Summary
Overview
Work History
Education
Skills
Websites
Additionalcredentials
Timeline
Generic

Chris Doggett

Flower Mound,Texas

Summary

Senior Technology Executive with a +20-year career of expertise in information security, risk management, and regulatory compliance. Proven track record of developing and implementing robust security strategies to protect enterprise data and systems. Adept at leading cross-functional teams, managing complex projects, and fostering a culture of security awareness. Known for a strategic vision, strong leadership, and the ability to align security initiatives with business objectives. Attentive and goal-focused brings successful approach to cultivating complex best practices to meet organizational and regulatory expectations. Detail-oriented focus on achieving expected outcomes. Enthusiastic hard worker with expertise in cultivating lucrative client relationships and implementing better processes and procedures.

Overview

16
16
years of professional experience

Work History

Principal Security Consultant

Amazon AWS
Remote
01.2021 - Current
  • Virtual CISO for strategic partners and guided them to best practices, security awareness, and address gaps and vulnerabilities
  • Leading strategic direction based on threat and risk evaluations, including project initiatives encompassing budgeting, business justification, and implementation, security operations center, PCI audit compliance and process, and control improvements
  • Led teams that included Amazonians, partners, and customers to enhance security assurance and compliance programs
  • Defined and delivered innovative compliance and risk management approaches to customers that helped the customer move sensitive workloads onto the cloud faster
  • Engagements required resolving security assurance questions and understanding how to manage risk and achieve compliance while operating in the AWS cloud through deep-dive discussions, strategic presentations/recommendations, and hands-on demonstrations of automating compliance in the AWS environment
  • Pre-auditing customers' cloud environments to prepare them for regulatory audits and meeting security and compliance objectives such as SOC2, NYDFS, NIST, SOX, HITRUST, and PCI DSS
  • Spearheaded efforts to ensure GDPR regulatory compliance and managed vendor relationships
  • Answering governance questions on GDPR, SOC2, and HIPPA escalations and addressing and assisting with security questions or concerns at all levels
  • Addressing the controls and compliance for internal protection of intellectual property, environments, assets, and data and protecting client data, including credit card and PII
  • Participated in Leadership team operational review meetings and activities
  • Advised the senior leadership team, developed IT roadmaps, and created a business continuity plan
  • Involved in client inquiries related to information security and the protection of data inquiries
  • Guide customers on setting up threat intelligence resources, ensuring the organization has a mature security setup
  • Set up an Incident Response Plan for another organization and the process for escalation
  • Designed and executed the corporate IT strategy for operations and rolled out solutions to improve processes and systems
  • Worked with AWS engineering support and business teams to convey partner and customer feedback as input to AWS technology roadmaps
  • Led the transition to a zero-trust security model, enhancing the organization's security posture.

