Jason Stockinger
Details
Business Administration, Management and Operations
University of Maryland University College
Associate of Applied Science (A.S.)
Electronics System Technology
Community College of the Air Force
-Governance, Risk, Compliance (GRC) – Re-designed information security program distilling 350 metrics into 10 key board/executive risk metrics. Education and awareness program targeting 100k offline shipboard crew and 12k shoreside employees in over 40 languages. Created robust third party (over 11k vendors) and application security program (200+ custom apps) to include 64 ship healthy return to service medical technologies.
-Security Operations – Improved threat, vulnerability, and patch management program reducing exploitable vulnerability by over 60%. Provided process improvements to tiered incident response team. Worked closely with security architects to approve baselines and security development operations requirements reducing 99% of new vulnerability. Provided guidance to maritime security team on protecting industrial control systems resulting in 100% regulatory compliance.
2019 : Present
Royal Caribbean Group
Director, Global Information Security
-Third Party / IT Application Risk Management – Program was adopted by incoming acquiring organization (discovery). Was the only cyber leader retained to retrain risk staff of acquiring company.
-Policy & Standards – Revamped and socialized the global adopted IT policy & standard set, to include an exception management program to manage risk. Resulted in more mature cyber risk management program that drove cyber remediation in an automated fashion reducing IT risk to top 20 applications.
-Training & Awareness – Incorporated acquired company global education and awareness program in collaboration with HR, Legal, IT, Corporate Communications, and other business leaders. Reduced human risk to less than 5% social engineering susceptibility globally.
2018 : 2019
Discovery Inc
Director, Information Security Risk
-Third Party / IT Application Risk Management – Developed and led Global Supply Chain/Third Party/IT Application Risk Management program in 122 days to report top 10 risks to the Audit Committee of the Board, Cyber Security Executive Council, and LoB Stakeholders. Program was adopted by incoming acquiring organization (discovery). Was the only cyber leader retained to retrain risk staff of acquiring company.
-Policy & Standards – Authored and socialized the first ever global adopted IT policy & standard set, to include an exception management program to manage risk. Signed and approved within 6 months of start date, resulted in first ever asset management program that drove vulnerability remediation in an automated fashion reducing IT risk by over 50%.
-Training & Awareness – Developed and implemented global education and awareness program in collaboration with HR, Legal, IT, Corporate Communications, and other business leaders. Reduced human risk to less than 1% social engineering susceptibility.
2016 : 2018
Discovery Inc
Director, Operational Risk Management
-RF Transmissions - Functional Operations Manager – Career focused on communications with wireless/RF transmissions systems specialty. Systems & technology experience : Avaya & Nortel phone switch, radio transceiver(s), antenna and SATCOM, WINTEL desktops, WINTEL servers, cabling, WIFI, Nortel/Cisco router/switch configuration, Giant Voice, perimeter detection technologies, CCTV, UPS maintenance, radar alignment, Service Desk Technologies, SharePoint, etc. Security clearance was required for this role.
-Oct 2012-May 2013 - United States Air Force - USCENTAF – Horn of Africa
-Communications Focal Point Officer – Managed staff of 15 for the largest expeditionary communications focal point in the Air Force. Responsible for circuit availability of 24 forward operating bases and support of 8 General Officers. Streamlined the access control system to create and decommission over 100 domain accounts per shift. Administered Security protocol for new Secure Common Access Card PKI system. Designed a new process for creating over 300+ secure credentials on the Secret infrastructure.
-Information Assurance - Managed 20 major security incidents to include investigation, and data wipe/recovery efforts. Officiated data destruction and re-image procedures for all workstations on base. Averaged 10-15 computer redeployments daily. Streamlined technology change management process to minimize downtime and increase communications capability.
-May 2007-Jul 2007 - United States Air Force – USCENTAF - IRAQ
-Infrastructure Inside Plant Cable Team Lead - Led 5-man infrastructure teams on inside plant installs which included 600+ cable drop hospital, 200+ cable drop air terminal and 400+ cable drop Emergency Operations Center (EOC).
