Profiles search
Chad Hicks, CISSP CCSP CISM
CISO | Former Fortune 200 BISO | Risk Driven Security Leader
Charlotte, NC, United States
Details
Experience:
Responsible for driving the strategy, operations, and budget to safeguard MercuryGate systems and data.
2022 : Present
MercuryGate International
Chief Information Security Officer - CISO
Teach various information systems coursework including Virtualization, Information Systems Management, Linux, and Database Design.
Currently only teaching online coursework.
2018 :
Mitchell Community College
Adjunct Instructor of Information Systems
Senior information security leader assigned to two largest business units within the company.
Primary function is to be the liaison between information security and the business. This means being the voice of information security to business partners; furthermore, being the advocate for the business to information security.
Work directly with SVPs and their direct reports as the information security subject matter expert.
Performs risk assessments and meets regularly with CIO, CISO, and divisional CIOs to quantify risk, develop compensating controls, and ensure senior leadership can make an informed decision based on enterprise risk appetite.
Provides the external voice of information security within the business functions, including but not limited to IT. Collaborate regularly with sales and marketing teams for high value accounts to ensure customer information security concerns are adequately addressed, and infosec is seen as a market differentiator when winning bids.
Currently leading cloud focused GRC program efforts across four public cloud providers to architect controls leveraging cloud native tools, cloud posture management software, and traditional on premise technologies where possible.
Drove efforts that led to a closure of 37 PL1 and PL2 risks in 6 months, as well as 100% closure of external vulnerabilities within responsible BU.
Interface between application security team and development teams to ensure information security coverage of applications, including threat modeling, DAST and SAST scanning, as well as timely remediation.
Perform contract review, project security assessments, and vendor security assessments to ensure information security is considered throughout the supply chain.
In under 12 months received two nominations in the MOR (Monthly Operating Review) for going above and beyond. This led to letters of recognition from our CEO, CIO, and CISO.
2021 : 2022
XPO Logistics, Inc.
Business Information Security Officer (BISO) NAT / LTL
Led successful ISO 270001 recertification efforts, including a complete rewrite of the ISMS plan, implementation of control owners, and developed processes to ensure audit readiness at any time.
Drove efforts that led to a 60% reduction in infrastructure related vulnerabilities in less than 6 months.
Partnered with infrastructure and client support teams to securely integrate GreyOrange robots and warehouse automation into WMX system.
Connected internal audit findings with information security risk to provide targeted, timely remediation of any audit findings.
Provides the external voice of information security within the business functions, including but not limited to IT. Collaborate regularly with sales and marketing teams for high value accounts to ensure customer information security concerns are adequately addressed, and infosec is seen as a market differentiator when winning bids.
Worked with DevOps teams to migrate legacy java struts-based environment to modern solution resolving thousands of high priority security issues.
2020 : 2021
XPO Logistics, Inc.
Business Information Security Officer (BISO) - Supply Chain
Teach Management Information Systems coursework to upperclassmen at the Belk College of Business at UNCC.
2020 : 2020
University of North Carolina at Charlotte
Adjunct Professor of Business Information Systems
2022 : Present
MercuryGate International
Chief Information Security Officer - CISO
Teach various information systems coursework including Virtualization, Information Systems Management, Linux, and Database Design.
Currently only teaching online coursework.
2018 :
Mitchell Community College
Adjunct Instructor of Information Systems
Senior information security leader assigned to two largest business units within the company.
Primary function is to be the liaison between information security and the business. This means being the voice of information security to business partners; furthermore, being the advocate for the business to information security.
Work directly with SVPs and their direct reports as the information security subject matter expert.
Performs risk assessments and meets regularly with CIO, CISO, and divisional CIOs to quantify risk, develop compensating controls, and ensure senior leadership can make an informed decision based on enterprise risk appetite.
Provides the external voice of information security within the business functions, including but not limited to IT. Collaborate regularly with sales and marketing teams for high value accounts to ensure customer information security concerns are adequately addressed, and infosec is seen as a market differentiator when winning bids.
Currently leading cloud focused GRC program efforts across four public cloud providers to architect controls leveraging cloud native tools, cloud posture management software, and traditional on premise technologies where possible.
Drove efforts that led to a closure of 37 PL1 and PL2 risks in 6 months, as well as 100% closure of external vulnerabilities within responsible BU.
Interface between application security team and development teams to ensure information security coverage of applications, including threat modeling, DAST and SAST scanning, as well as timely remediation.
Perform contract review, project security assessments, and vendor security assessments to ensure information security is considered throughout the supply chain.
In under 12 months received two nominations in the MOR (Monthly Operating Review) for going above and beyond. This led to letters of recognition from our CEO, CIO, and CISO.
2021 : 2022
XPO Logistics, Inc.
Business Information Security Officer (BISO) NAT / LTL
Led successful ISO 270001 recertification efforts, including a complete rewrite of the ISMS plan, implementation of control owners, and developed processes to ensure audit readiness at any time.
Drove efforts that led to a 60% reduction in infrastructure related vulnerabilities in less than 6 months.
Partnered with infrastructure and client support teams to securely integrate GreyOrange robots and warehouse automation into WMX system.
Connected internal audit findings with information security risk to provide targeted, timely remediation of any audit findings.
Provides the external voice of information security within the business functions, including but not limited to IT. Collaborate regularly with sales and marketing teams for high value accounts to ensure customer information security concerns are adequately addressed, and infosec is seen as a market differentiator when winning bids.
Worked with DevOps teams to migrate legacy java struts-based environment to modern solution resolving thousands of high priority security issues.
2020 : 2021
XPO Logistics, Inc.
Business Information Security Officer (BISO) - Supply Chain
Teach Management Information Systems coursework to upperclassmen at the Belk College of Business at UNCC.
2020 : 2020
University of North Carolina at Charlotte
Adjunct Professor of Business Information Systems
Company:
MercuryGate International
About
Visionary information security executive with nearly twenty years of progressively responsible experience in all facets of the intersection of Information Security, IT, and business. Significant experience in application security, assessing risk, and cybersecurity program development.
Profile Photo
