Summary
Skills
Work History
Education
Certification
AdministrativeAssistant

Betty Mulcahey

Phoenix,AZ

Summary

Experienced leader and problem-solver with a talent for team building and motivation. Demonstrated ability to connect with individuals and build positive relationships. Skilled in independent decision-making and sound judgment. Proven success in aligning technology and security strategies with business objectives. Led successful Governance, Risk Management, and Compliance initiatives at CSAA, developing comprehensive GRC programs to mitigate IT risks. Recognized for strategic leadership and stakeholder relationship building. Strong track record in regulatory compliance and cross-functional collaboration.

Skills

  • Leadership
  • IT Governance
  • Risk Management
  • Regulatory Compliance
  • Audit
  • Relationship Management
  • Strategic Planning
  • Cross-functional Team Coordination
  • Analytical Thinking
  • Standards/Frameworks - NIST, PCI-DSS, ISO

Work History

Sr Manager Governance Risk and Compliance

CSAA
08.2020 - 09.2024
  • Responsible for overseeing and managing all aspects of IT governance, risk, and compliance within the organization
  • Led a cross-functional team to assess and prioritize enterprise-wide IT risks, implementing mitigation measures that reduced critical risks
  • Established policies, standards, and procedures to ensure compliance with regulatory requirements and industry standards
  • Championed IT governance best practices, implementing processes designed to ensure compliance with industry standards and regulatory requirements while driving continuous improvement efforts throughout the organization (PCI, HIPAA, NYDFS, SOC)
  • Maintained relationships with internal stakeholders, including senior leadership, Legal, Privacy, department heads, and internal audit, to facilitate the implementation of the GRC program
  • Prepared and presented reports to senior leadership on the organization's GRC program, including key risk indicators and compliance metrics
  • Developed third-party risk management processes, including vendor assessments and tracking of user entity controls

Program Director – Identity and Access Management

IDMWORKS
01.2018 - 04.2020
  • Provided strategic leadership and expertise in the innovation, development, and implementation of solutions, including Privileged Access management, access authentication, authorization, and lifecycle workflows
  • Directed the activities of project personnel to ensure IAM solutions were delivered on schedule, in scope, and within budget
  • Executed the implementation of large-scale Identify and Access Management solutions for large Fortune 500 client engagements
  • Delivered outstanding program results by setting clear objectives and proactively addressing potential challenges


Director of Information Security/CISO

Vitalant/Blood Systems
07.2015 - 01.2018
  • Managed a team of information security professionals, ensuring their continuous professional development and growth within the organization
  • Established a culture of continuous improvement by fostering open communication channels and empowering employees to voice their ideas
  • Advised leadership on security-related issues, identified potential risk areas within the area of responsibility, and supported the problem-resolution process
  • Strengthened the organization''s security posture with thorough risk assessments, identifying potential threats and vulnerabilities
  • Developed policies and standards to ensure compliance with regulatory requirements and industry standards and a security awareness training program
  • Strengthened internal controls by reviewing existing policies and procedures, ensuring compliance with regulatory requirements

Information Security Officer | Corporate Compliance

HonorHealth/Scottsdale Healthcare
12.2010 - 07.2015
  • Cultivated relationships with key stakeholders across both technical and non-technical departments, ensuring a cohesive approach to information security efforts
  • Conducted risk assessments for critical business processes, identifying areas requiring additional safeguards or procedural improvements
  • Coordinated with external auditors to ensure successful completion of annual regulatory compliance audits
  • Directed the architecture and implementation of multiple security solutions, including two-factor authentication, Identity and Access Management (IAM), and HIPAA access auditing
  • Developed partnerships with external security partners, including government agencies and commercial organizations, to identify, understand, and communicate current information security risks
  • Oversaw vendor risk management efforts, ensuring third-party providers met organizational security requirements before granting access to sensitive data or systems
  • Collaborated with IT teams to integrate robust security controls within the infrastructure, reducing potential attack vectors
  • Managed incident response activities, successfully containing and remediating multiple cyber threats in a timely manner

IT Consultant/Advisor

AZThink LLC
01.2008 - 01.2011
  • Consulting services focused on developing & implementing IT strategies:
  • Network Assessments (LAN/WAN, Windows OS, Active Directory, Enterprise Applications & Hardware configuration, etc.) to improve efficiencies & controls
  • IT Security, Compliance, Identity and Access Management, Audits & Risk Assessments (Access Control, Physical & Logical Security, Policies & Procedures)
  • Business Continuity Planning (Backup & Recovery, Replication, Co-Location)
  • Network & Systems monitoring systems; Virtualization Technology Planning & Implementation

IT Consultant

Cigna Medical Group
01.2010 - 12.2010
  • Clinical IT Project Manager focused on implementing various Clinical IT solutions to broaden my experience and knowledge in the Healthcare industry
  • Projects included extensive coordination with the Clinical business entities, Network Operations, Information Protection, Compliance & Privacy, and Strategic Planning & Sourcing

Sr Director of Information Technology

Dickstein Shapiro LLP
01.2001 - 01.2008
  • Directed the IT Operations and managed five teams of 25+ staff; successfully managed challenges of diverse management styles to build a successful, dedicated IT team; recognized as a well-respected leader & mentor
  • Developed Network security program, IT Operations strategy, and policies & procedures to ensure confidentiality, integrity, and availability of information systems
  • Conducted Risk assessments in conjunction with implementing new technologies, acquisitions & mergers of new entities, physical & technical data center security reviews

Education

Master of Science - Computer Systems Management

University of Maryland
09.1988 - 12.1994

Bachelor of Science - Business Administration and Decision Information Systems

University of Maryland
09.1981 - 05.1986

Certification

  • Certified Information Systems Security Professional (CISSP), #314325
  • Project Management Professional (PMP), #531658
  • Certified Information Security Manager (CISM), #1424624
  • ITIL Foundation Certification
  • Certified Business Continuity Professional (CBCP), In Progress

Similar Profiles

CREATE PROFILE
Betty Mulcahey