Post Job Free
Sign in

Information Security, Audit and Governance

Location:
Pottstown, PA
Salary:
180000
Posted:
June 17, 2025

Contact this candidate

Resume:

Vivek Wadhawan, CISO

Camp Hill, PA LinkedIn nofixnofeepa@gmail.com 717-***-****

Cyber Security professional with 15+ years of cybersecurity, risk management, and compliance mastery. Proven track record in safeguarding criOcal assets and sensiOve data through effecOve vulnerability management, IT audits, and alignment with industry standards like ISO, NIST, HIPAA, and PCI-DSS. Visionary leader skilled in fostering high-performing teams, aligning security iniOaOves with business objecOves, and enhancing resilience. Strong acumen in e-discovery and forensics to drive efficient data collecOon, preservaOon, and analysis for invesOgaOons and legal compliance. Areas of Exper,se:

Cybersecurity Strategy Development Vulnerability Management & Remedia<on Governance, Risk, & Compliance (GRC) Project Management Planning Genera<ve AI Iden<ty & Access Management Security Policy Development & Enforcement Data Protec<on & Privacy Controls Incident Response Threat Intelligence & Analysis Dual-Factor Authen<ca<on AI Security & Governance NIST CyberSecurity Framework EXPERIENCE

Janney Montgomery Sco/ LLC Cybersecurity Incident Response Lead Philadelphia, PA 2016 – Present Develop and implement comprehensive incident response strategies to increase resilience and protect organiza<onal assets and informa<on security. Lead red team/blue team ini<a<ves, iden<fy vulnerabili<es, and strengthen threat containment through detailed malware analyses and robust security measures.

• Achieved a 40% reduc@on in overall security threats by launching a structured vulnerability management and remediaOon program that idenOfied and addressed over 200 security vulnerabiliOes.

• Improved compliance and reduced poten@al data breaches by 35% through strengthened confidenOality, integrity, and analysis of system outputs.

• Minimized risk exposure by 25% with strategic iniOaOves driving long-term security improvements and swi\ responses to threats.

• Increased regulatory adherence by 30% by creaOng and implemenOng policies and processes for informaOon security and privacy.

• Reduced user-driven security incidents by 50%, planning and leading a targeted security awareness program.

• Delivered IT projects on @me and within budget by spearheading security-related operaOons, including evaluaOng, tesOng, and integraOng new systems and services.

Skills: Technical · InformaOon Security · Incident Response · Cybersecurity · Management · Guidance · CommunicaOon · Responsible · Support · ResponsibiliOes · Wriaen · Access · Coordinate · OrganizaOon · It Security · ReporOng · Plan · TesOng · Security OperaOons · Cissp · Lead Drayer Physical Therapy Ins@tute Chief Security Officer Hummelstown, PA. 2010 – 2016 Directed informa<on security, risk management, and compliance ini<a<ves to protect sensi<ve data and ensure HIPAA and PCI standards adherence. Oversaw IT infrastructure projects with a focus on secure implementa<on and organiza<onal compliance. Oversaw e-discovery and forensics requests from leadership and human resources while managing 6 direct reports.

• Achieved a 95% compliance rate and reduced vulnerabili@es by 30% via effecOve external audits and vulnerability management.

• Reduced system disrup@ons by 40% through proacOve virus miOgaOon and incident response efforts.

• Improved regulatory compliance and reduced phishing suscep@bility by 50% through a security awareness program.

• Minimized data exposure risk by 60% with comprehensive encrypOon of workstaOons, laptops, mobile devices, and backend systems.

Key Projects:

• Dual-Factor Authen@ca@on Implementa@on: Designed and deployed an organizaOon-wide system, adding a robust layer of security to access protocols and reducing unauthorized aaempts by 45%.

• USB Access Control: MiOgated risks of data breaches by restricOng unauthorized USB device usage in compliance with HIPAA standards.

• Vulnerability Management Program: Reduced criOcal vulnerabiliOes by 35%, forOfying defenses against emerging threats.

• E-Discovery and Forensics: Improved invesOgaOon response Omes by 50% with streamlined processes.

• Policy and Awareness Enhancements: Strengthened organizaOonal security through updated policies and targeted training.

• Iden@ty Management System with Dual-Factor Authen@ca@on: OpOmized user authenOcaOon security and decreased unauthorized access by 30% through advanced idenOty management.

• Boarding and Security Awareness Training: Increased new employee engagement with security protocols and reduced security- related errors by 35% through comprehensive onboarding and training iniOaOves. Skills: Readiness Assessments · Regulatory Guidelines · Technical FoundaOon · InformaOon Technology · Cissp · Wriaen · Accurate · Guidance · Mentoring · ProacOve · ReporOng · Technical · Commitment · Discipline · InnovaOon · Managing · Monitoring · Maintaining · CommunicaOon The Hershey Company Lead, Informa@on Security & eDiscovery/Forensics Hershey, PA. 1993 – 2010 Leveraged industry-leading technologies and managed computer inves<ga<ons, security systems, and electronic discovery processes to protect cri<cal informa<on and ensure confiden<ality. Directed war room incident responses, including virus and intrusion mi<ga<on, and implemented preventa<ve controls.

• Conducted legal holds, discovery, and li@ga@on-related data produc@on, ensuring Omely and accurate results.

• Developed and executed effec@ve remedia@on strategies following comprehensive post-mortem analyses of security incidents. Skills: Iso · Soc · Cisa · Cism · Nist · Crisc · TesOng · Audits · Footprint · Iso 27001 · Risk Management · Business Process · Product Security · Control Frameworks · Long Term Projects · Technical Training · Program Manager · Security Assurance · Security Compliance · Customer Requirements · InformaOon Security EDUCATION & CERTIFICATIONS

CISO, Chief Informa@on Security Officer Cer@ficate Carnegie Mellon University, Heinz College of InformaOon Systems & Public Policy

Bachelor of Computer Science Delhi University, India CISM Cer@fied Informa@on Security Manager & COBIT4 ISACA CISSP Cer@fied Informa@on Security Systems Professional ISC2 HCISPP Healthcare Cer@fied Informa@on Security and Privacy Professional ISC2 Cer@fied in AI Security and Governance SecuriO

Azure Cloud Cer@fica@on & MCITP Microsoa Cer@fied Informa@on Technology Professional Microso\ CCISO Cer@fied Chief Informa@on Security Officer EC Council CCE Cer@fied Computer Examiner InternaOonal Society of Computer Forensics Examiners Cer@fied Electronic Discovery Prac@@oner Kroll Ontrack Security + Cer@fied Systems Security and Administrator CompTIA ORGANIZATIONS & VOLUNTEERING

EC-Council Member, August 2015 – Present

ISC2 Member, June 2012 – Present

ISACA Member, February 2010 – Present

NoFixNoFee Founder, January 2000 – Present

Volunteer Computer Security Awareness Training for senior ciOzens, handicapped people, and children. InForensics Founder, April 2002 – Present

Volunteer computer forensics support to local law enforcement.



Contact this candidate