Profiles search

Bill White

Innovator, evangelist & leader - Information Security at State Farm ®
Dallas, TX, United States

Details

Education: Associate of Arts and Sciences - AAS

Network Security Technology

Hinds Community College



Associate of Arts and Sciences - AAS

Information Systems Technology

Hinds Community College
Experience: 2023 : Present

State Farm

Senior Site Reliability Engineer

Leading Information Security teams in a transformation from siloed security practitioners to Information Security Unicorns. Mentoring and coaching teams in Agile Development and DevOps as they relate to Information Security processes. Leading the drive for automation in Information Security processes.

2020 :

State Farm ®

DevOps Revolutionary - Information Security

Collaborative design and delivery of information security control requirements in public cloud environments, including IaaS, PaaS, and SaaS utilizing Amazon Web Services (AWS) and Microsoft Azure/Office 365.

Design and delivery of control validation framework utilizing Python and native AWS services.

Led the evaluation and POC of multiple native AWS tools and 3rd party services related to security.

Led the evaluation of Microsoft Office 365 SecureScore

Design and delivery of Public Cloud Security Posture metrics (KPI/KRI)

2018 : 2020

State Farm ®

Public Cloud Architecture - Information Security

In collaboration with enablement teams, successfully designed IT security architectures and aspirational architectures based on risks and achievable outcomes in alignment with the NIST Cybersecurity Framework and compliance with various regulatory frameworks (PCI, HIPPA, GLBA, GDPR).

Lead a team to create the initial Enterprise Information Security Incident Response Plan.

Subject matter expert providing evidence of compliance to auditors and examiners.

Successful delivery of new and revised Policies, Standards, and Procedures related to Information Security.

2015 : 2018

State Farm ®

Architecture Team - Information Security

In collaboration with other business unit management, created or revise policies, procedures, security-centric strategies, and enterprise Information Security education & awareness.

Managed information security staff of 12 analysts.

Developed various Risk Metrics and Risk Assessment Reporting for presentation to senior management.

Led the project to update the banks’ Vendor Management program to comply with regulatory guidance and business goals.

Discussions and formal responses with regulators and auditors related to examination and audit findings.

Led RFP and oversight for all Penetration and Application testing engagements.

2013 : 2014

Trustmark National Bank

Vice President Information Security Risk Manager
Company: State Farm
Years of Experience: 36

Skills

Active Directory, Agile Methodologies, Amazon Web Services (AWS), Application Security, CISA, CISSP, Cloud Security, Coding Practices, Computer Forensics, Computer Security, CRISC, Cybersecurity, Design Standards, Emerging Trends, Enterprise Architecture, Enterprise Risk Management, Enterprise Security, Incident Response, Information Security, Information Security Management, Information Technology, IT Strategy, Leadership, Management, Network Security, NIST, Operating Systems, Performance Metrics, Presentation Skills, Privacy Compliance, Reporting Requirements, Risk Assessment, Risk Management, Security, Security Architecture Design, Security Audits, Security Awareness, Security Incident Response, Security Management, Security Operations, Security Risk, Servers, Software Development Life Cycle (SDLC), Strategic Communications, Strategic Leadership, Strategic Thinking, System Administration, Threat Modeling, Vulnerability Assessment, Windows Server, Disaster Recovery, Business Continuity, Data Center, Financial Risk, IT Management, Vulnerability Management, Firewalls, Citrix, Enterprise Risk, Networking, PCI DSS, Penetration Testing, Sarbanes-Oxley Act, Metasploit, Vendor Management, Vulnerability Scanning, IT Service Management, Information Assurance

About

Proven leadership and 35 years’ experience in IT and Information Security including; computer service, cyber security, data analytics, vendor management, audit, regulatory compliance, digital forensics and fraud investigations. Extensive experience leading information security in an enterprise environment. Ability to communicate complicated security concepts to technical and nontechnical employees. Candid and effective management style, skilled in developing and maintaining a “big picture” vision, cultivating excellent relationships, and communicating effectively across an organization.