VCISO/Director of Information Security/ ISO/

Cyber Defense Labs
Dallas/Fort Worth, TX
01.2017 - 01.2022
  • I took a threat-centric and intelligence-forward view of cybersecurity
  • Working with executive leadership and board members, I oversaw, maintained, and contributed to improving Cyber Defense Labs' (CDL) security posture
  • I also coached the departments to ensure and enhance cybersecurity effectiveness by aligning key behaviors and processes
  • Key Results Chris Doggett Resume - Page 2
  • I co-chaired as the CIO, performed digital and platform engineering, and developed and executed a comprehensive information security strategy, reducing security incidents by 40% over three years
  • Responsible for leading the CDL SOC2 certification for CDL, including data gathering and evidence presentation to the auditors, audit coordination, and completion
  • Implemented the processes and framework for CDL to gain ISO 27001 certification
  • Developed company policies and procedures in conjunction with HR and Legal teams
  • Implemented a company-wide security awareness training program, increasing employee compliance by 50%
  • Continuous vulnerability lifecycle management using Nessus software, detecting, monitoring, reporting, and assessing impact on vulnerability-related data from internal/external sources
  • Accountable for all Security awareness training and phishing exercises
  • Partnered with CDL's security incident response team, SOC (Security Operations Center), and Security Engineering to resolve and close the investigation of incidents and changes with postmortem and remediation plans where appropriate
  • Mentored and developed employees, providing formal and informal feedback, brown bag sessions, and education programs
  • Engaged with clients and other business leaders to identify risks and business-aware mitigation strategies
  • Proactive risk management and shared ownership of the Risk Committee
  • Ownership of vendor management, third-party assessments, and security questionnaires for all CDL Security partners
  • Developed, implemented, and monitored a strategic, comprehensive information security program to ensure appropriate confidentiality, integrity, availability, safety, privacy, and recovery of information assets owned, controlled, or/and processed by CDL
  • Responsible for monthly access review of users, admins, applications, DLP, physical security, website, and firewall configurations
  • Monitor the external environment for emerging threats and advise relevant stakeholders on appropriate action
  • Developed and oversaw Tabletop exercises and the DR/BCP plan within CDL
  • Developed and executed HR strategy to attract, develop, and retain talent to deliver extraordinary results through people
  • Championed best practices around security, digital transformation, data governance, solutions architecture, and overall IT strategy
  • Security solution architect for multiple global engagements leveraging cloud, on-premises, or hybrid deployment models and incorporating industry best practice methodologies and commercial off-the-shelf products to provide a layered defense with proactive and reactive controls for detecting and responding to suspicious/malicious activities
  • Developed IT roadmaps, oversaw risk management, and ensured business compliance with policies, procedures, and regulations
  • Established KPIs, authored Infosec policies (including GDPR compliance), and counseled Privacy Officers and Data Owners
  • Evolved controls to improve infrastructure protection, led security department meetings, and increased corporate security
  • Managed M&A technical due diligence, developed IT budgets, and worked to improve asset management of devices
  • Rebuilt infrastructure to improve security and resilience, deploying cutting-edge technologies to simplify new site setup, considering the future of the scope of borderless network architecture and the security vulnerabilities it presents
  • Led migration of the company's applications to AWS and established environments (sandbox/production) with proper security
  • Applications used: Git, Kubernetes, Docker, Terraform, Jenkins, and Ansible
  • Led and modernized the CI/CD strategy.

Global Technology Manager

Just Eat
London, UK
01.2014 - 01.2017
  • Initially recruited to build out the IT department
  • Subsequently, developed and executed the technology strategy to scale the company's IT team, policies, and infrastructure to support Eat as it grew from 200 employees to 3,600 with £779M+ in sales
  • Crafted service road maps, managed key projects, implemented cloud telephony, managed £25M budget, and led a team of 30
  • Helped build the SOC team and delivered the cybersecurity standards to the business, including protecting user and customer data
  • Created and achieved platform SLAs related to security, scalability, and availability and ensured PCI compliance
  • Directed support for mission-critical applications, utilized GitHub, and leveraged AWS & Azure for cloud-based hosting
  • Provide expert analysis of complex Information Technology security-related problems and technical expertise on the following: Remediation for vulnerabilities of operating systems, network devices, infrastructure, and Database (MySQL, MS SQL, SQLite, PostgreSQL, and Progress, etc.) Expertise and experience in performing security assessments of network devices (router, switch, firewall configuration), servers, workstations, Web applications, and databases
  • Engineered and deployed cyber defense countermeasures such as advanced threat protection, intrusion detection systems, and data protection measures
  • Led various special IT Security projects, ensuring follow-through from beginning to end
  • Support the development and maintenance of the JE Security Standards Library
  • Led the development and integration of incident classifications and prioritization based upon NIST and MITRE ATT&CK frameworks between incident response and the customer's ITSM to ensure consistency in evaluation criteria, process execution, and incident classification and promote postmortem activities for continuous monitoring improvement
  • Enabled, transitioned, and managed offshore and near-shore security operations teams and capabilities to provide analysis, investigations, and response actions based upon deployed security tools, NIST, MITRE ATT&CK, and CIS 20 frameworks and customer requirements
  • I started building my cyber security defense skills against attacks with war games, understanding what data needs to be protected, evaluating risk, and prioritizing it.

