Profiles search
Jenifer (Jen) Chandler
Business Information Security Officer (BISO) at Allstate
Lincoln, NE, United States
Details
Experience:
2022 : Present
Allstate
Business Information Security Officer
Key Responsibilities Include
-Provide strong regulatory compliance support, scope management and communication, defining evidence requirements and program management as required.
-Review new regulations for security impact and document requirements for compliance.
-Communicate requirements and compliance status to security leadership and impacted technical teams.
-Coordinate project managers and participate in meetings to ensure the accuracy of scoping, requirements documentation, gap identification, remediation and compliance requirements are met.
-Partner with risk management teams to ensure the transparent communication of risk reporting related to compliance revaluations and identified gaps.
-Review evidence submissions to ensure regulatory requirements are met and provide validation of gap closure.
-Track remediation of any gaps to compliance with the implementation area to ensure closure and tracking to deadlines.
-Support delivery / implementation leads in promoting and consulting on the positions that help strengthen and secure the organization in alignment with regulatory requirements by either following standards or helping direct others on technology positions.
-Help facilitate review of changes in company processes, standards and technology to ensure the effectiveness of security controls to meet compliance requirements.
-Help consult with stakeholders on requirements for new and existing business / technology solutions to assure compliance to regulations, compliance frameworks and internal standards and governing policies and procedures.
-Provide Archer GRC tool administration for security controls assessment workflow and evidence gathering within the compliance and issues management modules.
-Built effective working relationships, making sound decisions, successfully making changes, initiating action and achieving results as a trusted advisor.
2020 : 2022
Allstate
State Cybersecurity Regulatory Lead Consultant
-Trusted cybersecurity advisor demonstrate a strategic understanding of the partner’s business, mission and goals, and support business initiatives in a complex and evolving risk landscape
-Ability to fully understand the business strategy and environment and align appropriate solutions
-Identify and recommend appropriate measures to manage and mitigate risks and reduce potential impacts on information resources
-Conduct business impact and/or risk assessment analysis and assist with recommendations and/or mitigation strategies to management through information security risk assessments and consultation
-Assist the Policy & Standards team in the development, implementation, and enforcement of standards and procedures
-Research and evaluate emerging trends, threats and technologies both internal and external
-Provide support to stakeholders on requirements for new and existing business / technology solutions to assure compliance to standards and governing policies and procedures
-Reporting and communication of security compliance issues and recommendations
-Integration of security risk management activities
-Assist in integrating information security services into the ATSV work intake, project management and other processes
-Partner with all areas of the business, including internal auditors, legal, IT and business partners
-Develop and improve KPIs, metrics, and trending for the risk management and consulting function.
-Respond to and assist with audits, assessments and compliance requests
-Serve as client liaison as needed on matters pertaining to Risk Management
-Promote and consult on the positions that help strengthen and secure the organization by either following standards or helping direct others on technology positions
-Act as a subject matter expert for the organization's information asset protection policies and procedures, and information technology best practices
-Develop and refine procedures and techniques used by the team
2016 : 2020
Allstate
Cyber Security Consultant
Write policy and procedure for the termination team. I facilitate communications between licensing, our compliance coordinator, all the states, and the different regions within Allstate. I train new employees' on our policies and procedures and keep up to date with current state laws and new systems.
2006 : 2016
Allstate
Senior Licensing Staff Representitive
Allstate
Business Information Security Officer
Key Responsibilities Include
-Provide strong regulatory compliance support, scope management and communication, defining evidence requirements and program management as required.
-Review new regulations for security impact and document requirements for compliance.
-Communicate requirements and compliance status to security leadership and impacted technical teams.
-Coordinate project managers and participate in meetings to ensure the accuracy of scoping, requirements documentation, gap identification, remediation and compliance requirements are met.
-Partner with risk management teams to ensure the transparent communication of risk reporting related to compliance revaluations and identified gaps.
-Review evidence submissions to ensure regulatory requirements are met and provide validation of gap closure.
-Track remediation of any gaps to compliance with the implementation area to ensure closure and tracking to deadlines.
-Support delivery / implementation leads in promoting and consulting on the positions that help strengthen and secure the organization in alignment with regulatory requirements by either following standards or helping direct others on technology positions.
-Help facilitate review of changes in company processes, standards and technology to ensure the effectiveness of security controls to meet compliance requirements.
-Help consult with stakeholders on requirements for new and existing business / technology solutions to assure compliance to regulations, compliance frameworks and internal standards and governing policies and procedures.
-Provide Archer GRC tool administration for security controls assessment workflow and evidence gathering within the compliance and issues management modules.
-Built effective working relationships, making sound decisions, successfully making changes, initiating action and achieving results as a trusted advisor.
2020 : 2022
Allstate
State Cybersecurity Regulatory Lead Consultant
-Trusted cybersecurity advisor demonstrate a strategic understanding of the partner’s business, mission and goals, and support business initiatives in a complex and evolving risk landscape
-Ability to fully understand the business strategy and environment and align appropriate solutions
-Identify and recommend appropriate measures to manage and mitigate risks and reduce potential impacts on information resources
-Conduct business impact and/or risk assessment analysis and assist with recommendations and/or mitigation strategies to management through information security risk assessments and consultation
-Assist the Policy & Standards team in the development, implementation, and enforcement of standards and procedures
-Research and evaluate emerging trends, threats and technologies both internal and external
-Provide support to stakeholders on requirements for new and existing business / technology solutions to assure compliance to standards and governing policies and procedures
-Reporting and communication of security compliance issues and recommendations
-Integration of security risk management activities
-Assist in integrating information security services into the ATSV work intake, project management and other processes
-Partner with all areas of the business, including internal auditors, legal, IT and business partners
-Develop and improve KPIs, metrics, and trending for the risk management and consulting function.
-Respond to and assist with audits, assessments and compliance requests
-Serve as client liaison as needed on matters pertaining to Risk Management
-Promote and consult on the positions that help strengthen and secure the organization by either following standards or helping direct others on technology positions
-Act as a subject matter expert for the organization's information asset protection policies and procedures, and information technology best practices
-Develop and refine procedures and techniques used by the team
2016 : 2020
Allstate
Cyber Security Consultant
Write policy and procedure for the termination team. I facilitate communications between licensing, our compliance coordinator, all the states, and the different regions within Allstate. I train new employees' on our policies and procedures and keep up to date with current state laws and new systems.
2006 : 2016
Allstate
Senior Licensing Staff Representitive
Company:
Allstate
About
Business Information Security Officer with a demonstrated history of working in the insurance industry. Skilled in Enterprise Risk Management, Metrics, State Regulatory Compliance, Archer GRC, Analytical Skills, Microsoft, Coaching, and Team Building.
Strong information technology professional with a Bachelor's Degree focused in Cyber Security from Bellevue University.
Profile Photo
