Information Security Risk Management
Resume:
Mark Freckleton
B.S., CISSP, CCSK, GSNA, MCSE (NT/00/03)
Poulsbo, WA 98370 **********@*****.*** 360-***-****
Dear Hiring Manager,
I am responding to your position notification. I aim to enhance your company’s capabilities and relationships by providing strategic guidance and expertise in Risk Management, Regulatory Compliance, Security Technologies, Incident Response, Third-Party Risk Assessments, Employee Training, and KPIs. I will strengthen compliance and security controls at all levels by partnering with internal and external stakeholders.
My career began in the Government Electrical Utilities sector, followed by positions in banking, auto insurance, manufacturing, commercial, telecom, and homeowners’ insurance companies. These experiences provided valuable insights into compliance and cybersecurity across different industries.
I have held various roles, including Third-Party Risk Management, Information Security Compliance Manager, Cybersecurity Engineer, Cybersecurity Partner Delivery Manager, and Manager of Advanced Innovation and Telecommunication Security Standards & Strategy. I am an experienced cybersecurity and compliance leader with over 20 years in information security, risk management, governance, and regulatory compliance. Adept at providing strategic guidance, monitoring industry trends, and aligning security initiatives with business objectives. Proven ability to lead cross-functional teams, constructively engage business partners, and convey complex security risks in an actionable manner.
I have leveraged my experience in each position to provide unique value to each business partner. I excel in leadership and communication, enabling me to strengthen both internal and external partnerships. My ability to gain and communicate information effectively ensures that recipients can understand and integrate it into their processes.
Here are some examples of my strengths:
People Developer: I create a motivating and high-performance work environment, managing and mentoring teams for success and growth.
Collaborative and Inclusive: I foster teamwork and collaboration across functional and organizational boundaries, appreciating and leveraging diverse strengths.
Innovator: I take calculated risks and utilize learnings to make decisions that drive growth and alter the status quo.
Communication: I excel in conveying complex information clearly and concisely, achieving group buy-in at all levels.
Leadership Agility: I balance short-term and long-term priorities, fostering individual initiative and strong teamwork.
I hope we can meet soon to discuss how I can contribute to your companies future. I have included my resume with accomplishments for your review. I look forward to hearing from you.
Sincerely,
Mark Freckleton
MARK FRECKLETON
B.S., CISSP, CCSK, GSNA, MCSE (NT/00/03)
Poulsbo WA 98370
https://www.linkedin.com/in/mark-freckleton-ba46293/
**********@*****.***
Comprehensive Leader of Technology, Security, Privacy, Governance, Risk and Compliance
As I have worked in the insurance, utilities, banking, manufacturing, and technology Industries, I’ve provided outstanding management, GRC, project support, product development, and security engineering with the ability to enhance relationships with internal and external organizations and to partner with them in aiding company growth. I seek out and provide end-to-end integrated controls and processes for business strategy, people, technology, and data, to move them rapidly into the marketplace while enabling responsiveness, reporting, reduced liability, and cost savings.
Key Skills Leadership, Management, Information Security, Cybersecurity, Privacy, Compliance, GLB, HIPPA, SOX, PCI, CPNI, GDPR, CCPA, NIST, ISO 27001/2, Security Architecture and Engineering, Project Management, Risk Management,
Regulatory Compliance, Incident Response, Third-Party Risk Assessments, Employee Training, KPIs
PROFESSIONAL EXPERIENCE
Hippo Insurance Palo Alto, CA (Remote) Third-Party Risk Management / Information Security Compliance Manager 2021 - 2025
Implemented and managed a comprehensive Third-Party Risk Management program with a portfolio of over 1200 vendors being tracked and reviewed.
Conducted Quarterly User Access Reviews for over 30 systems.
Managed SOC 2 audits and ISO 27001 compliance for the primary and three subsidiary companies.
Effectively responded to auditor and client RFP requests within the requested time frames.
Implemented and managed privacy requests and compliance measures in adherence to state regulatory requirements such as CCPA, Colorado Privacy Act, etc.
Administered and maintained cookie banner requirements on the company’s web page.
Effectively worked with Leadership, Legal, HR, and various internal groups to maintain compliance and audit requirements for the company resulting in reduced request response times and reduction of potential negative reports.
Responsible for annual maintenance of, and updates to, company Information Security policies and procedures.
Monitored industry trends to anticipate and plan for future security risks.
T-Mobile Bellevue, WA Manager, Advanced Innovation / Security Engineering 2011 – 2020
Led and influenced application and security projects, providing strategic direction and achieving program objectives for 7 years using AWS, Google Cloud, Azure and on-prem systems.
Educated stakeholders on security-related matters to increase awareness and improve culture.
Enhanced customer relations with strong business and technical writing skills.
Managed security requirements, project plans, and schedules, ensuring on-time delivery.
Administered a $300k academic outreach program focused on cybersecurity revenue generation.
Delivered extensive knowledge of regulatory and GRC requirements (GLBA, HIPAA, PCI, GDPR, NIST, ISO 27001/27002) and successfully incorporated them into projects and systems.
Coordinated a team of FTEs and contingent workers, optimizing Identity Access Management (IAM), risk management and product delivery.
Deployed a mandatory Phishing Awareness Training module to over 70,000 FTEs and contractors.
Managed a $1.4M vendor contract, ensuring cybersecurity requirements were met.
Aligned funding requirements with strategic initiatives.
Constructively engaged business partners regarding security issues and established security risk ownership and accountability.
Informed business partners of the security risk implications of critical decisions by combining empirical analysis with expert judgment.
COMSYS (Microsoft Corporation, XBOX LIVE) Redmond, WA Security Service Engineer 2009 –2010
Designed and analyzed SQL databases for security event analysis, identifying trends and unknown attacks.
Created and updated security standards documentation for PCI v1.2 compliance for over 3000 servers.
Assessed network security gaps and recommended 50+ software security updates monthly, ensuring compliance and system integrity.
Managed vulnerability scanning, issue verification, and remediation planning for over 100 systems.
Served as a systems architect and program manager, driving the implementation of solutions across 5+ projects.
Previous positions:
Flow International Corporation Kent, WA Senior Information Technology Security Analyst
PEMCO Mutual Insurance Co. Seattle, WA Senior Security Engineer/Architect
Bonneville Power Administration Seattle, WA Desktop and Network Administrator
Education
Bachelor of Science in Mathematics with a Concentration in Computers,
University of Washington, Seattle, WA
Associate in Arts and Science with Computers,
Clark College, Vancouver, WA
Awards and Recognitions
Completed a mission for the Church of Jesus Christ of Latter-day Saints.
Received Eagle Scout award from The Boy Scouts of America.
Obtained U.S. Patent #12105778 – Real-Time Viable User Determination
Certifications
Certified Ethical Hacker (CEH) training.
Certificate of Cloud Security Knowledge (CCSK)
Thales nShield Certified System Engineer (nCSE)
Core Impact Certified Professional (CICP)
QualysGuard Certified Specialist
SANS GIAC Systems and Network Auditor (GSNA) – Not Renewed
Certified Information Systems Security Professional (CISSP #71990)
Microsoft Certified Systems Engineer on Windows 2003 (MCSE)*
Cyberguard Firewall Security Administrator
Microsoft Certified Systems Administrator on Windows 2003 (MCSA)*
Microsoft Certified Systems Engineer on Windows 2000 (MCSE)*
Microsoft Certified Systems Engineer on NT 4.0 (MCSE)*
Microsoft Certified Professional + Internet (MCP+I)*
Microsoft Certified Professional (MCP)*
*MCP ID #1491138
Contact this candidate