Cyber Security, Leadership
Senior cyber security and compliance risk reduction specialist. Supporting business objectives motivating teams as subject matter expert as lead on projects. Excellent interpersonal and communication skills facilitate persuasive presentations to clients and productive relationships on project teams.
Expertise
PCI-DSS, ISO 27001
Stakeholder Management
Contract Management
Risk Remediation
Project / Product Management
Solution Selection
Policy & Process Development
Project Leadership
Security Governance
Vendor Management
Business & Security Alignment
Mentorship
Summary
o6 years project team lead for PCI-DSS and security implementations.
o5 years management marketing, sales and technical staff.
oLead and project manager on 15+ projects.
oEstablished 4 PCI-DSS governance programs.
o6 years leadership, advisory and steering committee membership.
o6 years developing and delivering security and compliance training courses, policy and process documentation
oLead deployment of security and solutions including Web Application Firewall, SIEM, Vulnerability Management, system hardening, patch, management, Firewall VPN, authentication, end point .
oDirect and indirect teams of 3 to 30 staff on multi-project programs as Security SME 15 years.
o5 years of Financial Services industry experience to clients in banking, insurance, recovery, investment and internet money services.
oSecured support of Metrolinx leadership taking ownership of lingering 4 year non-compliant PCI-DSS program to achieve compliance in 9 months directing 6 leads 4 vendors and over 30 project members. Completed 10 sub-projects on time under budget.
Professional Engagements
2003 – Present Allan Crowe 8105553
Principal Consultant, Owner, Cybersecurity, Compliance and Risk
2019/06 – Present (Part-time) AniMed PBM Pet Care
Principal Consultant, Owner
2018/11 – 2019/06 Canadian Tire Financial Service (Bank)
Senior Security Consultant, Governance, Risk and Security
2017/03 – 2018/10 Metrolinx
Senior Cybersecurity Subject Matter Expert and Project Manager
2016/11 – 2017/03 Price Waterhouse Coopers
Senior Cybersecurity Subject Matter Expert (Metrolinx)
2016/03 – 2016/12 Digital Defense Inc.
Senior Consultant Product Marketing
2014 – 2016 Tenzing Managed IT Services
Senior Product Manager, Security and Compliance
2014– 2017 George Brown College
Professor (Part Time)
2016 – 2017 Conestoga College
Professor (Part Time)
2014 – 2015 Big Iron Solutions (acquired by IBM)
VP, Compliance and Security
2010 – 2014 Eloqua (acquired by Oracle)
Senior Manager IT Security and Risk, Salesforce.com
2007 – 2010 Cyberklix Inc. (acquired by The Herjavec Group)
Manager, Marketing Product Management
2000 – 2003 AT&T Canada (acquired by MTS Allstream)
Senior Product Manager, Networking and Security Solutions
Education & Certifications
Payment Card Industry Professional (PCIP) 1001-578
Certified Information System Security Professional (CISSP) 376936
Canadian Reliable Clearance Qualified
Marketing Product Management - University of Western Ontario, Richard Ivey School of Business
National Canadian Coaching Program (NCCP) 5832268
Sheridan College, Oakville, Ontario - Diploma Computer Science and Technology
Publications
Executive Guide - Vulnerability Management for eCommerce – 2016
Consulting Guide - Step by Step Guide to Vulnerability Management – 2013
Evolving PCI-DSS from Version 2.0 to 3.0 Changes and Impact - 2013
PCI Policy Template Library –21 policy templates for PCI and Security Best Practices - 2011
PCI-DSS V3.0 Project Overview Dashboard Matrix - 2014
Interests
Triathlon - Canadian National Age Group Team Member 2012, 2013, 2014, 2016, 2017, 2018
Subaru Triathlon Series Winner – 2012, 2013, 2014
Triathlon Coach - Oakville Cyclepath Race Team (Invitational) 2014, 2015, 2016
Technologies Keywords
MS Office, Varonis data classification, Cloud SIEM Sumologic. eIQ, P2PE handheld payment systems, Symantec FIM, Imperva, Zenedge & Akamai WAF, CDN & DDoS, Alertlogic, Tenaable, Digital Defense Frontline, Nessus, Rapid 7, Qualys Vulnerability management and scanning, Net sparker app scanning, AntiVirus Kaspersky, Office, PCI-DSS, PIPEDA, ISO 27001, NIST, CERT Incident Response, Security and Compliance Policies, Security Awareness Training Materials, 2 factor authentication, encryption, DLP, NIST and ISO Risk Management Frameworks, eCommerce platforms Oracle ATG, SAP Hybris, Magento, MS Project, Basecamp project management, Atlasian (Confluence, Kanban, Jira), Firewalls Juniper, Fortinet, Netscreen, Checkpoint. Mainframe Z/OS mainframe, RACF, Corelog SIEM, Saleforce scripting, python, AJAX, SQL.