Summary
Overview
Work History
Education
Skills
Certification
Volunteer Experience
Publications Presentations
References
Timeline
Generic

Steven Brunasso

Litchfield Park,AZ

Summary

Dynamic technology leader with extensive experience across industries, driving strategic planning, and effective project management required improvements. Proven track record in budget management and vendor management, achieving a 42% reduction in operational costs. Adept at mentoring teams and fostering innovation, ensuring robust IT infrastructure, and enhanced organizational performance.

Overview

33
33
years of professional experience
1
1
Certification

Work History

CTO

West-Point.org
Austin, TX
05.2021 - Current
  • Briefed executive team on technology risks and recommended methods to remedy problems.
  • Migrate to the Cloud (AWS, GCP) platform, supporting about 35,000 users and graduates back to 1938 of the USMA at West Point.
  • Oversaw the development and implementation of IT infrastructure projects, which increased performance and reliability.
  • Directed cybersecurity efforts to protect sensitive organizational data.
  • Led technology strategy and innovation initiatives for organizational growth.
  • Mentored IT staff, fostering professional development and skill enhancement.
  • Managed vendor relationships to ensure optimal service delivery and support.

Founder - CTO

TecnoSenior
Porto Alegre, Brasil
06.2009 - Current
  • Founded a tech company to use modern technology improvements in the lives of seniors.
  • Designed and managed the development of an open-source platform for internet-based Personal Emergency Response Systems (PERS).
  • Recruited, trained, and led the engineering and support team.
  • Limited daily involvement as we position company for EU market.

Deputy CIO

Arizona Department of Corrections, Rehabilitation & Reentry
Phoenix, AZ
10.2023 - 04.2024
  • Responsible for the internal daily operations of the IT department (approximately 65 staff, $16M budget). In alignment with the strategic direction of the CIO and the initiatives of the Director, transform IT into a professional service to modernize the Agency.
  • Develop a gap analysis of the IT organization during the first 120 days to develop strategic plan.
  • Focus IT direction to build competence, trust and teamwork that empower staff to serve the agency.
  • Oversee statewide voice and data contract for vendor network program. (10,000+ employees, 5,000+ devices, 10+ locations, $7M+ annually)
  • Develop cyber security program to ensure data security to Federal and State standards.
  • Modernize the internal dev team for agile development with DevOps Stack of JIRA, Git, and Jenkins.
  • Govern the project management organization with a portfolio of 30+ projects ($58M).

CIO

Town of Paradise Valley
Paradise Valley, AZ
02.2018 - 05.2021
  • Develop and implement short- and long-range strategic plans for technology to lower costs and improve reliability.
  • Recruit, manage, and develop the IT staff to create an coherent team. Addressed underperforming team members with coaching.
  • Prepare and manage IT budget; develop peer department sub-budgets together to ensure lowest total lifecycle costs for ongoing operations.
  • Develop policies, standards, and procedures to ensure reliable and repeatable operations.
  • Updated technology portfolio from outdated IT platforms to Fortune 500 class systems while reducing ongoing operations expenses to previous 2013 budget levels. (-42% annual spend)
  • Example projects completed in the past 40 months with a small team: Routed Network, Campus Wi-Fi, Redundant Internet, Standardized Police Unit technology, ACJIS Cyber Security Improvements, 2-Factor for remote access, VMWare hybrid cloud, 2 version upgrades of the PD CAD system, rebuild of GIS capabilities for the latest CAD system, and technical support for the move to NIBRS.
  • All town staff moved to O365, Civic Board Members and Commissioners moved to iPads, Zoom rooms, 65% capable of remote work for COVID-19, and new workstations with a 5-year lifecycle to cut annual operations expenses with planned costs.

