Profiles search
Chris Lindvay, CISSP, CISA, CDPSE
Cyber Security & Technology Supplier Risk Management at Collins Aerospace
Bridgewater, NJ, United States
Details
Experience:
We identify and assess risks associated with outsourcing to vendors/suppliers and reduce the risk of long-term exposure within our supplier’s portfolios.
2023 : Present
Collins Aerospace
Cyber Security & Technology Supplier Risk Management
Cybersecurity Advisory Board Member at Pace University - Seidenberg School of Computer Science and Information Systems
2020 :
Pace University - Seidenberg School of Computer Science and Information Systems
Cybersecurity Advisory Board Member
• Evolved the 2nd line of defense strategy for the IT Quality group to better support BMS and identify risks more accurately and timely. Developed risk monitoring and oversight model. Enhanced metrics package to provide greater clarity to leadership.
• IT program manager responsible for the IT SOX program for BMS including staffing, internal assessments, external audits, remediation activities, and driving continuous improvement. Managed multiple teams internally and externally to complete standard fieldwork. Evolved ITGC controls within the environment as part of Celgene and BMS integration activities.
• Enterprise Third Party Risk Management program lead representing IT Quality Management. Focus on enterprise intake, standardized questionnaires and evaluations, end to end process development including metrics and demand management.
• Third Party Supplier Governance oversight Committee lead representing IT Quality Management. Ensure's suppliers are producing appropriate metrics to identify and mitigate risks with ongoing supplier relationships. Optimized standard metrics package and deliverables across vendors
• Conducted risk assessments across areas including finance, IT, Cyber, and Quality Management.
2019 : 2023
Bristol Myers Squibb
Information Technology Governance, Supplier Risk Management, and Compliance
Member of the Cyber Security Advisory board at Rutgers University. The board is part of the Rutgers Center for Innovation Education, which provides professional and continuing education for technologists, innovators, and entrepreneurs.
2018 : 2019
Rutgers Cyber Security
Advisory Board Member
• Provide comprehensive ongoing leadership, IT management, and support for a variety of information security-related projects, including the multi-discipline Information Security, Audit & Risk management group.
• Launch targeted initiatives to improve performance, compliance, and minimize risk, consistently demonstrating expertise across Information Security, Sarbanes-Oxley (SOX), Privacy Compliance (GDPR), IT Software Asset Management, GxP audits, Compliance audits, Internal Finance audits, Sunshine Act, Vendor management/3rd party assessments, and CyberSecurity.
• IT project manager for IT SOX program including budget, staffing, metrics package, internal assessments, external audits, remediation actions, and overall risk management.
• Founded and led Information Security Vendor Risk Management program inclusive of Data Privacy process. Built program leveraging ServiceNow for Internal and external surveys, security scorecard, along with third party risk questionnaire's. BISO to the company for new vendors across all lines of business.
• Led Security risk management and compliance group. Focused on cyber maturity, risk identification and management, audit remediations, specialized risk assessments and external cybersecurity audits.
2008 : 2019
Celgene
Information Security, Audit, 3rd Party Risk Strategy
2023 : Present
Collins Aerospace
Cyber Security & Technology Supplier Risk Management
Cybersecurity Advisory Board Member at Pace University - Seidenberg School of Computer Science and Information Systems
2020 :
Pace University - Seidenberg School of Computer Science and Information Systems
Cybersecurity Advisory Board Member
• Evolved the 2nd line of defense strategy for the IT Quality group to better support BMS and identify risks more accurately and timely. Developed risk monitoring and oversight model. Enhanced metrics package to provide greater clarity to leadership.
• IT program manager responsible for the IT SOX program for BMS including staffing, internal assessments, external audits, remediation activities, and driving continuous improvement. Managed multiple teams internally and externally to complete standard fieldwork. Evolved ITGC controls within the environment as part of Celgene and BMS integration activities.
• Enterprise Third Party Risk Management program lead representing IT Quality Management. Focus on enterprise intake, standardized questionnaires and evaluations, end to end process development including metrics and demand management.
• Third Party Supplier Governance oversight Committee lead representing IT Quality Management. Ensure's suppliers are producing appropriate metrics to identify and mitigate risks with ongoing supplier relationships. Optimized standard metrics package and deliverables across vendors
• Conducted risk assessments across areas including finance, IT, Cyber, and Quality Management.
2019 : 2023
Bristol Myers Squibb
Information Technology Governance, Supplier Risk Management, and Compliance
Member of the Cyber Security Advisory board at Rutgers University. The board is part of the Rutgers Center for Innovation Education, which provides professional and continuing education for technologists, innovators, and entrepreneurs.
2018 : 2019
Rutgers Cyber Security
Advisory Board Member
• Provide comprehensive ongoing leadership, IT management, and support for a variety of information security-related projects, including the multi-discipline Information Security, Audit & Risk management group.
• Launch targeted initiatives to improve performance, compliance, and minimize risk, consistently demonstrating expertise across Information Security, Sarbanes-Oxley (SOX), Privacy Compliance (GDPR), IT Software Asset Management, GxP audits, Compliance audits, Internal Finance audits, Sunshine Act, Vendor management/3rd party assessments, and CyberSecurity.
• IT project manager for IT SOX program including budget, staffing, metrics package, internal assessments, external audits, remediation actions, and overall risk management.
• Founded and led Information Security Vendor Risk Management program inclusive of Data Privacy process. Built program leveraging ServiceNow for Internal and external surveys, security scorecard, along with third party risk questionnaire's. BISO to the company for new vendors across all lines of business.
• Led Security risk management and compliance group. Focused on cyber maturity, risk identification and management, audit remediations, specialized risk assessments and external cybersecurity audits.
2008 : 2019
Celgene
Information Security, Audit, 3rd Party Risk Strategy
Company:
Collins Aerospace
Spoken Language:
English
About
Seasoned, results-driven Information Security and Information Technology Leader, widely regarded for intelligently creating and leading multi-function risk and compliance programs in highly regulated industries. Over 20 years of experience in IT strategy, program management, ITIL, policy governance and risk management, third-party risk strategy, vendor management, and internal audit, with specific expertise assessing internal controls and advising on governance, risk management, business process improvement, finance, and regulatory compliance.
Profile Photo
