Cary Polk
Details
Cyber/Computer Forensics and Counterterrorism
American College of Forensic Examiners Institute
2005
European History
Jefferson Community College
1995 : 1997
Sonic Healthcare
Sr. Manager Information Security
2019 : 2022
HealthTronics, Inc.
Manager, Information Security
2017 : 2018
Q2ebanking
Sr. Security Engineer
Manage Information Security Engineering, Architecture, Application Security, Operations and IAM groups
Brief Senior Executives on status of Information Security Program
Establish review and engineering requirements for Global IPS refresh and consolidation
National and International Incident Response providing response in IPS expertise and verification of incident based on evidence of anomalous activity
Corporate Policy Review Committee
Led the certification efforts for ISO-27001 and PCI-DSS Level One audits and certifications
Led the audit responses for GLBA, SOC, and SOX audit responses
Established comprehensive patch and system auditing program
Implemented cross training for all Information security positions
Establish Information Security Employee Retention efforts
Provide reporting metrics to senior leadership concerning Information Security
Created, updated, reviewed and maintained Information Security Policies
Oversaw security due diligence of vendors program
2016 : 2017
TSYS
Director of Information Security
Build and Manage Security Operations Center
Implemented SourceFire (CISCO) Intrusion Prevention Systems, Tuned, and brought operational
Implemented Snort Intrusion Detection Systems, Tuned, and brought operational
Implemented Imperva WAF, Tuned, and brought operational
Oversaw HP Arcsight SIEM, Tuned, and maintained operational status
Trained Information Security Staff on operation of IPS, IDS, WAF, and SIEM
Implemented Information Security Ticketing System (RedMine) and set procedures for use
Oversee day to day operations and responses to both Physical and Information Security
Disaster Recovery and Business Continuity Planning and Testing
PCI ASV scanning compliance
Establishment of in-house forensic response capability with EnCase
Trained Information Security Staff on forensic response and investigations
Supervised team that handled over xxx forensic investigations
Developed Response Framework
Vendor Due Diligence Security Review Program reporting
Development and Reviews of Information Security Procedures
Mentoring of Information Security staff
2012 : 2016
Netspend
Information Security Manager
Skills
Analytical Skills, cisco systems products, Cisco Technologies, CISM, Cloud Security, Communication, Compliance, Computer Security, Creative Problem Solving, Data Privacy, Disaster Recovery, Expenses, Firewalls, Forensic Analysis, GIAC, Incident Response, Information Assurance, Information Security, Information Security Management, Information Security Program, Information Security Standards, Information Technology, Interpersonal Skills, Intrusion Detection, Intrusion Prevention Systems, IPS, Management, Networking, Network Security, payment card industry data security standard (pci dss), Penetration Testing, Problem Solving, SANs CISSP Training, SANs GCIH Training, Security, Security+, Security Architecture Design, Security Audits, Security Awareness, Security Management, Technical Requirements, Training, Virtualization of Incident Response, virtual private network (vpn), VMware, VPN, VPN (Array Networks, Nortel, Checkpoint), Vulnerability, Web Application Security, Windows Server, Virtualization of, Reverse Engineering, Securing VoIP, Security Architecture, VPN (Array Networks, Intrusion Prevention, Reverse Engineering Rootkits
Profile Photo
