Profiles search
Sean Quinn, Esq.
Legal Counsel, Cybersecurity at IBM
Boston, MA, United States
Details
Experience:
2021 : Present
IBM
Legal Counsel, Cybersecurity
- Analyze cybersecurity & privacy laws that impact IBM’s operations.
- Perform gap analyses and identify remediation plans for compliance with cybersecurity privacy laws.
- Draft clear, comprehensive instructions explaining compliance remediation plans to Business Units.
- Engage regularly with Business Units to discuss compliance remediation and respond to inquiries.
- Review and recommend revisions to cybersecurity policies, procedures, and training exercises.
- Partner with Government & Regulatory Affairs (GRA) to track cybersecurity regulatory developments.
- Review and approve privacy risk assessments of applications containing personal information.
- Lead IBM’s compliance work-streams related to the Executive Order on Improving the Nation's Cybersecurity (E.O. 14028).
- Led IBM’s certification under the Open Trusted Technology Provider’s Standard (O-TTPS) or ISO20243.
2020 : 2021
IBM
Privacy & Cybersecurity Regulatory Compliance Lead | IBM CISO Business Unit Privacy Lead
-Reviewed and interpreted the requirements of privacy and cybersecurity incident notification laws into simple logic instructions to direct Resilient's engineers on how to codify the incident notification requirements into the software code of IBM Resilient’s Privacy Solution.
-Design new product features and tools to enhance our customers’ privacy operations, including a Data Subject Rights module and an automated incident response best practices playbook.
-Created a software tool and procedure to track and monitor privacy and cybersecurity legislation.
-Provide instructional demonstrations and webinars explaining the benefits of the Resilient product, including two webinars explaining how to use Resilient's customization settings to create logic and tasks to comply with cybersecurity breach laws.
-Established and implementing a Security and Privacy by Design process for the Resilient Offering.
-Advised Security Operations on responses to privacy and security compliance framework questionnaires, including ISO27001, GDPR, and HIPAA Business Associate requirements.
-Design cyber-attack simulations for organizations visiting the IBM X-Force Command Center.
-Perform quality assurance testing prior to each new product release to ensure enhancements to the Privacy Solution were accurately developed by software engineers.
2018 : 2020
IBM
Privacy Associate, IBM Resilient
-Reviewed and revised policies governing personal information including, the Customer Contact Policy, the Privacy Notice Policy, the Incident Response Policy, and the Affiliate Sharing Policy.
-Managed all aspects of Santander Bank’s privacy incident response program.
-Performed due diligence on new business initiatives, including a marketing initiative to establish a Data Management Platform using Ad-Tech services to target existing customers with new product offerings.
-Created privacy awareness training materials that were administered to all company employees.
2017 : 2018
Santander Bank, N.A.
Privacy Officer
-Managed all aspects of an incident response plan, including investigating, analyzing and responding to security breaches and other security events involving personal information.
-Performed privacy and security compliance assessments related to the New York Department of Financial Services Cybersecurity Regulations and HIPAA Business Associate requirements.
-Reviewed and revised policies and procedures governing LPL’s personal and confidential information, including the Home and Branch Office Security Policies, and the Security Incident Response Plan.
-Performed due diligence reviews of technology products to determine if an independent advisor’s use of such a product would comply with the Branch Office Security Policy.
-Collaborated with the Chief Privacy Officer to prepare and deliver the annual GLBA Privacy Notice.
2017 : 2017
LPL Financial
AVP & Senior Counsel, Privacy Risk Management
IBM
Legal Counsel, Cybersecurity
- Analyze cybersecurity & privacy laws that impact IBM’s operations.
- Perform gap analyses and identify remediation plans for compliance with cybersecurity privacy laws.
- Draft clear, comprehensive instructions explaining compliance remediation plans to Business Units.
- Engage regularly with Business Units to discuss compliance remediation and respond to inquiries.
- Review and recommend revisions to cybersecurity policies, procedures, and training exercises.
- Partner with Government & Regulatory Affairs (GRA) to track cybersecurity regulatory developments.
- Review and approve privacy risk assessments of applications containing personal information.
- Lead IBM’s compliance work-streams related to the Executive Order on Improving the Nation's Cybersecurity (E.O. 14028).
- Led IBM’s certification under the Open Trusted Technology Provider’s Standard (O-TTPS) or ISO20243.
2020 : 2021
IBM
Privacy & Cybersecurity Regulatory Compliance Lead | IBM CISO Business Unit Privacy Lead
-Reviewed and interpreted the requirements of privacy and cybersecurity incident notification laws into simple logic instructions to direct Resilient's engineers on how to codify the incident notification requirements into the software code of IBM Resilient’s Privacy Solution.
-Design new product features and tools to enhance our customers’ privacy operations, including a Data Subject Rights module and an automated incident response best practices playbook.
-Created a software tool and procedure to track and monitor privacy and cybersecurity legislation.
-Provide instructional demonstrations and webinars explaining the benefits of the Resilient product, including two webinars explaining how to use Resilient's customization settings to create logic and tasks to comply with cybersecurity breach laws.
-Established and implementing a Security and Privacy by Design process for the Resilient Offering.
-Advised Security Operations on responses to privacy and security compliance framework questionnaires, including ISO27001, GDPR, and HIPAA Business Associate requirements.
-Design cyber-attack simulations for organizations visiting the IBM X-Force Command Center.
-Perform quality assurance testing prior to each new product release to ensure enhancements to the Privacy Solution were accurately developed by software engineers.
2018 : 2020
IBM
Privacy Associate, IBM Resilient
-Reviewed and revised policies governing personal information including, the Customer Contact Policy, the Privacy Notice Policy, the Incident Response Policy, and the Affiliate Sharing Policy.
-Managed all aspects of Santander Bank’s privacy incident response program.
-Performed due diligence on new business initiatives, including a marketing initiative to establish a Data Management Platform using Ad-Tech services to target existing customers with new product offerings.
-Created privacy awareness training materials that were administered to all company employees.
2017 : 2018
Santander Bank, N.A.
Privacy Officer
-Managed all aspects of an incident response plan, including investigating, analyzing and responding to security breaches and other security events involving personal information.
-Performed privacy and security compliance assessments related to the New York Department of Financial Services Cybersecurity Regulations and HIPAA Business Associate requirements.
-Reviewed and revised policies and procedures governing LPL’s personal and confidential information, including the Home and Branch Office Security Policies, and the Security Incident Response Plan.
-Performed due diligence reviews of technology products to determine if an independent advisor’s use of such a product would comply with the Branch Office Security Policy.
-Collaborated with the Chief Privacy Officer to prepare and deliver the annual GLBA Privacy Notice.
2017 : 2017
LPL Financial
AVP & Senior Counsel, Privacy Risk Management
Company:
IBM
About
Accomplished privacy & cybersecurity lawyer. Licensed to practice law in Massachusetts. Fellow of Information Privacy (FIP). Certified Information Privacy Professional (CIPP). Certified Information Privacy Manager (CIPM).
Profile Photo
