| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Nazareth, PA PHONE NUMBER AVAILABLE EMAIL AVAILABLE LINKEDIN LINK AVAILABLESecurity Governance Risk and Compliance SpecialistCyber Security Governance, Risk and Compliance Manager with experience serving customers in the Pharma, Telecom, Electric Utilities, Banking, and IT sectors. Known for problem solving orientation, effective communication, and client focused approach. Consistently exceeds expectations by focusing on the development of people, processes and tools, with an emphasis on compliance. Extensive experience aligning policies, processes, and procedures to contractual, regulatory, and industry requirements. Highly effective at identifying compliance, security, & operational requirements; designing network and security architecture; documenting quality processes, procedures & protocols; as well as testing & tracking security, compliance & operational controls.Areas of ExpertiseSecurity & Information Technology Compliance SOC2 ISO 27001 NIST HITRUST FDA GxPPrivacy & Data Protection Regulations GDPR PIPEDA CCPA HIPAA HITECH FCRAInternet Protocol (IP) Voice Data and Video Networking LAN WAN Wireless FirewallQuality Management & Documentation Policies Processes Procedures Work InstructionsExperienceBT (previously British Telecom) 2006 - 2024Cyber Security Governance and Assurance Specialist - Privacy / Data Protection Subject Matter ExpertLed initiatives across Security, Risk, Compliance, Privacy, Consulting, Design, Operations, and Assurance, both internally and with clients, as detailed in the roles listed below.Program Lead - SOC2 Assurance for BT Global Product Line, April 2018 - July 2024Recommended & implemented SOC2 third-party attestation for BTs key growth products, streamlining client assurance and eliminating the need for individual client audits.Co-directed the pilot and expansion of the program, scaling its benefits to additional product teams and customers over five years.Orchestrated meetings and information requests between internal Subject Matter Experts (SMEs) and third-party assessors during readiness assessments and SOC2 type II testing, ensuring program success.Implemented JIRA for program tracking, boosting assessment cycle efficiency and enhancing access to metrics and historical data.Program Lead HITRUST Certification for HIPAA Compliance, April 2017 March 2022Executed HITRUST self-assessments and facilitated third-party evaluations, achieving HITRUST certification for BTs Call Center solution and supporting HIPAA-regulated clients.Developed and documented HITRUST-aligned policies and procedures, securing initial certification and enabling annual renewals.Privacy & Data Protection Consultant, January 2017 July 2018Conducted Privacy Impact Assessments for seven subsidiaries of a global Travel and Leisure client, identifying compliance gaps and recommending improvements for compliance to GDPR, PIPEDA, & FLPPI.Produced tailored reports for each business unit, enabling jurisdiction-specific remediation strategies.Security and Compliance Officer - Highly Regulated Client Accounts, April 2012 July 2024Designed and documented the Quality Management System (QMS) for BTs products and services, facilitating client compliance with FDA and other regulations.Ensured adherence to BT Security Policies (aligned with ISO 27001) and client security policies, solidifying BT as a preferred provider.Managed Compliance and Security contractual obligations with these clients, enabling contract renewals, expansions, and new bids with similarly regulated clients.Compliance Officer - BT Compute ConformDesigned and lead the BTfLS Compute Conform proposition, a GxP compliant wrap around cloud computing. Enabled Pharma sector customers to move their GxP compliant applications to the cloud.Interfaced with the BTfLS management team and clients as a Subject Matter Expert (SME) and escalation point with respect to GxP compliance matters.Key Controls Quality Manager - Pharma Cloud (Became BTFLS)Identified and documented the key processes involved in providing BTs Cloud Compute service into a Quality Management System (QMS). Provided the evidence of quality processes required to sell Cloud Compute to Pharma sector clients.Partnered with bid teams to sell Cloud Compute services to regulated Pharma clients. Created a differentiator for these clients to choose BT over other cloud providers.Quality Manager / Technical Reviewer - Pharma Client AccountImplemented and maintained the QMS for BT products and services to ensure the client could meet its FDA regulatory requirements.Managed the qualification of network (WAN, LAN, Wireless) infrastructure components to FDA GxP requirements assigned to BT in the client contract. Ensured retention of client.Technical Writer Network OperationsDocumented policies & procedures for the Technical and Service Transformation phases, ensuring a seamless transition of network infrastructure operational control aligned to contractual requirements.Senior Consultant - Telecommunications, Networking, & ITNovartis: Redesigned and implemented intra-site fiberoptic networking infrastructure. Upgraded & replaced LAN & WAN routing infrastructure. Qualified infrastructure to FDA GxP standards.BASF: Backfilled IT staff roles to allow client personnel to focus on new project implementations.Pfizer: Assessed and overhauled Wireless LAN infrastructure, significantly enhancing performance.PPL Corporation (previously Pennsylvania Power and Light) 1999 - 2006Network Design & Implementation Technologist - Information Services DepartmentDesigned and implemented Generation and Transmission Management Systems highly redundant LAN & WAN infrastructure, improving bandwidth, reliability, and functionality.Designed and implemented internal and customer facing firewalls, virtual private networks, and server load balancing, which improved the companys network security, remote access, and core reliability.Served as Project Manager and Lead Engineer on the design and implementation of a secure wireless LAN infrastructure, providing WiFi access via 120 access points across 50 sites.Participated on the project team to replace the company's SONET ring. Added new add/drop nodes and converted major sites from TDM circuits to Gigabit Ethernet. Increased reliability & performance by 10x.EducationUniversity of Pittsburgh School of Computing & InformationMaster of Science (MS), Telecommunications, GPA 3.8Bachelor of Science (BS), Information Science, Minors in Math and PhysicsProfessional Affiliations and CertificationsInfragard, a partnership between the FBI and the private sector to protect U.S. critical infrastructureInternational Association of Privacy Professionals (IAPP), & currently certified CIPP/E & /USSociety for Corporate Compliance and Ethics (SCCE), & currently certified CCEPRotary Club of Bethlehem (PA) & past (2021) Board Chair of Bethlehem Rotary Foundation |
