Project Manager Information Technology
Resume:
Michael D. Molinaro
MS, MBA, CFE, CISSP, C CISO, HCSIPP, CGEIT, CISM, CRISC, ITIL, CDPP, CPSP
**** ***** ******* ******, ******, New Jersey, 07065
**** ***** ***** *****, *****, Florida, 33614
***********@*****.***
https://securitycurrent.com/michael-molinaro/
https://www.linkedin.com/in/michaeldmolinaro/
Technology, IT, Cybersecurity, Risk & Compliance Manager, Project Manager & Consultant
Transformative and visionary Information Technology executive with 30+ years of leadership success combined with in-depth and diverse technical expertise. Sought-after speaker at regional and national events, presenting unique insights in IT, security, risk, compliance, cyber-defense, leadership, service delivery, business process integration and fraud.
Distinction of successfully defending a public national event, the Republican National Convention (RNC) in Tampa, Michael built a COE with a suite of Cybersecurity tools and coordinated with 140+ local, state, and federal law enforcement and government agencies including US Secret Service, FBI, DoD, DHS, FDLE, and US Armed Forces.
Specialized in building and improving IT/OT Operational & Service systems, projects and programs, he has built many IT, IT Risk, IT Security/Cybersecurity and GRC systems, datacenters and programs from the ground up. He works effectively with the Board of Directors and executive/senior management, technical and business staff delivering small to large multi-$Mil projects and budgets over $250 Mil. Experienced managing Dept.’s over 250+ CAPEX/OPEX projects and staff of 500+ globally.
qualifications Summary
qExecutive IT Leadership (Large & Small Teams)
qIT/OT Risk, Security, Compliance & Audit (RSC) Mgmt.
qCyber Defense Strategy, Deployment & Operations
qIT/OT Strategy, Planning & Governance Integration
qIT Service Management & Vendor Management
qIT/OT Program/Project Management / Software Development & Agile Management (Cloud – MSP/CSP Microsoft, Google, AWS & On-premises)
qIT/OT M&A Technology, Operations, Organizational Management, Governance & Cybersecurity Assessments
Telecommunications and Network Systems & Infrastructure
qIT Dept. & SRCG (GRC) Budgets and Capex Planning (& OPEX)
qRegulatory & Operational Compliance, Security Controls & Frameworks (PCI, ISO, SOX, SOC, HIPAA, GDPR, CMMC, ABA, CJIS, China CS, OFAC, FinCEN, FISMA, FedRAMP, GxP & FDA 21 CFR 11, USA Patriot Act – BSA & SIP)
qBusiness Process Management (BPM), DevOps & DevSecOps
qEnterprise Architecture, Planning, ERP, EHR, CPOE/Med-OE
qTelecommunications and Network Systems & Infrastructure
Professional Experience
CLEAR Consulting Group, LLC October 2017 to Present
C-Level Expert Advisors on Risk, “CLEAR”
Executive Consultant and SME on IT/OT Operations, IT/OT Security/Cybersecurity, Risk Management, Compliance, IT Service Management and Cloud Services. Our consulting company currently provides the following services:
uInterim, virtual, and/or On-call CIO & CISO and Executive Consulting Services
uIT/OT Operational Security, Cybersecurity, Risk, Compliance & Controls Design/Management Consulting Services
uThird-Party IT Risk Assessments and Audits (people, process, planning & technology) for Security Due Diligence, Compliance & Projects: HIPAA, PCI, GDPR, ISO, CCPA, GxP & FDA, FinCEN, OFAC, China CS, GDPR, FISMA, CMMC, CSF, GLBA, NERC, FedRAMP and SOX
oDevelopment and deployment of extensible risk matrices, risk appetite, risk ratings and prioritization, frameworks / business methodology to both, stateful and automated, analysis of all manner of risk parameters, characteristics, metrics, and reporting
uIT, Operations and Risk assessments of datacenters, data facilities and Operations Centers (NOC/SOC)
uPCI Readiness & Gap Assessments and Consulting Services e.g., Remediation, Scope Reduction
uManagement Services e.g., Policies / Procedures, Vendor Mgmt., Vulnerability Mgmt., Project Mgmt.
