JT H.
Details
Western Governors University
2018 : 2020
Bachelors science Information Technology
Western International University
2004 : 2009
Associate's degree
Business Administration and Management, General
Western International University
• Email Protection Program : I spearheaded the development of an email protection program, implementing DMARC and BIMI. This initiative not only reinforced our brand's trustworthiness as a sender of authentic messages but also significantly bolstered security and mitigated email-related cybersecurity risks.
• Vulnerability Management : I facilitated the creation of our first-ever vulnerability management program in collaboration with Tenable, enhancing our overall threat posture.
• Endpoint Protection : Within an impressive three-month timeframe, I successfully led the implementation of a new endpoint protection service using Crowdstrike.
• Endpoint Security Enhancement : Under my leadership, end-point security telemetry increased by 90%, manual phishing reviews reduced by 60%, the attack surface decreased by 50%, and vulnerability scanning cadence amplified from 2% to +95%.
• Security Use Cases : Leveraging the MITRE framework, I enhanced security use cases by 20%, strengthening our cybersecurity defense mechanisms.
• Project Management Excellence : I managed critical projects from inception to final delivery, optimizing our cloud footprint and fortifying our organization's security posture.
• Detection Engineering : I oversaw the implementation of the detection engineering model, incorporating ServiceNow Security Operations, Splunk ES, and MITRE, to enhance our threat detection capabilities.
• Talent Development : I personally recruited and cultivated a team of 15 exceptional professionals, providing them with effective training and development opportunities to excel in their roles.
2020 : Present
Banner Health
Director, Cybersecurity Engineering & Strategy
Experienced Virtual Chief Information Security Officer (CISO/VCISO) with a track record of strategic leadership in developing and executing comprehensive security initiatives. Leading executive-level meetings, evaluating technology integration opportunities, managing IT projects, and providing strategic guidance to enhance organizational efficiency and reduce costs. I'm also well-versed in security risk assessments and compliance with industry standards.
• Conduct client consulting engagements, providing strategic cyber/IT guidance and solutions.
• Establish and nurture long-term consulting relationships with clients enrolled in recurring managed services.
• Evaluate and enhance clients' security and service management programs, driving program maturity.
• Develop roadmaps to address gaps in existing solutions and practices, communicating them to key stakeholders.
• Act as the client's head of technology or security in executive-level meetings.
• Manage the direction and priorities of client's IT projects and initiatives.
• Coordinate and advise on vendor-specific partnerships.
• Provide expertise in security risk assessments and assist clients in determining business risk.
2020 :
Threat Alliance
Cybersecurity Risk Advisor & Founder
CommonSpirit is one of the nation’s largest nonprofit hospital chains, operating over 700 care sites and 142 hospitals in 21 states.
• Managed and mentored a team of 12 responsible for 24/7 cybersecurity threat management.
• Administered a $5M budget to direct incident response and security intelligence for >1,000 sites across 21 states.
• Resolved major incident outbreaks and containment, including multiple high-level sensitivity breaches.
• Key projects & accomplishments include :
o Architected a frontline security operation, proactively addressing, detecting, and mitigating threats.
o Improved incident response process and response times, implementing new detection capabilities.
o Designed and implemented ServiceNow security incident and vulnerability management platform.
o Developed RFP, selected the relevant MSSP, and executed successful implementation strategy.
o Decreased phishing by 90% by sponsoring email security initiatives.
2017 : 2020
CommonSpirit Health
Director, Cybersecurity Incident Response
In this role, I delivered hands-on leadership to 24/7 information security operations, including business applications, IT infrastructure, risk management, security governance, and incident response for five global and domestic campuses. I orchestrated strategic roadmap, global vision, and processes for security organization by working with IT and executive leadership team members.
I hired and developed a team of 12 security professionals and provided effective training to ensure smooth execution of all information security functions. I ensured continuity in organizational and project operations by efficiently managing and allocating a $2 million budget.
Highlights of accomplishments in these roles include :
• I built and implemented a new centralized security logging program “syslog-ng” by partnering with vendors and consultants, which resulted in improving the security incidents detection capabilities.
