Tony Pentecost Email and Phone Number

Primary focus on aligning an organization's information security strategy with its business objectives. Serving as a bridge between the business units and the cybersecurity team, ensuring that security initiatives are tailored to the specific needs of the business while also meeting regulatory and compliance requirements. Position works closely with leadership to manage risks, develop security policies, and promote a security-conscious culture across the organization.

• Designed and Implemented Automated Security Controls: Engineered and deployed automated cybersecurity controls across multi-cloud environments, significantly enhancing security posture. Achieved reductions in security incidents and a decrease in compliance audit times through proactive threat detection and response mechanisms.• Compliance Validation Leadership: Partnered in the development and implementation of automated compliance validation capabilities, ensuring continuous adherence to cybersecurity standards and policies. These efforts led to improvements in audit compliance scores and reduced policy violation.• Ongoing Technical Risk Analysis: Conducted regular monitoring and risk assessments of cloud environments, providing detailed reports on risks, issues, and potential threats. This proactive approach led to a reduction in unresolved security risks and improved cloud environment stability.• Stakeholder Collaboration for Security: Collaborated with stakeholders to document and enhance processes for risk management and control objectives, resulting in a increase in compliance with cybersecurity policies and improved operational security.• Risk Analysis Reporting: Facilitated the collection and analysis of risk data, producing meaningful reports that guided technical remediation of security deficiencies and compliance findings.• Control Design and Effectiveness Support: Supported the implementation and evaluation of cloud security controls, achieving a improvement in control design and effectiveness, which led to enhanced organizational security posture.• Process Improvement Initiatives: Identified gaps and recommended technical enhancements to existing processes and policies, leading to an increase in operational efficiency and a significant reduction in security risks.• Best Practices Enforcement: Drove the adoption and enforcement of best practices in report templates and tools, standardizing security reporting and improving report quality.

• Enhanced Application Security: Led the development and implementation of application security protocols, reducing vulnerabilities by and significantly improving the overall security of cloud applications. • Compliance and Risk Management: Developed and enforced compliance strategies that aligned with industry standards (NIST, GDPR), reducing compliance gaps and enhancing risk management practices across cloud environments. • Cloud Security Transformation: Directed a comprehensive cloud security transformation, which resulted in a reduction in unauthorized access incidents and improved cloud infrastructure security. • Advanced Threat Detection Implementation: Deployed advanced threat detection tools, which increased threat identification accuracy and reduced incident response times. • Cross-functional Security Leadership: Partnered with development and operations teams to integrate security measures into cloud and application development processes, leading to a improvements in security compliance and a reduction in project delays. • Vulnerability Management Program: Established a proactive vulnerability management program, achieving a reduction in critical security vulnerabilities and a faster remediation process.

• Developed Robust Security Framework: Led the development of a comprehensive application security framework, which decreased security breaches and enhanced overall application security.• Security Controls Implementation: Implemented security controls that significantly improved compliance with regulatory standards and reduced security audit findings.• Security Awareness and Training: Conducted security training programs for development teams, increasing security awareness and reducing application vulnerabilities.• Cross-departmental Security Integration: Worked closely with other departments to integrate security practices, achieving an improvement in security compliance and a more secure application environment.

• Lead Architect, Programmer, and Designer of GRC Tool: Developed functionalities in collaboration with business leaders and executive management, managing data change sets, source code, and training documentation.• Custom Reporting Development: Created and delivered custom reports based on management needs, providing actionable insights for business decision-making.• Global Compliance Coordination: Coordinated a global effort to centralize, standardize, and enhance functions, including JSOX compliance, physical security, and risk management, leading to improved global operational efficiency.• Office 365 Subject Matter Expert (SME): Served as a central global resource for Office 365 knowledge, best practices, and enhancements. Participated in the global deployment team, developed action plans to address security concerns, and advised on GDPR compliance.• SharePoint Expert for North and Latin America: Assessed environments for design, governance, and security risks, provided strategic advice to management and executive committees, and assisted in investigations, data collection, and data retention efforts.• Kaizen Lead: Provided audit and risk management teams with tools to exceed business needs and expectations. Enhanced methodologies, communication channels, and automation of routine functions.• Global Audit Technology Advisor: Led the design and architecture of global solutions for risk management needs, developed expansion plans for current tool sets, and advised global management on resource and data security needs.

• Provided Comprehensive IT Services: Managed a range of IT services including graphic design, networking, managed services, and software development. Oversaw the successful execution of over 100 business branding projects and 300+ websites, enhancing client visibility and market reach.• Boosted Client Success: Enabled clients to win government contracts through effective design and implementation practices, leading to an increased contract win rate.• Expanded Client Base: Grew the client base by 35% annually through exceptional customer service and referrals, extending services to clients across united states and abroad.• Managed IT Projects: Directed multiple IT projects, reducing client overhead costs by 30% and improving infrastructure efficiency and scalability.• Designed National Campaigns: Created the 2015 CDC Asthma Awareness Brochure, widely distributed in hospitals and government offices across the U.S., raising public health awareness.• Provided Scalable IT Solutions: Delivered affordable web hosting and managed services, reducing client overhead by 35% and enhancing their operational capabilities.

• Led IT Infrastructure Renovation: Spearheaded major infrastructure renovations, increasing network productivity by 40% at remote sites and enhancing overall IT efficiency.• Developed and Executed IT Strategies: Formulated and implemented IT plans that reduced costs by 25% and improved operational policies and procedures across four companies.• Implemented Cloud Solutions: Centralized document management through the design and integration of Office 365 and SharePoint Online, improving accessibility and productivity by 30%.• Managed IT Staff and Projects: Hired and managed a skilled IT team, supporting the executive vision and successfully executing multiple IT projects that improved company operations.• Improved Disaster Recovery: Designed and implemented robust disaster recovery processes, ensuring 99% operational uptime and enhancing business continuity.• Enhanced Operational Compliance: Increased operational compliance, enforced security policies, and raised network vulnerability awareness, significantly improving security posture.

• Enhanced Network Support: Provided comprehensive network support, reducing departmental costs by 15% and improving system reliability.• Designed Winning Proposals: Developed graphic designs for government and commercial proposals, contributing to contracts worth $500k - $200 million.• Implemented IT Solutions: Managed PBX systems and security infrastructure, enhancing communication and security for the organization.• Designed, Built, and Deployed Software for various projects and proposals• Provided support and Database Administration for multiple web applications

• Provide dedicated hardware and software support for company’s flagship applications• Created and implemented imaging procedures for computer systems to increase productivity.• Reduced inventory cost by maintaining and monitoring inventory levels including all warranties• Installation and support for Cisco phones through Cisco Unified CM Administration• Supported Cisco VPN and Citrix clients on multiple levels of support• Managed Organizational Units in Active Directory (users and workstations)• Executed batch files to ensure data was encrypted on all systems using Safe Guard Easy• Served as a point of contact on numerous projects for departments within company• File Administrator for Secure File Transfers to ensure HIPAA compliant with all data transfers• Supported network infrastructure on multiple tier levels• Implemented Inventory Database for Medicare Advantage for better tracking of systems• Software Security Policy Administrator• Developed applications/websites for internal use for IT Staff to help productivity for support tickets