uProgram & Project Management and Development of IT/OT, Security & Compliance for Infrastructure, Organizational Structures, Systems and Software Development
uSecurity Awareness and Incident Management Training
uIT/OT Operations and Business Process Management Automation, Datawarehouse assessments and remediation’s and business analysis for deployment of BPM and RPA systems (BPM & RPA)
uITIL Implementations from Single Domains to Full IT Service Lifecycle Mgmt. and OSS/BSS Integration
uMerger & Acquisition Technology, Security, Operations and Operational Risk Assessments (for ROI and Business Evaluation Purposes)
uAnti-Fraud Intelligence and Data Breach/Incident Investigative Services
uIT/OT Security, Risk, Compliance and Fraud Lectures and Training
uBusiness Analysis/Liaison to SOC/SIEM, Remote/VPN, SaaS, and other Cloud-based Service Providers (Microsoft, AWS, Google)
A Sample of Previous CLEAR Consulting Clients:
1.)Largest Metropolitan Transportation Service in the US - Metropolitan Transportation Authority - (June 2022 to May 2024)
a.Developed IT/Cyber Security, IT Risk, and IT Compliance standards, Policies and SOPs (large quantity of Standards Policies, P&Ps, SOPs & guidelines),
b.Development and deployment of risk models, matrices and extensibility for IT and police department management and systems.
c.Developed standards and project planning for integration of MTA PD and IT Third-party Risk Management
d.Azure/Google/AWS cloud Standards, Requirements and security hardening build and operations
e.Full and complete IT/OT Wi-Fi Technical, Operational and Security Standards for all MTA,
f.Data Standards, Risk, Operations & Security Controls Management Program build and operations,
g.Gap Assessments for various Command, Control, Communication’s and IT Datacenters
h.Design, architect, and manage acquisition and OEM for the new MTAPD Telecommunications Project and Avaya Aura Call Manager Systems for the Long Island City C3 and Graybar facilities,
i.Develop and manage the CJIS or Criminal Justice Information Systems:
i. GAP and Risk Assessment & Project,
ii.Develop extensible risk framework, IT and OT operations policy and procedures from NIST standards such as SP800-53, 63, 61, 39, 30, 37, 82, 171, etc.
iii.Develop training, lecture and project briefings for staff, management and executives
iv.CMMC assessment as a critical infrastructure
j.Develop, document, Lead, manage and brief management on the MTA IT Asset Management program.
k.Develop and manage comprehensive design, architecture, process flow and operations diagrams,
l.Conduct multiple and concurrent targeted, specific, and broad risk assessments for OT/IT technology, controls, and processes/procedures,
m.Assess, improve, and deploy ITSM practices – focusing on risk and security services and management,
n.Design, architecture, planning, build and deploy the MTAPD VoIP/SIP Call Management (PBX) systems for the overall Police Department and the Command, Control and Communications Center
o.Project Manager for multiple complex IT/ OT, FedRAMP, Critical Infrastructure, Risk and Security tasks and projects (also reorganize stalled projects and realign flailing projects),
p.Develop and implement a Delivery Management Office and operations,
q.Develop and deploy third-party risk management (TPRM) program and cloud security standards / requirements,
r.Develop and manage all IT/Cyber Security Architecture, Engineering and Operations standards,
s.Established and deployed detective & preventative controls for GDPR, CCPA, CSF, CMMC FedRAMP, Critical Infrastructure and FISMA requirements,
t.Documented, deployed, and measured IT Risk & Security Governance Framework, controls, and measurement capabilities,
u.Senior executive management reports and presentations (Quarterly State of the Cybersecurity Briefings),
v.Police Department and Police Support Unit / Departmental senior IT/Cyber Risk, Security and Compliance Advisor,
w.Project Manage the OT Cybersecurity Controls by Agency IT Asset Management and Controls project.
