Summary
Overview
Work History
Education
Skills
Certification
Affiliations
Languages
Timeline
Generic
Didier Bloch

Didier Bloch

Cybersecurity Professional
Livingston,NJ

Summary

Hands on Cybersecurity professional with a strong background in information technology and cybersecurity. Proven track record of successfully creating security programs and building teams from the ground up. Skilled in privacy regulations, risk assessment and mitigation, incident response, and regulatory compliance. Experienced in leading and managing security programs on a global scale.

Overview

23
23
years of professional experience
7
7
Certifications

Work History

Principal Architect

Didier Bloch Consulting
Livingston, NJ
2 2023 - Current
  • Created Information Security frameworks to become PCI-DSS, NIST 800-171, FedRAMP, NIST 800-53 compliant
  • Mitigated risks by implementing technology solutions (Crowdstrike, WebKnight, NinJa, JIRA CCD, AlertLogic) to secure IT infrastructures
  • Created policies and procedures and provide processes to implement controls to manage IAM, change control and risk management.

Chief Information Security Officer

Tradewind Markets, Inc.
12.2018 - 02.2023
  • Tackled urgent initiative and successfully created, delivered, and managed TRADEWIND MARKETS LLC’s first comprehensive information security program from the ground up
  • Created security strategies and established security policies, procedures, and controls to protect against cyber threats, not previously in place
  • Advised the IT team how to secure the company's AWS and office environments
  • Secured Tradewind Markets’ blockchain precious metal trading platform Modernized application security through DevSecOps program implementation
  • Led effort to get ISO27001 certified
  • Set up the BCP and activated it on 03/12/20 when New York City implemented its pandemic shutdown.

Director of IT/CISO

Freestyle Solutions, Inc.
04.2015 - 12.2018
  • As CISO, addressed critical initiative and successfully developed and implemented the company's first comprehensive information security framework to protect its SaaS eCommerce platform
  • Established security policies, procedures, and controls to protect against cyber threats to not only meet regulatory requirements, but also to provide resiliency, scalability for growth and redundancy
  • Developed and implemented a disaster recovery plan to ensure the continuity of operations in the event of a natural disaster or cyber-attack
  • Advised the cloud team how to secure the company's AWS production systems
  • Conducted regular security assessments to identify and mitigate vulnerabilities
  • Successfully ran the annual PCI-DSS level 1 certification process
  • Worked with cross-functional teams to ensure all requirements were met and coordinated with the certification body to ensure a smooth audit process.
  • Conducted regular audits of hardware inventory to ensure proper asset management across the organization''s technology infrastructure.
  • Enhanced IT infrastructure by implementing strategic technology upgrades and streamlining system processes.
  • Managed the procurement process for IT hardware and software, ensuring timely delivery of necessary equipment to support ongoing projects.

Chief Information Security Officer

Mezocliq, LLC
New York, New York
03.2013 - 04.2015
  • In this role, tasked with, and successfully designed/implemented MEZOCLIQ LLC’s first comprehensive information security program to secure its back office suite SaaS
  • Created /implemented security policies, procedures, and controls to protect against cyber threats and meet regulatory requirements, specifically privacy regulations
  • Helped engineer a highly resilient hardware and software production infrastructure
  • Collaborated with Engineering Team to design and implement a production infrastructure that was highly resilient to hardware and software failures
  • Conducted regular testing and maintenance to ensure the infrastructure was operating at peak efficiency
  • Led the company through the annual SOC 2, type I & type II and SOC 3 audits and HITRUST
  • Worked with cross-functional teams to ensure all requirements were met and coordinated with the auditing firm to ensure a smooth audit process
  • Led the red team pentesting, overseeing the planning and execution of regular simulated cyber-attacks to test the company's security posture
  • Analyzed results and provided recommendations for improving the company's security defenses.

Head of Information Technology

Usablenet, Inc.
05.2012 - 03.2013
  • As the first head of information technology, successfully established and led the IT department, setting the foundation for future growth and success
  • Conducted a thorough audit of the environment to identify and address security vulnerabilities, resulting in a more secure and reliable system
  • Successfully migrated the email system from a standalone server to Microsoft 365, improving efficiency and reducing the risk of data loss
  • Implemented cost-saving measures that resulted in a 30% reduction in IT expenses, while also managing the IT infrastructure for the London, New York, Los Angeles, and Udine, Italy offices
  • Additionally, initiated a PCI certification project to ensure compliance with industry standards and protect sensitive data.
  • Collaborated with stakeholders to define business requirements for new technology implementations.
  • Championed adoption of emerging technologies, evaluating potential benefits and ROI for the organization.
  • Enhanced IT infrastructure by implementing upgraded hardware and software solutions.
  • Managed IT budget effectively, prioritizing investments to align with strategic goals.
  • Mentored junior IT staff, fostering a culture of continuous learning and professional development.
  • Optimized network performance with proactive monitoring and system maintenance tasks.

SVP, IT Delivery Services Division

SunGard Financial Services
06.2001 - 02.2012
  • Tasked by SunGard's CEO to engineer and implement a plan to address data leakage risks, and successfully implemented measures to prevent data loss and protect sensitive information
  • As the lead for incident response and physical/logical security for the Northeast SunGard offices, developed and implemented strategies to protect the company's assets and data
  • Played a key role in acquisition due diligence and SOX400 compliance efforts, ensuring that SunGard's processes and systems met industry standards and regulatory requirements
  • Led strategic infrastructure improvement projects in collaboration with key business heads, implementing new technologies and processes to drive efficiency and support business growth
  • Served as businesses primary point of contact while managing support activities for 3,000 users across 32 offices across the Northeast, New England and Midwest regions
  • Implemented centralized software distribution and patching procedures to maximize user productivity while minimizing risk.

Education

MBA - Business Administration/Management

University of South Carolina
Columbia, SC

Skills

Disaster Recovery Strategies

undefined

Certification

Certified Information Systems Security Professional (CISSP) - ISC2

Affiliations

- ISC2.ORG

- ISACA

-EC-Council

-ISSA

Languages

French
Native or Bilingual
Italian
Professional Working
German
Limited Working

Timeline

Chief Information Security Officer

Tradewind Markets, Inc.
12.2018 - 02.2023

Director of IT/CISO

Freestyle Solutions, Inc.
04.2015 - 12.2018

Chief Information Security Officer

Mezocliq, LLC
03.2013 - 04.2015

Head of Information Technology

Usablenet, Inc.
05.2012 - 03.2013

SVP, IT Delivery Services Division

SunGard Financial Services
06.2001 - 02.2012

Principal Architect

Didier Bloch Consulting
2 2023 - Current

MBA - Business Administration/Management

University of South Carolina
Didier BlochCybersecurity Professional