Profiles search
Christine Wisneski
Manager, Information Security Risk, CISM, CTPRP
United States
Details
Education:
Bachelor of Business Administration (B.B.A.)
Computer Science and Management
Northwood University
1990 : 1994
Computer Science and Management
Northwood University
1990 : 1994
Experience:
2021 : Present
BCD Travel
Manager, Information Security Risk
Information Security Risk Management, Third Party Supplier Risk Management, ISO and PCI Compliance;
• Conduct security risk assessments against products and services; Conduct third party supplier audits; Participate in ISO and PCI compliance audits; train others in risk and the management of risk; collaborate with other functions, such as Legal and Procurement, to provide a comprehensive risk management program
2015 : 2021
BCD Travel
Information Security Risk Analyst II
Risk Management, Governance, Monitoring, Compliance, Collaboration, e-Discovery
• Risk Management : Conduct security risk assessments and verifications in accordance with the product development methodology to ensure compliance with Dow Information Security and industry standards; Mentor incoming risk assessors and provide expertise in risk management process improvements; Consult with business partners in the application of security standards.
• Governance, Monitoring and Compliance : Implemented a governance program that measures compliance against internal standards (such as Platform and Application standards) and external regulations (such as SOX and data privacy) and addresses repeat compliance failures (Audit Issues); Mainframe Subject Matter Expert tasked with providing monthly monitoring reports and escalation of unacceptable use and validation of compliance with SOX requirements.
• E-Discovery : Collaborate with the Legal department to provide confidential and personally sensitive information for both civil and criminal cases; Provide expertise in e-Discovery tool selection and use; Case data management and delivery.
• Education, Awareness, Leadership : Drive awareness of security policy, standards and guidelines and influence end user behavior through several delivery methods such as course development, web site security productivity workshop, web presence, awareness communications and the Dow Information Security mailbox; Owner of the Dow Information Security mailbox responsible for driving operational effectiveness, setting expectations for response and following through on quality service delivery and process improvements.
• Six Sigma DFSS and MAIC Green Belt Certification : Strategic Virus Management, Improved Use of EDP in I/S, Cyber Security Awareness & Education, Streamlined Reporting in ICRM
• Safety warden : Conduct orientations, distribute notifications, facilitate meetings, address or escalate safety (ergonomics or facility related) issues
2001 : 2014
The Dow Chemical Company
Associate Information Security Manager
Integrated Auditing, Process Design & Development, Programming
• I/T Platform, Infrastructure and Application Audits (NT, Security Administration, Change Management, MVS Operating Systems, CICs, TopSecret, etc.) : Build interviews, gather information, become familiar with the processes involved, analyze the risks and controls relative to the application or computer system, and conclude on the findings.
• Integrated Business and Work process Audits (R&D, EH&S, etc.) : Build interviews, become familiar with the work processes and information technology tools utilized by the business, assess controls relative to their ability to securely manage data within the business, and conclude on the findings.
• Financial Audit IT Support (Procurement, Purchasing, Order Entry, and Pricing Audits, etc.) : Gather audit requirements, develop CAAT programs and provide data to support findings.
• I/S Focal Point : asset management, technical communication and training, problem management and resolution, and project implementation; DWS implementation team lead
1996 : 2001
The Dow Chemical Company
IT Auditor
Programming, Customer Service, Hardware & Software Support, Security & Network Administration, Disaster Recovery and Business Continuity
• Technical Associate : Accounts Payable (DACOR) system support; Gather requirements and process customer service requests for modifications to the JCL, Eztrieve and Cobol reporting programs; DRA (Disaster Recovery Administration) backup program modification, monitoring and error resolution
• Business Associate : Hardware and software support; Security administration for the mainframe, Novell LAN, and PC Login; Server Backups; Printer hardware and software support; Implementation of the first COE (Consistent Office Environment)
• Systems Engineering Development Training Program : Passed an intense 10-week programming course designed to immerse students in a real-life application development scenario; Utilized SQL, Visual Basic and C++ in application design; Customer accepted the application.