x.Develop and document departmental Disaster Recovery Plan and contents – correlate with the overall organization BCP/DRP
2.) Global Mobile Telecommunications Device Remanufacturer – PCS Wireless, Inc. (April 2021 to March 2022)
a.Documented, deployed, and measured IT Risk & Security Governance Framework, controls, and measurement capabilities.
b.Developed and implemented both IT and product risk models and extensibility in standalone tools for ISO and IT services and systems
c.Developed the IT Third-Party Risk Management program
d.Global IT Department restructuring plan, develop and deploy global town hall meetings.
e.Azure/Google/AWS cloud migration and security hardening build and operations
f.Data Standards, Risk & Operations Management Program build and operations.
g.Assess, improve, and deploy ITSM practices – focusing on Change/Release Management and integration to Cloud Services
h.Develop and deploy third-party risk management (TPRM) program and cloud security standards / requirements.
i.Develop and manage all IT/Cyber Security Architecture, Engineering and Operations standards.
j.Access IT Datacenters in US and Central America
k.Introduced and deployed all IT/Cyber Security, IT Risk, and IT Compliance standards, Policies and SOPs (89 Standards Policies, P&Ps, SOPs & guidelines)
l.Deployed from requirements build to operational SOP the Global Security Operations Center
m.Develop and deploy global facilities and loss control operations, teams, and staff (integrated into the Global Fusion Center & Security Operations Center) (includes armed and unarmed guards)
n.Hired all new SharePoint development, security, risk, compliance, and IT Service operations staff.
o.Established and deployed controls for GDPR, CCPA, CSF, CMMC, FISMA and GLBA requirements
p.Board and senior executive management reports and presentations (Quarterly State of the Cybersecurity Briefings)
q.Deployed IT Security Training
3.) Global Pharmaceutical Company, NYC, Interim-CISO & Assistant CIO a. Interim-CISO & Assistant CIO – Intercept Pharmaceuticals, Inc. (July 2019 to August 2020)
a.Documented, deployed, and measured IT Risk & Security Governance Framework, controls, and measurement capabilities.
b.Developed and established risk framework, controls implementations and variable IT/OT models for IT, Cyber for various GxP processes to reduce security incidents, failures and improve proactive risk mitigations
c.Investigated and managed security incidents regarding GxP vendors
d.Gap Assessment of IT and Security Datacenter – follow-up remediation planning and deployment
e.Developed the IT Third Party Risk Management program (focus on global GxP vendors
f.Azure/Google/AWS cloud migration and Security Hardening build and operations
g.Data Management Program build and operations.
h.Assess, improve, and deploy ITSM practices – focusing on Change/Release Management and integration to Cloud Services
i.Develop and implement the entire IT life cycle and asset management systems, controls, and management program.
j.Develop and manage all IT/Cyber Security Architecture, Engineering and Operations standards.
k.Introduced and deployed all IT/Cyber Security, IT Risk, and IT Compliance standards, Policies and SOPs
l.Deployed from requirements build to operational SOP the Global Security Operations Center
m.Hired all new staff.
n.Established and deployed controls for GDPR, CCPA, updated SOX, HIPAA, and FDA requirements
o.Board reports and presentations (Quarterly State of the Cybersecurity Briefings)
p.Deployed IT Security Training
4.) Global Insurance Company, NJ – Prudential Insurance (October 2017 to February 2018)
a.Developed management risk ratings, risk automation and selection criteria for a global Human Capital Management Cloud SaaS vendor selection and migration.
b.Developed an extensible standardized risk score for Vendor Governance that can be automated in software such as Archer or a BPM with status and Big Data analysis dashboards.
c.GDPR alignment and GAP findings for existing security and compliance standards and regulations at the organization
d.Detailed and thorough Cloud/Managed Service Provider Technical and Operational Risk and Security Requirements and Standards
5.) Large Diagnostic Laboratory, NJ – Accurate Diagnostics Laboratories, Inc. (December 2017 to June 2018)
a.HIPAA Security and Privacy Risk Assessment
b.Established a risk program, framework, and metrics
c.PCI Level 1 & 2 merchant gap assessments & ROC Preparation
d.HIPAA Data Breach Notification Responsibility Assessment
e.Policies and Procedures Development
f.GDPR expectations regarding their clients, systems, and services to include a GDPR GAP review.
g.Access and develop plans for a full service PMO deployment.
