Bruce Roton
Details
• Created all company security policies for ISO27001 compliance.
• Initiated, led, and managed the successful audit and certification for ISO27001 compliance, and achieved Certification of 6 business entities in 6 globally distributed locations in 6 months.
• Initiated, led, and managed the successful SOC2 audit for the organization.
• Developed, implemented, and manage the Security and Compliance training program.
• Initiated and led SOC2 compliance audit.
• Developed industry leading Risk Management methodology and Risk Metrics.
• Performed leading role in Customer Trust Management.
• Implemented Common Controls Framework system for audit and compliance management.
• Developed and managed internal audit and compliance program.
• Managed and approved all contracts and legal agreements regarding security and privacy.
2022 : Present
CyberProof
Chief Trust Officer (Chief Information Security Officer)
• Leading the Office of Innovation
• Designed and built the CyberProof Use Case Factory (a matrixed cross functional organization of over 50 individuals). This included development of all processes, organizational structure, role and responsibility definitions, and methodology. The Use Case Factory Methodology and Process structure has won several awards :
o https : //cybersecurity-excellence-awards.com/candidates/use-case-factory-offers-continuous-improvement-and-optimization-of-cyber-security-readiness-and-reduces-risk/
o CyberProof’s Use Case Factory was recognized in the Black Unicorn Awards for 2021 in the category of “Top 10 Baby Black Unicorns”. https : //hubs.ly/H0TWVBW0
https : //cybersecurity-excellence-awards.com/candidates/use-case-factory-offers-continuous-improvement-and-optimization-of-cyber-security-readiness-and-reduces-risk/
• Developed CyberProof’s market unique Cyber Risk Management Methodology and Scenario Management Workshop. I then linked this to the MITRE framework for Use Case Management.
• Responsible for partner program and partner contract management and onboarding. Successfully created 4 new partnerships in 4 months with negotiated MSAs.
• Assisted marketing and sales with collateral material, monthly security webinars, and direct sales support.
• Developed and lead the creation of the CyberProof Fraud Intelligence Service.
2020 : 2022
CyberProof
VP Security Strategy
• Responsible for building the Customer Success Practice and defining the CSM Charter
• Developed Service Definition, and Strategic Vision for MSSP/MDR practice
• Developed Customer Journey vision and Customer Value Workshops for service on-boarding.
• Lead onboarding process refinement.
• Development of CX/CS programs for 100% customer retention
2019 : 2020
CyberProof
VP / Global Head of Customer Success
As Founder and director of the Level 3 Security Services Practice, I led the service design, engineering, sales, and marketing teams.
2012 : 2019
Level 3, now CenturyLink
Sr Director of Security Solutions Architecture
Security Solutions Architecture :
Management of a Sales Engineering team supporting west and midwest states
Security solutions consulting to executive level management (Policies, Strategic planning Technical advisor)
Security architecture design
Compliance management consulting
Security and internal controls audit and assessment consulting
Incident Response and Forensics consulting
Information Security Governance and Program Management consulting
2009 : 2012
Verizon Business
Manager of Security Systems Engineering
About
While my field of specialization is Information Security and Risk Management, I bring a rich history and broad range of experience to the table that enables me to provide insight across the entire organization. I have over 20 years of experience in Security Systems Design, Governance/Risk/Compliance, and Security Management. I’ve have held positions as an Engineer, Consultant, Solutions Director, Service Director, and VP of Security Strategy. In those roles I’ve created and led security practice organizations generating exponential value growth within my company while radically reducing cyber risk exposure for my customers. This included the design, sales and operations of security services, as well as the research and development of advanced Threat Intelligence and Integrated Cyber Defense Systems. I further envisioned, developed, and managed the CyberProof Use Case Factory to develop over 1500 Security Use Cases in a 20-month period for a wide range of customers. I’ve also been a leader in Cloud Migration strategy and have developed/managed several successful Data Science projects. Over the past 20 years, I’ve designed and built SOC organizations, Security Service Offerings (such as Security Monitoring, VM, and DDoS Mitigation), as well as professional services teams for a variety of services (Pen Testing, Forensics, Architecture Design, and Risk Management). I maintain certifications in Information Security, Information Privacy, Security Management, Threat Analysis, and Risk Management.
Trust: Trust is the foremost factor that turns a prospect into a customer, and turns a onetime customer into a lifetime customer. Trust is a top consideration driving companies to form business partnerships. And Trust is a leading factor in a company’s ability to attract and retain top talent. Trust is fundamental to any business venture, and the Trust of customers, partners, and employees to protect and secure their private and sensitive data is of paramount importance.
Core Areas of Experience and Expertise:
• Security Policy Management
• Strategic Planning
• Risk Management
• Information Security Governance
• Security Operations design and management
• Partner Management (Legal and Contract Management)
• Compliance Management (NIST, SOC2, ISO270xx, PCI, and HIPAA)
• Information Security Design and Implementation
• Executive Consulting, CISO Advisory, Virtual CISO
• Zero Trust Design and Program Management
Profile Photo
