ADOOL FERGUSON
Marysville,USA
Summary
Cybersecurity leader with over 20 years of experience in developing and executing effective security strategies. Expertise in risk management, policy compliance, and security operations. Skilled in leading cross-functional teams and managing vendor relationships to enhance organizational security. Focused on aligning security initiatives with business goals to drive growth and innovation.
Overview
11
11
years of professional experience
1
1
Certification
Work History
SENIOR SECURITY SOLUTIONS ARCHITECT
DEFY SECURITY
MARYSVILLE, OH
01.2023 - 04.2025
- Collaborated with client leadership, including executive teams, to establish strategic security roadmaps and execute security initiatives aligned with their business goals and risk profiles
- Led comprehensive client needs assessments, analyzed existing security infrastructure, and architected tailored security solutions that addressed critical cybersecurity challenges, incorporating robust risk identification and mitigation strategies aligned with industry best practices.
- Maintained a strategic understanding of industry trends, emerging security technologies (e.g., Zero Trust, SASE, XDR), and the competitive landscape, providing proactive recommendations informing architectural strategies.
- Provided technical leadership and mentorship to junior security solutions architects, fostering a collaborative and knowledge-sharing environment.
- Oversaw the technical aspects of the sales cycle, including responding to RFPs/RFIs, conducting product evaluations, and guiding contract negotiations for security solutions, ensuring alignment with client governance requirements.
HEAD OF GLOBAL INFORMATION SECURITY
GREIF INC.
DELAWARE, OH
01.2018 - 01.2023
- Developed and executed comprehensive information security strategies aligned with business objectives, establishing a robust IT governance framework for a global organization.
- Created and managed strategic roadmaps to mitigate and manage security exposure and risk, providing regular updates to executive leadership on the evolving threat landscape and mitigation efforts.
- Architected comprehensive security programs encompassing audit and compliance, risk governance, and security awareness training, ensuring a holistic approach to information protection and adherence to standards.
- Collaborated with compliance teams to develop and implement robust security policies, standards, and procedures, safeguarding sensitive data and ensuring adherence to relevant laws and regulations.
- Provided strategic direction for enterprise IT risk management, business continuity, disaster recovery, and record retention policies, aligning these with the overall IT governance strategy.
- Communicated critical security risks and strategic initiatives to executive leadership and the board of directors, influencing investment decisions and fostering a security-first mindset.
- Led and developed a dedicated cybersecurity team of analysts, fostering organizational health and promoting a culture of security awareness and continuous improvement.
- Evaluated and managed relationships with security vendors and service providers, ensuring adherence to organizational security standards and optimizing security investments.
VICE PRESIDENT, THIRD-PARTY RISK MANAGEMENT
JP MORGAN CHASE
COLUMBUS, OH
01.2014 - 01.2018
- Strategically led the development and implementation of comprehensive third-party risk management initiatives, integrating IT governance principles to ensure compliance with firm-wide policies and regulatory requirements across all Lines of Business.
- Orchestrated and led IT risk assessments for third-party providers, encompassing onsite visits, validation of IT controls, and identification of control issues, significantly enhancing the organization's IT governance posture and reducing operational risks.
- Managed and directed complex third-party assessments performed by external audit firms (e.g., KPMG, E&Y), ensuring proper review scoping, adherence to standards, and effective issue resolution.
- Provided Information Risk Management advice and support to Corporate Technology, contributing to sound IT governance practices for products and services.
- Expanded monitoring capabilities and Key Risk Indicator (KRI) tracking to provide senior leadership with actionable insights, directly informing strategic risk management initiatives and resource allocation.
- Collaborated with Third-Party Risk Management Leads on key program initiatives, fostering a culture of compliance and risk awareness throughout the organization.
- Identified and executed process improvements that enhanced operational efficiency and streamlined assessment protocols, contributing to continuous improvement within the governance framework.
Education
BACHELOR OF SCIENCE - COMPUTER INFORMATION SYSTEMS (CIS)
UNVIVERSITY OF SOUTHERN INDIANA
EVANSVILLE, INDIANA01.2002
Skills
IT Governance & Enterprise Architecture
- IT Governance Policy & Procedure Development
- IT Standards Evaluation & Adherence
- Strategic Planning & Execution
- Decision-Making & Resource Allocation
Risk Management & Compliance
- Information Risk Management & Mitigation
- Regulatory Compliance Assurance (PCI DSS, ISO/IEC 27001, NIST CSF, CIS Controls)
- Risk Assessment & Reporting
- Audit & Compliance Program Management
- Vendor & Third-Party Risk Management
Security Leadership & Operations
- Cybersecurity Program Development & Execution
- Security Architecture & Design
- Incident Response & Management
- Security Operations & Tools Management
- Security Awareness & Training
Communication & Collaboration
- Executive & Senior Management Reporting
- Cross-functional Team Leadership
- Stakeholder Engagement & Influence
- Interpersonal Skills
- Vendor & External Partner Managementon
- Security Architecture & Design
- Risk assessment and management
- Security Framework Implementation
- Policy & Compliance Management ( NIST CSF, CIS Controls, PCI DSS)
- Incident Response & Management
- Team Leadership & Development
- Security Operations
- Vulnerability Management
- Cybersecurity Training & Awareness
- Effective Communication Skills
- Vulnerability Management
- Identity & Access Management
- Endpoint Protection Solutions
- Security Event Management (SIEM) Practices
- Continuous Improvement Initiatives
Certification
- ITIL v3 Certification, active
- Network Intelligence Certified Engineer (NICE), active
- Imprivata Certified Engineer (ICE), active
- GIAC Security Essentials Certification (GSEC), expired
Training
- (ISC)2 Certified Information System Security Professional (CISSP)
- Certified Ethical Hacking (CEH)
- SEC401: Security Essentials - Network, Endpoint, and Cloud
- SANS MGT525: IT Project Management, Effective Communication, and PMP
- LDR414: SANS Training Program for CISSP® Certification™
- AGILE Product Development
- Imprivata
Timeline
SENIOR SECURITY SOLUTIONS ARCHITECT
DEFY SECURITY
01.2023 - 04.2025
HEAD OF GLOBAL INFORMATION SECURITY
GREIF INC.
01.2018 - 01.2023
VICE PRESIDENT, THIRD-PARTY RISK MANAGEMENT
JP MORGAN CHASE
01.2014 - 01.2018
BACHELOR OF SCIENCE - COMPUTER INFORMATION SYSTEMS (CIS)
UNVIVERSITY OF SOUTHERN INDIANA