Stan Hammond – MBA, CISSP-ISSMP, ITIL

314-***-**** adch25@r.postjobfree.com

Leadership Cybersecurity Complex Project Management

Savvy, innovative, and highly regarded for leading billion-dollar organizations and providing expert IT cybersecurity transformations and disaster recovery processes using cutting-edge technology solutions for multiple corporations and government, including the U.S. Department of State, Charter, GKN, and Pfizer. Respected for the keen ability to streamline organizations through restructuring policies and procedures, operations and customer expectations. Skilled at embedding governance, risk management, and compliance controls into mobile/custom applications, enterprise resource planning, and business intelligence within the IT architecture. Exceptional academic qualifications, including a Master of Business Administration.

Core Competencies

IT Leadership & Compliance InfoSec Roadmap

Cybersecurity Strategy (DOS, DOD, DSS)

Remediation POA&M Planning

Incident Response Services & Teams

Insider Threat Programs & Education

Global 24/7 Operations Center Monitoring

PM – Complex Project Management

GRC – Governance, Risk, & Compliance

Root Cause Analysis & Corrective Action

DLP – Data Loss Prevention & IP

IAM – Identity & Access Management

FDA 21 CFR 210 & 21 CFR 820 CGMP

BCDR - Disaster Recovery Expert

SIEM – Security Information & Event Mgmt.

Change Control Management & Recovery

SDLC – Software Development Life Cycle

M&A – Mergers & Acquisitions

ERP – Enterprise Resource Planning

SaaS – Software as a Service: Cloud

Multi-Platform Enterprise Infrastructure

SLA – Service Level Agreements

NIST – National Institute of Standards & Technology 800-53, 800-137, 800-61, 800-171, ISO 27001/27002, SOX, & PCI DSS

Selected Highlights

Planned cybersecurity governance, risk management, and compliance (GRC) strategy for more than 50 mission-critical projects, including mobile, enterprise resource planning, and business intelligence (BI).

Completed FOCI SSA 2016 and 2017 Department of Defense Security Service annual cybersecurity audit with their highest rating of Superior.

Designed and implemented GRC controls for the software development lifecycle process to effectively decrease organizational risk.

Ensured compliance with multimillion-dollar Earned Value Management (EVM) government contracts by implementing a real-time activity tracking data warehouse and BI reporting KPIs/dashboards.

Created a governance process and led project teams for 21 new enterprise IT systems that passed multiple FDA audits over the past 16 years.

Created/tested the Disaster Recovery Planning processes and led the execution of the plan during events/disasters. First-hand experience with recoveries from a flood, fire, lightning, and major equipment failures throughout the past 18 years.

Developed 38 custom applications over the past 20 years, including mobile apps for hundreds of users within the last four years. Managed internal/external network, applications, infrastructure, and InfoSec throughout this period.

Stan Hammond – MBA, CISSP-ISSMP, ITIL

Professional Experience

SAIC Washington, DC 2018 – Present

Chief Information Technology Cybersecurity Engineer/Architect

Consult and advise the U.S. Department of State (DOS) to improve IT Cybersecurity Strategy and FISMA Compliance initiatives matrixed with over 800 team members for the multibillion-dollar IT enterprise Vanguard 2.2.1 Program.

Elevate the IT cybersecurity maturity of the organization by developing relationships and cyber roadmap/strategy recommendations for DOS bureaus and stakeholders based on NIST guidelines and DHS Binding Operational Directives.

Charter Communications St. Louis, MO 2017 – 2018

Director, Information Technology Security Strategy & Compliance

Directed IT Cybersecurity project portfolio strategy and compliance initiatives matrixed with over 70 team members, a multi-million dollar budget, 300+ in-flight projects, 1,500+ applications, and millions of network devices across 26 million customers ($41B Sales).

Elevated the cybersecurity maturity of the company by developing relationships and the IT cybersecurity roadmap/strategy for executives, management, and stakeholders based on NIST guidelines.

Improved the IT governance process by creating new security policies, managing high-risk controls, aligning projects with the IT security strategy, and enabling decision making based on objective quality KPIs.

Recommended compliance and risk assessments as part of a proactive and robust Quality Assurance program.