Manager – Operations Technology (Security Systems + Infrastructure)

City of Burbank
Burbank, CA
06.2014 - 07.2017
  • Developed a 5-year strategic plan to map system operations, project implementations, and regulatory requirements to ensure compliance without impacting operational reliability.
  • Managed the annual budget for operations, capital projects, and labor resources to execute the strategic plan for our BU 300-user + 50k utility customers.
  • Started a Systems Engineering approach for all city IT infrastructure to increase reliability, customer service, agility, and reduce annual operating costs by 14%.
  • Manage and develop approximately eight IT and Security staff to provide great customer service that could execute the tactical projects outlined in the developed strategic five-year plan.
  • Redesign control systems for potable water operations, electrical operations, corporate network, VoIP network and city ISP network to eliminate single points of failure and reduce operating costs. Hybrid network provides OpenFlow SDN capability for future growth. Compliant with all National Energy Reliability Corporation NERC federal standards.
  • Reconfigured city technology systems to use two redundant data centers as virtualized infrastructures within the city with private cloud services for disaster recovery
  • Utilized Amazon Web Services for additional on-demand capacity and future growth of data analytic services as needed, reducing capital expenditures.
  • Unified data architecture for operations and financials to provide access for city staff via staff's preferred tool (i.e., ESRI, OSI PI, Excel, SQL, SharePoint, Oracle ERP).
  • The proposed citywide Wi-Fi solution was presented and won approval from the city council for all citizens of Burbank. There are over 400 access points across the city to provide basic Internet services. Utilized existing assets for the public good with less than a 5% increase in operational expenses.
  • Managed multiple city projects with vendors to build and support a new Motorola P25 radio system backbone with Glendale, Burbank, and Santa Monica PD/Fire. Provided a mission-critical solution for 70 public safety agencies.

Manager – Security Systems

City of Burbank
Burbank, CA
11.2011 - 06.2014
  • Program manager to build a strategic security program protecting critical cyber operations.
  • Presented to the Corporate Board and City Council for visibility and approval.
  • Managed individual projects to upgrade physical and logical security controls across the city with internal, unionized, non-union staff, and external vendors.

Auditor

UCLA Health System
Los Angeles, CA
06.2010 - 11.2011
  • Monitor, review and consult on technology programs across the UCLA Health System (4 Hospitals, 200 clinics, 34k staff)
  • Provided management assurance and internal consulting on IT operations, federal standards, and cybersecurity.
  • Security and Privacy consulting guiding implementation of EPIC EMR systems
  • Ensured compliance with HIPPA, FISMA (NIST), Federal, State and Local regulations for any technology platform within UCLA Health System

Manager – Information Security Division

Southern California Edison
Rosemead, CA
01.2007 - 09.2009
  • Developed and implemented an enterprise security program based on NIST, ISO 27001, and COBIT.
  • I wrote the General Rate Case justification for the State of California, presented it, and won approval to develop a $27 million strategic program over five years, covering 15 million people and a 50,000 square-mile service territory.
  • Manage approximately 20 technical staff and the project management team to ensure high-quality systems that are compliant and secure.
  • Govern the SOX IT security program, including the quarterly certification of key controls.
  • Developed information security core processes for SAP ERP across the company and key departments of Customer Service, Enterprise Security, Power Transmission, and Power Procurement.
  • Ensure secure practices for remote development partners, Infosys, Covansys, and Patni.
  • Established security criteria for the AMI program and new AA 500 kV substations to meet NERC CIP.
  • Staff developed Nuclear Energy Institute Standard 404 for cyber security of SONGS nuclear power station. Component of nuclear safeguards program.
  • Develop enterprise architecture, simplifying app development and operations.
  • Developed staff skills through a mentoring program across departments.

Security Engineer

Gemstar / TV Guide
Hollywood, CA
11.2005 - 12.2006
  • Developed an enterprise security program for the CISO.
  • Deployed intrusion detection and network intelligence SIEM to ensure security posture.

Security Analyst

Bank of the West
Monterey Park, CA
04.2005 - 11.2005
  • Lead security analyst for 60B bank. Managed projects including systems integration of acquired 12B Bank (220 sites and 2 data centers) into our nationwide network across 3 states.
  • Deployed Protego SIEM to provide visibility in 750+ remote branches and 3 data centers across the United States (~2000 cisco devices and key servers)

Managing Director

ComputerEase, Etere Inc.
Brea, CA
01.1993 - 01.2005
  • Founded and managed a Microsoft Certified Solution Provider Consulting firm. Developed cost-effective technology solutions for clients in Greater Los Angeles.
  • Oversaw budget management, ensuring financial sustainability and resource allocation.

