Music
Dean Turturici
Parkesburg
Summary
Dynamic Information Security leader with a proven track record driving information security and risk management initiatives. Expert in security architecture, engineering, risk assessment, and team leadership, successfully enhancing security posture and reducing risks across diverse environments. Developed innovative solutions that secured millions in revenue while fostering a culture of engagement and awareness.
Overview
13
13
years of professional experience
11
11
Certification
Work History
Manager of Information Security Engineering and Architecture
Wawa, Inc
Media
08.2021 - Current
- Direct a team of security architects and engineers securely rearchitecting cloud PaaS and IaaS for migration of hundreds of applications
- Create and implement cloud security governance models and cloud security posture processes to support automated risk tracking and mitigation across multiple cloud environments resulting in reduction in cloud risk
- Manage an application security program responsible for securing numerous builds per day, incorporating security tooling in a fully automated CI/CD pipeline
- Direct an application security champions program to grow a positive security culture driving innovation, security awareness, engagement, and trust across development teams
- Oversee the security architecture and engineering of dozens of business projects and security systems supporting hundreds of millions of business transactions per year
- Direct a multi-faceted team of more than 10 staff members in multiple locations to manage security architecture, engineering, application security, automation, and risk mitigation in support of business initiatives
- Manage teams who create security architectural building-blocks and detailed solution designs, incorporating business functional and security elements for clear documentation
- Partner with Product Owners, Product and Project Managers to align flexible security solutions with business requirements to reduce friction in deployments
- Develop the company's security strategy, focused on creating new architectures and solutions for cybersecurity threats as they develop, and mitigate risks to company intellectual property and customer data
- Create security audit processes used to identify areas in need of improvement, leading to risk reduction year-over-year
- Communicate with executives, senior leadership, and external partners to align security best practices with business needs
- Partner with Enterprise Architects and Engineers to review new and existing designs to establish repeatable, secure patterns which increase the frequency and speed of delivery
- Design and implement end-to-end security processes to enable business projects with minimal risk
- Develop high-performing leaders across the team, coaching servant leadership strategies to foster an environment of psychological safety, learning, diversity, and inclusivity
- Manage the creation of IoT and zero trust security architecture strategies and templates
- Rationalize security tooling to minimize overlap and maximize coverage across all people, processes, and technology
Information Security Senior Analyst
Wawa, Inc
Media
11.2011 - 08.2021
- Managed a team of 8 security experts to build a modern microservices platform delivering new business functionality which resulted in over $20 million in additional revenue
- Secured all DevSecOps functions through automated security inside a flexible CI/CD pipeline resulting in frequent delivery of microservices with minimal security risk
- Directed security engineering and risk management practices for a national convenience retailer with 1000 physical retail locations and a large e-commerce presence
- Created security policies, standards, and procedures which governed all security engineering, risk management, and incident response practices resulting in new security capabilities
- Architected and engineered solutions to prevent, detect, and respond to security incidents enabling teams to use tools and data to improve security processes
- Created standard operating procedures based on industry best practices while tracking KPIs to identify and address potential violations on a wide scale
- Created security requirements for dozens of new platforms and technologies to enable new business functionality
- Created and managed security awareness program which engaged over 40,000 associates across the entire organization
- Communicated risk to stakeholders and all levels of the organization, bringing awareness and driving solutions to reduce risk while enabling business delivery
- Led team of 5 security analysts to ensure PCI DSS compliance across 1000+ retail locations, and hybrid cloud datacenters
Education
MBA - Analytics
Villanova University
Villanova, PA01.2019
Bachelor of Science - Professional Studies
Neumann University
Aston, Pa01.2014
Associate of Science - Information Systems Management
Rasmussen College
Saint Cloud, MN01.2011
Skills
- Cyber Risk and Governance
- Cloud security
- Risk management
- Security architecture
- Application security
- Governance frameworks
- Team leadership
- Stakeholder communication
- Vulnerability assessment
- Automation strategies
- Program development
- Security Architecture and Engineering
- Regulatory Compliance
- Executive and Board-level Reporting
- Cloud Security
- Process Development
- Project Management
- Product Management
- Business Engagement
- Servant Leadership
Certification
- ISC2 Certified Information Systems Security Professional (CISSP)
- ISC2 Certified Information Systems Security Architecture Professional (CISSP-ISSAP)
- ISC2 Certified Cloud Security Professional (CCSP)
- GIAC Defensible Security Architecture (GDSA)
- GIAC Certified Enterprise Defender (GCED)
- AWS Certified Security Specialist
- CompTIA Secure Infrastructure Specialist (CSIS)
- CompTIA IT Operations Specialist (CIOS)
- CompTIA A+
- CompTIA Security+
- CompTIA Network+
- Microsoft Certified: Azure Fundamentals
Relevant Organizations
- GIAC Advisory Board, Member
- ISC2
References
References available upon request.
Accomplishments
- Achieved secure commerce platform implementation by collaborating with architects and engineers to design security into the system.
- Lead team of risk analysts in the development of security policies and standards.
- Lead security engineers in implementation of Cloud Security Posture Management platform resulting in visibility into, and reduction of, cloud security findings.
- Developed automated security CI/CD toolset resulting in discovery of secrets, SAST, and container findings. Created processes to eliminate findings prior to code deployment.
- Collaborated with development teams to create security champions program resulting in improved relationships across security and development teams.
- Lead firewall review and enhancement, resulting in reduction of hundreds of over-permissive rules.
- Lead security assessment of dozens of SaaS and COTS products, resulting in reduction of risk across organization.
Work Availability
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse
Affiliations
- RH-ISAC
- GIAC Advisory Board
Work Preference
Work Type
Full TimeWork Location
RemoteImportant To Me
Work-life balanceCompany CulturePersonal development programsWork from home optionPaid time offPaid sick leave401k matchStock Options / Equity / Profit SharingCareer advancementInterests
Movies
Learning
Timeline
Manager of Information Security Engineering and Architecture
Wawa, Inc
08.2021 - Current
Information Security Senior Analyst
Wawa, Inc
11.2011 - 08.2021
MBA - Analytics
Villanova University
Bachelor of Science - Professional Studies
Neumann University
Associate of Science - Information Systems Management
Rasmussen College
Similar Profiles
Mason HowellMason Howell
Customer Service Supervisor at Wawa, IncCustomer Service Supervisor at Wawa, Inc
Matthew SulpizioMatthew Sulpizio
Customer Service Associate at Wawa, IncCustomer Service Associate at Wawa, Inc
Melissa GoosMelissa Goos
Assistant General Manager at Wawa, IncAssistant General Manager at Wawa, Inc