Jibin Thomas, CISSP
Details
Biology / Biological Sciences
University of Illinois at Chicago
GoHealth
Senior Manager Cybersecurity Operations
★ Promoted to provide leadership and governance to enterprise information security. Serve as Chief Cyber Defense Solutions architect within Grant Thornton’s cyber defense solutions group. Responsible for developing success criteria for customer challenges. Deliver implementation of Exabeam and similar Cyber Defense solutions.
• Architect and execute the strategic vision. Author roadmaps and establish scalable systems and protocols to consistently improve enterprise information security, response, and risk mitigation.
• Design and set the information security strategies, controls, and roadmaps for 20+ organizations to achieve a more secure and risk-aware state.
• Engage in advanced threat detection and response strategy creation. Perform analysis and understand detected threats and past responses to security events, and create SOPs, playbooks, and long-range proactive plans.
• Providing leadership for a team of cyber threat analysts. Manage and coach team members, develop and monitor KPIs, create team and individual success plans, and serve as Subject Matter Expert (SME) for any issues they encounter.
• Champion of internal awareness and training. Partner with executive and LOB leaders, ensuring top-level buy-in and alignment. Lead the implementation and execution of awareness programs and training activities.
• Research and remain current on emerging threats, trends, and technologies.
• Lead implementation of technology and solutions in small to large enterprises from requirements through configuration and user acceptance testing to production, go-live, and support transition.
• Deliver cyber and IT-related engagements including IT Due Diligence remediation, Deployment of Vulnerability Management solution leveraging Tenable.io, Cloud security posture assessments leveraging Falcon Horizon to identify governance and technical deficiencies in Azure, AWS, and M365 - Deployment of Training and Awareness Program leveraging KnowBe4.
2021 : 2023
Grant Thornton LLP (US)
Experienced Manager Information Security / Cyber Defense Solutions
★ Led enhanced integration efforts for Grant Thornton's partnership with Exabeam in addition to growing Grant Thornton's cyber-service offerings. Conducted Cybersecurity assessments and led Cyber training.
• Managed multiple implementations and teams focused on Exabeam product suites, which involved integration with most major security vendors/platforms.
• Developed a program for Security Operation Centers driven by compliance, HR, and legal.
2019 : 2021
Grant Thornton LLP
Manager Cyber Defense Solutions
★ Managed engagement teams from scoping to delivery of project deliverables. Engagements spanned several industries and cyber domains. Led multiple implementation projects for Exabeam Advanced Analytics and Data Lake.
• Conducted security operation center assessments with a focus on data source validation.
• Conducted NIST-based assessments; including enterprise, cyber domain-specific, and 3rd party.
2018 : 2019
Grant Thornton LLP (US)
Senior Associate Cyber Defense Solutions
★ Promoted to serve as a Senior Associate within PwC’s Cybersecurity practice. Focused on Cybersecurity assessments, strategy engagements, and technical implementations. Supported multiple engagements in the energy, utilities, retail, healthcare, manufacturing, transportation/logistics, and aerospace/defense sectors.
• Led data protection, risk management strategy development, and SOP creation. Developed a prioritized road map including total cost of ownership and build-out for the program.
• Security work domains included secure SDLC, penetration assessments, application assessments, network firewall reviews, documenting device build guidelines, peer group analysis, and enterprise-wide security assessments.
• Led multiple Data Protection engagements focusing on data encryption, data classification, data inventory, and remediation, including monitoring of user behavior.
• Conducted security reviews in preparation for an M&A integration including remediation to bring apps up to minimum standards for migration.
2016 : 2018
PwC
Cybersecurity Senior Associate
Skills
Amazon Web Services (AWS), Analysis, Big Box, Cloud Computing, Computer Forensics, Computer Networking, Customer Satisfaction, Cyber Defense, Cybersecurity, Data Analysis, Data Backup Solutions, Data Recovery, Hard Drives, Incident Response, Information Security, Inventory Control, Inventory Management, Leadership, Loss Prevention, Merchandising, Microsoft Office, Microsoft Word, Network Administration, Network Security, POS, PowerPoint, Retail, Retail Sales, Sales, Security, Security Awareness, Security Incident Response, Store Management, Store Operations, Visual Merchandising, Vulnerability Assessment, Customer Service, Time Management, Microsoft Excel
About
An innovative and performance-driven Information Security Executive and key member of the senior leadership team. Experienced in developing and leading large-scale enterprise information security operations. Excellent communication, influencing, facilitation, and presentation skills.
Able to build robust and mutually beneficial relationships at all levels. Adept at communicating complex technical details into audience-appropriate and actionable terminology.
♦ 𝐄𝐱𝐩𝐞𝐫𝐢𝐞𝐧𝐜𝐞 𝐈𝐧𝐜𝐥𝐮𝐝𝐞𝐬: Enterprise Information Security Leadership, Solutions Architecture, Security Controls, Vision Execution, scalable solutions, strategic initiatives, implementations, best practices, awareness education and training, complex project management, risk management, data analysis, business intelligence, product security controls, and information security frameworks - ISO 27001, NIST SP 800-53, NIST SP 800-171, and ISO 27001/2.
♦ 𝐋𝐞𝐚𝐝𝐞𝐫𝐬𝐡𝐢𝐩 / 𝐌𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭: Experienced leading, building, and developing high-performing teams.
♦ 𝐌𝐢𝐬𝐬𝐢𝐨𝐧 𝐃𝐫𝐢𝐯𝐞𝐧: Passion for creating vision, setting course, and aligning people, processes, technology, and relationships to deliver operational excellence, internal awareness, and improved enterprise security.
♦ 𝐂𝐨𝐧𝐭𝐢𝐧𝐮𝐨𝐮𝐬 𝐈𝐦𝐩𝐫𝐨𝐯𝐞𝐦𝐞𝐧𝐭: Including, root-cause analysis, data-driven solutions, and process re-engineering.
♦ 𝐓𝐫𝐮𝐬𝐭𝐞𝐝 𝐁𝐮𝐬𝐢𝐧𝐞𝐬𝐬 𝐏𝐚𝐫𝐭𝐧𝐞𝐫: Interacting with key stakeholders, including executive leadership. Ensuring alignment, and providing advisement on Information Security strategies, risks and opportunities, implementations, as well as short and long-term business objectives.
𝐂𝐎𝐑𝐄 𝐂𝐎𝐌𝐏𝐄𝐓𝐄𝐍𝐂𝐈𝐄𝐒
★ Enterprise Information Security
★ Cyber Security Governance
★ Security / Risk Assessments
★ Strategy / Roadmaps
★ Regulatory / Policy Compliance
★ Threat Assessments / Mitigation
★ Risk Governance Frameworks
★ Cyber Defense
★ Data / Physical Security Controls
★ Risk Management
★ Security Incidence Response
★ Security Operations Center
★ Vulnerability Management
★ Emerging Threats / Trends
★ Awareness / Education
★ Policies / Standards Creation
★ Relationship Building
★ Vendor Performance / SLAs
Profile Photo
