Cyber Security Governance & Assurance Specialist - Data Protection SME
Resume:
Mark Walter
Nazareth, PA +1-610-***-**** ****@**********.*** linkedin.com/in/markwalter/
Security Governance Risk and Compliance Specialist
Cyber Security Governance, Risk and Compliance Manager with experience serving customers in the Pharma, Telecom, Electric Utilities, Banking, and IT sectors. Known for problem solving orientation, effective communication, and client focused approach. Consistently exceeds expectations by focusing on the development of people, processes and tools, with an emphasis on compliance. Extensive experience aligning policies, processes, and procedures to contractual, regulatory, and industry requirements. Highly effective at identifying compliance, security, & operational requirements; designing network and security architecture; documenting quality processes, procedures & protocols; as well as testing & tracking security, compliance & operational controls.
Areas of Expertise
Security & Information Technology Compliance SOC2 ISO 27001 NIST HITRUST FDA GxP
Privacy & Data Protection Regulations GDPR PIPEDA CCPA HIPAA HITECH FCRA
Internet Protocol (IP) Voice Data and Video Networking LAN WAN Wireless Firewall
Quality Management & Documentation Policies Processes Procedures Work Instructions
Experience
BT (previously British Telecom) 2006 - 2024
Cyber Security Governance and Assurance Specialist - Privacy / Data Protection Subject Matter Expert
Led initiatives across Security, Risk, Compliance, Privacy, Consulting, Design, Operations, and Assurance, both internally and with clients, as detailed in the roles listed below.
Program Lead - SOC2 Assurance for BT Global Product Line, April 2018 - July 2024
Recommended & implemented SOC2 third-party attestation for BT’s key growth products, streamlining client assurance and eliminating the need for individual client audits.
Co-directed the pilot and expansion of the program, scaling its benefits to additional product teams and customers over five years.
Orchestrated meetings and information requests between internal Subject Matter Experts (SMEs) and third-party assessors during readiness assessments and SOC2 type II testing, ensuring program success.
Implemented JIRA for program tracking, boosting assessment cycle efficiency and enhancing access to metrics and historical data.
Program Lead – HITRUST Certification for HIPAA Compliance, April 2017 – March 2022
Executed HITRUST self-assessments and facilitated third-party evaluations, achieving HITRUST certification for BT’s Call Center solution and supporting HIPAA-regulated clients.
Developed and documented HITRUST-aligned policies and procedures, securing initial certification and enabling annual renewals.
Privacy & Data Protection Consultant, January 2017 – July 2018
Conducted Privacy Impact Assessments for seven subsidiaries of a global Travel and Leisure client, identifying compliance gaps and recommending improvements for compliance to GDPR, PIPEDA, & FLPPI.
Produced tailored reports for each business unit, enabling jurisdiction-specific remediation strategies.
Security and Compliance Officer - Highly Regulated Client Accounts, April 2012 – July 2024
Designed and documented the Quality Management System (QMS) for BT’s products and services, facilitating client compliance with FDA and other regulations.
Ensured adherence to BT Security Policies (aligned with ISO 27001) and client security policies, solidifying BT as a preferred provider.
Managed Compliance and Security contractual obligations with these clients, enabling contract renewals, expansions, and new bids with similarly regulated clients.
Compliance Officer - BT Compute Conform
Designed and lead the BTfLS Compute Conform proposition, a GxP compliant wrap around cloud computing. Enabled Pharma sector customers to move their GxP compliant applications to the cloud.
Interfaced with the BTfLS management team and clients as a Subject Matter Expert (SME) and escalation point with respect to GxP compliance matters.
Key Controls Quality Manager - Pharma Cloud (Became BTFLS)
Identified and documented the key processes involved in providing BT’s Cloud Compute service into a Quality Management System (QMS). Provided the evidence of quality processes required to sell Cloud Compute to Pharma sector clients.
Partnered with bid teams to sell Cloud Compute services to regulated Pharma clients. Created a differentiator for these clients to choose BT over other cloud providers.
Quality Manager / Technical Reviewer - Pharma Client Account
Implemented and maintained the QMS for BT products and services to ensure the client could meet its FDA regulatory requirements.
Managed the qualification of network (WAN, LAN, Wireless) infrastructure components to FDA GxP requirements assigned to BT in the client contract. Ensured retention of client.
Technical Writer – Network Operations
Documented policies & procedures for the Technical and Service Transformation phases, ensuring a seamless transition of network infrastructure operational control aligned to contractual requirements.
Senior Consultant - Telecommunications, Networking, & IT
Novartis: Redesigned and implemented intra-site fiberoptic networking infrastructure. Upgraded & replaced LAN & WAN routing infrastructure. Qualified infrastructure to FDA GxP standards.
BASF: Backfilled IT staff roles to allow client personnel to focus on new project implementations.
Pfizer: Assessed and overhauled Wireless LAN infrastructure, significantly enhancing performance.
PPL Corporation (previously Pennsylvania Power and Light) 1999 - 2006
Network Design & Implementation Technologist - Information Services Department
Designed and implemented Generation and Transmission Management Systems’ highly redundant LAN & WAN infrastructure, improving bandwidth, reliability, and functionality.
Designed and implemented internal and customer facing firewalls, virtual private networks, and server load balancing, which improved the company’s network security, remote access, and core reliability.
Served as Project Manager and Lead Engineer on the design and implementation of a secure wireless LAN infrastructure, providing WiFi access via 120 access points across 50 sites.
Participated on the project team to replace the company's SONET ring. Added new add/drop nodes and converted major sites from TDM circuits to Gigabit Ethernet. Increased reliability & performance by 10x.
Education
University of Pittsburgh School of Computing & Information
Master of Science (MS), Telecommunications, GPA 3.8
Bachelor of Science (BS), Information Science, Minors in Math and Physics
Professional Affiliations and Certifications
Infragard, a partnership between the FBI and the private sector to protect U.S. critical infrastructure
International Association of Privacy Professionals (IAPP), & currently certified CIPP/E & /US
Society for Corporate Compliance and Ethics (SCCE), & currently certified CCEP
Rotary Club of Bethlehem (PA) & past (2021) Board Chair of Bethlehem Rotary Foundation
Contact this candidate