Profiles search
Joe Ulery
Director of Cybersecurity Governance, Risk, and Compliance
Portage, MI, United States
Details
Education:
Master of Science - MS
IT Management
Western Governors University
2020
Bachelor’s Degree
IT Security
Western Governors University
2013 : 2016
IT Management
Western Governors University
2020
Bachelor’s Degree
IT Security
Western Governors University
2013 : 2016
Experience:
2023 : Present
Copeland
Director of Cybersecurity Governance, Risk, and Compliance
● Spearheaded operations and applications teams to enhance team efficiency while managing various aspects of enterprise-wide cybersecurity to protect internal networks systems from unknown threats.
● Formulated cybersecurity roadmap for enterprise architecture as well as devised and implemented enterprise policies for vulnerability management while incorporating industry standards.
● Negotiated with vendors, partners, 3rd party organizations, and contractors for products and services for the organization.
● Planned and implemented the departmental strategic plan while incorporating all essential KPIs to effectively track and monitor quarterly progress following scheduled timelines.
● Designed RFP documentation, bid proposal documentation, contract proposals, and created necessary Scope of Work documentation for on premise and cloud infrastructure and application efforts.
● Worked cooperatively with identified stakeholders to define and communicate risk management calculations, appropriate risk levels, risk mitigation timing based on severity, and risk metrics, including communications, and reviews.
● Oversaw the implementation and maintenance of the NIST CSF (National Institute of Standards and Technology Cybersecurity Framework) with CIS (Center for Internet Security) controls across the organization.
● Maintained an updated register of IT risks and risk assessments, their results and followed up on remediation activities.
● Created and maintained comprehensive incident playbooks, which served as step-by-step guides for responding to various types of security incidents, such as data breaches, DDoS attacks, and insider threats.
● Developed an incident response plan and vulnerability management program to introduce continuous technology-driven process improvements for the protection of the City’s digital assets against external threats.
2019 : 2023
City of Kalamazoo
Deputy Chief Information Officer
● Drove objectives, while providing security oversight, leadership, guidance, consulting, and strategic planning regarding the security program.
● Implemented and managed the governance processes, educated the organization on the new governance programs, measure applicable areas, and reported on aspects of those programs.
● Served as point of contact for various business units and leadership teams across the organization to integrate technology-driven solutions with strategic vision, market requirements, and departmental needs.
● Integrated security baselines and standards to protect data and communication channels from external threats and vulnerabilities.
● Designed, planned, and executed cybersecurity roadmap, policies, and protocols, as well as enterprise information technology infrastructure to improve security, ROI, and productivity.
● Drove the identification of security risks and maintaining a risk register, including planned mitigations and/or acceptance of residual risk.
● Collaborated with Risk Owners to develop and implement risk mitigation strategies.
● Developed and executed the organization's technology vision, strategy, and roadmap, and aligned it with the overall business objectives and growth plans.
● Evaluated technology vendors and partners, negotiated contracts, and managed relationships to ensure the delivery of high-quality products and services.
● Identified and mitigated technology-related risks, ensured compliance with data security and privacy regulations, and implemented disaster recovery and business continuity plans.
● Prepared for various incident response scenarios by creating and updating playbooks and standard operating procedures.
● Provided leadership and guidance to the IT and security teams, promoted a culture of security awareness, and ensured adherence to best practices
2014 : 2019
Metro Imports
IT Director
Copeland
Director of Cybersecurity Governance, Risk, and Compliance
● Spearheaded operations and applications teams to enhance team efficiency while managing various aspects of enterprise-wide cybersecurity to protect internal networks systems from unknown threats.
● Formulated cybersecurity roadmap for enterprise architecture as well as devised and implemented enterprise policies for vulnerability management while incorporating industry standards.
● Negotiated with vendors, partners, 3rd party organizations, and contractors for products and services for the organization.
● Planned and implemented the departmental strategic plan while incorporating all essential KPIs to effectively track and monitor quarterly progress following scheduled timelines.
● Designed RFP documentation, bid proposal documentation, contract proposals, and created necessary Scope of Work documentation for on premise and cloud infrastructure and application efforts.
● Worked cooperatively with identified stakeholders to define and communicate risk management calculations, appropriate risk levels, risk mitigation timing based on severity, and risk metrics, including communications, and reviews.
● Oversaw the implementation and maintenance of the NIST CSF (National Institute of Standards and Technology Cybersecurity Framework) with CIS (Center for Internet Security) controls across the organization.
● Maintained an updated register of IT risks and risk assessments, their results and followed up on remediation activities.
● Created and maintained comprehensive incident playbooks, which served as step-by-step guides for responding to various types of security incidents, such as data breaches, DDoS attacks, and insider threats.
● Developed an incident response plan and vulnerability management program to introduce continuous technology-driven process improvements for the protection of the City’s digital assets against external threats.
2019 : 2023
City of Kalamazoo
Deputy Chief Information Officer
● Drove objectives, while providing security oversight, leadership, guidance, consulting, and strategic planning regarding the security program.
● Implemented and managed the governance processes, educated the organization on the new governance programs, measure applicable areas, and reported on aspects of those programs.
● Served as point of contact for various business units and leadership teams across the organization to integrate technology-driven solutions with strategic vision, market requirements, and departmental needs.
● Integrated security baselines and standards to protect data and communication channels from external threats and vulnerabilities.
● Designed, planned, and executed cybersecurity roadmap, policies, and protocols, as well as enterprise information technology infrastructure to improve security, ROI, and productivity.
● Drove the identification of security risks and maintaining a risk register, including planned mitigations and/or acceptance of residual risk.
● Collaborated with Risk Owners to develop and implement risk mitigation strategies.
● Developed and executed the organization's technology vision, strategy, and roadmap, and aligned it with the overall business objectives and growth plans.
● Evaluated technology vendors and partners, negotiated contracts, and managed relationships to ensure the delivery of high-quality products and services.
● Identified and mitigated technology-related risks, ensured compliance with data security and privacy regulations, and implemented disaster recovery and business continuity plans.
● Prepared for various incident response scenarios by creating and updating playbooks and standard operating procedures.
● Provided leadership and guidance to the IT and security teams, promoted a culture of security awareness, and ensured adherence to best practices
2014 : 2019
Metro Imports
IT Director
Company:
Copeland
Years of Experience:
10
Skills
Active Directory, Cisco Call Manager, Cisco Meraki, Cisco VoIP, Cyber Defense, Cybersecurity, IT Risk Management, Linux, Management, Microsoft Exchange, Microsoft SQL Server, Network Administration, NIST, Project Management, Risk Management, Servers, SQL, Technical Support, Troubleshooting, Virtualization, VMware, Windows, Windows Server
Profile Photo
