Jeffrey Lyon, MS, CISM, CISSP, CCSP, MCSE

Details

Skills

active directory, Certified Information Security Manager (CISM), cissp, Citrix, Client Communication, Cloud Security, cyber defense, Disaster Recovery, Enterprise Risk Management, healthcare information technology, Identity & Access Management (IAM), Information Security, Information Security Management, Intrusion Detection, IT Governance, IT Management, IT Security Best Practices, it strategy, Leadership, Managed Security Services, microsoft technologies, nessus, Network+, NIST, pci dss, PKI, Program Management, Project Management, Qualys, security, Security Consulting, Security Information and Event Management (SIEM), security operations center, server architecture, strategic planning, system administration, Team Management, technical writing, threat & vulnerability management, Tripwire, tripwire enterprise, VDI, Virtualization, VMware, vmware esx, vsphere, Vulnerability Assessment, Vulnerability Management, vulnerability scanning, windows server, vmware infrastructure, servers, netapp, Storage Area Networks, Integration, hyper-v, Windows 7, network, data center, dns, san, sql, nas, Server Consolidation, Windows Server 2008, DHCP, it operations, e-commerce, microsoft exchange 2010/2007/2003, IIS, SCVMM, vmware view, vcenter server, spam filtering, WSUS, lync server 2013, microsoft office 365, technical support, Threat & Vulnerability, Security Operations, Microsoft Exchange, Virtual Desktop, Healthcare Information, virtual desktop infrastructure

About

I have over 25 years of professional experience in cyber security, IT management, and business leadership, underpinned by a strong technical background. I have specialized in cyber security, developing business-enabling and business-aligned security technology strategies, and have overseen the implementation of innovative security solutions and services focused on delivering business value.



I enjoy helping businesses develop their cyber security strategy by assessing their current security posture, identifying the gaps, creating the roadmap, and establishing and communicating metrics to all levels of management.



I am a determined individual with proven ability to provide security insights to the business, in their language. These insights have gained leadership buy in for delivering security strategy aligned to key business goals. This is achieved by understanding the need to drive change through people, process and technology, rather than focusing exclusively on any one area. I am an energetic and challenge- driven leader, with an outgoing and approachable character.



Along with a proven ability to translate security into business language and articulate the business benefits I am also passionate about leading security innovations and making security a key part of the business proposition to its customers. Security should be made a key differentiator to drive sales and customer retention, not just a cost center.



My philosophy on cyber security:

• Cyber security is a business enabler, not an IT problem.

• Business leadership must be completely onboard to ensure the success of the program. This includes providing a budget for resources, determining the risk appetite, and identifying the “crown jewels.”

• The foundation for a successful cyber security program is an accurate and dynamic asset management program.

• Cyber security must encompass or be part of a risk management program. To determine what to prioritize will be difficult without a consistent method of quantifying risk.



• Cyber security should not be an afterthought; it must be infused at every phase of a business system or software development lifecycle.