5.) Healthcare Performing Provider System, NY – Staten Island Healthcare Performing Provider System or SI-HCPP (May 2018 to October 2018)
a.HIPAA Security Risk Assessment
b.Project Manager for risk assessment of the Data Warehouse, remediation, and report of MAP to NYDOH
c.vCIO & CISO
6.) Largest Broadway/Theater Retail Ticketing Company, NY/NJ – The Shubert Organization (January 2018 to present)
a.PCI DSS v3.2.1 & 4.0 Readiness Assessment and SME support for ROC
b.PCI Risk Assessment and remediation
c.Developed and deployed the Third-Party Risk Management program
d.Security Incident Management Plan and Security Training development
e.Policies and Procedures development (all IT Policies)
f.SDLC, Network and Security Management planning and implementation
g.Security & Compliance Training (material and class work)
h.Assess and improve Change Management and various other ITSM processes.
i.vCISO for the organization – manage security events as requested and required
j.Management and communications of security incidents for the IT Department
7.) NY YMCA organization, Northeast Region (December 2018 to April 2019)
a.Data Warehouse information, Security and Compliance architecture and design
b.DWaaS IT, Risk and Security Functional Requirements development
c.DWaaS Policies and Procedures development
d.DWaaS and general Cloud Security deployment including GDPR controls.
e.Master Data Management standards and reviews
8.) Largest Healthcare Cooperative/Alliance, DC/NJ – HTA (Fortune 100 Companies, Global/US) (June 2018 to October 2028)
a.Assess Datawarehouse Operations, Security and Controls (full lifecycle)
b.Conduct Independent Data/Security Incident Evaluation and Broad/Residual Risk Incident Investigation
c.Recommendations to improve Technical and Operations Practices to resolve findings of Cloud Provider for the Alliance
d.Conduct HIPAA Four (4) Factor Post Event Risk Assessment
9.) Virtual CIO and CISO for medium and small companies
BioReference Laboratories, Inc. (Acquired by Opko Health), Elmwood Park, NJ November 2014 to October 2017
Third largest, $1.5+ Billion, global medical, bioresearch, genetic diagnostic retail company in North America
VP, Information Systems & CISO:
uIntegral member of the executive management team in the development of corporate IT Strategy, Security/Risk Management, and Compliance.
uDeveloped and deployed the risk management program, risk operations and risk diagnostics for the IT and Security team BPM/RPA systems/software for both IT Services and medical diagnostic product/services and tools.
uDevelop programs to manage internal and external audits & auditors
uDeveloped and deployed the organizations BPM/RPA Software Development Agile practices for automated and extensible framework for use in IT, security, compliance, and various production services such as Web-based HER (Epica), CPOE and LIMS systems. To include IT and security Controls for the interface, operations and management of medical diagnostic hardware, software and systems
uFacilitated business growth by aligning technology and security objectives with business goals.
uImplemented IT Security, Risk, and Governance programs enabling HIPAA, PCI, GDPR and SOX compliance.
uGAP and Risk assessments and remediation projects for on premises and cloud datacenters.
uManaged a CAPEX/OPEX $6+Mil budget encompassing IT Security, Risk, Governance, PMO (Delivery Management), eDiscovery, FedRAMP and ITSM programs, projects and staff.
uDesign and deploy the initial CMDB, Configuration Management, Change Management, Security Management, Release Management, ITAM and various Service Management processes.
uDeveloped GDPR & CCPA GAP program with governance metrics and automated/hybrid controls.
uImplemented Business Process Management (BPM/RPA) automation and applications solutions for various business lines (IT, diagnostics, medical, risk, sales, compliance, and Security processes to leverage cloud applications and the speed of services to market/business, including automation of change management, release management, test management, SDLC, Compliance, Cyber-security, reporting, business intelligence and others)
uUser Interface (UX) and IOT API development for ERP, EHR and CPOE platforms.
