Hands on Cybersecurity professional with a strong background in information technology and cybersecurity. Proven track record of successfully creating security programs and building teams from the ground up. Skilled in privacy regulations, risk assessment and mitigation, incident response, and regulatory compliance. Experienced in leading and managing security programs on a global scale.
Overview
23
23
years of professional experience
7
7
Certifications
Work History
Principal Architect
Didier Bloch Consulting
Livingston, NJ
2 2023 - Current
Created Information Security frameworks to become PCI-DSS, NIST 800-171, FedRAMP, NIST 800-53 compliant
Mitigated risks by implementing technology solutions (Crowdstrike, WebKnight, NinJa, JIRA CCD, AlertLogic) to secure IT infrastructures
Created policies and procedures and provide processes to implement controls to manage IAM, change control and risk management.
Chief Information Security Officer
Tradewind Markets, Inc.
12.2018 - 02.2023
Tackled urgent initiative and successfully created, delivered, and managed TRADEWIND MARKETS LLC’s first comprehensive information security program from the ground up
Created security strategies and established security policies, procedures, and controls to protect against cyber threats, not previously in place
Advised the IT team how to secure the company's AWS and office environments
Secured Tradewind Markets’ blockchain precious metal trading platform Modernized application security through DevSecOps program implementation
Led effort to get ISO27001 certified
Set up the BCP and activated it on 03/12/20 when New York City implemented its pandemic shutdown.
Director of IT/CISO
Freestyle Solutions, Inc.
04.2015 - 12.2018
As CISO, addressed critical initiative and successfully developed and implemented the company's first comprehensive information security framework to protect its SaaS eCommerce platform
Established security policies, procedures, and controls to protect against cyber threats to not only meet regulatory requirements, but also to provide resiliency, scalability for growth and redundancy
Developed and implemented a disaster recovery plan to ensure the continuity of operations in the event of a natural disaster or cyber-attack
Advised the cloud team how to secure the company's AWS production systems
Conducted regular security assessments to identify and mitigate vulnerabilities
Successfully ran the annual PCI-DSS level 1 certification process
Worked with cross-functional teams to ensure all requirements were met and coordinated with the certification body to ensure a smooth audit process.
Conducted regular audits of hardware inventory to ensure proper asset management across the organization''s technology infrastructure.
Enhanced IT infrastructure by implementing strategic technology upgrades and streamlining system processes.
Managed the procurement process for IT hardware and software, ensuring timely delivery of necessary equipment to support ongoing projects.
Chief Information Security Officer
Mezocliq, LLC
New York, New York
03.2013 - 04.2015
In this role, tasked with, and successfully designed/implemented MEZOCLIQ LLC’s first comprehensive information security program to secure its back office suite SaaS
Created /implemented security policies, procedures, and controls to protect against cyber threats and meet regulatory requirements, specifically privacy regulations
Helped engineer a highly resilient hardware and software production infrastructure
Collaborated with Engineering Team to design and implement a production infrastructure that was highly resilient to hardware and software failures
Conducted regular testing and maintenance to ensure the infrastructure was operating at peak efficiency
Led the company through the annual SOC 2, type I & type II and SOC 3 audits and HITRUST
Worked with cross-functional teams to ensure all requirements were met and coordinated with the auditing firm to ensure a smooth audit process
Led the red team pentesting, overseeing the planning and execution of regular simulated cyber-attacks to test the company's security posture
Analyzed results and provided recommendations for improving the company's security defenses.
Head of Information Technology
Usablenet, Inc.
05.2012 - 03.2013
As the first head of information technology, successfully established and led the IT department, setting the foundation for future growth and success
Conducted a thorough audit of the environment to identify and address security vulnerabilities, resulting in a more secure and reliable system
Successfully migrated the email system from a standalone server to Microsoft 365, improving efficiency and reducing the risk of data loss
Implemented cost-saving measures that resulted in a 30% reduction in IT expenses, while also managing the IT infrastructure for the London, New York, Los Angeles, and Udine, Italy offices
Additionally, initiated a PCI certification project to ensure compliance with industry standards and protect sensitive data.
Collaborated with stakeholders to define business requirements for new technology implementations.
Championed adoption of emerging technologies, evaluating potential benefits and ROI for the organization.
Enhanced IT infrastructure by implementing upgraded hardware and software solutions.
Managed IT budget effectively, prioritizing investments to align with strategic goals.
Mentored junior IT staff, fostering a culture of continuous learning and professional development.
Optimized network performance with proactive monitoring and system maintenance tasks.
SVP, IT Delivery Services Division
SunGard Financial Services
06.2001 - 02.2012
Tasked by SunGard's CEO to engineer and implement a plan to address data leakage risks, and successfully implemented measures to prevent data loss and protect sensitive information
As the lead for incident response and physical/logical security for the Northeast SunGard offices, developed and implemented strategies to protect the company's assets and data
Played a key role in acquisition due diligence and SOX400 compliance efforts, ensuring that SunGard's processes and systems met industry standards and regulatory requirements
Led strategic infrastructure improvement projects in collaboration with key business heads, implementing new technologies and processes to drive efficiency and support business growth
Served as businesses primary point of contact while managing support activities for 3,000 users across 32 offices across the Northeast, New England and Midwest regions
Implemented centralized software distribution and patching procedures to maximize user productivity while minimizing risk.
Education
MBA - Business Administration/Management
University of South Carolina
Columbia, SC
Skills
Disaster Recovery Strategies
undefined
Certification
Certified Information Systems Security Professional (CISSP) - ISC2
Affiliations
- ISC2.ORG
- ISACA
-EC-Council
-ISSA
Languages
French
Native or Bilingual
Italian
Professional Working
German
Limited Working
Timeline
Chief Information Security Officer
Tradewind Markets, Inc.
12.2018 - 02.2023
Director of IT/CISO
Freestyle Solutions, Inc.
04.2015 - 12.2018
Chief Information Security Officer
Mezocliq, LLC
03.2013 - 04.2015
Head of Information Technology
Usablenet, Inc.
05.2012 - 03.2013
SVP, IT Delivery Services Division
SunGard Financial Services
06.2001 - 02.2012
Principal Architect
Didier Bloch Consulting
2 2023 - Current
MBA - Business Administration/Management
University of South Carolina
Similar Profiles
Sheral AnandSheral Anand
Accounts Officer at Arnold Bloch LeiblerAccounts Officer at Arnold Bloch Leibler