Expert Details
Cyber Security and Information Technology
ID: 736089
Illinois, USA
He is licensed to practice law in Illinois and is a member of the United States Supreme Court Bar. Expert holds 24 professional designations in the areas of information security management, IT compliance, information privacy, fraud examination, IT audit, computer forensics, ethical hacking, business continuity planning, project management, cloud security, and process improvement, including the C|CISO, CISSP, CISM, CISA, CCSP, CIPP/US, CIPP/E, CIPM, CSSLP, PMP, CRISC, CGEIT, ISSMP, ISSAP, CFE, C|EH, CBCP, CCSK, DFCP, CIFI, CSOXM, CSOE, ITIL v3 Foundation, and Six Sigma Black Belt.
He holds an MBA from DePaul University's Kellstadt Graduate School of Business and a JD and an LLM in information technology and privacy law from the Expert Marshall Law School in Chicago. Expert has served as a director on several corporate and non-profit boards, is a regular speaker at industry conferences, and has served numerous clients in the legal, financial services, and healthcare industries as a freelance consultant. He is an advisor to YL Ventures GP, Ltd., Eclipz, Inc., Great North Labs, CloudSimple, CloudVector, OptimEyes, Inc., and ThirdPartyTrust. Expert was recognized as the Chicago CISO of the Year.
Education
| Year | Degree | Subject | Institution |
|---|---|---|---|
| Year: 2011 | Degree: Master of Laws (LLM) | Subject: Information Technology and Privacy Law | Institution: University of Illinois at Chicago |
| Year: 2011 | Degree: Juris Doctor (JD) | Subject: Law | Institution: University of Illinois at Chicago |
| Year: 2000 | Degree: Master of Business Administration (MBA) | Subject: Management Information Systems | Institution: DePaul University |
| Year: 1996 | Degree: Bachelor of Arts (BA) | Subject: Management Information Systems | Institution: University of Northern Iowa |
Work History
| Years | Employer | Title | Department |
|---|---|---|---|
| Years: 2019 to Present | Employer: Undisclosed | Title: Vice President and Chief information Security Officer | Department: Information Security |
Responsibilities:Lead an exceptionally talented group of information security professionals that includes teams focused on crisis management, security training and awareness, risk and compliance, identity management, managed file transfer, security engineering, security investigations, cyber intelligence, vulnerability management, security architecture, and application security. |
|||
| Years | Employer | Title | Department |
| Years: 2015 to 2019 | Employer: Paylocity Holding Corporation | Title: Vice President and Chief Information Security Officer | Department: Information Security |
Responsibilities:Assembled and led an extraordinary team of information security professionals that is responsible for ethical hacking, application security, penetration testing, security architecture, incident response, security strategy, forensic investigations, business continuity planning, disaster recovery, policy management, IT governance, IT compliance, third party service provider oversight, risk assessment, IT control design and implementation, vulnerability management, threat intelligence, audit coordination, security operations, security awareness training, information risk management, and privacy. |
|||
| Years | Employer | Title | Department |
| Years: 2011 to 2015 | Employer: Midland States Bancorp, Inc. | Title: Director of Information Security | Department: Information Security |
Responsibilities:Managed the information security program, coordinated IT audits and examinations, managed the business continuity planning and disaster recovery program, provided risk consulting services, performed vendor and acquisition due diligence, managed the service provider oversight / vendor management program, ensured compliance with legal and regulatory requirements, reported key risk indicators to the board, conducted risk assessments, oversaw security awareness training, developed and maintained policies and procedures, etc. |
|||
| Years | Employer | Title | Department |
| Years: 2008 to 2011 | Employer: Midwest Banc Holdings, Inc. | Title: Senior Vice President and Information Systems Security Officer | Department: Information Security |