1994 : 1996
Electronic Data Systems
Technical Associate - Business Associate
BCD Travel
Manager, Information Security Risk
Information Security Risk Management, Third Party Supplier Risk Management, ISO and PCI Compliance;
• Conduct security risk assessments against products and services; Conduct third party supplier audits; Participate in ISO and PCI compliance audits; train others in risk and the management of risk; collaborate with other functions, such as Legal and Procurement, to provide a comprehensive risk management program
2015 : 2021
BCD Travel
Information Security Risk Analyst II
Risk Management, Governance, Monitoring, Compliance, Collaboration, e-Discovery
• Risk Management : Conduct security risk assessments and verifications in accordance with the product development methodology to ensure compliance with Dow Information Security and industry standards; Mentor incoming risk assessors and provide expertise in risk management process improvements; Consult with business partners in the application of security standards.
• Governance, Monitoring and Compliance : Implemented a governance program that measures compliance against internal standards (such as Platform and Application standards) and external regulations (such as SOX and data privacy) and addresses repeat compliance failures (Audit Issues); Mainframe Subject Matter Expert tasked with providing monthly monitoring reports and escalation of unacceptable use and validation of compliance with SOX requirements.
• E-Discovery : Collaborate with the Legal department to provide confidential and personally sensitive information for both civil and criminal cases; Provide expertise in e-Discovery tool selection and use; Case data management and delivery.
• Education, Awareness, Leadership : Drive awareness of security policy, standards and guidelines and influence end user behavior through several delivery methods such as course development, web site security productivity workshop, web presence, awareness communications and the Dow Information Security mailbox; Owner of the Dow Information Security mailbox responsible for driving operational effectiveness, setting expectations for response and following through on quality service delivery and process improvements.
• Six Sigma DFSS and MAIC Green Belt Certification : Strategic Virus Management, Improved Use of EDP in I/S, Cyber Security Awareness & Education, Streamlined Reporting in ICRM
• Safety warden : Conduct orientations, distribute notifications, facilitate meetings, address or escalate safety (ergonomics or facility related) issues
2001 : 2014
The Dow Chemical Company
Associate Information Security Manager
Integrated Auditing, Process Design & Development, Programming
• I/T Platform, Infrastructure and Application Audits (NT, Security Administration, Change Management, MVS Operating Systems, CICs, TopSecret, etc.) : Build interviews, gather information, become familiar with the processes involved, analyze the risks and controls relative to the application or computer system, and conclude on the findings.
• Integrated Business and Work process Audits (R&D, EH&S, etc.) : Build interviews, become familiar with the work processes and information technology tools utilized by the business, assess controls relative to their ability to securely manage data within the business, and conclude on the findings.
• Financial Audit IT Support (Procurement, Purchasing, Order Entry, and Pricing Audits, etc.) : Gather audit requirements, develop CAAT programs and provide data to support findings.
• I/S Focal Point : asset management, technical communication and training, problem management and resolution, and project implementation; DWS implementation team lead
1996 : 2001
The Dow Chemical Company
IT Auditor
Programming, Customer Service, Hardware & Software Support, Security & Network Administration, Disaster Recovery and Business Continuity
• Technical Associate : Accounts Payable (DACOR) system support; Gather requirements and process customer service requests for modifications to the JCL, Eztrieve and Cobol reporting programs; DRA (Disaster Recovery Administration) backup program modification, monitoring and error resolution
• Business Associate : Hardware and software support; Security administration for the mainframe, Novell LAN, and PC Login; Server Backups; Printer hardware and software support; Implementation of the first COE (Consistent Office Environment)
• Systems Engineering Development Training Program : Passed an intense 10-week programming course designed to immerse students in a real-life application development scenario; Utilized SQL, Visual Basic and C++ in application design; Customer accepted the application.
1994 : 1996
Electronic Data Systems
Technical Associate - Business Associate
Company:
BCD Travel
Years of Experience:
29
About
Versatile information security risk and audit professional, experienced in providing large corporations with Information Risk Management, Information Systems security, administration, audit, and systems development services. Offer expertise in work process development, governance, compliance, education, awareness, communications and e-Discovery. Drive standardized, consistent approach to service delivery while adhering to a high standard of excellence. Confident, driven leader and mentor proficient in working with cross-functional partners to drive results and provide solutions.
Profile Photo