• I maximized the protection of organization from incidents by empowering team members in efficiently running security operation center.
• I enhanced compliance rate from 70% to +85% and reduced security incidents with higher visibility by designing and implementing a comprehensive metrics program for tracking security operations.
• I harmonized with global resources across Europe, Germany, Mexico, and Australia in developing solutions for all global subsidiaries, including incident management, response, and data management.
• I amplified the visibility and protection for attacks by implementing a network intrusion prevention program (IDS / IPS).
2015 : 2017
Apollo Education Group
Sr. Manager, Information Security Operations
In this role, I alerted users regarding the potential security issues by providing automated user advisories through implementing awareness campaigns. I built and managed a team of security analysts. Complied with all IT security standards, including SOX, PCI, GLBA, and Safe Harbor regulations.
I tracked operations and provided recommendations to enhance the protection of sensitive data.
Highlights of accomplishments in these roles include :
• I planned and executed internal and external audits by working closely with compliance agencies, achieving successful audit results. I identified and addressed 29 open IT audit findings within the first year, including 10 high-level compliance issues.
• I reestablished PCI-DSS compliance after multiple years of non-compliance, bringing PCI back to the original compliance state.
2013 : 2015
Apollo Group
IT Security Manager, Governance, Risk & Compliance (GRC)
Skills
Active Directory, Breach Response, Business Development, Business Process, Cloud Security, Cross-functional Team Leadership, Cyber-security, Cybersecurity, Cybersecurity Incident Response, data loss prevention, Decision-Making, Disaster Recovery, Enterprise Software, Help Desk Support, Incident Response, Information Security, Information Security Management, Information Technology, Infrastructure, ITIL, IT Management, IT Service Management, Leadership, Management, Networking, Network Security, Patient Care, Patient Safety, Penetration Testing, Process Improvement, Program Management, Quality Improvement, Risk Management, Security, Security+, Security Architecture Design, Servers, Software Documentation, Strategic Business Initiatives, Strategic Planning, Strategy, System Administration, System Deployment, Team Management, Technical Support, Threat & Vulnerability Management, Threat Management, Threat Prevention, Vendor Management, Windows Server, Cross-functional Team
About
Dedicated to protecting businesses from cyber threats, my journey reflects an unwavering commitment to excellence and innovation. With a strong foundation forged at leading organizations in Arizona, I've become a trusted name in the field.
In recent years, I've delved deep into the challenging healthcare sector, honing my leadership skills and embracing innovation. My passion for technology is evident in my home lab, where I continually explore novel ways to strengthen security and enhance business outcomes.
In today's tech-driven world, technology is a catalyst for growth, and I firmly believe in its potential. While the path to effective business security is long, my dedication to innovation propels me forward, knowing that the right solutions can achieve the impossible.
As a cybersecurity leader, my ideal role involves spearheading security operations and strategic planning, fostering enduring relationships. I excel at reviewing and enhancing security and service management programs, identifying gaps, and crafting strategic roadmaps. My ability to lead technology discussions at the executive level, integrate cutting-edge solutions, and manage IT projects positions me as a valuable asset.
My qualifications include a master's degree and 15 years of industry expertise, complemented by a CISSP certification. Proficiency in cloud environments (AWS, Azure, GCP) and SaaS further enhance my capabilities. I bring hands-on experience in securing large organizational networks and implementing robust security monitoring procedures, coupled with deep knowledge of information security standards (ISO 27001, NIST, CIS, HIPAA).
My unique blend of business acumen, emotional intelligence, and outcome-driven thinking equips me to communicate effectively with executive leaders and deliver tangible results. In a competitive, goal-oriented environment, I thrive, leveraging organizational skills, attention to detail, and adaptability to changing priorities.
My goal extends beyond personal excellence; I'm driven to help others succeed, proactively anticipating their needs. Proficiency in business collaboration tools and an unyielding desire to drive sales success position me to contribute to your team's growth and success.
Let's connect and explore how our collaboration can achieve your business objectives and conquer the evolving challenges in today's digital landscape.
Profile Photo
