Brian D. Joyce

*** ***** ****** **** adefxd@r.postjobfree.com

Lookout Mtn., GA 30750 1-423-***-****

Summary

Highly motivated and exceptionally talented IT Security, Privacy and Compliance professional with 25 years of experience covering every aspect of data protection in highly regulated environments including SEC, IRS, ITAR, FIPS, DOJ, DOD, NIST frameworks, HIPAA, SOX, GLBA, AICPA, ISO, PCI-DSS, GDPR, CCPA policy standards.

Proven record of developing data security and privacy compliance policies and programs from the ground up, conceptualizing, planning, and executing in complex regulatory environments involving multiple stakeholders at every level.

Effective team-leader with excellent communication skills, extensive public speaking experience. Presented numerous security and data protection related presentations to professional organizations and delivered cybersecurity and security awareness training sessions for in-house CPE.

Employment History

January 2015 – June 2020 Elliott Davis, LLC

Director of Information Technology Compliance Greenville, SC

Responsible for data security, privacy and compliance for a top regional CPA firm in a multi-office setting, reporting to C-Level management.

Developed and managed an extensive data storage standardization and consolidation project across all offices and all business units, including data discovery, classification, retention and security.

Developed, maintained and audited comprehensive security policy manuals and data protection programs including user account access, risk management, vulnerability management, security awareness, third party risk management, data loss protection, incident reporting, disaster recovery plan and testing, internal IT controls auditing, compliance and security metrics reporting, contract negotiations and other.

Developed compliance program for CCPA, serving as Privacy Coordinator for Data Subject Access Requests.

Collaborated with business leaders and C-Suite in contract negotiations insuring company and client data protection.

Successfully executed a paper Records Management project, including discovery and retention/destruction, considerably reducing hard copy footprint and storage costs across all business units and offices.

Led successful response and remediation of several SOC 2 audits and various security focused external reviews.

November 1998 – December 2014 Joseph Decosimo & Co., PLLC

Director of Information Technology and Security Chattanooga, TN

As System Administrator, implemented corporate email systems, modernized data center and help desk, significantly increasing end-user satisfaction. Aligned information technology and security platforms to comply with the company’s Strategic Plan.

As Security Consultant, working with a large regional utility client, laid the security compliance groundwork for the first US ISP to offer gigabit speed to residential communities.

Developed and delivered a HIPAA Risk Assessment program for one of the largest senior living providers in the United States.

As Director of IT, managed the department for a mid-size regional CPA firm in a multi office setting. Responsible for a several million dollar budget and all aspects of information technology and security. Consistently stayed within budget.

Implemented successful on time and on budget data discovery and centralization project over a multi-site regional infrastructure, from distributed flat file systems to state of the art centralized Document Management System, working closely and gaining buy-in with all business unit stakeholders.

Developed and directed team receiving a national CSO Top 50 Security Project award for implementation of a secure file transfer\data room project that saved the company hundreds of thousands of dollars.

Developed procedures to automate internal accounting processes, reducing manual work hours by 40% and saving the need for more FTE hires.

Implemented and protected “anywhere, anytime” remote access platforms, including a secure mobile device management system, to increase workforce mobility efficiency.

Education and Qualifications

Certified Information Security Systems Professional (CISSP)

SANS Certified Incident Handler (GCIH)

Certified Information Privacy Professional (CIPP/US)

ISO Business Continuity Management and ISO Risk Management certifications

OneTrust Privacy Practitioner

Security Essentials (GSEC – expired)

HITRUST Certified Common Security Framework Practitioner (CCSFP – expired)

Iona College and University of Tennessee

Numerous security and privacy conferences and training programs

Civic Involvement

Involved in numerous civic and professional organizations throughout my career. Former Board member for the local chapter of the Association of Record Managers (ARMA), former Technology Advisory Board member for local United Way chapter, former Chairman of MSNA IT group, and current Board member of the Walker County, Georgia, Board of Elections. Elected 6 times to Georgia House of Representatives where I helped craft legislation and guide policy ideas.

References

J. Nick Decosimo, Shareholder

Joseph Decosimo & Co., CPA

629 Market Street Suite 100

Chattanooga, TN 37402

423-***-****

Robert Jamison\Human Resources

Elliott Davis, LLC

200 East Broad Street Suite 500

Greenville, SC 29601

864-***-****

Contact this candidate