Head of IT Operations

Grey London
London, UK
01.2012 - 01.2014
  • Recruited to lead IT Operations, overseeing the Security, Help Desk, Project Management, and Solutions Architecture with a team of 15
  • Developed multimillion-pound Capex/IT budgets and ensured SOX/PCI/ISO 27001 compliance with auditors using COBIT procedures
  • Implemented NIST Security Governance Framework standards for all company locations
  • Led global Help Desk with 3 tiers of support, leading a team of project managers, system administrators, developers, and others
  • Directed several remote development teams and implemented Agile methodologies, utilizing Agile/Kanban project workflows
  • Delivered critical initiatives in the UK/EMEA region, leading the Office 365 migration, HR transformation, and SAN/storage upgrade
  • Managed computer/mobile assets, developed disaster recovery plans, conducted annual tests, and produced monthly reports
  • Served as a trusted advisor to senior leadership within the company, advising on IT strategy and approach to hit business goals
  • Stay abreast of the latest vulnerabilities, exploits, and other relevant threat-related information
  • Designed and implemented advanced correlation techniques, architectures, and processes to advance the fidelity of the SIEM system
  • Identify potential security exposures that currently exist or pose a possible future threat to IT infrastructure
  • Ensure management is notified when these exposures are identified, as well as propose a solution for remediation.

IT Manager

Omni Media Group (OMD) London
London, UK
01.2008 - 01.2012
  • Hired to manage the IT Infrastructure, direct Project Management, and support OMD London's applications and 1500+ end users
  • Led team of 17 direct/indirect reports with a £7M+ budget
  • Delivered mission-critical initiatives from planning to launch
  • Created IT strategy, roadmaps, and governance while deploying policies and procedures to improve efficiency and performance
  • Managed projects through all stages of the SDLC and delivered highly visible initiatives from concept to go-live on time/budget
  • Led office relocation project, managed Aruba WIFI rollout for EMEA region, and guided the smooth Windows Office upgrade
  • Perform and communicate analysis of intrusion events
  • Review all new vendor-released updates (signatures), like IDS/IPS/AV, and recommend whether they need to be turned on for alerting
  • Also, troubleshoot and resolve failed security update deployments
  • First responder to monitor alerts, incidents, and issues
  • Coordinate triage and troubleshooting activities with all support staff
  • Daily tracking of alerts engaged with the internal tools for SOC (Tickets, Email, and Phone) 24x5 Threat monitoring
  • Oversaw Security team and Help Desk, directed support for all requests and tickets, and ensured adherence to Cyber Compliance and ITIL standards.

Education

Master of Science - Computer Engineering

Boston University

Bachelor of Science - Information Technology

University of Virginia

Skills

  • Information Security Management
  • Cloud Security
  • Risk Assessment and Mitigation
  • Regulatory Compliance (GDPR, HIPAA, PCI-DSS, SOC2, NIST, ISO, SOX, GLBA, NYDFS, HITRUST)
  • Security Policy Development
  • Security Operations Center (SOC) Management
  • Threat Detection and Analysis
  • Zero Trust Security Model
  • Cybersecurity Awareness Training
  • Budget Management
  • Strategic Planning and Execution
  • Team Leadership and Development
  • Vulnerability Assessment and Penetration Testing
  • Requirements Gathering
  • Disaster Recovery Planning
  • Assessments
  • Staff Management
  • Client Requirements Assessment
  • Business Planning
  • Continuous Improvement
  • Management Coaching
  • Technical review
  • Cloud Computing

Websites

Additionalcredentials

  • HITRUST CSF Certification
  • CISM
  • CISSP
  • CHFI course
  • MCSE Certification
  • CCNA Certification
  • Google Admin
  • AWS Security
  • AWS Cloud Architecture
  • Leadership Excellence Training
  • Coaching for Success

Timeline

Principal Security Consultant

Amazon AWS
01.2021 - Current

VCISO/Director of Information Security/ ISO/

Cyber Defense Labs
01.2017 - 01.2022

Global Technology Manager

Just Eat
01.2014 - 01.2017

Head of IT Operations

Grey London
01.2012 - 01.2014

IT Manager

Omni Media Group (OMD) London
01.2008 - 01.2012

Master of Science - Computer Engineering

Boston University

Bachelor of Science - Information Technology

University of Virginia

Similar Profiles

  • Arnav Jain

    Arnav JainArnav Jain

    Software Development Engineering Intern at Amazon AWSSoftware Development Engineering Intern at Amazon AWS

    View Profile
  • Jamshid Hassan

    Jamshid HassanJamshid Hassan

    Scrum Master at Amazon AWSScrum Master at Amazon AWS

    View Profile
  • DIONTÉ HARDEN

    DIONTÉ HARDENDIONTÉ HARDEN

    EXECUTIVE ASSISTANT at Amazon AWSEXECUTIVE ASSISTANT at Amazon AWS

    View Profile
Chris Doggett