Experienced technology leader that quickly comprehends business objectives and develops or improves upon a secure, compliant information technology solution. Operating at the highest levels of ethics, confidentiality and integrity. Skilled in environments ranging from client/server to mainframe, mobile applications to cloud, and service provider to fully outsourced environments. Excels at interpreting contractual, regulatory, and international standards and
Experienced technology leader that quickly comprehends business objectives and develops or improves upon a secure, compliant information technology solution. Operating at the highest levels of ethics, confidentiality and integrity. Skilled in environments ranging from client/server to mainframe, mobile applications to cloud, and service provider to fully outsourced environments. Excels at interpreting contractual, regulatory, and international standards and translating them into functional and efficient solutions. Senior management expertise with oversight of staff, clients, vendors, and auditors.
Chief Information Security Officer @ • Developed data protection policies, procedures, and overall privacy and security programs.
• Successfully architected, implemented, and operated a managed security service consisting of redundant security operation centers and SIEM’s monitoring and responding to alerts from a variety of security devices including firewalls, IPS/IDS, DLP and syslog collection from network devices. These services were provided to a variety of industries including financial, healthcare and manufacturing.
• Implemented a successful audit program managing requests and responses for internal and client audits related to ISO 27001, ISO 9001, SSAE-16, AT-101 SOC 2, and SOX.
• Designed and managed a risk management program for North America, Europe and India reaching all the way to the project level. Developed risk abatement plans and monitored for completion.
• Managed teams of Information Security and Data Privacy professionals across the US, Europe and India performing audits, risk assessments, security consulting, and managed security services for major corporations and internal operations. From July 2008 to Present (7 years 6 months) Greater Denver AreaPartner @ • Developed a Financial Crimes Enforcement Network (FinCEN) compliance reporting system for a financial institution that monitored Automated Clearing House (ACH) and wire transfer activity. This resulted in a monthly savings of 40 hours of compliance reporting time and facilitated better transaction analytics.
• Developed applications for financial analysis in the medical manufacturing industry.
• Performed remediation efforts following regulatory audits.
• Implemented firewalls as part of security architecture and Virtual Private Network (VPN) deployment. From June 2006 to July 2008 (2 years 2 months) Sr. Systems Architect/ Information Security Officer @ • Managed technology activities for a 7000 employee real estate services company. Including five data centers in four states.
• Implemented an enterprise based incident response program and forensic capturing (EnCase) system.
• Architected network and system designs to allow for faster, more secure, less expensive and more reliable implementations. Including settlement services for ACH and wire transfer functionality.
• Consolidated five data centers into two, with stronger network and power redundancies. This resulted in savings of lease and services costs in excess of $50,000 monthly.
• Managed vendor relationships for networking, security, hardware and hosting facilities. . From September 2002 to June 2006 (3 years 10 months) Greater Denver AreaOwner @ • Operated an Electronic Fund Transfer/ACH service for companies needing EFT functionality.
• Provided computer, networking, and security consulting to the financial services Industry. From June 2001 to September 2002 (1 year 4 months) VP Security/Tech Support @ • Maintained a $22 million annual data center budget for hardware, software and staff.
• Responsible for a technical team of 120 that maintained continuous availability to numerous diverse online transaction systems for internal and external clients.
• Implementation oversight for US Department of Treasury, Electronic Federal Tax Payment System (EFTPS) project requiring strict security. This required interpreting security guidelines and application requirements including NACHA ACH rules to develop robust solutions.
• Performed due diligence to determine feasibility of relocating or combining Information Technology Operations and Application Development groups and facilities.
• Investigated Internet fraud and assisted in building systems hardened against fraud and attack. From 1990 to 2001 (11 years) Senior Systems Programmer @ Accountable for the daily maintenance, security and tuning of an on-line mainframe system for retail management. From 1988 to 1990 (2 years) Greater Denver AreaSenior Systems Programmer @ Responsible for the availability, maintenance and tuning of an on-line hospital and patient management system. From 1987 to 1988 (1 year) Greater Denver AreaSoftware Engineer @ Responsible for trouble shooting and training in a multiple site, complex mainframe insurance benefits system. From 1987 to 1987 (less than a year) Greater Denver Area
BS, Computer Information Systems, Summa Cum Laude @ Regis University Ron CRISC is skilled in: Disaster Recovery, IT Management, Information Security Management, IT Strategy, PCI DSS, Information Security, ISO 27001, SDLC, Enterprise Architecture, Security Audits, Information Technology, HIPAA, Business Continuity, GLBA, SharePoint
Looking for a different
Get an email address for anyone on LinkedIn with the ContactOut Chrome extension