Summary
Overview
Work History
Education
Skills
Websites
Certification
Affiliations
Professional Publications
References
Interests
Timeline
Generic
CHRISTOPHER SMARZIK

CHRISTOPHER SMARZIK

San Antonio,United States

Summary

Computer security professional with 7 years of progressive experience in information security, governance, risk management, and compliance as well as 3 years in workforce management. Demonstrated skill identifying business risks and compliance issues and designing proactive solutions. Background designing and implementing an enterprise information security department from scratch as well as developing the associated managed security services platform provided to clients.

Overview

13
13
years of professional experience
1
1
Certification

Work History

Virtual Chief Information Security Officer

Integris
10.2023 - Current
  • Builds cybersecurity strategy and drives the application of controls for relevant security frameworks
  • Partners with senior management staff to secure information assets and information resources through strategic and tactical initiatives in both near-term and long-term scopes
  • Manages technology risk in collaboration with business leaders for over 15 clients in a variety of market verticals
  • Continuously evaluates and manages the cyber-risk posture of all client organizations through annual risk assessments, vendor risk assessments, and internal audits
  • Implements and manages the cyber governance, risk, and compliance program in alignment with relevant security frameworks, maturity models, downstream contractual obligations, and third-party security attestation programs
  • Reports to the most senior levels of client organizations to include C-Suite staff and the Board of Directors, as appropriate
  • Reviews, justifies, and evaluates potential cybersecurity investments and vendor relationships
  • Implements policy and procedures used to guide the baseline configuration of security awareness training and education for client end users
  • Leads cybersecurity critical event operations
  • Implements and maintains incident response, disaster recovery, and business continuity plans with critical business function resilience in mind
  • Facilitates annual tabletop testing with critical event response team members to ensure roles and responsibilities are well understood and to identify and remediate gaps in response plans and procedures
  • Works with technical staff to implement and document the systems used to prevent, detect, mitigate, and recover from cyberattacks

Security Services Architect

Integris
07.2023 - 10.2023
  • Conducted system reviews to ensure security solutions are performing as expected within over 90 managed customer environments
  • Performed analysis on new and evolving threats to provide recommendations in accordance with the organization’s risk appetite
  • Assessed system configurations to offer improvements to enhance the effectiveness of existing security tools
  • Evaluated new solutions for gaps and developed recommendations for IT committee
  • Partnered with penetration test vendors and internal staff to ensure that systems are appropriately tested against common tactics, techniques, and procedures
  • Worked with the project management office to develop plans of action and milestones for remediating findings
  • Maintained information security policy documentation
  • Reviewed, tested, and updated incident response and business continuity plans on an annual basis
  • Facilitated annual tabletop exercises for clients and internal staff
  • Acted as a single point of contact during incident response engagements for the clients and third parties including cyber-insurance, digital forensics, and legal representation
  • Documented timeline of events and actions taken to provide process improvement feedback during post-incident review
  • Managed vulnerability management platform
  • Engaged directly with internal business units, clients, and account management teams to perform patching and vulnerability remediation, as appropriate
  • Collaborated with Business Intelligence staff to implement improvements in client-facing reporting to provide stakeholders with real-world data showcasing the effectiveness of the organization’s security services platform

Information Security Analyst III

Integris
10.2021 - 07.2023
  • Oversaw critical information security projects and helped to develop strategic objectives in alignment with organization's goals
  • Managed internal security improvements, performed risk analysis on gaps identified by organization's internal bug bounty program, and provided recommendations to Director of Information Security and IT Committee
  • Proactively scheduled and lead annual incident response tabletop exercises for both clients and organization's internal Incident Response Team
  • Served as incident response facilitator, providing oversight to responders, internal account teams, and external critical incident response team members
  • Developed, implemented, and maintained Information Security policies, procedures, and standards, as well as Information Security Operations Manual to ensure that all processes remain aligned with industry best practices and regulatory requirements
  • Reviewed and managed response to newly disclosed vulnerabilities from automated threat intelligence feeds to provide remediation and mitigation recommendations to internal staff and external client IT groups
  • Acted as mentor for new security analysts
  • Provided process guidance and security platform specific training to ensure all staff members were able to perform their duties efficiently
  • Collaborates with Service Delivery, Network Operations, and Data Center teams to efficiently provide resolutions for relevant security concerns

Information Security Analyst II

Integris FID
07.2018 - 10.2021
  • Hired as first Information Security Analyst for Integris Financial Institution Division
  • Worked directly with Director of Information Security on developing organization's internal Information Security Program as well as initial version of Managed Security Services program
  • Managed projects for and beta tested with clients to develop baseline configurations for Vulnerability Management, Intrusion Prevention, Security Information and Event Management, Security Awareness Training and Education, and Endpoint Detection and Response platforms
  • Primarily responsible for maintenance and oversight of Integris' Vulnerability Management Program
  • Provided guidance to, and worked directly with, engineering teams to improve internal vulnerability management processes
  • Worked directly with vendor development teams to improve functionality of vulnerability management platform based on feedback from key stakeholders and clients
  • Facilitated incident response activities during initial identification and containment efforts
  • Worked with data center, network operations, and engineering teams to respond to suspicious activity within customer environments
  • Performed gap analysis on information security related governance documentation and tooling for both internal business units and clients
  • Facilitated cyber-incident tabletop exercises for over 90 clients annually and provided plans of action and milestones for any identified gaps in process or technical controls
  • Performed analysis of emerging threats and zero-day vulnerabilities to determine appropriate response based upon cost, impact, and severity

