Profiles search

Jason Nystrom CISA CDPSE

Sr. Director, Governance Risk & Compliance at Windstream Communications
Willoughby, OH, United States

Details

Experience: The Governance, Risk and Compliance (GRC) team identifies, develops, tests, remediates and communicates security controls according to SOX, PCI, Data Privacy and Windstream’s Security Policies, Standards while adhering to NIST CSF Guidelines.

2021 : Present

Windstream

Sr. Director - Governance, Risk & Compliance (GRC)

Responsible for providing leadership of IT Compliance initiatives related to PCI, SOX and security best practices, while managing a diverse team of developers and analysts. Provide leadership for the enterprise in risk remediation/audit findings and serves as primary contact with internal/external audit entities. Owner of various Access-related technologies (IDM, CyberArk, RCM, etc.). Serves as primary point for IT Information Security best practices, policies and exceptions.

2010 :

Windstream Communications

Business Information Security Officer (BISO) - IT

Leadership of Windstream's Identity & Access Management within the Enterprise Information Risk and Security (EIRS) organization

2017 : 2021

Windstream

Director, Identity & Access Management

Responsible for day to day management of Specialty Products IT Security & Compliance portfolio (remediation).

2007 : 2010

Nationwide Insurance

IT Security & Compliance (Portfolio Manager)

Managing the business of IT. Responsible for Finance, Staffing, Metrics, Clarity, etc.

2006 : 2007

Nationwide Insurance

Operations Coordinator
Company: Windstream
Years of Experience: 27

Skills

Audit, Budgeting, Business Analysis, Business Process, Business Process Improvement, Change Management, Coaching, Compliance, Consulting, Customer Relations, Cyber Policy, Cybersecurity, Cyber Security Risk, Data Privacy, Disaster Recovery, Documentation, Enterprise Software, Governance, Risk Management, and Compliance (GRC), Information Security, Information Security Management, Information Technology, Insurance, Integration, IT Audit, IT Management, IT Risk Management, IT Strategy, Leadership, Management, Negotiation, Policies & Procedures, Presentations, Process Improvement, Program Management, Project Management, Requirements Analysis, Risk Management, Sarbanes-Oxley Act, SDLC, Security, Security Awareness, Security Controls, Software Development Life Cycle (SDLC), Software Documentation, SOX, Strategic Planning, Team Building, Team Leadership, Third Party Management, Vendor Management

About

Specialties: IT Security - includes working with internal/external audit entities, compliance to state/regulatory requirements, identification/remediation of security deficiencies, ownership of Identity Management/Password Mgmt/Attestation applications