Summary
Overview
Work History
Education
Skills
LANGUAGES
PRIOR ROLES HELD
TECHNOLOGY VENDOR & CONTRACT MANAGEMENT EXPERIENCE
Compliance Frameworks
KEY VALUE OFFERINGS
Timeline

O. ALEX BAXTER

Open To Relocate

Summary

Accomplished and growth-focused Senior Executive, globally recognized for establishing top-notch standards in information security, technology excellence and digital infrastructure across education, federal government, nonprofits, healthcare, finance, manufacturing, insurance and start-ups. Over 25 years of proven leadership experience in driving the advancement of security programs, overseeing complex technology environments and assets while spearheading the development and modernization of scalable corporate legacy systems. Spotlighted success in assessing vulnerabilities, developing incident response plans and orchestrating continuous cloud transformations to proactively mitigate risks, foster security-aware culture and enhance organizational resilience. C-level influencer and consultant, adept at delivering profound insights to industry giants in enterprise cybersecurity, innovative security strategies and cutting-edge technology to transition companies to a comprehensive security framework. Proven track record of fostering seamless collaboration with board of directors, Senior leadership, integrated IT, cybersecurity and system engineering teams to drive organizational change, and enabling the business using data driven decisions to promote operational readiness to deliver on the company mission with effective technology, security and regulatory compliance.

Overview

27
27
years of professional experience

Work History

IT Director (Cybersecurity | Infrastructure | Core Systems)

Mount Sinai Health System
10.2022 - Current
  • Drives strategic formulation of advanced security frameworks, deploy cutting-edge cloud infrastructure and security solutions, propel security agenda, and ensure the highest standards of protection for critical information assets in dynamic healthcare landscape.
  • KEY CONTRIBUTIONS:
  • Developed a Zero Trust architecture, implementing IAM, MFA, DLP, and SIEM solutions to fortify security posture.
  • Project Management: Led large-scale projects, wearing multiple hats from EHR server infrastructure system support, system integration, engineering to security, architecture, and project leadership.
  • Assisted securing one of the world’s largest Epic cloud implementations, migrating thousands of users to a scalable, secure cloud environment that improved system performance and downtime resiliency.
  • Contributed to the health system acquisition merger systems integration projects.
  • Leadership: Led cross-functional IT teams of security and infrastructure including consultants, direct reports, driving process improvement and fostering a high-performance culture.
  • Vendor & Contract Management: Managed a multi-million-dollar IT budget, negotiating vendor contracts and reducing costs while maximizing value.
  • Security Architecture Oversight: Developed and implemented robust security architecture aligned with organizational goals and industry best practices.
  • Incident Response: Directed information security incident response efforts, ensuring a swift and effective response to various security threats.

Director – Information Security

Yale University
07.2020 - 08.2022
  • Championed hands-on leadership, optimizing information security and data privacy for organizational fortification. Spearheaded strategic guidance for security operations center, leveraging SOAR automation tools like Google SIEMPLIFY.
  • KEY CONTRIBUTIONS:
  • Security Initiatives: Initiated 30+ strategic projects, reshaping the information security program for adaptability in the dynamic security landscape (EDR, MFA, IAM, Cloud Security, Compliance).
  • SOC Transformation & Fusion: Revitalized security operations center, improving detection, analysis and response capabilities, transforming it into a cyber fusion center with advanced SOAR automation tools.
  • Cost-Saving Vendor Management: Achieved $600K+ in cost savings through vendor contract renegotiation and quarterly business reviews, ensuring optimal ROI for the university.
  • Zero-trust Model: Directed implementation of a zero-trust model and deployed various security tools, optimizing defense against DDoS, DLP, Firewall IDS/IPS, NextGen AV, SIEM, Vulnerability Management, Web Proxy and EDR.
  • Innovative Procurement Strategies: Innovated technology procurement, saving $330K by eliminating redundancy and consolidating the security technology stack for optimal vendor and product selection.

