Cyber Security, Leadership

Senior cyber security and compliance risk reduction specialist. Supporting business objectives motivating teams as subject matter expert as lead on projects. Excellent interpersonal and communication skills facilitate persuasive presentations to clients and productive relationships on project teams.

Expertise

PCI-DSS, ISO 27001

Stakeholder Management

Contract Management

Risk Remediation

Project / Product Management

Solution Selection

Policy & Process Development

Project Leadership

Security Governance

Vendor Management

Business & Security Alignment

Mentorship

Summary

o6 years project team lead for PCI-DSS and security implementations.

o5 years management marketing, sales and technical staff.

oLead and project manager on 15+ projects.

oEstablished 4 PCI-DSS governance programs.

o6 years leadership, advisory and steering committee membership.

o6 years developing and delivering security and compliance training courses, policy and process documentation

oLead deployment of security and solutions including Web Application Firewall, SIEM, Vulnerability Management, system hardening, patch, management, Firewall VPN, authentication, end point .

oDirect and indirect teams of 3 to 30 staff on multi-project programs as Security SME 15 years.

o5 years of Financial Services industry experience to clients in banking, insurance, recovery, investment and internet money services.

oSecured support of Metrolinx leadership taking ownership of lingering 4 year non-compliant PCI-DSS program to achieve compliance in 9 months directing 6 leads 4 vendors and over 30 project members. Completed 10 sub-projects on time under budget.

Professional Engagements

2003 – Present Allan Crowe 8105553

Principal Consultant, Owner, Cybersecurity, Compliance and Risk

2019/06 – Present (Part-time) AniMed PBM Pet Care

Principal Consultant, Owner

2018/11 – 2019/06 Canadian Tire Financial Service (Bank)

Senior Security Consultant, Governance, Risk and Security

2017/03 – 2018/10 Metrolinx

Senior Cybersecurity Subject Matter Expert and Project Manager

2016/11 – 2017/03 Price Waterhouse Coopers

Senior Cybersecurity Subject Matter Expert (Metrolinx)

2016/03 – 2016/12 Digital Defense Inc.

Senior Consultant Product Marketing

2014 – 2016 Tenzing Managed IT Services

Senior Product Manager, Security and Compliance

2014– 2017 George Brown College

Professor (Part Time)

2016 – 2017 Conestoga College

Professor (Part Time)

2014 – 2015 Big Iron Solutions (acquired by IBM)

VP, Compliance and Security

2010 – 2014 Eloqua (acquired by Oracle)

Senior Manager IT Security and Risk, Salesforce.com

2007 – 2010 Cyberklix Inc. (acquired by The Herjavec Group)

Manager, Marketing Product Management

2000 – 2003 AT&T Canada (acquired by MTS Allstream)

Senior Product Manager, Networking and Security Solutions

Education & Certifications

Payment Card Industry Professional (PCIP) 1001-578

Certified Information System Security Professional (CISSP) 376936

Canadian Reliable Clearance Qualified

Marketing Product Management - University of Western Ontario, Richard Ivey School of Business

National Canadian Coaching Program (NCCP) 5832268

Sheridan College, Oakville, Ontario - Diploma Computer Science and Technology

Publications

Executive Guide - Vulnerability Management for eCommerce – 2016

Consulting Guide - Step by Step Guide to Vulnerability Management – 2013

Evolving PCI-DSS from Version 2.0 to 3.0 Changes and Impact - 2013

PCI Policy Template Library –21 policy templates for PCI and Security Best Practices - 2011

PCI-DSS V3.0 Project Overview Dashboard Matrix - 2014

Interests

Triathlon - Canadian National Age Group Team Member 2012, 2013, 2014, 2016, 2017, 2018

Subaru Triathlon Series Winner – 2012, 2013, 2014

Triathlon Coach - Oakville Cyclepath Race Team (Invitational) 2014, 2015, 2016

Technologies Keywords

MS Office, Varonis data classification, Cloud SIEM Sumologic. eIQ, P2PE handheld payment systems, Symantec FIM, Imperva, Zenedge & Akamai WAF, CDN & DDoS, Alertlogic, Tenaable, Digital Defense Frontline, Nessus, Rapid 7, Qualys Vulnerability management and scanning, Net sparker app scanning, AntiVirus Kaspersky, Office, PCI-DSS, PIPEDA, ISO 27001, NIST, CERT Incident Response, Security and Compliance Policies, Security Awareness Training Materials, 2 factor authentication, encryption, DLP, NIST and ISO Risk Management Frameworks, eCommerce platforms Oracle ATG, SAP Hybris, Magento, MS Project, Basecamp project management, Atlasian (Confluence, Kanban, Jira), Firewalls Juniper, Fortinet, Netscreen, Checkpoint. Mainframe Z/OS mainframe, RACF, Corelog SIEM, Saleforce scripting, python, AJAX, SQL.

Contact this candidate