Financial Services Cyber Security
Resume:
Raymond Morgan
Professional Summary:
Successfully completed over twelve (12) security assessments including 3rd party risk, threat vector assessments, recovery and other confidential factors to harden law, pharma and financial services organizations. Utilize scrum pm methodology.
Created and managed CATO Program (Cyber Acceleration, Transformation and Optimization) a program focused on transformation and optimization of security and project portfolio to optimize usage, reduce overlap and drive down costs.
Completed several IAM Proof of Concept and Proof of Value assessments of different security products for clients.
Recovered a $25 million Branch Transformation Initiative which involves infrastructure upgrades/refresh, integration, ERP, Oracle, data center move and technology deployment. Over 100,000 banking I.T. systems were deployed to 1300 branches in 6 states.
Managed all cyber security, IAM, compliance, eBusiness, ERP, internet/cloud, risk analysis, RPA and firewall assets for the Federal Reserve Bank in Boston. Utilized Waterfall, Scrum, PMBOK and other PM Methodologies. Extensive experience with Oracle and SAP.
Reversed profit decline, improved profitability and successfully completed an $80MM global deployment/technology refresh.
As CIO/CISO of a $185MM Mortgage Lender/Financial Services company, I designed, programmed and implemented an RPA automated loan document creation/audit system that decreased production time by 75% and increased accuracy by 38%. AD and IAM revisions. Immediate gain of over $2MM in increased business due to improved speed and accuracy.
Built and implemented a big data analytics inventory RPA audit system and eDiscovery application that would compare all loan documentation vs. loans issued vs. loan payments. The difference discovered was over $100MM in fraudulent loans.
Completed a GDPR compliance analysis for a large NYC financial institution. Worked with Information Security, Legal, Compliance and the GDPR program team to development and implement security and data privacy policies and practices. The result was a base-line and mitigation plan to implement controls, KPIs, policies and standards to further mature the client’s overall data security strategy. Moved data center applications to Azure cloud. Complied with NY DFS 500 and CCPA.
Design and perform Table Top Exercises, IR Readiness Assessments, cloud migration, Incident Response Plans as well as conducting Privacy Impact Assessment (PIA) and GDPR Data Protection Impact Assessment (DPIA).
Conducted several security and compliance assessments. Converted high level strategic goals into actionable and measurable KPIs.
Skills
Exceptionally strong written and verbal communication skills. Able to comprehend the unstated business requirements while explaining very technical solutions in easily understandable terms
Education
Harvard University, Kennedy School Of Government
The Intersection of Policy and Technology, Artificial Intelligence: Exploring Technology and Policy
Harvard University
Cyber Security Certification.
Boston University
MBA, Honors, Finance and Management Information Systems (MIS).
Boston University
BSBA, magna cum laude, Computer Science, Organizational Behavior, MIS and Marketing
Certifications
ITIL Foundation v3 Certified, MS Infrastructure Deployment Course (MSF), Just in Time Certification (JIT), CITRIX Certification
Information Security Certification (ISC), UNIX Certification, Six Sigma, LOMA I and II, Agile Certified Professional (CSM)
Train the Trainer, MS Excel, MS SQL, MS Project, MS SharePoint, CISM, Microsoft Project Portfolio Management (PMM)
Graduate of Bank of Boston Systems Training Programs., Graduate of United States Army’s Systems Program
United States Military Academy West Point – Junior Officers Leadership Training Program (JOLT), US Air Force Security Training Program
Secret Clearance (7/2019), Completed CISSP, CISM and CISM training, and others.
Professional Experience
vCIO/vCISO/Project Manager For Several Startup Companies Aug 2023 - Present
Advise, implement and audit best practices concerning systems, RPA, cyber security, data, AI and security.
Specialize in architecture and implementation of IT Infrastructure, IT Security, Cyber Security, MSP (Managed Service Providers), RMM (Remote Monitoring and Management), AI, RPA, and PSA (Professional Services Automation). vCIO/CISO for Pharma, Health Care, Retail and Financial Services companies.
Optiv Security Aug 2021 - Aug 2023
Senior Client Security Advisor/Project Manager
Work with C-level clients to assess, advise, implement and maintain security policy, procedures and products. Optimization, consolidation and integration of security and SOC products were key selling points to achieving quota. Advised on IAM and ERP security.
Managed several successful security assessments that included “bake-off” of Proof of Concept (POC), Proof of Valve (POV) and selection. Drove the successful completion of a secure OMS project.
Created and managed a Partner Outreach and Engagement Program that managed communication, contracts and conflict resolution.
Quickly build relationships with a diverse team of stakeholders. Earn the business through partnership with the client.
