Cybersecurity Leader
Resume:
Bhavesh Advani - CISSP, CBCP, ITIL, Privacy Foundation
816-***-**** ad1g8p@r.postjobfree.com
Digital Transformation - Cybersecurity - Privacy - Resiliency - IT Audit & GRC Business & People Leader with Board presence and hands-on technical skills spanning over 21 years of experience across several industries. A Trusted Advisor experienced in building a strong: Cybersecurity, Data Privacy, IT GRC/Audit and Technology Resiliency posture by design, while enabling digital transformation and reducing technical debt. A team player with a strong work-ethic, skilled in developing and executing strategic goals for an organization to achieve a shared vision. Strengths
IT & IoT Cybersecurity Strategy-Roadmap IT GRC Technology Audit Regulations-Compliance Data Privacy Data Breach & Incident Management Technology-driven Business Transformation Leadership & Mentoring AWS Azure MITRE PCI IT SOX FedRAMP HITRUST HIPAA CSA ISO NIST GDPR CCPA SSAE 18 ISAE 3402 FFIEC FISMA SCADA
Advisory Roles
Venture Advisor at YL Ventures, June 2019-Present
Advisory Board member at Grip Security, April 2020-Present Panels
Advani, B., Baldus J., Srikanth P., Thakker D. Cloud Based Security Platforms for the Enterprise. Panel at Mindfluence CISO Leadership Forum, Napa, CA, April 12th 2019 Advani, B., Gette, A., Corcoran, D. Building an Effective CIO-CISO Relationship. Panel at Northwest IT Leaders Forum, Seattle, WA, October 30th 2018 Advani, B., Gupta, A., Kinney, E., Niejadlik, M. The New Fraud Scheme Landscape for Emerging Payments Technologies and the Impact of Social Media. Panel at SF ACFE Conference on Identity Theft & Deep Web, San Francisco, CA, September 12th 2014 Advani, B., Ahmad, K., Johnson, M., Siavoshy, B. Privacy and Security Management in an Agile Environment. Panel at Privacy Academy and CSA Congress, San Jose, CA, September 19th 2014
Career Highlights
• Industry thought leader who brings a unique combination of Cybersecurity-Data Privacy-Audit-GRC- Technology Resiliency hands-on experience along with proven leadership skills of building teams from the ground up, while empowering established teams to realize their full potential.
• Recognized subject matter professional in the areas of: Technology-driven Business Transformation, AI
(Artificial Intelligence), Cloud Computing, Virtualization, Technology Resiliency, Crisis Management, Data Breach Management, Industry Standards & Frameworks. Bhavesh Advani - CISSP, CBCP, ITIL, Privacy Foundation
816-***-**** ad1g8p@r.postjobfree.com
Experience
(CONTRACT) Chief Information Security Officer, City of Tucson, June 2023-Present I am responsible for overseeing a budget of more than $6MM for the development and implementation of citywide information related security policies, guidelines, and governance models to protect the city from internal and external threats. Short and long-term strategies for optimizing the city’s information security plan and formulate city-wide policies for detecting, deterring, and mitigating information security threats. I also act as the subject-matter expert and internal consultant on the data security implications of proposed new major information technology projects and programs, making recommendations to the Chief Information Officer, City Manager's Office, Mayor & Council, and relevant City Departments. I lead the development and implementation of Technology Recovery and Business Continuity Plans, with a focus on holistic operational effectiveness and comprehensive Information Technology engagement. I contribute to the City Operations Risk Register with Risk Management Department, Executive Leadership, and designated staff with special accountability for tracking and acting on Cybersecurity Risks to maintain the intended level of protection. I lead the development and promotion of security and privacy awareness training, and education for all levels of the organization. I also lead the handling of information security breaches and related incidents, including overseeing the activation of departmental incident response teams, and joint task force response teams pre- arranged with external partners / governmental agencies.
