Patrick Bass
Fort Smith,AR
Summary
Cybersecurity Executive with 27 years of experience in managing investigations, personnel matters, and handling sensitive information and intelligence. Skilled in leading, maintaining, and improving security operations while effectively managing crises in fast-paced environments. Possesses thorough knowledge of advanced security systems, computerized access control, and security-related legislation and regulation. A persistent leader eager to grow organizations, adept in strategic planning, problem-solving, and communication. Demonstrates strong business principles, project management, and team leadership, with a collaborative and relentless work ethic.
Overview
27
27
years of professional experience
18
18
Certificate
Work History
Chief Information Security Officer
Company Confidential
05.2023 - Current
- Successfully completed organization's first SOC 2 Type II audit, achieving flawless report with no material defects, demonstrating strong information security and data protection practices.
- Developed resilient change management framework integrating DevOps processes with security best practices, leading to 25% reduction in system vulnerabilities.
- Enhanced incident response procedures, achieving 50% reduction in data breach repercussions by quickly identifying and containing breaches.
- Recruited top-tier talent leading to 40% expansion of cybersecurity team, reinforcing measures for protecting organizational data from potential cyber-attacks.
- Devised and executed efficient security strategies leading to 30% decrease in annual cybersecurity costs, maintaining robust protection against cyber threats.
- Established and executed comprehensive Disaster Recovery (DR) and Business Continuity Plan (BCP), resulting in 99% increase in organizational preparedness during crisis situations.
- Established and enforced mandatory security architecture reviews for all new projects, reducing implementation costs and correcting shadow-IT implementations.
- Led project to enable privilege account management (PAM) solution within AWS and GCP, resulting in 40% reduction in unauthorized access incidents.
- Conducted extensive assessment of cloud security and access management within AWS and GCP, enhancing security protocols and resulting in 30% increase in overall system integrity.
- Collaborated with engineering teams to implement just-in-time (JIT) role-based ephemeral access within AWS and GCP, resulting in 25% decrease in potential vulnerabilities.
- Developed and implemented comprehensive cybersecurity awareness and training program, ensuring regular quarterly training for all employees.
- Achieved 99.5% completion rate for all assigned training modules, resulting in increased capability and maturity of staff.
- Collaborated with cross-functional teams to deliver customized security training modules based on evolving threat landscapes, directly impacting employee readiness against emerging cyber threats.
- Led simulated phishing attacks to assess effectiveness of internal cybersecurity awareness programs, resulting in 80% reduction in security incidents.
- Implemented sophisticated phishing detection and alerting system, decreasing successful phishing attacks by 30%.
- Directed security services and safety functions to align key processes with goals and objectives of organization and regulatory compliance.
Instructor
Western Governors University
02.2023 - Current
- Formulated comprehensive cyber defense curriculum covering network security, ethical hacking, and cryptography, receiving average reviews of 9/10 from students.
- Mentored over 400 students, increasing engagement and certification performance by 30%. Led team to update course materials, aligning with industry standards.
- Presented insights on emerging cyber threats at national events, enhancing information security community.
- Developed data tracking initiatives to improve instructional strategies, boosting course completion rates by 20%.
Principal Consultant
Conformance Cybersecurity
04.2014 - 10.2022
- Formulated highly effective mitigation strategies that led to average 40% reduction in identified vulnerabilities, bolstering organizational resilience against cyber threats.
- Created and managed cyber education platform for 10,000 staff members using Moodle, enabled training for 100s of companies across United States.
- Managed execution of over 200 intricate penetration tests and vulnerability assessments for different networks and payment systems, guaranteeing strong cyber security measures and safeguarding critical assets.
- Developed and implemented 50+ information security policies and procedures that meet industry standards and business goals for secure and compliant environments.
- Led development of 30 comprehensive information security programs, conducting thorough risk assessments and vulnerability analyses to fortify organizational cybersecurity posture.
- Developed and implemented customized information security policies and procedures for 75 clients, ensuring adherence to diverse security frameworks and unique organizational requirements.
- Led team in conducting over 200 forensic investigations of cybersecurity attacks, including performing penetration testing and vulnerability scanning, while actively engaging in red team/blue team operations.
