Scott Mackelprang
Chief Security Officer, Senior Vice President
Cincinnati, OH
• Created security programs for 2 highly successful firms that were taken public, experienced year over year double digit growth and became dominant players in their industry
• Oversaw security of 3rd largest payment processor in U.S.
• Oversaw security of 10% of the nations Internet banking services for 11 years
• Oversaw security of $15 billion multi-national manufacturing conglomerate
• Fifteen years of executive management experience in information security, IT risk management, security product management and IT architecture
• Eleven years experience in managing software development
• Twenty years of annual operating budget oversight ranging between $3M to $15M
Work Experience
Chief Security Officer, Senior Vice President
April 2010 to September 2012
Vantiv is the 3rd largest payment processor in the United States, executing over 13 billion credit card, debit card, gift card and mobile transactions annually. As a payment processor, Vantiv is one of the most heavily attacked companies in the world. Created Vantivs security program from the ground up and managed it through the companys IPO until Fall 2012. Oversaw physical security, information security and IT governance, risk and compliance. Managed annual budget of ~$6M and created security team of approximately 40 people.
• Hired a new security team and implemented all new security infrastructure and processes in accelerated time frame
• Oversaw security of companys HQ relocation to different city, the creation of new networks and systems, company name change, rapid growth, IPO
• Oversaw creation of physical security program across companys data centers, secure manufacturing sites, headquarters and distributed offices
• Established a mature security monitoring and incident response team
• Established secure software development function for product teams
• Established IT Governance, Risk and Compliance function and integrated IT risk into the enterprise risk governance function
• Implemented enterprise-wide identity and access management technologies and governance processes
• Established security controls to support virtualization of 80% of data center
• Oversaw companys disaster recovery and business resumption functions
• Oversaw companys IT Change Management function
• Oversaw security due diligence of multiple company acquisitions
• Ensured compliance with FFIEC, PCI, SSAE16, SOX, customer standards
Vice President of Security
May 1999 to April 2010
Digital Insight was one of the largest providers of outsourced software-as-a-service online banking and financial services providers in the United States for over ten years, with over 1800 financial institution customers nationwide and 9 million active end users Established the security team, processes and infrastructure and managed them from pre-IPO days, through 7 years of rapid company growth, during the companys sale to Intuit and for 3 years after the sale. Company was under heavy cyber attack from across the globe throughout my tenure.
• Created security program and team from the beginning of the company and managed it for first its 11 years without a breach
• Established all security infrastructure and processes for the company: IDS, IPS, host integrity monitoring, data leak protection, firewalls, security information and event management (SIEM), identity and access mgmt, strong authentication, etc
• Established security monitoring and incident management capabilities
• Established secure software development capability for high risk Internet-facing financial applications such as wires, bill payment, ACH, etc.
• Oversaw security compliance to successfully support ten years of audit oversight by OTS, FDIC, OCC and Federal Reserve Bank
• Managed security through initial SOX audit and certified products for initial PCI compliance
• Successfully integrated 5 acquired companies over a 6 year time frame
• Maintained 99.995% monthly up-time average for a large enterprise security infrastructure on 7 X 24 X 365 basis
• Set security strategy for companys online financial services products
• Established vendor oversight program governing security and compliance
• Managed companys Q/A and Configuration Management for 2 years
• Established and ran the disaster recovery function for 5 years
• Oversaw annual budget of ~$7M
Chief Information Security Officer
June 1996 to May 1999
Oversaw information security of Rockwell Internationals global enterprise (# 27 on Fortune 500 list in 1990s). Company had $15 billion in revenue from diverse product lines supported by ~100,000 employees throughout the world. Established security policy and enforced security and compliance standards across the enterprise.
• Established and chaired corporate security governance body for enterprise
• Instituted business unit information security assessments and risk remediation programs for the enterprise
• Drove redesign of global corporate network security architecture to accommodate restructuring and business unit e-commerce initiatives
• Oversaw all the companys Business unit Security Officers
• Revamped disaster recovery and business continuity strategies to realize improved effectiveness and efficiency
Manager, Software Development
February 1994 to June 1996
Supported design and data management applications on mainframes, Unix systems and PCs for a $1B rocket propulsion business. Launched businesss first Internet web site and established web site content control and configuration management mechanisms. Achieved significant year over year savings through outsourcing multiple legacy mainframe applications. Oversaw staff of 25 developers
Manager
October 1991 to February 1994
Architected and managed the establishment of a computing infrastructure for Rockwells three primary aerospace businesses. Managed cross discipline team and project finances from conceptual design through implementation. The successful $14M 3 year project established Rockwell aerospaces computer automation framework
Manager, Software and Support
June 1985 to October 1991
Managed software development, system and LAN operations in data centers spanning five campuses in four cities for $1B business. Deployed and maintained computing infrastructure for the design of Space Station power system ($1.6 billion contract). Oversaw staff of 30 and annual operating budget of $15M
Systems Analyst and Lead Systems Analyst
June 1981 to June 1985
and General Electric, Daytona Beach FL
Education
Master of Science in Computer Aided Manufacturing
Bachelor of Science in Design and Computer Graphics
Skills
CISSP, Information Security, Online financial services, e-commerce, Internet security
Комментариев нет:
Отправить комментарий