(CONTRACT) Chief Information Security Officer, Inotiv, June 2022 – June 2023 I had total ownership of Inotiv’s Cybersecurity-Data Privacy-Audit-GRC-Disaster Recovery posture globally. This was a high-growth, fast-paced role that demanded strong technical and people leadership skills, along with the business acumen needed for managing an annual budget. The subject-matter areas covered by me in this hands-on role were: Cloud Security, IoT Security, SaaS Security, Incident Management, Network Security, Endpoint Security, Application Security, Encryption/PKI, Detection & Response, IAM, Cyber Threat Intelligence, Vulnerability Management, 3rd Party Risk, Phishing & Security Awareness Trainings, Information Security Policies, PCI and Technology Audits
& GRC (i.e. deploying, configuring & operating well-known GRC Tools/Products). VP Cybersecurity, Cloud Computing & Technology Infrastructure, Fidelity Investments, September 2019 – June 2022
In this ambitious role, I had the responsibility of being at the forefront of all developments occurring within our: Cybersecurity, Data Privacy, Cloud Computing and Technology Infrastructure Organizations at Fidelity. My efforts included, leading a team of very talented engineers to perform critical assessments in the areas of: Software (Product) Security, Application Security, IoT Security, OSS Security, Infrastructure & Cloud Security, Incident, Management, SOC (SIEM, SOAR), SaaS Security, Network Security, Endpoint Security, Encryption/PKI, IAM and Cybersecurity Risk & Governance (to name a few areas). Additionally, I owned: Data Privacy, 3rd Party Risk and Business Resiliency efforts. Lastly, I led the Continuous Compliance efforts, including PCI, based on data-driven assessments. Head of IT Security and Compliance, Dropbox, January 2018 – September 2019 I built a world-class team (from the ground up) comprising of professionals who were passionate about: Cybersecurity, IT Risk, Governance, Data Privacy, Disaster Recovery, and Compliance. I led these critical programs and was the IT Security-Compliance Champion. My responsibilities included: Cloud Security, SaaS Security, Network Security, IoT Security, Endpoint Security, Software Security, Encryption/PKI, Detection & Response, IAM, Cyber Threat Intel., Incident Management, Vulnerability Management, Application Security, 3rd Party Risk, Phishing & Security Awareness Trainings, Information Security Policies, and Technology Audits & GRC, including PCI, FedRAMP & FISMA. Bhavesh Advani - CISSP, CBCP, ITIL, Privacy Foundation
816-***-**** ad1g8p@r.postjobfree.com
Director of Infrastructure Security & Compliance, Salesforce.com, August 2016 – January 2018 My responsibilities included maintaining a strong Infrastructure Security & Compliance posture along with monitoring and measurement of our Advanced Security Controls. I championed multiple Security & Compliance efforts across the Company, and interfaced with our: Auditors, Top- Tier Customers and Regulators globally. The specific domains I was responsible for, included: Network Security, Endpoint Security, Software & Application Security, IoT Security, Encryption/PKI, Detection & Response, IAM, Cyber Threat Intelligence, Incident Management, Vulnerability Management, Application Security, 3rd Party Risk, Phishing & Security Awareness Trainings, Information Security Policies, and Technology Audits & GRC, including: PCI, ISO, NIST, MITRE, CSA, GDPR, CCPA, HIPAA, HiTRUST, SSAE 18, ISAE 3402, FFIEC, FedRAMP & FISMA. Senior Manager of IT Audit, LinkedIn Corporation, February 2014 – August 2016 I was responsible for managing Cybersecurity, Data Privacy and Business Continuity risks to achieve a shared vision by consulting with and providing advice to senior management, and their functional organizations. This role allowed me the opportunity to collaborate cross-functionally with multiple teams and manage/mentor my reports, peers (plus, contractors) from a career growth and subject matter viewpoint. I also led: Cloud assurance, IT Audit, and PCI Compliance programs. IT Manager: Technology Risk and Disaster Recovery, Salesforce.com, June 2010 – February 2014 Hands-on technical management position with a full range of responsibilities including:
• Collaborating with multiple cross-functional teams at all levels: engineers, developers, and middle-to-senior management.
• Developing and maintaining long-term strategy to deliver end-to-end DR solutions.
• Establishing/Maintaining an IT Vulnerability Management Program to proactively address the existing and emerging threats.
• Base-lining efforts across Audit and Compliance initiatives thereby laying the foundation to scale with the organization’s exponential growth.
Senior Advisor and Technical Lead: Cyber Practice, KPMG LLP, September 2006 – June 2010 Client-facing role with responsibilities that included:
• Managing the budget and engagement teams at multiple client-sites
• Being the Subject Matter Lead for project execution and delivery
• Enterprise-wide Security Assessment
• Privacy Impact and Gap Analysis
• 3rd Party and Technology Risk
• ITGC, IT SOX, WebTrust and SSAE 16
• Disaster Recovery-Business Continuity
• Deploying Cybersecurity tools and implementing bespoke solutions for clients Bhavesh Advani - CISSP, CBCP, ITIL, Privacy Foundation
816-***-**** ad1g8p@r.postjobfree.com
Full-time roles in Technology and Cybersecurity, June 2002 - September 2006
• Mervyns (part of Target)
• GE Insurance ($6.8 Billion acquisition by Swiss Re)
• QualServ (acquired by Middleby Corporation)
• National Research Center for College & University Admissions (NRCCUA-Encoura) Education, Certifications & Professional Training
• Master of Science in Computer Science; GPA: 3.9 / 4.0; University of Missouri
• Bachelor of Engineering in Computer Engineering (Hons); University of Mumbai
• Certified Information Systems Security Professional (CISSP)®
• Foundations of Information Privacy and Data Protection (IAPP)®
• Certified Business Continuity Professional (CBCP)®
• Certified - ITIL® Foundation in IT Service Management
• Virtualization and Cloud Security – SANS
Contact this candidate