Global Head, Infrastructure & Security (CISO)

Le Pain Quotidien
01.2016 - 07.2020
  • Engineered, executed, and maintained a comprehensive global information security program, ensuring peak levels of confidentiality, integrity, availability, and privacy of LPQ’s information assets. Expanded department’s impact in realizing pivotal business objectives by strategically renegotiating and evaluating third-party vendor contracts and relationships.
  • KEY CONTRIBUTIONS:
  • Roadmap Development: Strengthened relationships with the board of directors by crafting short and long-term roadmaps (1yr, 3yr, 5yr) for IT and Information Security program, providing regular quarterly updates on progress and challenges.
  • Transformational Implementations: Implemented a new POS system replacing Micros POS with Toast POS allowing better system integration and better data driven decision making.
  • Data Warehouse Implementation: Implemented the company’s first data warehouse, empowering strategic decision-making based on data statistics, trends and projections for the restaurants.
  • GDPR Compliance Preparation: Prepared global organization for compliance with European GDPR regulation by collaborating with external legal resources.
  • Cross-departmental Governance: Established a cross-departmental governing body to ensure adoption of information security policies and risk management procedures before operational changes or implementations.
  • Budget Management & Cost Savings: Steered significant CAPEX and OPEX budgets, employing cost-saving strategies by renegotiating a multi-million-dollar contract with the managed network services provider, resulting in a 35% savings on contract renewal while acquiring additional services.
  • Multi-cloud System Migration: Accomplished migration of company systems to multi-cloud and SaaS platforms (Azure, AWS, O365) and instigated disaster recovery and business continuity plans, reducing RPOs and RTOs by 90%.
  • CI/CD Processes: Executed DevOps and DevSecOps practices, fostering automation (CI/CD) processes within organization.
  • Layered Security Approach: Acted as a Subject Matter Expert (SME), introducing a comprehensive layered security approach covering tools, processes, awareness, controls and audits in areas such as Perimeter and Cloud Security, DLP, MFA, IDS, IPS, NAC, Web Filtering and IAM.

Principal IT Consultant & Leader (Infrastructure, Security, Compliance)

Jefferson University Health Systems | Temple University Health Systems | Children’s Hospital of Philadelphia CHOP | KPMG | Prudential Financial | United Nations | Moody’s Analytics | Wyeth & Pfizer Pharmaceuticals | Allstate Insurance | Pep Boys | Akin Gump LLP | TD Bank | GAF Manufacturing | 40 North Financial | Philadelphia Gas Works (PGW) | Penske Trucking | Allied Mortgage Group | EPA Environmental Protection Agency | Penn State University | Walmart (Jet.com)
01.1999 - 01.2016
  • Helmed as principal consultant for a spectrum of companies, ranging from small startups to large enterprises, for managing a multitude of expansive, intricate global projects. Oversaw all facets of delivering and supporting information security needs for multiple client businesses, including design, development and implementation of cloud infrastructure and security.
  • KEY CONTRIBUTIONS:
  • Strategic Security Incident Leadership: Directed large-scale security incident response and remediation engagements for ransomware, APTs and phishing.
  • Team Supervision & Project Management: Supervised and mentored a team of 30 engineers responsible for security architecture, engineering, and operations.

