Jim G.

CISO and Technology Leader State of Missouri

Columbia, MO, United States

Details

Education: BA

Linguistics and Anthropology (double major)

University of California, Santa Barbara

Diploma

International Studies

University of Vienna, Austria

Master of Business Administration (MBA)

Business Administration and Management, General

Marylhurst University

Experience: Government CISO and Technology Operations leader responsible for cyber security strategy, governance, architecture, operations, and compliance as well as Data Center and Infrastructure Operations.

2022 : Present

State of Missouri

Chief Information Security Officer and Technology Operations Leader

Governance and execution of the IT Security program. Responsible for cyber security policy and procedure, awareness and training, Identity and Access Management (IAM), security architecture and operations, and HIPAA and NIST 800.53 assessments and compliance.

2021 : 2022

Medisys Health Network, Inc.

Information Technology Executive

Cyber Security program leader providing security architecture, governance and compliance planning and execution. Facilitating HIPAA and Interoperability assessments. Facilitating day to day operational security and firewall management. Deploying advanced cyber security technologies including next generation firewall clusters, 24x7 SOC, and advanced end-point protection. Presenting security posture to the Salinas Valley Memorial Health System Board of Directors. SVMHS STAR Values Award member.

2019 : 2021

Salinas Valley Memorial Healthcare System

Cyber Security Healthcare Consultant

Interim CISO for Saint Luke’s Health System providing organizational leadership as well as program management for Fairwarning SaaS implementation of EPIC and other clinical systems.

2018 : 2019

Saint Luke's Health System

Cyber Security Healthcare Consultant

Interim CISO Providing Cyber Security consulting and technology deployment services for University Hospital of Newark New Jersey : Development of Strategic 3 year Planning; Policy review and deployment; organization and process review and improvements; facilitation of security assessments to the NIST 800.53 and ISO27001/2 Standards; Gap analysis to SANS/CIS Top 20 Critical Controls; facilitation of Incident Management and Breach Notification Table-Top Exercises; Development of external relationships. Provided cyber security awareness and training.

2017 : 2018

University Hospital

Cyber Security Healthcare Consultant

Company: State of Missouri

Years of Experience: 24

Spoken Language: English, German

Skills

Business Analysis, Business Continuity, Business Intelligence, Business Process, Business Process Improvement, Change Management, CISSP, Cloud Computing, COBIT, Cross-functional Team Leadership, Data Center, Disaster Recovery, Enterprise Architecture, Enterprise Software, ERP, Firewalls, Governance, HIPAA, Information Security, Information Security Management, Information Technology, Infrastructure, Integration, ISO 27001, IT Audit, ITIL, IT Management, IT Service Management, IT Strategy, Leadership, Management, Network Architecture, NIST, Outsourcing, OWASP, PCI DSS, PMP, Process Improvement, Professional Services, Program Management, Project Portfolio Management, Risk Management, Sarbanes-Oxley Act, SDLC, Security, Security Architecture Design, Six Sigma, Software Development, Vendor Management, Vulnerability Assessment

About

IT leader, architect and governance expert with enterprise CISO experience at the State of Missouri, New York State, 3M, Honeywell, Ingram Micro, Washington Mutual, and Maytag. Also significant healthcare experience consulting at organizations such as MediSys Health Network, Salinas Valley Memorial Healthcare System, Saint Luke’s Health System, University of Washington Medical School, and University Hospital Rutgers.

Technical and process experience includes deployment of enterprise wide IT Applications, Awareness and Training, Incident Event Management (SIEM), Identity and Access Management (IAM), Password Access Management (PAM), 2FA, Security Operation Center (SOC), Unified Threat Management (UTM), Web Application Firewalls (WAF), Data Leakage Prevention (DLP), Anti-ZeroDay, and Encase Enterprise Forensic technologies in multi-national environments. Operational responsibility for SAP and EPIC security, provisioning and compliance requirements. Lean Sigma and Six Sigma process improvement experience,

Enterprise Application Development leadership experience managing ERP systems at Fortune 100 companies. Development of custom internet applications and internal business systems to satisfy business requirements using JAVA, C++, SQL, and Oracle

Compliance using the NIST800.53, ISO27001:5000, ITIL, and COBIT standards. Successful facilitation of DCAA, FDIC, OTS, HIPAA/HITECH/Meaningful Use, SOX 404 , ISO17799/27002, PCI v1-3, NIST 800.53 and 3rd Party compliance programs. Management of 3rd Party relationships and AWS and AZURE Cloud Computing controls.