Created and Implemented a “Top of Mind” Flash report newsletter, as an easy, informative, inexpensive mass entry into companies
Received awards for social media, implementation, bringing in new clients, extensive work with “white list” and troubled clients.
Mentored new staff both technical and sales. Trained in over fifty security, analytic and network products.
Completed several large encryption projects for two financial services firms. This included the full system development lifecycle (SDLC).
Utilized Scrum, Kanban, Jira, Oracle, SAP, etc,
Technology Advisors LLC, Mar 2018 - Aug 2021
Senior Program Manager
Senior Project Manager, Security and Compliance
US Air Force, Mass Mutual, Biogen and others
Assistant CISO. Managed several projects including NY DFS 500.15, the Encryption at Rest, for a major insurance company. The project was so successful it evolved, from a compliance project, into a companywide risk based feasibility project to encrypt over 100 applications. Extensive Steering Committee, C-level and business owner communication and presentations. Architected Azure, mainframe and AWS security and encryption plan. Completed a GDPR cookies remediation. Automated PM reporting process.
Successfully completed several Security Audits and Projects for the US Air Force. This baseline gap analysis provided a current state of security/cybersecurity environment. Completed 100+ cyber security and Base refresh od systems. Introducd RPA and AI into Project Management.
Advised CISO on ‘best practice” information security and concepts and procedures relating to data management, data security, IAM, provisioning, application security, physical security (PSI), cloud migration, RPA, ERP security and security operations (SecOps).
Architected the 100 remote data centers into two consolidated global data centers. Utilized Scrum, Kanban, Jira, Oracle, SAP, etc, Large deployment of sytems for a big box retail client.
Completed several 0385 and SharePoint migrations and implementations. These include an on-prem analysis of applications, which will be moved to AWC and/or Azure. Used several proprietary tools including Mover and Fast Track.
Avanade, a Microsoft and Accenture Company Feb 2017 – Mar 2018
Senior Program Manager
Successfully completed several Compliance and Security Audits that provided a road map for improvements. This provided the baseline GAAP analysis and current state an organization to improve their security/compliance environment. Audits included compliance such as FDIC 370, GDPR, SOX, HIPAA, IAM, NY DFS 500, IAM and CCPA. Recovered projects that were failing with large retail company. PM of Supermarket of the Future.
Architected several Security and Compliance Audits for several financial services, engineering and Pharma and Biotech firms.
Created a Legal Security Advisory Practice to advise this untapped vertical of security best practices. Extensive M&A project management experience, migrated/consolidated data centers while moving mission critical applications to the cloud.
Completed several AWS and Azure cloud migrations successfully. Advised on ERP security.
Advised Accenture, Avanade and Microsoft to establish a trusted identity practice with block chain, cloud and compliance Projects. Implemented RSA Authentication Manager, migrated several on-prem to cloud environments using Mover and Fast Track.
Managed an extensive HIPAA audit to include IAM, Asset Management, backup and recovery and risk management.
Covidien/Medtronic May 2015 – Feb 2017
Senior Program and Project Manager
Managed several AI RPA projects including analysis, selection, SOW, project plan and deployment for Covidien and Medtronic.
Consolidated thirteen (13) country specific sales tracking systems into one (1) new comprehensive global system with increased security, GDPR focused and saved $10 million in operating costs per year. Used hybrid Agile and PMBOK methodology.
Managed the design and implementation of a security system to replace the manual labor intensive system to verify,when an employee is terminated, all access is removed. Quantifiable ROI is over $10 million in savings. Managed vendors, C level, PWC and Deloitte assets.
Various State And Federal Government Agencies Apr 2013 - May 2015
Senior Project Manager
Recovered multiple projects that were in danger of failing for a federal government and civilian organizations. Projects included internet security and optimization of software and transitioning application to new platforms including implementation. Rigid deadlines, multiple vendors, matrix staff, among other issues, made these missions critical projects a challenge. By utilizing best practices of PMBOK, Agile, ITIL, and Waterfall, coupled with frequent communication, made these projects successful. Architected O365 and cloud POC.
Worked with RMV, Chelsea data center and other state agencies.
PROLIFICS Jul 2011 - Apr 2013
Senior Project Manager
Managed thirty projects, twelve projects simultaneously, to completion and other to transition. Accomplishments included:
Took small projects that were failing and grew the account to over $6 million in revenue within twelve (12) months.
Managed both fixed price and time and expense (T&E or T&M) projects. Expedited payment when client was delinquent.
As Agile Scrum Master, implemented Agile at Scale (SAFe), PMBOK, ITIL and other SDLC projects.
