Profiles search

Jim Sullivan

Director of Information Security at American Credit Acceptance
Spartanburg, SC, United States

Details

Experience: 2021 : Present

American Credit Acceptance

Director of Information Security

2020 : 2021

Centerplate

Security Governance

Providing Security Governance services

Assisting companies to improve their security profile with annual security risk assessments, Security Program development, Policy and procedure development.

2019 : 2019

The Secure State

Principal Consultant

Spearheaded entire security program including vision and oversight. Oversaw security team, ensuring confidentiality, integrity, and responsiveness to corporate patient data as needed. Demonstrated strong communication skills in delivering information on risks to senior leadership and quarterly board reports. Drove all aspects of information security, including policies, standards, and guidelines. Managed incident management team process and procedures. Analyzed relevance of threat feeds. Served in privacy officer role for organization.

Key Achievements :

- Created governance program guiding security control framework, delivering consistency, stakeholder engagement, and a proactive approach to issues, utilizing a “defense in depth” approach designed throughout the security program.

- Authored and managed deployment of mobile computing standards to meet customer expectations for secure data handling practices.

- Developed, rolled out, and oversaw security training for entire organization with focus on HIPAA compliance, in addition to spearheading an extra layer of assurance for HIPAA compliance with the introduction of HiTrust certification.

- Conceived security metrics reinforcing transparency to business operations and board of directors. In addition, developed metrics to reinforce budget requirements for new spend dollars.

- Formalized and created a cross functional team for Incident Management Program, aligning around goals, service, and results.

- Built first dedicated security team from the ground up, hiring, training, and mentoring team members.

2013 : 2019

One Call Care Management

Information Security Officer

Oversaw network, system administration, technical support (help desk), and telecommunication teams, ranging from 20 to 25 members. Developed and managed Business Continuity and Disaster Recovery plans. In addition, guided and directed corporate electronic security, telecommunications for 5 call centers (one is international). Maintained SSAE16 type I and Il corporate controls.

Key Achievements :

- Migrated infrastructure into dual data center architecture with focus on high availability.

- Consolidated 3 in-house data centers into a single hosted environment including secondary site failover capabilities.

- Conducted 6 technical audits for M&A activities and developed integration plans for infrastructure.

- Developed and deployed vulnerability management program, delivering a formalized, consistent, and effective approach to managing information system risk and transparency.

2011 : 2012

One Call Medical

VP of Network and Data Services
Company: American Credit Acceptance

About

A senior executive with experience developing and leading IT, Security and Compliance organizations in diverse environments. Core responsibilities are for the implementation and management of corporate risk management, policy, strategy and associated programs. Background includes a proven track record and expertise with versatile technologies, leading technical operations, process improvement initiatives, Security and Privacy Regulatory Requirements, and implementation of control frameworks and standards (NIST, ISO, CIS, GDPR, SOC2, PCI)



Experience with technologies, merger and acquisitions, change management, incident response, security risk and compliance analysis, in addition to process improvement initiatives. Inspire high performing teams and align cross-organizational organizations with skilled leadership. Establish and communicate vision and strategy reinforcing integration of security program with current enterprise needs and future state. Decisive decision maker, persuasive, influential, uniting teams towards a common goal and desired outcome. Strong vendor management, outsourcing skills, managing and driving security initiatives on-time and within budget.



Security Framework / Security Assessments / Project Management / User Training and Support

Information Security Policies, Standards, Guidelines / Troubleshooting and Issue Resolution / HIPAA Compliance