GKN Aerospace FOCI SSA St. Louis, MO 2015 – 2017

Director, Information Technology

Directed an IT & Security team of 22 matrixed with over 50 project team members, a $10.5-million budget, DOD SAP, and unclassified mobile application development, SIEM, new generation firewalls, NIST 800-171 initiative, business intelligence (BI), enterprise resource planning (ERP), VMware server infrastructure, network devices, and user workstations, while providing maximum system uptime for thousands of users in multiple North American sites ($9B Sales).

Cultivated relationships and IT cybersecurity roadmap/strategy for the SSA GSC, executive team, management, and stakeholders to achieve pragmatic solutions under budget and on time to exceed expectations.

Published and implemented the System Security Plan (SSP), Electronic Communications Plan (ECP), and POA&M(s) needed to meet the new DFARS Clause 252-***-**** based on NIST SP 800-171.

Developed the IT governance process with FSOs to meet FOCI SSA requirements, corporate security policies, manage risk, align projects with the highest impact on the organization, and enable decision making based on objective KPI data.

Created 20 NIST 800-53 compliant applications to bring real-time capabilities to plant floor team leaders.

Upgraded the Identity and Access Management (IAM) process to increase the granularity of user access levels.

Upgraded 23 versions of the Quality Management System (QMS-TIPQA) and made the new version available to multiple sites as a service, plus a DOD SAP.

Refreshed infrastructure, applications, databases, and Windows/UNIX operating systems to implement current security patching/recommendations.

Established a new change control process to integrate cybersecurity throughout the SDLC.

Led the IT Incident Response team, tabletop testing, and execution of the IT Disaster Recovery Plan.

Stan Hammond – MBA, CISSP, ITIL

Professional Experience

Pfizer St. Louis, MO 1998 – 2014

Director, Business Technology (2011 to 2014)

Led an IT & Security team of 23 matrixed with over 75 colleagues globally, a $4.2 million budget for 93 applications, 40 projects, firewalls, IDS, ERP, 450 VMware servers/clients, more than 1,000 network devices and 700 users in multiple sites around the globe ($49B Sales).

Planned, architected, and implemented a separate IT team/domain/network from the parent company to mitigate ITAR DLP risk to Pfizer. This mitigation effort saved millions in compliance, insider threat training, and potential fines.

Led the IT team for multiple regulatory/security audits/assessments, including the Food and Drug Administration, Department of Defense, and the European Union.

Developed an IT/Security scorecard for system sponsors and owners to be accountable for the compliance of their IT system. This involved an ongoing budget for sustainability, training, and security scanning/upgrades.

Performed IT system reviews, conducted a risk-based analysis of gaps, and managed remediation activities for the FDA regulated quality systems (21 CFR 210 – cGMP & 21 CFR part 820 - medical devices).

Refreshed infrastructure, applications, databases, and Windows/OS400 operating systems to implement current security patching/recommendations.

Created policies/procedures and performed forensic investigations/incident responses for security events.

Led the IT Incident Response team, tabletop testing, and execution of the IT Disaster Recovery Plan.

Created the roadmap for IT systems with remediation for Sarbanes-Oxley (SOX) compliance with RSM McGladrey and PricewaterhouseCoopers (PwC).

Senior Director, Enterprise Technology (2006 – 2011)

Team of 18, $2.6M budget for 84 applications, 34 projects, 50 virtual servers, 800 devices and 600 users ($2B Sales).

Director, Enterprise Technology (2003 – 2006)

Team of 15, $2.5M budget for 56 applications, 22 projects, 50 servers, 550 devices and 500 users ($1.5B Sales).

Director, Information Technology (1998 – 2003)

Team of 9, $1.3M budget for 43 applications, 15 projects, 24 servers, 300 devices and 250 users ($125M Sales).

Education

MBA - Master of Business Administration (GPA: 4.0/4.0), Missouri Baptist University St. Louis, MO

B.A. - Bachelor of Arts, Trinity International University Deerfield, IL

Additional Credentials

Security Clearance

Professional Development

Active DoD TS/SCI Clearance, ISSM/IT Director for SAP

CISSP® - Certified Information Systems Security Professional, (ISC)

CISSP-ISSMP® - Certified Information Systems Security Management Professional, (ISC)

ITIL® Foundation Certificate in IT Service Management, AXELOS

Organizations

(ISC)

Project Management Institute (PMI)

Honors and Awards

Award of Excellence – Caremark, CVS Health

Contact this candidate