Responsibilities:Managed the information security program, reported key IT risks to the board quarterly, developed and implemented policies and standards, ensured compliance with legal and regulatory requirements, managed the BCP / DRP program, managed the vendor and service provider oversight program, performed IT risk assessments, coordinated audits and examinations, performed control reviews and Sarbanes-Oxley Section 404 testing, administered the consumer privacy program, etc. |
|||
Career Accomplishments
| Associations / Societies |
|---|
| • Information Systems Audit and Control Association • Information Systems Security Association • International Association of Privacy Professionals • Association of Certified Fraud Examiners • United States Supreme Court Bar • Illinois State Bar Association |
| Licenses / Certifications |
|---|
| Expert is licensed to practice law in Illinois and is a member of the United States Supreme Court Bar. He holds 24 professional designations in the areas of information security management, IT compliance, information privacy, fraud examination, IT audit, computer forensics, ethical hacking, business continuity planning, project management, cloud security, and process improvement, including the C|CISO, CISSP, CISM, CISA, CCSP, CIPP/US, CIPP/E, CIPM, CSSLP, PMP, CRISC, CGEIT, ISSMP, ISSAP, CFE, C|EH, CBCP, CCSK, DFCP, CIFI, CSOXM, CSOE, ITIL v3 Foundation, and Six Sigma Black Belt. |
| Awards / Recognition |
|---|
| • Chicago CISO of the Year Award – ISSA, ISACA, FBI InfraGard, AITP, and SIM • Managing Partner’s Achievement Award – Arthur Andersen LLP |
| Publications and Patents Summary |
|---|
| • Tribe of Hackers: Red Team – Wiley – Quoted Expert • CISOs Investigate: Vulnerability Management – Security Current – 2019 – Contributing Author • Life Inside the Perimeter: Understanding the Modern CISO – Nominet – 2019 – Quoted Expert • The CISO’s Days as Scapegoat Could Be Coming to an End – Wall Street Journal – 2019 – Quoted Expert • Tribe of Hackers – Threatcare Press – 2019 – Quoted Expert • Rating the Criticality of Data Assets – RiskSense Blog – 2019 – Co-Author • Get Ready for GDPR – Security Current – 2018 - Author • CISO Spotlight: Expert – Security Current – 2017 – Subject of Article • Open Source Software Provides Security – Security Current – 2017 – Quoted Expert • Gazing Ahead: Security Predictions – SC Magazine – 2016 – Quoted Expert • Is the Insurance Industry Keeping Up with Cyber Risk? – Asia Insurance Review – Co-Author • Next Stop for the CISO: The Office of the CIRO? – RSA Conference Blog – 2015 – Quoted Expert • Wise Words from CISOs at RSAC 2015 – RSA Conference Blog – 2015 – Quoted Expert • Why Neiman Marcus’ New CIO Matters – CyberDefenses Blog – 2014 – Quoted Expert • Security Guards – PM Network Magazine – 2014 – Quoted Expert • Banks Fighting on Two Fronts to Stop Intrusions – Security Magazine – 2014 – Quoted Expert • Chalk It Up: Boardroom Communication – SC Magazine – 2013 – Quoted Expert • Businesses Suffering from Cyber Warfare – Commercial Risk Europe Magazine – 2013 – Quoted Expert • COSO for CSOs – CSO Magazine – Author • The Future of Banking – ABA Banking Journal – 2012 – Quoted Expert • Revisiting Reader Privacy in the Age of the E-Book – The Expert Marshall Law Review – Author • Social Networking: Open Discovery v. Privacy – Information Security & Privacy News – Author • Security Certifications: Who Decides Know-How? – SC Magazine – 2010 – Quoted Expert • PCI: A Foundation for Smart Business – SC Magazine – Quoted Expert • ITU Toolkit for Cybercrime Legislation – United Nations 2010 – Contributing Drafter • Complying with the Red Flag Rules – ISSA Journal – 2009 – Author • Certified Information Security Manager Exam Review Manual – ISACA – 2008 – Contributing Author • The Legality of Honeypots – ISSA Journal – 2008 – Author • E-Discovery and the Federal Rules of Civil Procedure – 2007 – IT Governance Publishing – Author • E-Discovery: Implications of the FRCP Changes – ISSA Journal – 2007 – Author • Internet E-Mail Security – ISSA Journal – 2005 – Author • MCSE: Windows NT Server in the Enterprise for Dummies – 1998 – IDG Books – Co-Author • MCSE: Windows NT Server for Dummies – 1998 – IDG Books – Co-Author |