Cole Mietzner, CISSP
Details
Organizational Leadership
Learning @ Morning Brew
2022 : 2022
AAS
Graphic Design
Arapahoe Community College
2007 : 2009
Inotiv
Director of Information Security
2022 :
CITSAP
vCISO
TurnKey GRC specializes in information security program engineering and compliance. We can build your security program from the ground up or make expert recommendations on existing programs. We can also assist in building your compliance program and work with the audit team to audit.
2022 :
TurnKey GRC
vCISO / Consultant
• Created and implemented a comprehensive organizational security program to ensure appropriate levels of confidentiality, integrity, availability, safety, privacy, and compliance with applicable regulatory, statutory, and contractual requirements.
• Define and write security policies, controls, and standards.
• Communicate risk and security concerns to upper management
• Complete client level security questionnaires
• Conduct internal and external information security assessments, including security audits and risk assessments.
• Manage information security compliance and certification programs including SOC 1, SOC2, GDPR, ISO27001 and other statutory compliance needs, along with internal audit and data privacy programs.
• Created and presented a comprehensive and interactive data security training & awareness program
• Serve as advisor for the CIO other business leaders to help achieve business objectives while meeting security goals
2016 : 2023
Unifocus
IT Security and Compliance Officer
- Develop SQL to use as validation against the developers SQL to ensure requirements are met.
- Validate ETL processes using SSIS
- Validate reports created from SSRS
- Assist in the development of Data automation strategy including Jenkins integration.
- Develop test cases to validate story requirements.
2015 : 2016
Healthgrades
SQL Test Engineer
Skills
Computer Management, Computer Security, Consulting, Customer Service, cyber-security, Cybersecurity, Enterprise Risk Management, ETL Testing, GRC, Hospitality, Information Assurance, Information Security, Information Security Management, iso 27001, IT Security Policies & Procedures, JMeter, Leadership, Load Testing, Management, Mergers & Acquisitions (M&A), Microsoft SQL Server, Network Security, NIST, NIST 800-53, Process Improvement, Project Management, Risk Management, Rundeck, Security, Security Audits, Security Engineering, Security Management, Security Program, Security Training, SOC 2, soc2, Strategic Planning, Team Leadership, Time & Attendance, Time Management, vCISO, vmware esx, vmware vsphere, Vulnerability Assessment, Event Planning, T-SQL, Git, Microsoft Office, Hospitality Management, MySQL, Database Administration, Database Design, Sales, JavaScript, SQL Tuning, Relational Databases, Performance Testing, Watir, Jenkins, Scheduling, Mobile Applications, SSRS, SSIS, Agile Methodologies, Agile Testing, Kanban, SQL Server Integration Services (SSIS), Transact-SQL (T-SQL), ubuntu
About
Expertise in Information Security program design and management including; Risk Management, business continuity planning, business impact assessments, disaster recovery planning, incident response, and compliance. Compliance experience with statutory, regulatory and contractual needs including HIPAA, PCI-DSS, SSAE-18 SOC I & SOC II (Type 2), GDPR, and ISO27001. Data Privacy, Third-Party Risk, Strategic Planning, Virtualization, Networking and Storage, Factor Analysis of Information Risk (FAIR).
Specialties: Leadership, Risk Management, Compliance, Audit, Application Security, Server Security, Linux.
Profile Photo
