated with any and all purchases or practices performed by the company.Collaborate with CIO leadership, privacy officer, human resources to establish and maintain a system for ensuring that security and privacy policies are met.
    View
  • Heidrick & Struggles
    Global It Production Control Analyst
    Heidrick & Struggles Jun 2012 - Jun 2013
    Chicago, Il, Us
    • IT Audit of internal system infrastructure, SOX Compliance with auditors (PWC and KPMG) and Production Control Processes Implementation with ITIL processes.• Provide work direction, technical support, education and training for Production Control, Application Programming, Computer Operations and user groups in areas related to production control and data set management.• Coordinate all changes and provides a change calendar for management with additional communications to Computer Operations, Infrastructure & Upper Management in IT.• Research and qualify the need for selected software and hardware innovations, Asset Management, Inventory Control & Cloud Vendors and Services.• Created procedural standards and educated management and IT personnel on the pre and post installation of the procedures.• Manage outsourced team of 10 from HCL (backend server infrastructure management) to generate reports critical for infrastructure needs, IT security and Audit/SOX Compliance.• IT Policy writing/reviewing/editing for Infrastructure/Security/Compliance.
    View
  • City Colleges Of Chicago
    Cis Instructor
    City Colleges Of Chicago Aug 2010 - Jul 2013
    Chicago, Illinois, Us
    Cisco – Network FundamentalsOracle – Database Design w/SQL & PL/SQLCitrix XenApp-XenServer-XenDesktopTeach and manage Cisco Academy for City Colleges of Chicago - Olive Harvey College Campus. Teach and manage Oracle Academy for City Colleges of Chicago - Olive Harvey College Campus. Teach classes advanced programming classes from 100 level to 262 level.
    View
  • Project Leadership Associates
    It Consultant
    Project Leadership Associates Aug 2011 - May 2012
    Technology ConsultingWindows XP/7/2003/2008SCCM 2007 - Desktop Deployment CoordinationActive Directory AdministrationLAN/WAN designMicrosoft Exchange 2007/2010Citrix XenApp, XenServer, XenDesktop ConfigurationDisaster Recovery PlanningBackup systems design and implementationStrong written and oral communication skillsAdept in communicating with technical and non-technical audiences
  • Hyperquest
    Network Administrator
    Hyperquest Mar 2010 - Jan 2011
    Us
    Active Directory Administration – responsible for creating, managing user ID’s, groups, and allotting access to domain.• Setup Remote Desktop connectivity amongst clients and internal employees (supported 60 internal and external end users on a daily basis using Microsoft Server 2008 R2).• Created Group Policy Objects and setup updates with Update Server via GPMC for domain.• Setup network and active directory installations of HQ LINK software – for client’s networks – body shops – independent appraisal companies, national companies – ex: Carstar Canada, Oregon Mutual Insurance, Nationwide Insurance, Access General Insurance, Auto Claims Direct.• Email Administration – responsible for Microsoft Exchange Server 2007 , Google Apps Email Administration, Fastroot – Squirrel Mail Administration - configuration and maintenance of 100+ users. • Installation and Maintenance of Panasonic KX-TDA200 Hybrid IP PBX phone system with TVS200 Voicemail system.• Setup and maintenance of CommSoft call recording server and software on 30 workstations and phones -14 in-house phones – 16 remote users. Configured digital cards – 8 port DLC, 16 port DLC, MPR – central processing unit, IPex16 – 16 IP phones (remote users).
    View
  • Jays Import & Wholesale, Inc.
    Network Administrator
    Jays Import & Wholesale, Inc. May 2008 - Jan 2010
    • Defined and implemented corporate policies regarding the location, safety and security of servers and equipment. • Planned, coordinated, and implemented Windows, 2000 server and 2003 server installations.• Analyzed plans for file servers, develop plans for network topology conversion project, and provided training for technical personnel. • Email Administration – setup and maintenance of Exchange Server 2003/2007 for 30 users- both internal & external employees using Windows Mobile & Blackberry mobile services.• Active Directory Administrator – control and setup of domain, groups, and users were utilized to maximize user and company productivity using Group Policy Management Console (GPMC) through multiple Windows environments.• Unix Administration - Responsibilities as a Unix System Administrator include o monitor and tune system to make sure of the optimum level of the performance. o Kept track of the appropriate software and upgrade the software packages.o Developed and maintained documents, library and procedural documents of the system, and interacted with the clients to talk about the problems and request regarding the complex system issues.

Sandip Patel Education Details

  • Keller Graduate School Of Management Of Devry University
    Keller Graduate School Of Management Of Devry University
    Computer And Information Systems Security/Information Assurance
  • Devry University
    Devry University
    Computer Systems Networking And Telecommunications

Frequently Asked Questions about Sandip Patel

What company does Sandip Patel work for?

Sandip Patel works for Trexin Consulting

What is Sandip Patel's role at the current company?

Sandip Patel's current role is Partner at IntelliTrust.

What schools did Sandip Patel attend?

Sandip Patel attended Keller Graduate School Of Management Of Devry University, Devry University.

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.