Education

Information Technology Bachelor’s -

University of Maine

Master’s of Cybersecurity & Information Assurance - undefined

Western Governors University
08.2026

CISSP -

CISSP
12.2025

Skills

  • SIEM, DLP, and Endpoint Security, Zero Trust & Cloud Security, EDR
  • IT Strategy & Leadership
  • System Integrations & M&A
  • Enterprise IT Infrastructure Modernization Digital Transformations
  • IT Resiliency & Downtime Planning
  • Cloud Transformation & System Harmonization
  • Multi-Million Dollar CAPEX/OPEX Budget Oversight
  • Clinical Systems: Imprivata, EPIC Systems, Fairwarning, Cerner, Pyxis, Meditech, Epic MyChart, Epic CareLink, Radiant, Clarity, AllScripts
  • Retail Systems & Integrations: Toast Pos, Micros POS, Square, Clover, Lightspeed POS, Sprinklr, Resturant365, CrunchTime, DoorDash, OpenTable, Visa, Mastercard, AmericanExpress
  • Programming & Development Platforms: Powershell, Bash, Python, Java, C , React Framework
  • Database Platforms: MySQL, Postgres SQL
  • Operating Systems: Windows Server, Linux Server, Mac OS, Android, Apple iOS
  • Cloud Platforms: Amazon AWS, Microsoft Azure, Google Cloud Platform (GCP), Office 365
  • Virtualization: VMware, Hyper-V, Nutanix, Citrix, Remote Desktop/Terminal Services, Kubernetes, Docker
  • Infrastructure Tools: Active Directory, DNS, Microsoft Exchange, InfoBlox, Radius, Microsoft Intune, System Center
  • Backup & Disaster Recovery: Commvault, Veeam, Acronis, Zerto, Nakivo, Bacula
  • Networking Vendor Hardware Platforms: Fortinet, Palo Alto, Cisco, Juniper, Arista, Meraki, Sonicwall, Checkpoint, Ubiquiti (Firewalls, Routers, Switches, Wireless Access Points), Cato Networks
  • Networking Tools & Technology: SD-WAN, MPLS, 5G, 4G, LTE, Software-Defined-Networking, NSX, VPN, WAF, IDS
  • Identity Access Management: Sailpoint Identity, Ping Identity, Okta, Microsoft Entra ID, Azure Active Directory, Google Cloud Identity, Oracle Identity Manager, ForgeRock Identity Platform, AMDT
  • ISO Technologies & MFA Platforms: Microsoft Authenticator, Google Authenticator, Symantec VIP, Duo, OAuth, SAML, OpenID Connect
  • Privileged Access Management: BeyondTrust PAM, CyberArk, Delinea, Thycotic, Automation: SIEMPLIFY SOAR, Microsoft Power Automate, Jenkins, Ansible
  • Endpoint Security: CrowdStrike EDR, SentinelOne, CyberReason, McAfee Endpoint Security, Symantec Endpoint Security
  • Mobile Device Management: Airwatch, MobileIron, MaaS360
  • Security Technologies Tools: Kali Linux, CrowdStrike EDR, SIEM, Barracuda Email security, Cisco Ironport, ZIA, ZPA, ZDX, Qradar, Carbon Black, Zeek, Suricata, FireEye, Cylance, Microsoft Purview, ForcePoint DLP, Tripwire, Metasploit, NMAP, Alienvault, ArcSight, Nessus, OpenVas, Qualys, Websense, ExtraHop
  • Miscellaneous Technologies: Blockchain, Cryptocurrency, Artificial Intelligence (AI), DevSecOps

LANGUAGES

English | Spanish | Latin

PRIOR ROLES HELD

Director Information Security | Associate Director | vCIO | vCISO | CTO | CISO | System Administrator | Strategic Consultant | Consultant | Network Administrator | System Engineer | Security Engineer | GRC Analyst | IT Manager

TECHNOLOGY VENDOR & CONTRACT MANAGEMENT EXPERIENCE

  • Clinical Systems Vendors: Imprivata
  • Cloud Vendors: Microsoft, Amazon AWS, IBM Cloud, OVH Cloud, Google, Redhat
  • Co-location and Datacenter Vendors: Rackspace, QTS Datacenters, Switch Datacenters, CyrusOne, Equinix
  • Telecom Vendors: GTT Communications, Verizon, AT&T, Windstream Communications, NTT Data
  • Security Vendors: CrowdStrike, Zscaler, DarkTrace, IBM, TrendMicro, ProofPoint, Mimecast, Tenable, Rapid7, Sophos, RSA, Splunk, McAfee, Trellix, Akamai, Imperva, Broadcom Symantec, Qualys, OneTrust, Exabeam, LogRhythm, Netskope, Solarwinds
  • Off-Shore Resource & Augmented Staffing Vendors: Accenture, Infosys, mPhasis, TekSystems, Insight Global, Robert Half, Deloitte