uDeveloped corporate policies and procedures for Enterprise IT, Risk and Security.
uTransitioned company to secure/compliant Cloud solutions e.g., AWS, Azure, Google (Armor/Rackspace MSPs)
uBuilt the Global ISOC, security, and fraud incident management practice, liaising with critical infrastructure and law enforcement.
uArchitected secure and compliant Cloud solutions; Amazon Cloud Services (AWS Containers & Kubernetes) / Microsoft Azure and Armor/Rackspace MSPs are in addition to data warehouses and reporting.
uAdvisor (advised) for senior & executive management on improving and implementing systems and practices for the deployment and improvement of service management, application development, data management-protection, and compliance by “baking” risk and security into processes and the corporate culture.
uBuilt the Global ISOC, security, and fraud incident management practice, liaising with critical infrastructure and law enforcement.
uAssisted in the development of automated process, assurance controls and design of various imaging, reporting, middleware, migration/conversion, and instrument interface systems.
Bright House Networks, (acquired by Charter Communications), Tampa, FL March 2012 to January 2015
Bright House Networks was a +$4 Billion company that was the 6thlargest cable, telecommunications/ISP in the US (20th globally), serving 5+ Mil residential and business customers domestically and internationally.
VP, Enterprise IT & Security, CIO and CISO:
uIntegral member of executive leadership team, managing a $75+Mil IT and global Security budget.
uLed an operational staff of 250+ staff with 7 Line Directors, with projects/events scaling up to 450+.
uAs VP of IT/CIO, built and led enterprise IT operations, service delivery, and technology support teams, redesigning IT organization from 12 separate departments.
uDeployment and development of ERP on-premises and cloud platforms, integration of SalesForce.com platforms with Enterprise billing systems.
uDevelopment of Reference Architecture (includes middleware within the layers), data warehouses, data modeling and Master Data Management systems to support business requirements and their IT/Cyber defense.
uAs CISO, built Enterprise IT, Risk, Governance, Security and Compliance departments from ground up.
uDeveloped Global IT Application NOC (ANOC) and Security Fusion Center (ISOC) for external and internal customers that handled approx. 350,000 IT service requests and 1,500 security incidents annually. (Liaised with DHS, FDLE, USSS, FBI, multiple states LEO’s, NASA, DOD, CentCom and SoCom).
uDeveloped and deployed a full-service software development division using the Agile methodology for XaaS services and BPM/RPA based ITSM operations.
uIntegrated Business Process Management (BPM) platform for high-speed low code IT Dev/Ops (IT software development), which slashed application and hardware deployment time by 75%:
oDesigned and deployed large scale full service ITSM systems to entire IT, Risk & Security Department.
oIntegrated Serena Software BPM/RPA based ITSM into both BMC Remedy and ServiceNow.
uDeveloped and introduced the organizations first full Risk Management program and deployed this program into the IT Service Management BPM/RPA software systems, especially, all ISP based services to manage security events.
uDeveloped and deployed the IT PMO/DMO to include customer, corporate, partner, critical infrastructure and FedRAMP projects.
uRisk and Security Assessments of corporate data, command and operations centers, includes the design and deployment of multiple 200,000 square foot IT and Security datacenters.
uDeveloped Data Forensic program to accommodate criminal, civil, and government/national defense subpoenas and FISA/Wiretap/Trap and Trace orders. (Facilitated apprehension of persons allegedly involved in terrorism, organized crime, money laundering, child exploitation, human trafficking, and payment card/financial fraud).
uImplemented automated audit processes to manage GDPR, HIPAA, PCI, FCC, and SOX based audits.
uPioneered a corporate-wide BPM based PCI Compliance Program (Level 1 merchant with $20+Mil annual trans.) with staff of ISAs performing full assessments, remediation, and validation reporting.
uSuccessfully defended the RNC in Tampa (Onsite) and DNC remote support in Charlotte:
–Implemented full cyber-defense solution and Communication Fusion Center in just 20 weeks.
