NANCY JORDAN

25 year Information Technology leader with experience in Management, Security, and Strategic Planning. Adept in Problem Solving and communication skills. Proven experience with assessing individual talent and rebuilding teams to work as a cohesive unit. Transformational leader skilled in guiding navigation of modern technology. Accustomed to driving efficiency and effectiveness by developing, delivering, and supporting strategic plans. Demonstrated skill in translating technical requirements into business solutions. Successful record of building positive relationships with internal and external stakeholders. Proven ability to drive impactful security initiatives and collaborate across engineering, legal, and product teams.

• ISC2 Certified Information Systems Security Professional (CISSP)
• GIAC Security Leadership Certification (GSLC)
• GIAC Security Essentials Certification (GSEC)
• ITC Women in Technology certification program
• Payment Card Industry Professional (PCIP)
• Louisiana Tech University Industry Advisory Board
• Women in Technology (Central Arkansas)
• Infragard
• Walton Emerging Leaders Program

• Managed large-scale teams, including personnel issues, payroll, hiring & termination proceedings, performance evaluations, and mentoring.
• Planned and maintained a separate product security budget, including capital, operating, and project budget, identifying opportunities for consolidation and cost-savings.
• Increased department reputation and team communication skills by initiating a monthly touchpoint with other departments to discuss concerns.
• Assessed individual talent and rebuilt teams to focus on the company's initiatives in a more efficient manner.
• Revived or replaced existing technologies to improve the team's productivity and data value.
• Improved Vulnerability Management effectiveness by doubling the number of assets scanned, adding credentials for a quicker, but more in-depth analysis, and presenting the data based on risk factors.
• Revitalized Security Awareness by enriching the communications campaigns, content, and personalizing the context.
• Expanded the use of NGFWs to more granularly restrict traffic by App-ID and user-ID/group-ID, instead of simple IP/port allowances/restrictions.
• Implemented DDOS, origin cloaking, and an edge WAF to better protect the company's e-Commerce infrastructure.
• Employed Managed Services for the Tier-1 response to our SIEM for troubleshooting and investigation.
• Consolidated the organization's Application Whitelisting and File Integrity Monitoring solutions into one for a more streamlined and operations-friendly answer.
• Revamped the Security Incident Response Team with a new policy, member agreement, playbooks, and team exercises.
• Performed gap analyses, requirement updates, and coordination of external audits and attestations.
• Established, and managed the eCommerce Performance Testing program which resulted in eliminating multiple bottlenecks and improving performance across all tiers of the architecture.