Christopher Hetner
Deputy Chief Information Security Officer, Executive Band - GE Capital HQ
Katonah, NY
Senior Information Security Executive with over 15 years in-depth leadership, client relationship and technical experience in assessing, planning, engineering and implementing all aspects of information risk management for banking, financial services, and industrial firms worldwide. Highly skilled in business and technical aspects of information security, operational risk, vendor risk management, continuity of business, physical security, and
regulatory compliance.
Work Experience
Deputy Chief Information Security Officer, Executive Band
January 2010 to Present
Responsible for Information Security Governance, Program, Policy, Strategy, and Risk Management capabilities across GE Capital. Actively protects over $400 billion in assets that supports over 70,000 employees who operate in over 50 countries.
• Supervised a direct and extended team consisting of over 80 employees and oversee a budget of over $20 million dollars.
• Responsibility for the overall GE Capital enterprise IT security budget and organization implementation plan including security management, incident response and cyber intelligence, architecture and operations. Lead the design and implementation of enterprise wide information security governance, policy, metrics, regulatory engagement, and organization design.
Global Director of Business Information Security Operations, Senior Professional Band
July 2008 to January 2010
Manage information security operations, shared services, information risk management, and regulatory compliance for the GE Capital Americas, EMEA, Asia, Energy Finance, Aviation Services, and Commercial Real Estate business.
• Manage a global information security operations that supports computer forensics, incident response, audit/regulatory compliance, data loss prevention, supplier security, application security risk assessments,training and awareness, IT infrastructure risk assessments, corrective action planning and risk reporting to senior management.
• Supervised a team of 15 and managed a budget of over $5 million dollars.
• Successfully prepared for internal bank and external FDIC regulatory audits by implementing a wide range of standards, procedures, and risk management controls.
Senior Vice President Information Security
October 2003 to July 2008
New York, NY 10/2003-7/2008
Senior Vice President Information Security
Developed and managed information risk and regulatory compliance programs for the Institutional Client Groups 1000 plus global vendors who support the Capital Markets, Investment Banking, Transaction Services, Hedge Funds, Private Equity, Operations, and Technology units.
• Created a new department to perform information risk assessments, quality assurance reviews, audit/regulatory review preparation and corrective action planning and monitoring with frequent metrics reporting to senior management.
o Supervised a staff of seven direct reports, as well as matrix managed a global team, covering all global Institutional Client Group business units. Managed a budget of over $2 million dollars.
o Successfully prepared for internal audits and regulatory examinations with the Federal Reserve Bank and Office of the Comptroller of the Currency. All regulatory examinations aligned with the Federal Financial Institutions Examination Council (FFIEC) guidelines and were passed with a satisfactory rating resulting in a significant reduction in findings
o Managed responses to information security breaches, including root-cause analysis and creation of corrective action solutions.
• Played a vital role in enabling two key acquisitions of electronic trading companies worth $300 million. Performed due diligence and risk mitigation planning to ensure their security posture was aligned with Citigroups.
• Produced an annual savings of over $1.5 million by increasing the efficiency of the Corporate global vendor information risk assessment operation.
• Implemented security architecture solutions that enabled the Capital Markets and Banking division to outsource several business and technology support functions
Principal Security Consultant
January 2003 to October 2003
Responsible for the implementation of information security strategies and solutions for several Fortune 500 companies.
• Led a team that performed information security risk assessments and developed and implemented comprehensive plans to reduce clients information asset risk.
• Assisted companies to meet regulatory requirements and international security standards, including the Gramm-Leach-Bliley Act (GLBA) and ISO 17799.
Senior Security Engineer
February 2001 to January 2003
Led a team of systems engineers and solution architects responsible for designing, engineering, implementing and managing the information security infrastructure of Cervalis, a state-of-the-art data center in the tri-state area.
• Implemented security policies, procedures, and services that protected internal and client information assets. Achieved TruSecure Service Provider Infrastructure, Charter Member for Internet Security and SAS 70 certification. These enhanced security capabilities provided the company with a competitive advantage that was instrumental in closing nearly $10 million in revenue.
• Implemented all security engineering programs that supported virtual private networks, firewalls, forensics, business continuity planning, access control systems, network intrusion detection systems, host-based intrusion prevention systems, vulnerability testing systems, intrusion and log analysis, incident response and encryption technologies.
Technical Security Consultant
January 2000 to February 2001
Technical team leader for an extended network of sales, system engineers, project managers, and data center systems administrators. Responsible for defining and developing security strategies, technical architecture and system infrastructure plans for Fortune 1000 clients of Globix (an Internet data center, managed hosting, professional services company). Played a key role in closing 100 contracts with over 70 new customers, for nearly $25 million in revenue.
Director of eBusiness and Networking Solutions, Vice President of Project Development
October 1997 to January 2000
White Plains, NY 10/1997 - 1/2000
Director of eBusiness and Networking Solutions, Vice President of Project Development,
Systems Sales Engineer
Education
M.S. in Information Assurance
B.S. in Security Management
Skills
CISSP, CISM
Комментариев нет:
Отправить комментарий