Cyber Security Risk Management
Resume:
Jason Guyler
Liberty Township, OH 45011
Phone 513-***-****
********@*****.***
Seeking Privacy Leadership position to leverage extensive knowledge of privacy regulations, understanding of organizational cyber security risks, information technology requirements, and experience guiding collaborative and cross-functional teams.
KPMG Cyber Security Consulting 2022 - Present
KPMG is a global network of professional firms providing Audit, Tax and Advisory services. Manager – Cyber Security Services
Leading development of workstreams for medical device sales for world’s largest social media company. Result- The client will be able to expand revenue streams and rely less on vendors to sell medical devices.
Managed fortune 100 pharmaceutical company through CPRA readiness. Result- Advised the client, by asset, on what was needed to be CPRA compliant.
Directed the organization and structuring of privacy policy governance framework of documentation for one of the world’s largest tech companies. Result- Aided with FTC requirements and provided a documentation framework that is more manageable and organized for the company’s engineers. EssilorLuxottica Mason, OH 2018 - 2022
EssilorLuxottica is a leader in premium, luxury, and sports eyewear with over 7400 retail stores globally. Essilor Privacy Officer – Retail
Functioned as the company Subject Matter Expert for CCPA, HIPAA, CCRA, State Privacy laws, Canadian Province Privacy laws, PIPEDA, COPPA, TCPA, GDPR and others. Result- Approved digital marketing and communication messages to consumers to ensure compliance with regulations.
Created and implemented an automated Data Subject Access/Deletion Request (DSAR) tool using Service Now. Result- The process managed roughly 1000 requests per year in North America.
Collaborated with senior leadership to align privacy risk tolerance in different parts of the business. Result- Gauged and applied appropriate risk recommendations for organizational projects.
Interviewed more than 80 executives for Privacy Risk Assessments. Result- Located privacy and cyber security gaps, led mitigations, and implemented a Target Operating Model.
Authored and owned digital privacy policy for the organizational online presence, and owned and managed North America Cookie Policies. Result- Website compliant with CCPA, and other state and Canadian province regulations.
Led HIPAA compliance at all North American retail stores. Result- Managed all HHS communications, potential incidents, incidents, and breaches for 4000 stores.
Instituted Cyber Security Awareness Month. Result- Increased awareness in cyber threats and improved Privacy and Security Training metrics.
Networked with the business to create buy-in on a Privacy by Design program. Result- Privacy had a seat at the table when the business launched new projects, such as telemedicine.
Managed incidents that arose within the business. Result- Managed over 20 incidents, most of which never became a breach.
Monitored State and Province laws, updating Luxottica’s compliance program as needed. Result- Updated Luxottica’s Privacy program for compliance with CCPA, CPRA, GDPR, VA CDPA and others.
Led 24-month plan for the Privacy Office to establish policy and procedures. Result- Created, maintained, and tracked all milestones on the Privacy Office plan such as resource allocation and project management.
Led and executed Risk Assessments based on the following frameworks, HITRUST, NIST and ISO-27701. Results- Created Privacy Framework and created controls to protect company assets.
Networked with local organizations to benchmark and share ideas about privacy programs. Result- Strategically compared key metrics with other companies to inform decision making.
Rewrote training modules for HIPAA, AB&C, AML and PIPEDA. Implemented annual HIPAA training at the stores. Result- A new focus on training increased participation levels 10% to 25% for trainings.
Partnered with Outside Counsel to verify important decisions in the ‘gray area’ of the regulations. Result- Responsible decisions based on outside counsel to support EssilorLuxottica’s decision.
Researched, planned, prepared to present a Privacy Automation plan to leadership, comparing OneTrust, Spirion, Exterro, ServiceNow and Primeur. Result- The presentation is scheduled for Q1 2022. Compliance & Risk Senior Manager
Lead a cross-functional team to design a cross brand framework for compliance. Result- Implemented a new framework allowing compliance teams to communicate more effectively, quickly find gaps and communicate to management as a unified team.
Reviewed 250 contracts annually with landlords and vendors. Result- Reduced contract risk for insurance, compliance, and privacy.
Created a new process for Canadian Opticians to receive their annual insurance certificates necessary to renew their optician license. Result- Working with the Colleges of Optometry in each Canadian Province, I built a new process with each Provinces’ College allowing our Opticians to renew their certificates before expiration. Active licenses are required for Opticians and Opticians are required to keep the stores open.
CyberRisk Management, LLC. Cincinnati, OH 2015 – 2018 CyberRisk Management provides governance, risk management and compliance consulting services for organizations with a focus on compliance to HIPAA, GLBA, PCI-DSS and other regulations. Consultant
Built relationships with multiple agencies and societies to educate their members of cyber security threats and benefits of governance, risk management and compliance while building credibility for CyberRisk Management. Result- I presented widely for these organizations multiple times each month to hundreds of members.
Interviewed clients and prepared Risk Assessments based on NIST 800-53 guidelines and applicable regulations. Result- Introduced organizations to a cyber risk management program. Cengage Learning, Inc. Mason, OH 2014 – 2016
Product Manager MIS & Upper-Level Business
Cincinnati Sub-Zero Inc., Cincinnati, OH 2012 – 2013 Medical Product Manager
BlueStar Inc., Hebron, KY 2011 – 2012
Healthcare Initiative Manager
Remedy Intelligent Staffing, Cincinnati, OH 2009 – 2011 Franchise Owner
Ethicon Endo-Surgery, Division of Johnson and Johnson, Cincinnati, OH 2006 – 2009 Product Director – Single Use Medical Device Recycling EDUCATION AND TRAINING
Master of Business Administration, Marketing, Indiana University, Bloomington, IN May 2000 Bachelor of Science, Marketing, Ohio State University, Columbus, OH August 1995 Project Management Masters Certification, George Washington University, St. Louis, MO September 2003 COBIT 5 Certification, ISACA, Schaumburg, IL 2016
CCEP, (Certified Compliance and Ethics Professional), Eden Prairie, MN 2018 OneTrust Privacy Management Professional 2022
OneTrust PIA and DPIA Automation Expert 2022
OneTrust Consent and Preference Management Expert 2022
Contact this candidate