Security Information

Location:

Cleveland, OH

Posted:

October 12, 2014

Contact this candidate

Resume:

**** *. ******** ****, ***** *** 216-***-**** (M)

Cleveland, OH 44114 acgceg@r.postjobfree.com

Gareth C. Webley

Objective Continue career building through a Corporate Security executive position within a

large corporation; where my experience, industry recognized leadership, and

expertise in information and physical security experience can be fully leveraged.

Current March 2013 - Present Entropic Light, Cleveland, OH

Founder

• Exploring the artistic nature of abandoned industrial structures in the North

East Ohio area via photography.

Creative photography in the form of the juxtaposition of human forms against

•

the decay of once majestic industrial buildings.

Preparing to publish a book that captures the essence of the structures before

•

they are demolished.

Experience 2010 – March 2013 Eaton Corporation, Cleveland, OH

Chief Information Security Officer

• Managing international enterprise information security, privacy, technology

risk management, physical access and surveillance areas.

Established a comprehensive security program and multiyear technology

•

plan.

Develop and deploy security infrastructure, policies, and architecture.

•

Programs to assure ITAR compliance and intellectual property protection.

•

Assure compliance with a wide array of international government

•

requirements with a focus on EMEA data protection and privacy.

2009 – 2010 CVS Caremark, Woonsocket, RI

Chief Information Security Officer

• Accountability for information security and technology risk management for

the entire corporation.

Creation of a corporate-wide information security program based on the ISO

•

standards framework.

Responsible for security technology, policies, and architecture.

•

Manage Payment Card Industry level one compliance and certification.

•

Assure compliance with SOX, HIPPA, and government health mandates.

•

1999 – 2009 National City Corporation, Cleveland, OH

Chief Security Officer: 2003 – 2009

• Responsible for all Security for 8 largest Financial Services holding company

in the United States through a true corporate security department.

Manage department of 250 security professionals with a $35MM+ budget.

•

Oversight of Privacy policy, procedures, and technology.

•

Full responsibility for physical security and complete life safety at all corporate

•

buildings, bank branches, and operational facilities.

Investigations and Enterprise Fraud.

•

Thought and practice leader in Security Convergence.

•

Chief Information Security Officer: 2002 – 2003

• Manage department of over 50 information security professionals with a

$9MM budget.

Execute strategic information security program, planning, and delivery across

•

entire corporation, including numerous subsidiaries.

Early adoption of an ISO 17799 based security program and policy

•

Board reporting and accountability for all regulatory requirements and

•

corporate governance issues.

Director of Information Protection, SVP: 2000 – 2002

• Directed the substantial growth of information security department

approximately four-fold over two years.

Established such key security practices as:

•

Enterprise ecommerce DMZ’s for online banking with multi-tier firewalls

•

– recognized by regulators as ‘best-in-class.’

Establish core foundation for eCommerce single-sign on.

•

Corporate-wide intrusion detection and centralized monitoring.

•

Full function forensics team and computer incident response team.

•

Three-tier virus protection resulting in virtual immunity to virus and worm

•

outbreaks.

Security Awareness and Training programs.

•

Complete penetration testing and ongoing vulnerability services.

•

Deployment of enterprise provisioning software and Role-Based Access

•

Control methodology that included request workflow.

General Manager, VP – Information Protection: 1999 – 2000

• Established the business case and lobbied for the creation of an enterprise

group for Information Security.

Grew team from essentially an administration team into recognized leaders

•

within the corporation and industry for security technologies and policy.

Established relevance and importance of data security within a bank.

•

Structured and built support for group expansion and responsibility growth

•

for things such as security engineering and internal firewall support.

1989 – 1999 BP America, Inc., Cleveland, OH

Consultant, Information Security: 1993 – 1999

• Transition and implementation of distributed systems security from

Mainframe model.

Pioneering work on security policies across the globe.

•

Developed contingency planning activities.

•

Designed refinery security alerting systems in conjunction with physical

•

security.

Early work on Internet firewalls, large scale Internet e-mail services and corporate

•

data protection.

Began vulnerability assessments and other risk models.

•

Education 1986 – 1990 Youngstown State University Youngstown, OH

A.B., Dual Major: Economics and Computer Science.

•

C.I.S.S.P. (currently lapsed), I.S.S.A Member

•

Interests Technology, Photography, Running, and Travel

Affiliations Charter member of Microsoft’s Financial Services Security Council

Other key industry Customer Advisory Boards – Accuvant, Inc.

Previous Open Security Exchange Convergence Council

Previous BITS Advisory Council Member

Contact this candidate