Summary
Overview
Work History
Education
Skills
Accomplishments
Affiliations
Certification
Interests
Work Preference
Work Availability
Software
Quote
Timeline
Generic

Donald Graham

Tampa,FL

Summary

More than 25 years' experience as an Information Technology (IT) executive with strong expertise in IT management, IT security management, and IT enterprise architecture. Demonstrated expertise in establishing and implementing large information security programs. Designed and implemented cyber infrastructure security framework that continuously monitors and detects Cybersecurity threats and vulnerabilities. Performed evaluations and selections of IT security tools and successfully implemented IT security systems to protect the availability, integrity, and confidentiality of critical business information and information systems. Highly skilled, dedicated and enthusiastic team player with excellent leadership and communication skills.

Overview

22
22
years of professional experience
1
1
Language

Work History

Cyber Infrastructure Group Leader

Deloitte
10.2019 - Current
  • Established Comprehensive Security Program: Led the development and implementation of a global Enterprise Security Program encompassing 12 member firms, 450,000 employees, and 150 countries.
  • Standardized IT Security: Developed Technology Security Standards defining consistent policies, roles, and responsibilities for information technology security across the organization.
  • Formalized Security Procedures: Created Deloitte administrative procedures for the IT Security Program, outlining roles, responsibilities, and best practices throughout the IT system lifecycle.
  • Empowered Employees with Knowledge: Developed and implemented a web-based Cybersecurity Awareness Training Program to educate all employees on essential security practices.
  • Automated Auditing of Firewall: Designed and implemented an automated tool-based vulnerability management framework specifically for firewall policies.
  • Enhanced Security Posture: Led the evaluation, selection, and implementation of critical security tools including GRC platforms, firewalls, IDS/IPS, web application firewalls, and network malware defense systems.
  • Mitigated security risks associated with risky protocols.

Cloud Network Security Executive

VMware
01.2017 - 10.2019
  • Drove VMware Adoption: Successfully introduced VMware network and customized security virtualization solutions to both Enterprise and Healthcare accounts, increasing overall network virtualization and security adoption.
  • Identified New Business Opportunities: Proactively identified potential new enterprise clients through market analysis and understanding client needs
  • Trusted Security Advisor: Established strong client relationships by acting as a trusted advisor, achieving 100% client retention through technology workshops and providing prioritized security recommendations based on technology assessments.
  • Promoted Emerging Solutions: Championed the adoption of cutting-edge security solutions like application security and software-defined firewalls for cloud environments.

Senior Systems Engineering Manager

Cisco Systems
03.2002 - 12.2016
  • Enhanced Security for Critical Infrastructure: Established and implemented a comprehensive IT security program, safeguarding data across distributed systems utilized in Substation Automation, Advanced Metering Infrastructure, IoT Security, and Telemetry projects for over 20 utilities.
  • Spearheaded Cyber Resilience: Led the creation of a monthly "Cyber Security for Critical Infrastructure" webinar series, raising awareness and building cyber resilience within the Utilities and Smart Grid Practice.
  • Unified Program-Wide Security Approach: Coordinated Information Security Officers to establish a unified approach for addressing and mitigating IT security risks across the entire program.
  • Robust Security Governance: Developed an IT security program governance document, outlining internal/external communication strategies to achieve security objectives.
  • Implemented Security Planning Processes: Established IT security planning processes encompassing continuity of operations, disaster recovery, risk analysis methodologies, and testing procedures for contingency plans and security controls.

Education

Master of Science - Cybersecurity

University of South Florida
Tampa, FL
12.2015

Bachelor of Science - Industrial Engineering

New Jersey Institute of Technology
Newark, NJ
06.1991

Skills

  • Certified Information Systems Security Professional (CISSP) - 2017
  • Certified Information Security Manager (CISM) - 2017
  • Certified Cloud Security Professional - 2017
  • Certified Internetworking Expert
  • Governance, risk & compliance (GRC)
  • Information protection and analysis
  • Risk assessment & compliance
  • Intrusion detection/prevention systems (IDS/IPS)
  • Web Application Security planning
  • Data loss prevention (DLP)
  • Disaster recovery planning
  • Cloud Security Planning

Accomplishments

Leadership

  • Developed and implemented enterprise security strategy and framework that consists of strategically integrated elements of NIST risk management and Cybersecurity frameworks, SANS Critical Controls, ISO/IEC 27001/27002 and COBIT 5 for Information Security.

Strategy and Planning

  • Developed and communicated Acceptable Use policy, Intrusion Detection and Prevention policy, firewall policies and many other security policies and standards for enterprise networks.
  • Established policies and procedures for system administrators to perform operating system maintenance & patching.

Team Collaboration

  • Collaborated with global distributed department and member firms to establish enterprise security framework to accomplish common IT security objectives and leverage common tools to reduce risks.
  • Coordinated the activities of Information Security Officers to define and establish global unified program-wide approach to address IT security issues and mitigate IT security risks.

Project Management

  • Managed the implementation of Enterprise IT Security Framework “Quick Wins” Road Map based on global standards
  • Managed IT Certification & Accreditation (C&A) program implementing automated tools to realize efficiencies and significant cost savings for C&A process, including developing IT security plans and processes.
  • Managed IT asset management and configuration management project implementing Checkpoint Administration tool, defining enterprise IT inventory processes (using ITIL), automating system patching capability and significantly improving IT configuration management.

Affiliations

  • Institute of Electrical and Electronics Engineers
  • Toastmasters

Certification

  • CISSP Training - 2017

Interests

Electrification

IoT Security

Artificial Inteligence

Work Preference

Work Type

Full Time

Work Availability

monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse

Software

Python

Quote

If you think you are too small to be important, spend a night with a mosquito.
Mandinga tribe

Timeline

Cyber Infrastructure Group Leader

Deloitte
10.2019 - Current

Cloud Network Security Executive

VMware
01.2017 - 10.2019

Senior Systems Engineering Manager

Cisco Systems
03.2002 - 12.2016

Master of Science - Cybersecurity

University of South Florida

Bachelor of Science - Industrial Engineering

New Jersey Institute of Technology

Similar Profiles

CREATE PROFILE
Donald Graham