Thomas Licciardello
Technology & Cybersecurity Leadership
Staten Island, NY 10312 ad1hl1@r.postjobfree.com 917-***-****
PROFILE
Technology & Cybersecurity leader with solid and progressive enterprise level experience in the multiple industries, healthcare, technology, finance, marketing . Recognized for collaborating with business teams and executives, as well as coaching and mentoring high performing teams that positively impact organizational goals.
CORE COMPETENCIES
Cybersecurity Leadership
CISSP Certified / Cybersecurity
Planning, Strategy & Vision
HIPAA, HiTrust, PCI, SOX, GDPR
Infrastructure & Cloud Security
Vulnerability & Patch Mgmt.
Application Security
Budget Mgmt. / Financial Analysis
Architecture / Solution Design
Disaster Recovery / Business Continuity
EDUCATION
Drexel University - Philadelphia, PA: Dr.BA, Business Administration in progress (2025)
Columbia University - New York, NY: Master of Science, Executive Technology Management
Pace University - New York, NY: Bachelor of Science, Computer Studies
LEADERSHIP RESPONSIBILITIES
Strategic and Tactical: Drives cybersecurity vision and strategy, builds roadmaps, and executes delivery of long / short term objectives, day-to-day operations, and continuous improvements.
Communication & Partnerships: Establishes cross functional relationships, always strategizing on best practice, workflow optimization, efficiency, and business/technical alignment.
Portfolio and Program Management: Built cybersecurity portfolio’s, led many multi-million-dollar initiatives; creating transparency around status, resources, budget, and risk.
Security & Compliance: Built and leads IT security programs, establishes security best practices, creates a culture of awareness and diligence. Well versed in GDPR, PCI, HIPAA, HiTrust, SOX, FISMA, DFS, NIST/ISO frameworks and standards.
PROFESSIONAL EXPERIENCE
Northeast CIO’s & CybAdvise – New York, NY November 2021 – Present
Chief Information & Security Officer, Advisory
Works cross-functionally across organizations in multiple industries ranging from media, healthcare, finance, and IT services. Assesses, plans, and executes technical and business strategy based on company goals and objectives.
Responsible for all IT leadership activities, strategic planning, budget management, vendor management, contracts, communications, team, and talent developer.
Driver of technology transformation, leading architecture & platform decisions, IOT, AI, data analytics, infrastructure/cloud, application development, cybersecurity, and project management.
Re-architected all technical and cybersecurity processes for the production cloud environment that serviced global customer base. Increased security, performance, and uptime metrics.
Implemented the DevSecOps model into the deployment process, Improved automation, and secure delivery of code into the SaaS product offering.
Ran cybersecurity assessments on all corporate endpoints and business applications; mitigated risks with user devices as well as HR, Finance, and Sales tools spanning USA and Canada.
Implemented the vulnerability assessment and patch management framework. Created the framework for scanning all technical environments, ran both internal and external scans, validated, tested and scheduled risk mitigation plans for IP’s / systems.
Re-architected all infrastructure and AWS cloud operations for Dev/QA/DevSecOps activities. Reduced spend, increased performance, and automated the entire CI/CD deployment process.
New York eHealth Collaborative (NYeC) – New York, NY May 2018 – November 2021
Chief Information Officer
Responsible for all aspects of the technology and cybersecurity department, in a highly regulated, and critical operations environment. Provided vision and strategy, advised the CEO and Board to continuously drive and enhance enterprise security, products, and services.
Re- Evaluated, rebuilt the entire technology platform and cybersecurity program.
Led the HiTrust cybersecurity framework certification process, and HIPAA assessment activities.
Created the Tech-Security Sterring Committee, assessments, audits, tabletops, bug bounties.
Re-wrote 400 policies, procedures, such as vulnerability and patch mgmt. incident response, data handling.
Rebuilt the DR/BC program, reduced cutover time and processes from 24 hrs. to under 1 hr.
Built and executed the cybersecurity roadmap, SOC, Data Exfiltration, Geofencing, MDM, SEIM, Cloud.
Re-designed all headquarter and branch office endpoint security as well as business application operations, polices, procedures.
Effectively communicated with the board, on technology and cybersecurity progress.
Led the cloud migration to Azure, complete with app rationalization, cloud cost economics, security assessment and signoff, business continuity plans, non-prod and prod migrations.
WebMD – New York, NY January 2016 – April 2018
Vice President, Technology Infrastructure Operations & Security
Interim CISO (2017-2018)
Led a team of 80+ technology professionals providing critical 24x7 technology and cybersecurity services, with 1.4 billion-page views per month and generating $800M annually for the WebMD portfolio, Medscape, WHS, Rx List, Medline and more.
Led the security due diligence activities for the $2.8B sale of WebMD to KKR.
Built and executed the cybersecurity roadmap; SEIM, SOC, IDS/IPS, Central AV, Endpoint, MDM, and security tooling initiatives.
Created vulnerability assessment and patch management policy, procedures for all production and non-production systems in a 10,000 node bi-costal data center setup.
Partnered with general counsel on and audit and certification activities for HiTrust, SOX, FISMA, GDPR, HIPAA.
Led the cloud-working group: assessed, designed, secured, and maintained the first cloud instances for WebMD (migrated 3000 servers); achieving hybrid public/private cloud strategy.
Led internal/external penetration testing and security assessment activities.
Led the IT/Security steering committee, executing risk management / mitigation lifecycle work. and partnered with development groups for secure coding practices and bug bounty programs
Built security awareness in the organization, trainings, lunch and learns, onboarding activities.
Teach For America - New York, NY May 2006 – January 2016
Vice President, Technology Operations
Built and led a team of 60+ technology and cybersecurity professionals, providing enterprise services throughout a fast-paced multi-site organization.
Ownership and management of technology infrastructure, security, and application services.
Built the first cybersecurity program and team at Teach For America.
Followed NIST and ISO practices to build out the first cybersecurity framework control sets.
Implemented the first security toolsets, centralized AV, monitoring, IDS/IPS, SEIM.
Partnered with general counsel to roll-out the first enterprise risk management committee.
Ensured security awareness in the organization, trainings, newsletters, onboarding activities.
XpresSpa (Binn & Partners LLC) - New York, NY August 2005 – May 2006
Director, Information Technology
Technology department lead; created the vision and strategy to re-launch the company’s technology identity. Built the companies first e-commerce division. This included website design, ecommerce integrations, search engine marketing, logistics and the customer service model. Sales outpaced all retail locations by 145%.
AIG / AI Credit - Jersey City, NJ June 1999 – August 2005
Systems Engineer, Team Lead
Supervised, administered, and executed system engineer and administrative tasks for the production infrastructure. Mentored and inspired junior staff, project managed server, messaging, storage, database and infrastructure related projects. Coordinated all office moves and new branch office openings.
CERTIFICATIONS
CISSP Certified Information Systems Security Professional
ITIL V3 Foundations,
A+ Hardware/Software,
MCSE Microsoft Certified Systems Engineer