Post Job Free
Sign in

Information Security Manager

Location:
Scottsdale, AZ
Posted:
January 02, 2019

Contact this candidate

Resume:

Gail Moffet

********@*****.*** 602-***-****

Information Security Director

Strengthening Organizations Through Superior Security Systems Leadership

Information Security Director with experience leading enterprise security and asset protection strategies, developing security programs, and directing cyber information privacy and security initiatives for eBay, Arizona Public Service, and General Cologne Reinsurance. Expertise in team leadership, risk management, regulatory compliance, security investigations, security roadmaps, risk assessments, business continuity, asset protection, and internal security. Ability to influence / make strategic decisions and build enduring stakeholder relationships.

CORE COMPETENCIES

Leadership Governance, Security and Privacy Enterprise Security Strategy Global Information Security PCI and GDPR Regulations Regulatory Compliance Risk Management / Asset Security Budgeting

Professional Experience

eBay/PayPal 2011 – 2018

Director of Information Security for Acquisitions & Director Global Information Security PMO.

Instrumental in implementing eBay security and compliance requirements into all acquisitions. Performed a risk assessment that served as a three-year roadmap to attaining eBay security standards across all the acquisitions. Administered a $3.5 million global information security budget and negotiated Operating, Expense Managing and Capital costs.

Enterprise Security Strategy

• $3 million saved and the same look installed across 32 brands by expanding the enterprise security tool across the adjacencies and creating a three-year roadmap to secure eBay Inc.

• Implemented proactive processes for all acquisitions to mitigate risks along with incorporating all networks into the SOC.

• Developed a third party security program at PayPal that provided reimbursement to the Information Security Department for implementation of security controls.

• Developed programs for IT business continuity, security awareness, and project management while collaborating with leadership to define roadmaps and capture metrics for success.

• Served as internal security consultant and relationship manager to all business units, including human resources and legal, that included monitoring for compliance to information security policies and procedures.

• Director of the Project Management Office that lead and reported on all global information security projects including PCI and other compliance programs.

• Designed a business risk strategy for each eBay acquisition consisting of gross merchandise volume, regional location and security risk for 32 global adjacencies.

• Served as the information security consultant for all mergers and acquisitions at PayPal.

Asset Security

• $500,000 contract decrease realized by renegotiating, expanding licenses, and adjusting software costs.

• Collaborated with PayPal’s information risk management leadership team to secure the assets from conception to completion by selecting products to protect the PayPal organization.

• Participated in PayPal’s SPP methodology representing IRM’s portfolio and programs to integrate into the roadmaps of other verticals within PayPal.

• $20,000 licensed software installation spend avoided by using a database security feature on PCI assets.

Arizona Public Service 2001 – 2011

Information Privacy and Security Manager

Drove the cyber security of business and utility networks that included the largest nuclear plants in North America. Implemented the first strategic security office and strategic cyber security program to meet regulatory compliance for FERC / NERC and NRC / NEI. Held a nuclear clearance for Palo Verde.

• Ensured the development of security strategies and processes that supported compliance management, security standards, and policies.

• Implemented Third party/Vendor security process and technical reviews.

• Championed information security awareness and trained employees, affiliate marketing partners, alliances, and other third parties on security responsibilities.

• Served as a member of the UNITE group, EEI, and ISACA.

• Assessed security risk exposure including the implementation of an annual cyber security assessment at every APS plant and developed risk mitigation plans to meet regulatory compliance.

• $500,000 saved through the implementation of North American Electric Reliability Corporation (NERC) critical infrastructure protection (CIP) by presenting the regulation to executive leadership, forming a team to travel to nine Arizona plants, inspecting each plant, and securing the plants to meet regulations.

• Designed security defenses from procurement to implementation of security management software and hardware devices while advising on current cyber threats and regulatory changes and requirements.

• $300,000 conserved by investigating an executive VP professionally, with sensitivity, and to conclusion.

Additional Experience

General Cologne Reinsurance (GCR)

2nd Vice President, Global Security Manager

Established the security office and secured all information assets from threats and attacks potentially leading to business disruption, loss of information, and misuse of property and electronic information. Led the development of security policies, guidelines, and standards by leveraging technology-based tools.

• $250,000 saved in the implementation of an onsite service and support desk by contracting with two firms and negotiating an SLA nonperformance clause.

• Strengthened staff safety by addressing the night shift operation employees about learning a new skill set around 24 /7 service maintenance.

• Administered daily technical security in NT, Novell, Notes (Domino), and RACF, including UNIX and DB2.

• Partnered with the leading internet security lab (ICSA / TruSecure) as an extension to the global service staff and liaised with the IT global audit department.

• Ensured that the technology products selected, purchased, or developed by the other departments within global IT services complied with IT security policies, guidelines, and standards.

education & Professional Development

Computer Science Coursework, Western Community College

Finance Coursework, Housatonic Community College

Completed the Security: The Big Picture

Completed the Secure System Administration

Intrusion Detection

CheckPoint1 Administration

Internet and Web Security

Security Auditing, Attacks & Threats

Network Security& Firewalls

Unix and TCPIP Network Security

Advanced Internet Fundamentals

HTML Fundamentals

ISO7799 Security Governance



Contact this candidate