First BankSVP, Chief Information Security Officer
Mar. 2013 - Mar. 2016Greater St. Louis AreaI joined this $6.5B retail bank shortly after a new CIO to establish an information security program, and network security and network management teams. I led Information Security Operations, Engineering and Architecture, IT Risk and Compliance, Network Infrastructure, Telecommunications, IT Disaster Recovery and Business Continuity, Enterprise Governance Risk and Compliance, Mainframe Security (AS-400). • Devised a board-approved 3-year technology investment in security and delivered all projects related to the investment on-time and on-budget (SIEM, DLP, UTM FW). • Established a security team and operation from scratch. Hired, trained, and led the Security, Disaster Recovery, and Network teams. Provided an executive-level presence for the information security practice at the bank, partnering with other senior executives to create a culture of security. • Designed and built a Security Operations Center, then combined it with the network team to form a Network/Security Operations Center to serve as hub for Security Incident Response Team (SIRT) and to proactively monitor all threats and to manage a nationwide network. • Architected and rolled out an Identity Management solution, an anomaly detection solution, and an end-point security program (DLP) to reduce risk; designed all security controls around the eCommerce portal. • Implemented several frameworks—COBIT, ITIL, PCI, and NIST—to ensure governance and consistency of delivery