Claudio Lo Cicero

Information Security & Technology Executive | IT/OT/ICS/CIP Security Advisor & Speaker | U.S. Army Veteran

Dallas, TX, United States

Details

Education: Executive Certificate in Global Management

Fontainebleau, France

INSEAD

Master of Science

Information Technology with an Information Security Specialization

Capella University

Bachelor of Science

Sociology w/minor in Spanish

Excelsior University

Experience: Executive in charge of InfoSec strategy, governance, risk, and compliance at Rithm Capital’s portfolio of companies, including NewRez, a top 5 non-bank mortgage originator and servicer with 6,000+ staff and $500B+ loans under management. Manage a dispersed team of 19 and a $4.8M annual budget.

2022 : Present

Newrez LLC

SVP Chief Information Security Officer (CISO)

InfoSec leader for Humana's Retail Segment, a $74B revenue unit within the Fortune 50 healthcare giant. Managed a team of BISOs to align security strategies with enterprise standards and global best practices. Advised line-of-business CIOs and stakeholders on security and risk management, in collaboration with Compliance, Legal, HR, and Enterprise Risk departments.

• Crafted and implemented Retail Insurance Master InfoSec Strategy and 3-year Roadmap.

• Supervised the development of sub-segment strategies, roadmaps, risk registers and dashboards.

• Streamlined InfoSec services, achieving $1.2M annual OPEX savings.

• Oversaw Cloud First projects, including the design of a new cloud-based claims system.

• Managed compliance programs for PHI/PII including HIPAA/HITRUST.

• Operations Risk Management Committee member and participant in multiple steering committees.

2020 : 2022

Humana

Business Information Security Officer (BISO)

Head of Global Information and Industrial Control Systems (ICS) Security for a Fortune 500 chemical manufacturer with 7,000+ employees. Led an 18-member global team in creating an integrated security model covering information, SAP, business continuity, data privacy, and ICS, aimed at reducing risk and enhancing governance.

• Reorganized InfoSec and ICS functions for rapid maturity and continuous improvement.

• Refined the IT/OT Convergence Program in line with international best practices.

• Implemented enhanced vulnerability identification, patch and configuration management processes.

• Established Risk Assessment and 3rd Party Risk Management Frameworks.

• Launched Data Management Foundation for data classification and lifecycle management.

• Introduced monthly security reporting for visibility, metrics, and threat awareness.

2020 : 2020

Celanese

Senior Director Information Security (de facto CISO)

Head of InfoSec Risk Management and Data Privacy for the largest public single-family home real estate investment trust (REIT) and former Blackstone Portfolio Company, with $1.7B annual revenue and $16B market cap.

• Managed organizational infosec and privacy regulatory compliance.

• Successfully achieved the organization’s first PCI DSS compliance validation.

• Passed initial post-listing SOX audit with zero material weaknesses nor any significant deficiencies.

• Led data privacy readiness initiative for California Consumer Privacy Act (CCPA).

• Standardized corporate infosec policies in line with international best practices.

• Launched comprehensive security awareness training and phishing exercises.

• Operationalized monthly and quarterly reporting metrics.

2017 : 2020

Invitation Homes

Senior Director Information Security (de facto CISO)

Served as the inaugural CISO for Maersk Oil, a $6B oil & gas exploration and production subsidiary of the Fortune Global 200 conglomerate A.P. Møller-Mærsk Group. Pioneered the establishment of the company's Global Information Security and Data Privacy functions from the ground up. Collaborated with executive leadership to shape governance, risk, and compliance frameworks, addressing a dynamic landscape of global and industry-specific threats. Managed an annual budget of $3.5M while exercising indirect control over an additional $5M.

• Established and chaired the Global InfoSec Steering Committee for business risk alignment.

• Member of Enterprise Risk Committee Member and elevated cybersecurity into Top 3 Enterprise Risk.

• Standardized and aligned InfoSec policies and ISO 27001/2, ISF SoGP, NIST, and COBIT standards.

• Introduced quarterly IT/OT governance reports and monthly technical operations reports.

• Developed a multi-tiered awareness program and campaign in alignment with organizational vision for health, security, and safety to promote an Incident Free culture.

• Established frameworks and programs for capability maturity, technical and physical security, third-party and supply chain risk, and GDPR compliance.

• Enhanced capabilities in incident response, advanced malware detection, vulnerability and threat detection, eDiscovery, and securing industrial control critical infrastructure (OT/ICS/SCADA) systems.

2013 : 2017

Maersk Oil

Chief Information Security Officer (CISO)

Company: Newrez LLC

Years of Experience: 25

Spoken Language: English, Spanish

Skills

Business Development, Business Process, Business Process Improvement, Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Change Management, CISSP, COBIT, Continuous Improvement, Cybersecurity, Data Center, Disaster Recovery, Enterprise Software, General Operations, Governance, Green Belt, Information Security, Information Security Management, Information Technology, Infrastructure, ITIL, IT Management, IT Operations, IT Service Management, Leadership, Management, Multinational, Networking, Network Security, Operations Management, Outsourcing, Personnel Management, Personnel Selection, Physical Security, PMP, Process Control Systems, Process Improvement, Program Management, Project Management, Project Portfolio Management, Risk Management, SCADA, Service Delivery, Six Sigma, Strategy, Supervisory Control and Data Acquisition, Team Leadership, Team Management, Vendor Management

About

Information/Cyber/Physical Security & Technology Executive | CIP/OT/ICS Security Advisor & Speaker | U.S. Army Veteran with 20+ years of people management and technical leadership.

Experienced in building and developing cohesive high-performance geographically dispersed and culturally diverse teams in both greenfield and brownfield environments to drive rapid departmental maturity, transparency, and sustainable continuous improvement.

Expertise in information/cyber/IT and physical security; data privacy; infrastructure, networking, systems, and applications management and administration; business continuity and disaster recovery; critical infrastructure protection (CIP); operational technology process and industrial control systems (OT/ICS/SCADA) security; industrial internet of things (IIOT); Industry 4.0; IT/OT convergence; governance good practice and regulatory compliance frameworks (COBIT/ITIL, ISF SoGP, ISA/IEC 62433, ISO 27000/31000 series, NIST, NERC, CIP, HIPAA/HITRUST, and PCI); project and program management.