1996 : 2017
Oklahoma Air National Guard
Communications Officer In Charge
-RCSA – Risk and Control Self-Assessment – Thought leader for governance program and RCSA development, business requirements, process improvements, and senior management reporting to support the first operational risk management framework. This resulted in removal of several regulatory sanctions.
-Operational Risk/Technology Assessment – Trailblazer for GRC activities related to Risk and Control Self-Assessment in Information Technology, Wealth Management, Bank Operations, Merchant Services, Commercial, Consumer, Mortgage, etc. Developed key risk indicator metric dashboard to assist in monitoring risk areas needing improvement and assist senior leadership to be proactive on risk watch items. Findings tracked and managed resulting in 0 breach incidents during tenure.
-Operational Loss Tracking – Managed and improved General Ledger(GL) operational loss reporting to risk committee of the board. The results were used to improve the bottom line loss by over $3M annually.
-Information Security Risk - Developed and implemented risk management programs, analysis of risk trends and identification of risk exposures. Recommended and executed needed mitigation action to reduce residual risk to acceptable levels. Strong experience in vendor management, data analysis, IT, and bank-wide information security assessment. Resulted in 100% compliance with regulatory requirements for risk management.
-Information Security Education and Awareness - Developed and implemented a corporate wide education and awareness program to integrate with HR Learning Management Platform. Included speaking engagements, lunch-n-learns, CBT selection and customization, and development of corporate newsletters/articles. Resulted in lower single-digit social engineering and better human firewall support.
2013 : 2016
BOK Financial
Vice President, Enterprise Risk (Operational / Information Security / Reputational)
Skills
Analysis, Banking, Banking Technologies, Building Relationships, Business Analysis, Business Continuity, Business Continuity Planning, Business Process Improvement, Business Relationship Management, Business Strategy, Change Management, Credit, Crisis Communications, Disaster Recovery, Electronic Payments, Electronics, Finance, Financial Risk, Financial Services, Information Security, Information Security Management, Information Technology, ISO Standards, IT GRC, ITIL, Leadership, Management, NIST, Operational Risk Management, Portfolio Management, Process Improvement, Product Development, Program Management, Project Management, Project Portfolio Management, Public Speaking, Relationship Management, Requirements Analysis, Requirements Gathering, Risk Management, SDLC, SharePoint, Strategic Communications, Strategic Planning, Vendor Management, Visio, Painting, Automotive Electronics, Digital Electronics, Financial Management, Financial Analysis, Military Operations, Commercial Banking, Loans, integration, Project Portfolio, Business Process, Business Relationship, Operational Risk, Consulting
About
Jason Stockinger, CRISC, CISSP® is a multi-industry Information Technology Security leader with proven experience leading change in Fortune500 companies.
Currently a Cyber Leader for Royal Caribbean Group where he is responsible for shoreside and shipboard cyber security on information technology, internet of things, entertainment technology, operational technology assets. Jason’s technology and cyber experience spans across industries including, financial services, government, media and entertainment, and telecommunications companies. Past roles include Director of Information Security Risk Management at Discovery Inc, Director of Operational Risk Management at Scripps Networks Interactive and Communications Officer In Charge for the Oklahoma Air National Guard. Prior to that Jason, held several positions at BOK Financial Inc. where his last role was Vice President of Operational Risk Management.
Effective in leading organizational shift to meet the needs of changing business environments, Jason is most proud of his ability to lead large teams and is passionate about inspiring greatness in others. In his past roles, Jason has led teams to produce organizational change and maturity. He is passionate about ensuring the strategic mission of his team aligns fully with business priorities and goals. Using this approach, Jason has a proven track record for developing strong, collaborative, and high-performing teams that deliver results using sustainable processes for continued performance.
In 2014, he was recognized from the Chairman of the Joint Chiefs of Staff as a Leader Among Leaders. He has served as a Board Member for Disaster Resilience Network and Disaster Resistant Business Council in addition to volunteering for various organizations including United Way and autistic youth and veterans service organizations.
Jason is married with 2 adult children and splits his time between South Florida and NE Oklahoma. He is an avid golfer and has been known to be the tallest guy in the room.
Profile Photo