–Managed a combined total of 450+ management, technical staff, and consultants for 7 months.
–Successfully thwarted cyber-attacks, primarily from hacktivists and nascent states.
–Liaised with 140+ local, state, and federal law enforcement and government agencies including US Secret Service, FBI, DOD, DHS, FDLE, CID, NCIS, AFOSI and multiple US Armed Forces.
uProvided cyber support for national events where Bright House Networks (BHN) was the telecom, and ISP e.g., the DNC, World Cup Committee, NATO World Summit, and Bollywood conventions.
uPioneered multiple IT/Security MSSP services (Virtualized based Cloud Services and Support) to BHN business customers, resulting in $500K in initial revenue.
AEGIS Insurance Services, Inc., East Rutherford, NJ December 2007 to December 2011
$2.5+ billion global insurance and financial services company.
Information & Security Officer (VP)
uAdvisor to EVP-CIO, CEO and senior managers on IT and security strategies and technology innovation.
uEstablished Enterprise Security Office with IT Security, Risk, Compliance, and Governance programs.
oIntegrated the newly developed risk management program into the BPM/RPA systems for an additional review process utilized by the actuarial teams.
oDevelop program to manage internal & external audits and auditors
uLed development and deployed the BPM based ITSM with Dev/Ops, PMO, and Change/Release programs, for close-to 100% on-time delivery rates.
uManaged IT security, GRC, infrastructure, and other projects, coming in up to 15% under budget.
uPresented IT assessments and strategy plans to the Board, gaining approval on multi-$Mil initiatives.
uIntegrated BPM low code software to deliver key components of ITIL Delivery Management and Enterprise Software deployment (Change/Release/Test/Service/Security Management Automation).
uAdministered a $20+Mil annual budget, delivering projects that were up to 15% below budget.
uEstablished COSO, CobiT and NIST controls for all IT audits (Safe Harbor, GLBA, SOX, NERC, and PCI).
uDrove audit remediation, enabling IT organization to go from consistent Fail to Pass in just 1 year.
uIncreased IT Dept.’s CMMi and ITIL maturity ratings in service and security mgmt. from 1.8 to 3.2 in just 30 mo.’s.
uDesign and deployed full ITSM software, processes, and tools – moving from manual to almost full automation to include security and operational controls design and deployment.
uDeveloped and deployed a full-service software development division using the Agile methodology for PC services and BPM/RPA based ITSM operations
Ground Travel Technology Team, Inc. (“GT3”), (acquired by Boston Coach) Hackensack, NJ October 2005 to October 2007
$25+ million cloud-based SaaS Startup Company that specialized in automation technology for the ground transportation and travel industry. Acquired by Fidelity/Boston Coach.
VP of IT, Operations, Security & Compliance
uOperationally transformed start-up from several failed launches to a successful multi-$Mil company
uRecovered $1.6Mil lost business that resulted from previous product/support issues.
uLed technology and services/product delivery teams (70+ staff), serving customers world-wide, including Fortune 50 clients Pfizer, GlaxoSmithKline, Lehman Brothers, JPMorgan Chase, and MetLife.
uDeveloped and deployed an Agile Software Development operations practice using BPM/RPA platform for delivery of software features, functionality and modifications.
uDesign contributor to one of the first credit card and cellular GPS systems for taxi/cabs and ground car transportation. Led partner negotiations and defined systems criteria with Cingular and other carriers.
uRealigned business-critical software systems/processes (SDLC, PMBOK, and ITIL) and embedded security & compliance into IT Operations, eliminating delivery gaps that used to be up to 60%.
uMigration of on-premise’s systems centers to MSP and Co-Location Datacenters.
uBuilt application security services (Cloud/SaaS) as additional revenue stream in the MSSP market.
uBuilt a world-class SSAE16 certified facility ($4+ million revenue) and call center ($5+ million revenue).
