Keith Heilner's Email Addresses & Phone Numbers

Air Base Ground Defense @ United States Air Force Global and Domestic Anti-Terrorist Operations From July 1976 to July 1980 (4 years 1 month) Director Information Security @ Lutron Electronics • Develop, Implement and Lead company-wide Cyber-Security Program including Staff Management, Security Operations, Identity and Access Management, Risk Management, Compliance and Audit, Security Strategy, Policy, Standards, Procedures...

Air Base Ground Defense @ United States Air Force Global and Domestic Anti-Terrorist Operations From July 1976 to July 1980 (4 years 1 month) Director Information Security @ Lutron Electronics • Develop, Implement and Lead company-wide Cyber-Security Program including Staff Management, Security Operations, Identity and Access Management, Risk Management, Compliance and Audit, Security Strategy, Policy, Standards, Procedures and Guidelines.• Assess and Enhance Product Manufacturing Security Program to ensure Intellectual Property Protection and Manufacturing Operations Continuity• Establish and lead a Cyber Risk Management program. Facilitate Risk Assessments to balance security controls with business objectives.• Develop and Manage an Executive Cyber Security Risk Council to ensure alignment with company objectives and culture• Consult on engineering projects for Internet of Things (IoT) Security • Leadership in establishing a company-wide Data Privacy program. Coopersburg, PADirector Information Security @ Syneos Health (Previously INC Research/inVentiv Health) • Lead all risk and security initiatives for the company establishing productive partnerships across IT, Compliance, Quality organizations. • Develop security and risk management 3-year roadmap which considers emerging cybersecurity risk , disruptive technology and aggressive regulatory environments.• Create and deploy Threat, Vulnerability and Incident Management program. Develop and implement measures and metrics dashboards to track all phases of the program.• SOX IT Program Management. Implement IT control improvements, coordination of IT, Internal Audit and External Audit activities. Design and Implement IT controls to assure separation of duty, user access management, user access reviews, change & release Management.• Cloud and Mobility Security Strategy and Implementation.• Oversee day-to-day security operations & incident management. Develop program assurance measures, metrics and KPIs. • Develop Identity and Access Management Provisioning. Privileged Access Management. • Policy, Standards, Guidelines development and deployment to support international business operations. From January 2015 to May 2016 (1 year 5 months) Somerset, New JerseyDirector, Information Security @ Geisinger Health System • Develop, Implement and Manage Information Security Services across the Geisinger Health System including: hospitals, health plans, clinics and health Information Exchanges(HIE). • Develop the program to include cyber-security(Threat, Vulnerability, Incident Management), Regulatory compliant (HIPAA, FISMA, PCI) Risk Management and Assessment Services• Identity and Access Management including provisioning/deprovisioning, SSO and privileged access/Identity management. • Develop and maintain Policy, Guidelines, Procedures and Standards• Provide leadership for IT Governance, IT Compliance, Data Governance, Mergers and Acquisitions and new technology adoption.• Develop strategic roadmaps and implement solutions for managing risk to emerging innovative healthcare delivery capabilities, Health Information Exchanges, data-driven research activities and Geisinger’s growing family of healthcare partners.• Staff and talent management, succession planning, organizational design and program management From February 2014 to January 2015 (1 year) Danville, PADirector, Information Security and Network Operations @ Merck and Co Direct domestic and International staff management, global service design and development, global security outsourcing, Security Incident, Vulnerability, Threat, Investigations, Conduct and support IT Audits, PCI-DSS, Identity Management, Information Assurance, Global operational support of Data, Voice and Video network services. Specifics Include: - $20M Network and Security Budget- Design, Implement and Manage an Off-Shore Global Security Operations Center(GSOC).- Develop and implement Security Incident Management, Vulnerability and Threat Management, Investigations and Forensics services.- Establish Global Video Conferencing Operations- Establish Global Identity and Access Management Operations- Implement and Manage an off-shore ITIL based Service Operations center support of Monitoring, Event and Incident Management in support of security services such as PKI(Certificate Management), Provisioning(IdM), WAM, End Point Security.- Improve and document security processes in support of SOX, PCI, Safe Harbor. Audit and Assurance.- 3rd Party Access Management- Provide and maintain global Audio and Video Conferencing services.- Ensure global availability, capacity and quality of network transport services such as Layer 2(Switch) and Layer 3(Internet), DNS, Firewalls, Load Balancers.- Develop and implement ITIL Change and Release Management processes.- Coordinate deployment and service restoration activities with global vendors and partners. From August 2004 to May 2014 (9 years 10 months) Enterprise Architecture Program Management @ Merck and Co Developed process and facilitated management of corporate technology roadmaps. Developed and deployed an operational framework for Enterprise Architecture establishing relationships between business strategy, information and technology. Managed Corporate IT training function. From January 2000 to August 2004 (4 years 8 months) Manager, Network Operations @ Merck and Co From March 1995 to June 2000 (5 years 4 months) Manager, Network Services @ Stevens Institute of Technology - Design and Deployment of Campus-Wide Ethernet Network. - Ongoing support to students and faculty ensuring computer and network requirements are met in support of teaching and research objectives.- Participate and Lead on a variety of initiatives such as setting desktop standards, working with various Universities and Colleges in establishing connectivity with Supercomputing facilities such as NSFnet. From August 1986 to December 1988 (2 years 5 months) Customer Service Engineer @ Digital Equipment Corporation - Customer Service Engineer in support of DEC's customer base- Install, Design, Implement and Consult regarding DECnet, VAX, PDP-11 systems- Provide instruction to employees regarding theory, installation and Level 2 support for Ethernet and DECnet networks. From March 1983 to July 1986 (3 years 5 months)