Compliance Frameworks

NIST | HIPAA | PCI DSS | GDPR | CIS – Critical Security Controls | CCPA | ISO-27001 | FedRamp | HiTrust

KEY VALUE OFFERINGS

  • Hands-on Global IT Leadership: Offered visionary IT leadership for both large scale and international organizations in healthcare, insurance, pharmaceuticals, and a global restaurant retail chain spread over 30+ countries.
  • Led organizational efforts to securing the world’s largest cloud implementation of Epic.
  • Cost-efficiency Advancement: Successfully led multifunctional international teams in achieving streamlined cost efficiency and fortified departmental resources by restructuring multi-million-dollar CAPEX and OPEX budgets, with the largest budget managed reaching approximately 20-50 million USD.
  • End-to-end Legacy Modernization: Steered end-to-end modernization of the company’s legacy systems, orchestrating the cloud transformation using IaaS, PaaS, SaaS platforms including the implementation of the largest Epic cloud deployment.
  • Innovative & Transformational Technical Solutions: Drove implementation of innovative technical solutions, aligning with regulatory requirements and organizational needs.
  • Strategic Deployment Strategies: Championed multiple large-scale enterprise deployment strategies, encompassing on-premise, hybrid cloud and complete cloud solutions.
  • Stakeholder Relations & Risk Management: Fostered long-term relationships with key business and technology leadership stakeholders to implement and influence policy, develop roadmaps, execute strategy and manage digital risk for multiple organizations.

Timeline

IT Director (Cybersecurity | Infrastructure | Core Systems) - Mount Sinai Health System
10.2022 - Current
Director – Information Security - Yale University
07.2020 - 08.2022
Global Head, Infrastructure & Security (CISO) - Le Pain Quotidien
01.2016 - 07.2020
Principal IT Consultant & Leader (Infrastructure, Security, Compliance) - Jefferson University Health Systems | Temple University Health Systems | Children’s Hospital of Philadelphia CHOP | KPMG | Prudential Financial | United Nations | Moody’s Analytics | Wyeth & Pfizer Pharmaceuticals | Allstate Insurance | Pep Boys | Akin Gump LLP | TD Bank | GAF Manufacturing | 40 North Financial | Philadelphia Gas Works (PGW) | Penske Trucking | Allied Mortgage Group | EPA Environmental Protection Agency | Penn State University | Walmart (Jet.com)
01.1999 - 01.2016
Western Governors University - Master’s of Cybersecurity & Information Assurance,
University of Maine - Information Technology Bachelor’s,
CISSP - CISSP,

Similar Profiles

  • Cynthia John-OgamCynthia John-Ogam

    Registered Nurse- Operating Room at Mount Sinai Health System: The Mount Sinai HospitalRegistered Nurse- Operating Room at Mount Sinai Health System: The Mount Sinai Hospital

  • Osvaldo MezaOsvaldo Meza

    Revenue Cycle Reimbursement Analyst at Sinai Health System, Mount Sinai HospitalRevenue Cycle Reimbursement Analyst at Sinai Health System, Mount Sinai Hospital

  • Patrice LezamaPatrice Lezama

    Medical Assistant at Mount Sinai Health SystemMedical Assistant at Mount Sinai Health System

  • Nanziva SadiaNanziva Sadia

    Registered Nurse at Mount Sinai Health SystemRegistered Nurse at Mount Sinai Health System

  • Dibyendu GhoshDibyendu Ghosh

    Carbon Process Engineer at Aditya Birla GroupCarbon Process Engineer at Aditya Birla Group

CREATE PROFILE
O. ALEX BAXTER