Effective use of change control to expanded business by 30%. Managed projects under constrained dates and crashed schedules.
Daily Stand-Up meetings, weekly project status for Senior Managers as well as monthly financial reports and Playback Presentations for Executive Steering Committee. Managed, with vendor and Cigna, 837 / 835 HIPAA compliance.
Deployed Azure, MS Office365, security software upgrade/implementation and cloud application migration.
Overall portfolio of $100 million with 30+ staff of full time Prolifics, consultants and client staff, located on and offshore.
IT, RISK, Compliance And Security, Kforce Mar 2008 - Jul 2011
Senior Project Manager
$5 million technology refresh including licensing and software upgrades. Extensive vendor management and conflict resolution.
Advised CIO on Technology Summit, Disaster Recovery, legislative reports, security, compliance and cloud migration.
Create and managed PMO. Reduced the time spent on managing the environment by 60%, reduce TCO by 30%, and the staff required to manage a server environment by 35%. developed 0365 POC vs other products at Commonwealth of Mass
Develop key metrics and scorecards for reporting IT performance against objectives and SLAs. Negotiation in a highly charged political environment. Directed a cross functional team of over twenty staff and consultants. Budget was over $10 million.
Managed the rewrite of a major insurance company policy issuance program application and data warehouse/center move These projects were six weeks behind schedule but completed on time and achieved every milestone.
IT And Security, QED Consulting, 2003 – 2008
Senior Project Manager
Deployed a secure wireless network that included inventory, POS, PCI for 170 Stores and 4 Distribution Centers. Recovered six weeks through vendor acceleration and streamlining of ordering process.
Completed companywide Notes/Domino to Outlook/Exchange global migration for the Hartford Insurance Group.
Managed all ebusiness, internet and firewall assets for the Federal Reserve Bank. This included presentations to senior management, malware threat containment, ActiveX filtering, virus detection and prevention, audit response, compliance, SOX, penetration testing and vulnerability assessment. Drove the ITIL initiative and implementation.
Demonstrated experience includes Microsoft Windows 2003/2007 Servers, Exchange Server 2003/2007, SQL Server, Oracle ERP, Cisco, Active Directory, VPN, RIM and VOIP. Created PMO for StrategIT, Select, Preti and many other companies.
Interim CIO/CISO as Director of IT and Security for a law firm. Planned/implemented a network and software rebuild of all mission critical applications, eDiscovery initiative and email upgrade. Completed data center consolidation with other firms.
Hill & Barlow 2001 – 2003
CIO/CISO, Risk, Compliance And Security - Firm closed
As the Chief Information Security, Compliance and Technology Officer for a top tier law firm, I was responsible for the strategic and tactical implementation of systems that meet the growing needs of the firm and its clients. All solutions were cost effective, time sensitive and with a Return on Investment (ROI) focus. Created a PMO to ensure projects were completed on-time and under budget. Significant accomplishments include:
Focused on stabilizing systems, CRM implementation, disaster recovery design and reducing staff turnover.
Managed geographic merger, acquisition and integration (M&A) of IT assets of another law firm into Hill & Barlow.
Rebuilt infrastructure to include redundant servers, backup power, Business Continuance/Disaster Recovery site and redundancy.
Managed Application Development, Programming, Networking, Call Center/Help Desk, Systems Engineering,
Certifications
* ITIL Foundation v3 Certified * MS Infrastructure Deployment Course (MSF) * Just in Time Certification (JIT) *
CITRIX Certification * Information Security Certification (ISC) * UNIX Certification * Six Sigma * LOMA I and II *
Agile Certified Professional (CSM) * Train the Trainer * MS Excel * MS SQL * MS Project * MS SharePoint * CISM *
Microsoft Project Portfolio Management (PMM)* Graduate of Bank of Boston Systems Training Programs.*
Graduate of United States Army’s Systems Program * Army QM, FA, MI Officer* United States Military Academy West Point – Junior Officers Leadership Training Program (JOLT) * US Air Force Security Training Program
* Secret Clearance (7/2019) * DARPA * Completed CISSP, CISM and CISM training * and others. Hire immediately.
Summary of Military and Government Experience concurrent with civilian experience
Military Intelligence School – Captain – Designed and delivered Systems Security Courses, conducted risk assessment and
management for the United States Army, FEMA and other Security Agencies.
Advised United States Army, Federal Emergency Management Agency (FEMA) and the NSA on system issues.
Graduated Junior Officer Leadership Training Program (JOLT) at United States Military Academy (USMA)
West Point. QM, EN and MI Officer Basic and Advanced Course.
Contact this candidate