Roland Bouteiller, MS, MSIS, MAS, CISSP, MCSE
Castro Valley, CA 94546 628-***-**** ********@********.***
LinkedIn: https://www.linkedin.com/in/roland-bouteiller
Global Information Security Manager
Results-focused data driven Information Security Professional with expertise in directing all aspects of highly technical multi-million dollar projects. Effective in defining breakthrough technology options based on organizational needs and capabilities. Recognized as an organizational thought leader and subject matter expert.
Repeated success in guiding off-shore, cross-functional teams of security experts, senior managers, vendors, and key stakeholders in identifying corporate Security improvement opportunities, evaluating technical risk assessments, and leading security related initiatives across operational, tactical and Strategic functions.
PROFESSIONAL EXPERIENCE
Alameda County, Oakland, CA 2016 present
Senior Security Architect
Responsible for developing, delivering and driving Alameda County global information security program based on CIS top 20 security controls, NIST, PCI DSS, HITRUST and HIPAA cybersecurity frameworks.
DELIVERED RESULTS
Led Information Security efforts for Alameda County, a $2.97 billion county budget supporting 20 cities, Law Enforcement agencies, Health agencies, etc. within a federated environment.
Defined, proposed and got approved by C level executive leaders a five-year Information Security strategy and corresponding budget.
Developed Security Awareness, Cyber Threat Intelligence, Incident Response, Threat & Vulnerabilities programs.
Defined team functions and established staffing requirements to support functional tasks and accomplish goals.
Mentored and coached technical leaders and contributed to/support the overall strategic and operating visions of the company.
Managed risk-based projects such as PeopleSoft, PCI audits, including operational process reviews and review of system implementations, applications and other IT-related risk areas. Performed risk assessments, prioritized initiatives and determined resource needs.
Established external relationships with Department Homeland Security (DHS), Federal Bureau of Investigation (FBI), Center for Internet Security (CIS), Multi State Information Sharing and Analysis Center (MS-ISAC) and California County Information Services Directors Association (CISSDA).
ALBERTSONS SAFEWAY, Pleasanton, CA 2013 2016 (fortune 50)
Information Security Manager acting Director Direct Report to CISO
Directed overall strategic and tactical effort to optimize Information Security Defensive and Analytic capabilities. Managed Information Security department and lead teams in support of information security operations and engineering for the Safeway / Albertsons group. Supported compliance effort related to HIPAA and PCI.
DELIVERED RESULTS
Oversaw all IS engineering and operations aspects of infrastructure and e-commerce development; supporting 2 US data centers, 2.4K stores, 1.7K pharmacy locations, and 1K fuel stations for 300K+ employees across USA, Canada and Philippines. Set high standard of excellence in service delivery and culture of deep responsibility, urgency, and ownership.
Designed established and maintained an organization structure and staffing to effectively accomplish goals and objectives; recruited employed trains supervised and evaluated staff
Created and monitored the security department budget.
Observed security conditions and conducted ongoing analysis of data received from both external and internal sources and advised C level management on appropriate risk mitigation strategies.
Developed new InfoSec capabilities specific to Cyber Threat Intelligence, Forensic, Predictive Analytics, Hunting, and Red teams to enhance defensive capability.
Optimized security controls and overall right-sized security, resulting in a $450K saving.
Designed and implemented new security controls around database security, WAF, DLP, SIEM and new processes around Incident Response and Threat & Vulnerability programs.
Facilitated a seamless divestiture between Safeway and its Canadian counterpart.
FIRST REPUBLIC BANK, San Francisco, CA 2009 2013
Network Security Engineer
Led cross-functional teams of experts. Implemented agile initiatives related to DC migration, and security controls specific to SIEM, database monitoring, Forensic, E. discovery and Threat and Vulnerability programs.
DELIVERED RESULTS
• Successfully redesigned, implemented, and managed Threat and Vulnerability Program: largely reduced corporate vulnerability attack surface (50%) by providing accurate analytics, developing cross-functional processes, and the prioritization of remediation targets.
• Played key role in redesigning, implementing, and managing new Users Application Certification program; resulted in better efficiency in enforcing internal and external compliance requirements. Established relationship with IAM and helped identify areas of improvement.
• Developed corporate SIEM infrastructure, including logging. Created correlation rules for SOC
• Managed Information Security Systems: architecture, implementation, configuration and maintenance. Systems include ArcSight SIEM, Imperva DAM WAF, Snort IDS, nCircle for Vulnerability Assessment, Encase for eDiscovery, DLP etc.
DESIGN WITHIN REACH, San Francisco, CA 2009
Systems Analyst / Systems - Security Engineer – Direct Report to Director of IT
Responsible for maintaining IT and network security infrastructure during reorganization of the corporation.
DELIVERED RESULTS
Performed maintenance as well as system enhancements on 100 servers in a Microsoft and VMware environment, including CRM, Exchange, Terminal Servers, MS SQL and Oracle Databases.
Built and maintained Monitoring Servers to support systems administration in production and development environments.
Monitored and protected business environment using tools such as Nmap, Wireshark, Nessus, Orion, GFI.
Migrated successfully DNS servers and services to Third Party (Cogent) with Zero Downtime for business.
Maintained consistent Tape Backup routine (CommVault software and HP/Quantum libraries).
Debugged communication server (emails, phones, knowledge base) and services; and deployed updates and programs to multiple platforms using Altiris.
Performed as Tier3 Incident Response
CTTP, Nice, CA 2007 2009
IT Systems Engineer - Acting as Head of Security - Direct Report to CFO and IT Director
Provided strategic direction for security program and BCP effort.
Assessed, designed, and implemented information security policies and controls; worked with cross-functional team, data owners, and systems administrators to gain in-depth knowledge of complex networks and ensure system authorization documentation accurately depicts the environment.
Maintained network and systems infrastructure and performed broad array of tasks focused on the development of security test plans, conducting security testing, analyzing test results, and developing risk assessment reports that document vulnerabilities, threats, impacts, and recommended mitigations.
KIDANGO, Fremont, CA 2006 2006
IT Support
CORE PARTNERS / CORE CAPITAL MANAGEMENT, San Francisco, CA 1998 2001
Funds Manager: Prescriptive and Predictive Analytics for Gaming Industry & Security
EDF / H4 Valorization, Paris, France 1995-1996
Charge de Mission – Director of programs
Bouygues Construction, St Quentin Yvelines, France 1992-1995
Site Engineer
EDUCATION & CERTIFICATIONS
UNIVERSITY OF FRANCE, Paris MLV, Master Advanced Studies (DESS) Engineering & Business Administration – mention Bien
UNIVERSITY OF SAN FRANCISCO, MS Information Systems - Scholarship
BRANDEIS UNIVERSITY, MS in Strategic Analytics (Data Science)
STANFORD UNIVERSITY, Certificate Advanced Network Security
SAINT CYR COETQUIDAN, Military and Strategic Leadership Academy
Certified Information Systems Security Professional – CISSP
Microsoft Certified Systems Engineer - MCSE (2000 and 2003 Security)
ArcSight Certified Integrator Administrator – ACIA
Snort Professional - Sourcefire
AWARDS
Retail Security Team of the Year – 2014, BitSight Technologies, Safeway
Scholarship USF, MSIS