Security Sales

Location:

Austin, TX

Salary:

165000

Posted:

October 26, 2017

Contact this candidate

Resume:

CUTTING EDGE SECURITY & PRIVACY EXPERT

Security and privacy professional with strong IT networking, security, and testing background. Proficient in translating requirements and objectives from executive to customer to user to technical specialist and back again. People-focused leader and mentor with proven success in coordinating efforts of multi-national, multi-cultural teams in order to achieve successful results. Standards and policy architect with experience developing new standards and controls to meet business, regulatory, contractual, and customer needs, while maintaining profitability and competitive pricing. Accomplished public speaker well versed in engaging audiences on multiple topics in varied formal and informal venues.

SaaS/Cloud Security / Privacy Controls & Regulations

Acquisition Due Diligence & Integration

ISO 27000, 27001, 27002, 27017, 27018

Global Regulatory Compliance; GDPR, Privacy Shield, Golden Shield

SSAE16, PCI-DSS, CSAE, HIPAA, FedRAMP, CJIS

Customer Relationship Management

Technical Skills

Technical security and privacy architect with experience in ethical hacking, penetration testing, network design and implementation, firewalls, intrusion detection IPS/IDS, and log/records management SIEM.

Additional expertise in operating system security and compliance, patching, malware antivirus, and user access and account management via Active Directory and LDAP. All applied within legal and regulatory structures above.

Broad experience with Networking and server security and compliance including TCP/IP, SNMP, SMTP, DNS, Active Directory/LDAP, PKI/CA,VPN

Training and Certifications

Certifications: CCNA, CISSP (in process)

Trainings: Key Controls Auditor, Cloud Security, Cybersecurity and Privacy, Providing Cloud Security, FedRAMP, EU Privacy Code of Conduct, ISO 27018, Developing Cloud/SaaS services with Security in Mind: ISO standards, UK Security Standards, Safe Harbor/EU Model Clauses/Privacy Shield, GDPR, NIST/FIPS

Professional Experience

Lifesize Austin Tx 2016-date

Director of Security, Privacy and Compliance

Served as Director of Security Privacy and compliance for Lifesize Global operations, including Corporate, Development and Customer Production environments in compliance with all legal, regulatory and certificatory requirements.

Improved sales & issue resolution processes with standardized responses and documents for customer inquiries.

Drove revenue addressing customer security and privacy certification and process questions.

Managed costs by implementing security and privacy testing into the initial layers of the development process, eliminating compliance rework at the QA level of the process.

Worked extensively with the C-suite on corporate and global initiatives.

Managed budgets and staffing for the department.

Streamlined operations and audit processes by developing cross index of controls and implementations. Maximized benefits from activities supporting 1 external certification across multiple certifications.

Served as expert in Global Regulatory Compliance (GRC), technical/program lead, and mentor/trainer for external certifications compliance, including but not limited to ISO 27001/27002, ISO 27017, ISO 27018, SSAE16, PCI, FedRAMP, CJIS, EU Data Protection Code of Conduct, GPG13, and EU NIS, GDPR, Golden Shield.

Improved Security and Privacy posture globally aligned with ISO 27001 & 27018.

Implemented vendor management program and criteria to meet ISO 27001 & SSAE16 SOC2 standards.

Instituted both internal penetration testing and external 3rd Party penetration testing at Lifesize.

Implemented internal tooling to support Security & Privacy efforts including but not limited to NeXpose security. scanning, Nessus TCP/IP security scanning, Metasploit, InsightIDR, honeypots, honeyfiles and honeyusers. IPS/IDS for corporate and production environments.

Instituted Corporate wide training on Compliance with global standards, Security and Privacy.

Worked with Corporate and CIO team on reducing customer churn both from technical as well as privacy and compliance issues.

IBM, Charlotte NC, Austin TX, Mobile worker since 2008 2004 to 2016

Cloud Security Officer - SaaS Security and Privacy Leader 2013 to 2016

Served as security and privacy lead for all IBM SaaS/Cloud offerings. Lead international remote team supporting 147 product bundles encompassing approximately 1,476 individual products. Ensure compliance with all appropriate legal, regulatory, and contractual requirements for Cloud offerings worldwide.

Achieved savings in excess of $11M by driving program to cross index various standards required by IBM for artifacts and processes from 1 standard to be applied across multiple standards.

Drove IBM SaaS offerings to ISO27001 accredited certification with zero nonconformities, zero findings, and zero recommendations for improvement. A clean sweep ISO 27001 certification audit.

Increased sales opportunities and helped drive revenue by initiating and managing IBM’s migration from internal ‘secret’ security and privacy policies to ISO 27002 based policies and structures, which enabled customers to share policies in sales situations.

Developed common terminology index, reducing confusion and loss of productivity due to variations in how terms were used across multiple external standards.

Improved customer response times in both sales and issue resolution by developing common responses to frequent customer security and privacy questions. Project resulted in contractual compliance with SaaS commonalities and external certification, regulatory, and legal requirements.

Strengthened customer relationships by responding to customer inquiries regarding IBM’s security and privacy posture.

Maximized return on investment (ROI) for acquisitions and accelerated time to market for new, rebranded products by supervising and managing integration and assimilation of acquired products and companies into IBM’s Cloud SaaS portfolio.

Oversaw assimilation and integration of all state, federal, or international regulatory requirements, leading to efficient integration of those requirements with IBM’s standards policies and procedures.

IBM Senior Acquisitions Architect 2006 to 2013

Led assimilation of acquisition companies into IBM SWG IM/IS development and production environments.

Provided oversight of security and compliance process for any legal, contractual, or regulatory requirements related to specific acquisitions and integration. Served as special projects contact for specialized customer requests related to customer Crit-Sit or sales rescue projects. Included management of Whitehat Security team, tools development for acquisitions space, and vetting and design of BCP/DR integration tools and standards for acquisitions.

Managed assimilation and integration of all state, federal, or international regulatory requirements, leading to efficient integration of those requirements with IBM standards policies and procedures.

Supervised and designed network and security plans, achieving seamless integration of acquired companies into IBM from networking, process, and security perspective.

Additional Relevant Experience

IBM, Charlotte, NC – Advisory Software Engineer

Venetica, Charlotte, NC – Infrastructure & Network Support Manager

Managed Care USA / iCorp, Charlotte, NC – Network Engineer/Systems Administrator

Education

Bachelor of Science (BSAS), Applied Sociology, Texas State University, San Marcos, TX

Professional Organizations

ISSA ( International Systems Security Association)

ISO/IEEC

Interests & Activities

Member of Company of Military Historians

Member of Honourable Company of Horners

Founding Member of Hesse-Kassel Jäger Korps

Founding Member of Milice du Mont Real

Author, Lecturer, and Educator on history and technology

Contact this candidate