Expert Details
Information Security Governance, Risk Management and Compliance
ID: 726274
Indiana, USA
Assisted with implementation of ISO 27001 information security management system for data center/BPO services providerProvided Information Security Management System (ISMS) implementation consulting during project execution and through registration for an
industry-leading company that achieved ISO 27001 certification on the first auditAssisted a major U.S. pharmaceutical company with updating its information security compliance framework to reflect ISO 27001 process requirements and controls and coordinating its information security compliance processes with the Global Privacy Office efforts in successful certification to the U.S. Department of Commerce Safe Harbor Framework for international data transfers in the clinical divisionCollaborated on legal and regulatory requirements review for ISO 27001 implementation for a major U.S. credit card issuer (information security management system received certified in 2006) as well as for a major U.S. life and annuities company (ISMS certified in 2008)Developed and delivered information security management workshop for a retail industry leadership group
Education
| Year | Degree | Subject | Institution |
|---|---|---|---|
| Year: 1988 | Degree: Ph.D. | Subject: Philosophy | Institution: University of Kentucky |
| Year: 1984 | Degree: MA | Subject: Philosophy | Institution: Southern Illinois University Carbondale |
| Year: 1978 | Degree: BA | Subject: History | Institution: Indiana University Indianapolis |
Work History
| Years | Employer | Title | Department |
|---|---|---|---|
| Years: 2006 to 2009 | Employer: JBW Group International | Title: Principal Consultant | Department: |
Responsibilities:Expert is responsible for assisting clients with design, implementation and assessment of information security and privacy management programs |
|||
| Years | Employer | Title | Department |
| Years: 2004 to 2005 | Employer: Synomos | Title: Senior VP, Policy Advisory Services | Department: |
Responsibilities:Expert was responsible for designing the implementation strategy and requirements for adapting Synomos’ data policy management and access control technology to specific regulatory environments |
|||
| Years | Employer | Title | Department |
| Years: 2002 to 2004 | Employer: Independent Information Security & Privacy Consultant | Title: Principal | Department: |
Responsibilities:Expert was responsible for assisting clients with design, implementation and assessment of information security and privacy management programs |
|||
| Years | Employer | Title | Department |
| Years: 2001 to 2002 | Employer: Guardent | Title: VP, Privacy and Information Policy | Department: |
Responsibilities:Expert served as a member of the Executive Management Team and was responsible for ensuring the appropriate design and integration of privacy consulting within Guardent security consulting and managed security services |
|||
| Years | Employer | Title | Department |
| Years: 1997 to 2001 | Employer: PricewaterhouseCoopers, LLP | Title: Senior Manager | Department: |
Responsibilities:Expert was responsible for assisting clients with design, implementation and assessment of privacy management and compliance assurance programs |
|||