Education

Master of Business Administration (MBA) -

University of California - Los Angeles
Los Angeles
01.2008

Master of Business Administration (MBA) -

National University of Singapore
Singapore
01.2007

Bachelor of Arts - Business Administration

Concordia University
Irvine, CA
01.2003

Skills

  • Strategic planning
  • Effective communication
  • Business administration
  • Budgeting, Vendor management
  • Systems Engineering
  • Cybersecurity expertise
  • Project management
  • Agile development
  • Technology innovation
  • Mentoring staff
  • Internet of things
  • New product introductions

Certification

  • Certified Information Systems Security Professional (CISSP), #66721, 05/01/05, Inactive
  • Certified Information Systems Auditor (CISA), #284893, 06/01/05, Inactive
  • Certified Information Security Manager (CISM), #1630555, 12/01/10, Inactive
  • FCC License: Amateur Radio – General Class, KD6YQH
  • US Passport
  • Italian Passport – EU Work Authorization

Volunteer Experience

  • Litchfield Park, AZ, Boy Scouts of America, Committee Member Troop 90
  • Grand Canyon Council, International Scouting, Committee Member
  • Sons of American Legion, Squadron 145, Adjutant
  • Avondale, AZ, St. John Paul II Catholic High School, Advisory Board Member, 2022-

Publications Presentations

  • Aurora Vulnerability Testing Update, Brunasso, S., Huber, D., 10/28/15, Security Week ICS Conference, Atlanta, Georgia
  • ICS IT vs. OT: Differences and Why You Should Care, Brunasso, S., Seifert, G., 10/26/15, Security Week ICS Conference, Atlanta, Georgia
  • Advanced Control Network design and deployment for visible operations and cyber security assurance with software defined networks, Brunasso, S., 09/30/15, Industrial Control Cyber Security Europe 2015, London, England
  • Aurora Hardware Mitigation: Utility Test Bed Status and Results to Date, Brunasso, S., Stebbins, J., 10/22/14, ICS Cyber Security Conference, Atlanta, Georgia
  • Modern SCADA and Control Systems Security, Brunasso, S., 03/11/14, European Smart Grid Cyber and SCADA Security Conference, London, England
  • Utilities Need Test Bed to Evaluate Legacy Industrial Control System Cybersecurity Technologies, Brunasso, S., Weiss, J, 06/10/13, POWERGRID International
  • Case Study: Systems Engineering: A Practical Approach to Improving Reliability and Security in a Typical Utility, Brunasso, S., 03/11/13, European Smart Grid Cyber and SCADA Security, London, England
  • Securing Legacy Industrial Control Systems – Real World Case Studies, Brunasso, S., 10/01/12, ICS Cyber Security Conference, Norfolk, Virginia
  • Securing the Real World – Challenges of Industrial Control System Security, Brunasso, S., 03/01/09, Information Systems Audit and Control Association Spring Conference, Los Angles, California
  • Protecting Critical Infrastructure – An Overview, Brunasso, S., 05/01/08, FBI InfraGard Cyber Attack Detection and Response Exercise, Joint Regional Intelligence Center (JRIC), Norwalk, California

References

References available upon request.

Timeline

Deputy CIO

Arizona Department of Corrections, Rehabilitation & Reentry
10.2023 - 04.2024

CTO

West-Point.org
05.2021 - Current

CIO

Town of Paradise Valley
02.2018 - 05.2021

Manager – Operations Technology (Security Systems + Infrastructure)

City of Burbank
06.2014 - 07.2017

Manager – Security Systems

City of Burbank
11.2011 - 06.2014

Auditor

UCLA Health System
06.2010 - 11.2011

Founder - CTO

TecnoSenior
06.2009 - Current

Manager – Information Security Division

Southern California Edison
01.2007 - 09.2009

Security Engineer

Gemstar / TV Guide
11.2005 - 12.2006

Security Analyst

Bank of the West
04.2005 - 11.2005

Managing Director

ComputerEase, Etere Inc.
01.1993 - 01.2005

Master of Business Administration (MBA) -

University of California - Los Angeles

Master of Business Administration (MBA) -

National University of Singapore

Bachelor of Arts - Business Administration

Concordia University