- Led development and implementation of robust security architecture for clients, resulting in 40% increase in overall data security posture.
- Directed execution of over 5000 comprehensive risk and vulnerability assessments for global clients, providing advanced insights and driving security enhancements.
- Led and executed over 200 PCI DSS, HIPAA, NIST, GLBA, FISMA, and other security audits to assess compliance with industry standards and regulatory requirements.
- Executed PCI DSS compliance measures, resulting in 25% reduction in credit card security incidents across organization.
- Implemented robust incident response plan resulting in reducing mean time to detect security incidents by 30% and minimizing potential financial data exposure.
- Led and supervised technical analysis of IT infrastructure, network architecture, software development processes, and code reviews for global clients across various industries, ensuring highest levels of security, reliability, and compliance.
Director of Security (CISO)
Vulcan, Inc
06.2014 - 12.2015
- Directed and executed information security operations for Vulcan, ensuring cybersecurity leadership across multiple ventures under Paul Allen's organization, resulted in cohesive strategic vision for entire portfolio.
- Led design and implementation of comprehensive enterprise-wide cybersecurity program at Vulcan, Inc., safeguarding information assets and technologies with 99% effectiveness.
- Developed and implemented comprehensive information security program for Vulcan, Inc., resulting in 30% decrease in security concerns and incidents.
- Implemented comprehensive information security program, defining and monitoring key performance indicators (KPIs) and success metrics to measure efficiency and effectiveness of security controls.
- Led development and implementation of comprehensive cybersecurity programs, resulting in 30% decrease in security incidents within first year.
- Implemented robust cybersecurity strategy that reduced organization's vulnerability to cyber threats by 40% within first year, aligning with industry best practices and regulatory requirements.
Adjunct Professor
Southern New Hampshire University
04.2014 - 08.2015
- Taught cybersecurity courses, providing instruction to up to 500 graduate students resulting in 99.8% graduation rate.
- Graded quizzes, tests, homework, and projects to provide students with timely academic progress information and feedback.
- Boosted class participation rates to nearly 100% by fostering positive and collaborative learning environment.
- Strengthened critical thinking skills in students through incorporation of problem-based learning activities.
Information Security Officer (CISO)
Element Payment Services
02.2011 - 06.2014
- Led development and implementation of comprehensive cybersecurity program, resulting in 40% reduction in cyber threats and 25% improvement in incident response time.
- Directed comprehensive cybersecurity program, leading team of 15 in implementing security measures and protocols to safeguard company data and systems, resulting in 25% reduction in cyber threats.
- Implemented comprehensive set of key performance indicators (KPIs) and metrics for organization's cybersecurity program, resulting in 30% increase in threat detection efficiency over first year.
- Established and enforced proactive measures that led to 25% decrease in cybersecurity incidents within first year of implementation.
- Led development and implementation of comprehensive information security program, aligning with PCI-DSS and other compliance mandates, resulting in 20% increase in overall system security posture.
