Profiles search
Jeff Westerheide CISA,CRISC,CPA,CITP,ITIL
Head of Information Security - Governance, Risk & Compliance at MoneyGram International
Dallas, TX, United States
Details
Experience:
2018 : Present
MoneyGram International
Head of Information Security - Governance, Risk & Compliance; Identity Access Management; DR/BCP
Pinnacle Technical Resources is a leader in providing workforce solutions to Fortune 500 companies in the United States and Canada. Their client, Oncor, is one of the largest investor-owned utilities in the nation and the largest electricity transmission and distribution company in Texas.
• As a strategic business partner, automate and optimize security and compliance operations, integrate security controls and processes into new DevSecOps and Application Models, and evaluate developments in regulatory statutes and proposed legislation informing management of any impacts to Company.
• Represent company in threat intelligence, cyber incident response, requests for mutual assistance, and supply chain risk management discussions
• Perform IT controls consultation and testing to ensure SOX compliance for large multi-million-dollar ERP Customer Platform deployment with 30+ application interfaces and new change management automation and orchestration tools.
2017 : 2018
Pinnacle Group, Inc.
Strategic Business Partner-Security Operations Automation
Led Security Operations and Compliance teams responsible for cyber security program, security operations and IT controls compliance and governance across TXU Energy, Luminant and EFH Business Services. Compliance programs included SOX, PCI, NACHA, HIPAA and NEI 08-09 as well as all IT general controls.
Directed team to formulate strategy and development of PII program focused on TXU Energy.
Engaged with industry organizations and working groups focused on critical infrastructure security protection, particularly in light of the Executive Order for increased Cyber Security.
Bsiness case development using risk based appproach for six year $90M board approved cyber security plan.
Led the cyber security program and SAP Security function for TXU Energy. Delivered PCI and NACHA remediation plan, including tokenization solution for SAP ERP system reducing overall PCI footprint. Reduced SOX deficiencies, optimized SAP role management and transformed SAP governance risk/compliance platform to SAP GRC solution.
Leadership and oversight in all aspects of three generations of outsourcing activities over 12 years including RFPs, contract and service level formulation, transition management, operations management, oversight and optimization, contract governance, dispute management and resolution, and service reengineering.
IT Representative in Public Policy and Regulatory Affairs serving as subject matter expert for two Texas Legislative sessions. Served as Treasurer of EnergyPAC for 10+ years.
2006 : 2016
Energy Future Holdings
Director - IT Security, Compliance & Regulatory; Director - IT & Oustourced Operations
Provided leadership and expertise in overall planning and conducting of IT operations, systems, and compliance audits. Led independent internal IT audit organization focused on security and controls associated with all information systems and technologies supporting TXU.
Managed and coordinated internal audit relationship with outsourced business processes at third parties, primarily at Capgemini Energy (CGE) and Hewitt Associates.
Assessed adequacy and effectiveness of risk management, controls, and governance processes in TXU information systems and technologies and outsourced business processes.
2003 : 2006
TXU Business Svc
Audit Director, Information Technology and Outsourced Business Management
Developed risk-based annual audit plan addressing critical risks in business services and IT.
Managed and directed team of general and IT auditors who completed risk and control self-assessments, process and functional internal controls reviews, IT general controls, application and new system development control reviews, process efficiency and effectiveness reviews, and investigations.
Provided SOX support to identify key financial controls, test plan development, and test execution.
Initiated and directed development of IT general controls and systems controls framework for 47 applications.
1999 : 2003
TXU Business Svc
Audit Manager, Information Technology and Business Services
MoneyGram International
Head of Information Security - Governance, Risk & Compliance; Identity Access Management; DR/BCP
Pinnacle Technical Resources is a leader in providing workforce solutions to Fortune 500 companies in the United States and Canada. Their client, Oncor, is one of the largest investor-owned utilities in the nation and the largest electricity transmission and distribution company in Texas.
• As a strategic business partner, automate and optimize security and compliance operations, integrate security controls and processes into new DevSecOps and Application Models, and evaluate developments in regulatory statutes and proposed legislation informing management of any impacts to Company.
• Represent company in threat intelligence, cyber incident response, requests for mutual assistance, and supply chain risk management discussions
• Perform IT controls consultation and testing to ensure SOX compliance for large multi-million-dollar ERP Customer Platform deployment with 30+ application interfaces and new change management automation and orchestration tools.
2017 : 2018
Pinnacle Group, Inc.
Strategic Business Partner-Security Operations Automation
Led Security Operations and Compliance teams responsible for cyber security program, security operations and IT controls compliance and governance across TXU Energy, Luminant and EFH Business Services. Compliance programs included SOX, PCI, NACHA, HIPAA and NEI 08-09 as well as all IT general controls.
Directed team to formulate strategy and development of PII program focused on TXU Energy.
Engaged with industry organizations and working groups focused on critical infrastructure security protection, particularly in light of the Executive Order for increased Cyber Security.
Bsiness case development using risk based appproach for six year $90M board approved cyber security plan.
Led the cyber security program and SAP Security function for TXU Energy. Delivered PCI and NACHA remediation plan, including tokenization solution for SAP ERP system reducing overall PCI footprint. Reduced SOX deficiencies, optimized SAP role management and transformed SAP governance risk/compliance platform to SAP GRC solution.
Leadership and oversight in all aspects of three generations of outsourcing activities over 12 years including RFPs, contract and service level formulation, transition management, operations management, oversight and optimization, contract governance, dispute management and resolution, and service reengineering.
IT Representative in Public Policy and Regulatory Affairs serving as subject matter expert for two Texas Legislative sessions. Served as Treasurer of EnergyPAC for 10+ years.
2006 : 2016
Energy Future Holdings
Director - IT Security, Compliance & Regulatory; Director - IT & Oustourced Operations
Provided leadership and expertise in overall planning and conducting of IT operations, systems, and compliance audits. Led independent internal IT audit organization focused on security and controls associated with all information systems and technologies supporting TXU.
Managed and coordinated internal audit relationship with outsourced business processes at third parties, primarily at Capgemini Energy (CGE) and Hewitt Associates.
Assessed adequacy and effectiveness of risk management, controls, and governance processes in TXU information systems and technologies and outsourced business processes.
2003 : 2006
TXU Business Svc
Audit Director, Information Technology and Outsourced Business Management
Developed risk-based annual audit plan addressing critical risks in business services and IT.
Managed and directed team of general and IT auditors who completed risk and control self-assessments, process and functional internal controls reviews, IT general controls, application and new system development control reviews, process efficiency and effectiveness reviews, and investigations.
Provided SOX support to identify key financial controls, test plan development, and test execution.
Initiated and directed development of IT general controls and systems controls framework for 47 applications.
1999 : 2003
TXU Business Svc
Audit Manager, Information Technology and Business Services
Company:
MoneyGram International
About
I'm a transformative and forward-thinking IT cyber security, risk and compliance director who has the technical and organizational skills who will achieve highly effective results through building strong relationships with all stakeholders. I'm specialized in cyber security, compliance, IT audit, corporate and IT risk management, outsourcing, and governance. I am proven highly successful in the design, development, and deployment of security, compliance and technology strategies, solutions and controls.
I am a dedicated, creative, and goal-oriented expert with vast experience in direction and oversight of IT operations, outsourcing, controls, governance, development programs and project management.
I exhibit polished interpersonal and communication skills with an emphasis on delivering business results with acumen, operational excellence and stakeholder focus.
Profile Photo
