Nam Pham

• Directed global transformation of cybersecurity policies across IT and OT environments post-GSK divestiture, aligning with NIST 800-53, IEC 62443, PCI-DSS, SOX, and ISO standards.
• Managed a cross-functional team of 5, collaborating with Legal, IT, and Operational Risk leaders to scale governance and compliance programs.
• Developed and launched Smart Controls, PowerBI compliance dashboards, and KRI/KPI risk tracking, reducing audit preparation time by 60% and enabling real-time visibility for executives.
• Centralized and standardized policy development, improving governance efficiency and audit readiness across global operations.

• Oversaw cybersecurity of classified USAF flight safety modules, maintaining active Secret clearance and ensuring compliance with DoD and NIST frameworks.
• Performed vulnerability assessments and system security evaluations of isolated flight training environments.
• Streamlined CAC badge registration, accelerating onboarding and strengthening access control for USAF personnel.
• Modernized system documentation and access protocols, reducing compliance gaps during federal security reviews.

• Acted as liaison between ITS and Financial Operations, ensuring regulatory compliance and reliable data environments.
• Spearheaded PCI-DSS compliance initiatives, reducing non-compliance risk by 40% through updated controls and policy enforcement.
• Designed and deployed advanced SQL reporting, enhancing data analytics capabilities across financial operations.
• Managed the cardholder data environment, enforcing access controls, audit readiness, and protection of sensitive information.

• Conducted IT risk and cybersecurity examinations for banking institutions in alignment with FDIC and state requirements.
• Authored and modernized state IT examination procedures based on the FDIC InTREx model, strengthening regulatory oversight.
• Trained and led IT audit teams of 5–10 in risk assessments, vulnerability management, and compliance reviews.
• Presented audit findings and remediation strategies to bank executives and state commissioners, influencing enterprise-level cybersecurity improvements.Conducted IT risk and cybersecurity assessments for banking institutions in accordance with FDIC and state regulatory requirements.
• Developed and modernized the state’s IT examination procedures based on the FDIC InTREx model.
• Led and trained IT audit teams (5–10 members) on vulnerability management, risk ratings, and compliance enforcement.
• Presented cybersecurity risk findings to bank leadership and state commissioners to guide security improvements.

Supported networks, systems, and enterprise platforms across multiple departments. Enhanced system interoperability and security policies while implementing ticketing workflows and training staff on cybersecurity hygiene. Assisted with software deployment, endpoint management, and compliance alignment with state regulations.

Delivered IT support to judges, clerks, and probation officers during major infrastructure upgrades. Supported user provisioning, access management, and transition from legacy desktops to thin clients.

Configured VPNs for secure clinical access and maintained connectivity for clinics across KS and MO. Updated IT procedures to ensure HIPAA compliance and provided Tier II support to sustain secure and reliable application and file server performance.