Education
Bachelor of Science in Cloud Computing -
WGU
Salt Lake City, UT11.2024
Doctor of Business Administration - ABD Status
NCU
Prescott Valley, AZ06.2014
Master of Science in Information Security and Assurance -
WGU
Salt Lake City, UT06.2012
MBA in Management & Strategy -
WGU
Salt Lake City, UT05.2008
Bachelor of Science in Computer Security -
WGU
Salt Lake City, UT03.2006
Skills
- Vulnerability Assessment
- Threat Intelligence Analysis
- Mobile Device Security
- Disaster Recovery Strategies
- Intrusion Detection Systems
- Security Awareness Training
- Cloud Security Management
- Regulatory Compliance Knowledge
- Security Architecture Design
- Incident Response Planning
- Data Privacy Compliance
- Vendor Risk Management
- Penetration Testing
- Network Security Implementation
- Secure Software Development
- Application Security Oversight
- Security Policy Creation
- IoT Security Management
- Physical Security Integration
- Cybersecurity Strategy Development
- Information Governance
- Compliance Management
- Application security
- Incident Response
- Network Security
- Patch management
- Intrusion Detection
- Disaster Recovery Planning
- Risk Assessment
- Developing security plans
- Security Needs Assessment
- Data Security
- Data Encryption
- Disaster Recovery
- Identity and Access Management
- Team Leadership
- Verbal and written communication
- Complex Problem-Solving
- Staff Training and Development
- Staff Management
- Strategic Planning
- Operations Management
- Project Management
- Cross-Functional Teamwork
- Digital Transformation
- Data Analytics
- IT Governance
Websites
Certification
- Certified Information Systems Security Professional (CISSP), #22819, (ISC)2, 02/01/25
- Information Systems Security Architecture Professional (ISSAP), #22819, (ISC)2, 02/01/25
- Information Systems Security Management Professional (ISSMP), #22819, (ISC)2, 08/01/26
- Certified in the Governance of Enterprise IT (CGEIT), #CGEIT-0800152, ISACA, 01/01/27
- Certified Information Systems Auditor (CISA), #CISA-0541231, ISACA, 01/01/27
- GIAC Certified G2700 Professional
- Certified Ethical Hacker (CEH)
- Certified Hacking Forensic Investigator (CHFI)
- Payment Card Industry Qualified Security Assessor (QSA)
- Payment Card Industry Professional (PCI-P)
- CompTIA A+
- CompTIA Security+
- CompTIA Network+
- Microsoft Certified Systems Engineer (MCSE)
- Cisco Certified Entry Networking Technician
- Cisco Certified Network Professional Security Specialist
- Cisco Certified Network Associate
- Cisco Certified Design Professional
Languages
Python
PERL
Quote
Reputation is what people THINK you will do. Character is what you will ACTUALLY do.
Patrick Bass
Timeline
Chief Information Security Officer
Company Confidential
05.2023 - Current
Instructor
Western Governors University
02.2023 - Current
Director of Security (CISO)
Vulcan, Inc
06.2014 - 12.2015
Principal Consultant
Conformance Cybersecurity
04.2014 - 10.2022
Adjunct Professor
Southern New Hampshire University
04.2014 - 08.2015
Information Security Officer (CISO)
Element Payment Services
02.2011 - 06.2014
Bachelor of Science in Cloud Computing -
WGU
Doctor of Business Administration - ABD Status
NCU
Master of Science in Information Security and Assurance -
WGU
MBA in Management & Strategy -
WGU
Bachelor of Science in Computer Security -
WGU
- Certified Information Systems Security Professional (CISSP), #22819, (ISC)2, 02/01/25
- Information Systems Security Architecture Professional (ISSAP), #22819, (ISC)2, 02/01/25
- Information Systems Security Management Professional (ISSMP), #22819, (ISC)2, 08/01/26
- Certified in the Governance of Enterprise IT (CGEIT), #CGEIT-0800152, ISACA, 01/01/27
- Certified Information Systems Auditor (CISA), #CISA-0541231, ISACA, 01/01/27
- GIAC Certified G2700 Professional
- Certified Ethical Hacker (CEH)
- Certified Hacking Forensic Investigator (CHFI)
- Payment Card Industry Qualified Security Assessor (QSA)
- CompTIA A+
- CompTIA Security+
- CompTIA Network+
- Microsoft Certified Systems Engineer (MCSE)
- Cisco Certified Entry Networking Technician
- Cisco Certified Network Professional Security Specialist
- Cisco Certified Network Associate
- Cisco Certified Design Professional
Availability
Open to Remote
Volunteer Experience
Vice Chief, Tripanick-Nansemond Family Indian Nation, 03/21 - 6/24
Availability
Open to Remote
Volunteer Experience
Vice Chief, Tripanick-Nansemond Family Indian Nation, 03/21 - 06/2024
Similar Profiles
Patrícia DuartePatrícia Duarte
Intern at Company ConfidentialIntern at Company Confidential
Huanda SilvaHuanda Silva
Administrative/Clinical Crossed Trained, RDA at Company confidentialAdministrative/Clinical Crossed Trained, RDA at Company confidential
Elizabeth SchroederElizabeth Schroeder
Director of Nursing at Company ConfidentialDirector of Nursing at Company Confidential