Tim Craig
Orange Park,FL
Summary
Experienced Vice President and mentor of future leaders. Proven ability to “begin with the end in mind” to light the path for cross-functional teams to achieve strategic and tactical objectives.
Results focused leader driving successful results for highly complex organizations with a full array of products and services, locations and digital channels.
Strong understanding of managing IT risk with ability to leverage extensive technological background to interface and consult with multiple IT disciplines when leading and delivering security solutions.
Overview
20
20
years of professional experience
1
1
Certification
Work History
Vice President Information Security
VyStar Credit Union
Jacksonville, FL
10.2012 - Current
- Aligned under Chief Information Officer from the Chief Risk Officer to assist and promote implementing a risk intelligent culture, with strong collaborative relationships in Information Technology and across the organization.
- Twelve plus years of leadership and management experience.
- Fosters a culture of highly engaged and collaborative Team members. Highly invested in mentoring and developing an Information Security Team.
- Created an Information Security Program providing regulatory oversight and governance of day-to-day activities, monitoring and reporting for information security activities.
- Aligned Identity Access Management function under Information Security in 2018 developing and executing a comprehensive IAM strategy to ensure principle of privilege for access governance, oversight and provisioning for over 2,700+ employees and contractors.
- Transformed the IAM Team and helped to consolidate and convert to a SasS based solution for identity management for 150 applications and systems with focus on automation and zero trust principles.
- Designed and developed key IAM policies, procedures and processes to ensure compliance with applicable regulatory requirements, as well as implementing risk mitigation strategies and controls around identity governance.
- Aligned infrastructure security within Team and expanded Team to support in-house SIEM, vulnerability scanning and firewall management.
- Collaborated to established information security diligence and oversight processes for third-party risk management, cyber insurance, disaster recovery and physical security and monitoring.
- Provided and reported on an Annual Report of the Information Security Program to the Executive and Audit Committee.
- Prepares and completes annual information security plan and budget of $5+MM for oversight and governance of the Information Security Program and in support of information security infrastructure, training and monitoring activities.
Information Systems Security Officer
VyStar Credit Union
Jacksonville, FL
08.2004 - 10.2012
- Established the Information Security Officer role at VyStar and adopted the Center for Internet Security Critical Security Controls (CIS CSC) and National Institute of Standards and Technology (NIST) Cybersecurity Framework focused on information system security for in-house systems and processes as well as third-party providers.
- Created policies, procedures and processes aligned with the CIS CSC to ensure policy definition, control implementation, automation and reporting.
- Developed and delivered Information Security Awareness Training for new employees.
- Developed, delivered and reported on monthly Phishing Campaigns to all employees.
- Coordinated and performed vulnerability scanning of internal and external infrastructure and provided results to Information Technology Management for remediation action.
- Managed Third-Party Security Service Provider for management of firewall infrastructure, application and web proxy management changes.
- Managed Third-Party Security Service Provider for Security Incident Event Management (SIEM) alerting, monitoring and incident response.
Education
Bachelor of Science - Finance
West Virginia University
Skills
- Strategy Planning and Policy Development
- Identity Access Management (SSO, MFA, SAML, etc)
- Enterprise Risk Assessment, Mitigation and Governance
- NIST Cybersecurity Framework
- Cloud Technology and Governance (Azure)
- Operational Management
- Application Security
- Infrastructure Security
- Vulnerability Management
- Security Penetration and Assessments
- Security Awareness
- Agile Methodologies
- Disaster Recovery
- Sailpoint IDN
- ServiceNOW
Certification
- Certified Information Security Manager (CISM)
- GIAC - Security Leadership Certification (GSLC)
- GIAC - Critical Controls Certifications (GCCC)
Timeline
Vice President Information Security
VyStar Credit Union
10.2012 - Current
Information Systems Security Officer
VyStar Credit Union
08.2004 - 10.2012
Bachelor of Science - Finance
West Virginia University
Similar Profiles
Jeaneeka ChevalierJeaneeka Chevalier
Relationship Specialist at 121 Financial Credit Union/ Vystar Credit UnionRelationship Specialist at 121 Financial Credit Union/ Vystar Credit Union
Alana JonesAlana Jones
Audit Planning Summer Intern at VyStar Credit UnionAudit Planning Summer Intern at VyStar Credit Union
LISA SCULLEYLISA SCULLEY
Operatons Support Specialiset at Vystar Credit UnionOperatons Support Specialiset at Vystar Credit Union
Monica RhodenMonica Rhoden
Relationship Specialist at Vystar Credit UnionRelationship Specialist at Vystar Credit Union
Daniel RicheyDaniel Richey
Car Wash Attendant at Gate Express CarwashCar Wash Attendant at Gate Express Carwash