Field Services Engineer

Integris FID
04.2017 - 07.2018
  • Assisted in development and initial deployment of Integris Financial Institution Division's information security program
  • Worked directly with Director of Information Security to develop security policies, plans, and procedures
  • Frequently worked on-site and after-hours while collaborating with senior engineering team members to perform installation, maintenance, and repair activities for multiple clients
  • Addressed tickets over the phone and in person using both technical knowledge and soft skills to resolve common technical issues
  • Guided users with simple, step-by-step instructions to effectively conduct remote troubleshooting

Workforce Operations Analyst

ARRIS (Formerly Pace Americas)
05.2013 - 12.2016
  • Accountable for managing the workforce of a multi-site inbound call center with multiple lines of business
  • Analyzed data feeds to monitor call center operations, ensuring service level agreements were met
  • Managed call routing, offline development for front-line employees and supervisors, training initiatives, and staff scheduling adherence
  • Communicated system outages, site closures, inclement weather, or other potential business continuity events to relevant staff and third parties
  • Executed contingency plans for any such events to minimize impact to business functions
  • Coordinated efforts between multiple areas of information technology, facilities, operations, and the client to aid in the timely resolution of service level impacting outages
  • Worked directly with client Global Workforce Management team during both business continuity events and at the intra-day level while managing and reporting service level trends and quickly adapting to changes in client expectations
  • Analyzed forecasting information to optimize call routing to improve call volume throughput
  • Evaluated service level trends to make risk-informed decisions while managing staff levels to meet occupancy and utilization targets, leading to quarterly cost reductions in excess of $1 million USD

Technical Support Level 1/2/3, Team Lead, Escalation Supervisor

Pace Americas
08.2011 - 05.2013
  • As a team lead, fostered growth in new employees by facilitating side-by-side coaching, running developmental meetings, and offering escalation feedback on supervisor calls
  • Utilized subject matter expertise to respond to questions in team chats
  • Provided advanced technical support for internet, TV, and voice services to customers of widely varied skill levels
  • Performed remote troubleshooting, system updates, and modified system configurations to restore services
  • Scheduled field services dispatches as needed for hardware failures and physical service issues requiring on-site support
  • Handled billing inquiries, sales requests, account level, and line-item billing adjustments in order to improve overall customer satisfaction while remaining within company guidelines on key performance indicators
  • Maintained and protected confidentiality regarding all aspects of customer, client, and employee information through compliance with clearly defined organizational policies regarding social engineering, data privacy, and the correct use of customer authentication mechanisms

Education

Bachelor of Science - Cybersecurity And Information Assurance

Western Governors University
Texas
01.2021

Skills

  • Governance
  • Risk Management
  • Regulatory Compliance
  • Strategic Roadmap Development
  • Business Continuity Planning
  • Incident Response
  • Collaboration and Reporting
  • Third-Party Assessments

Certification

  • (ISC)2 Certified Information Systems Security Professional
  • (ISC)2 Certified Cloud Security Professional
  • (ISC)2 Systems Security Certified Practitioner
  • CompTIA A+
  • CompTIA Network+
  • CompTIA Security+
  • CompTIA CySA+
  • CompTIA Project+

Affiliations

  • (ISC)2 - Member
  • (ISC)2 Alamo Chapter - Member
  • CompTIA - Community Member

Professional Publications

One Boring Day: AI for the Rest of Us - AI Governance & Security

  • https://m.youtube.com/watch?v=ISisSHzf_D4&list=PLw7Wns-38_1jarr80lvd1sntbUUXBae-L&index=5


Integris Buffalo-Plaid Breakfast: Artificial Intelligence Part 1

  • https://www.youtube.com/live/d-4ecZbOBr8?si=t58rFrjTE8DNvnme


Integris Buffalo-Plaid Breakfast: Artificial Intelligence Part 2

  • https://www.youtube.com/live/ldicArHK7Xo?si=XCsEN5wl3_E71seD

References

  • David Enriquez, Integris, Security Services Engineer, (210) 501-4013, Professional
  • Oscar Flores Gonzalez, TikTok, SOAR Developer, (956) 231-9015, Professional
  • Kyle Trevino, Integris, Security Services Engineer, (951) 264-9301, Professional

Interests

3D Printing

AI Development and Implementation

Timeline

Virtual Chief Information Security Officer

Integris
10.2023 - Current

Security Services Architect

Integris
07.2023 - 10.2023

Information Security Analyst III

Integris
10.2021 - 07.2023

Information Security Analyst II

Integris FID
07.2018 - 10.2021

Field Services Engineer

Integris FID
04.2017 - 07.2018

Workforce Operations Analyst

ARRIS (Formerly Pace Americas)
05.2013 - 12.2016

Technical Support Level 1/2/3, Team Lead, Escalation Supervisor

Pace Americas
08.2011 - 05.2013
  • (ISC)2 Certified Information Systems Security Professional
  • (ISC)2 Certified Cloud Security Professional
  • (ISC)2 Systems Security Certified Practitioner
  • CompTIA A+
  • CompTIA Network+
  • CompTIA Security+
  • CompTIA CySA+
  • CompTIA Project+

Bachelor of Science - Cybersecurity And Information Assurance

Western Governors University

Similar Profiles

  • Debbie Green

    Debbie GreenDebbie Green

    RN Case Manager at IntegrisRN Case Manager at Integris

    View Profile
  • Jamee Heatherly

    Jamee HeatherlyJamee Heatherly

    RN Family Practice at IntegrisRN Family Practice at Integris

    View Profile
  • Tyler Henderson

    Tyler HendersonTyler Henderson

    Account Services Manager at IntegrisAccount Services Manager at Integris

    View Profile
CHRISTOPHER SMARZIK