Christian Health Care Center, Wyckoff, NJ November 1996 to August 2005
$100 million regional long-term and psychiatric acute care organization
Director of Information Technology & Information Security Officer
uBuilt the IT Department from the ground up, enabling the organization to quadruple in size/revenue.
uDeveloped and deployed the IT Project Management Office (PMO) and Delivery Management Practice (DMO)
uDesigned and deployed a full service ITSM practice based on ITILv2/3
uManaged all technology, hardware, software, and IT services with $7+ Mil annual budget and staff of twelve.
uEstablished IT, Security, Risk, Compliance, Project Management, and Software Development programs.
uDirected multi-year initiative to achieve HIPAA, PCI, and SOX compliance, putting the organization in forefront of New Jersey healthcare compliance (to meet original March 2005 deadline).
oEstablished the IT and HIPAA risk model and framework – designed this into the IT Departments Intranet and ITSM BPM system.
uLiaised with Executive Management, to ensure IT organization’s ROI and strategic impact to the business.
uInstalled clinical and IT automation solutions for various clinical, IT, financial and operational functions.
uDesigned and implemented all network systems and integrations with all Application Service Providers.
uLeveraged large 15K+ device telecommunication system as a revenue-generating managed service.
uDesign, procurement and implementation of on premise operations and datacenters.
uDeveloped and deployed a partial software development division using the Agile & Waterfall methodology for various web-based healthcare intranet services and to deploy BPM/RPA based ITSM systems.
Education
MBA (focus in IT & Cybersecurity) (4.0 GPA – Phi Kappa Phi) Florida Institute of Technology
MS in Information Technology & Cybersecurity (4.0 GPA – Phi Kappa Phi) Florida Institute of Technology
BS, Electronic Engineering Technology (focus in software process automation & Robotics/AI) Thomas Edison State University
Active Certifications
CFE (Certified Fraud Examiner) ACFE
C CISO (Certified Chief Information Security Officer) EC Council
CISM (Certified Information Security Manager) ISACA
CRISC (Certified in Risk & Information Systems Controls) ISACA
CGEIT (Certified in the Governance of Enterprise IT) ISACA
CISSP (Certified Information Systems Security Professional) (ISC)2
ITILv3 Foundations (Information Technology Infrastructure Library version 3) OGC
CDPP (Certified Data Privacy Practitioner) Network Intelligence
CPSP (Certified Payment Security Practitioner)(PCI-DSS) Network Intelligence
HCISPP (Health Care HealthCare Information Security and Privacy Practitioner)(HIPAA) (ISC)2
Military Service
United States Army - Active (4 years), Honorable Discharge
New Jersey Army National Guard (4 years), Honorable Discharge
Highest Clearance Achieved: Top Secret, Special Intelligence (TS-SBI Presidential Elect ended 1990 & Secret ended 1994) (was SBI & is now SCI)
Accolades and Awards
2017 Florida Institute of Technology - 4.0 GPA – MBA degree
2016 Nominated “CISO of the Year” – EC Council – Runner-Up Awardee
2015 Phi Kappa Phi induction – Florida Institute of Technology - 4.0 GPA – MS degree (IT & Cybersecurity)
2014 Nominated “CIO of the Year” – Tampa Bay Technology Forum – withdrew due to relocation to New Jersey
2014 Nominated “CISO of the Year” – EC Council – Runner-Up Awardee
1987 Distinguished Graduate – US Army Signal Corp. School – Radio, Computers and SecOps Systems – Fort Eisenhower
Speaking Engagements, Panels and Published Articles (Highlights-Summary)
Published Articles/Videos:
•Tampa, Florida 2019 ACFE and Us Secret Service Briefing, The CISO Blotter - Tales of Embedded Corruption and Fraud & How they Were Caught - November 2019
•Security Current CISO Spotlight: https://securitycurrent.com/michael-molinaro/ - January 8, 2018.
•Security Current CISO Journal: “Protecting the Republican National Convention – my reflections” http://www.securitycurrent.com/en/ciso_journal/ac_ciso_journal/protecting-the-republication-national-convention-my-reflections
•YouTube video: “Cyber Security Lessons: An Interview with Michael D. Molinaro”
Contact this candidate