Trevor Hicks, MBA, CISSP, CCISO, CCSK, AWS-CCP
Details
Business Administration and Management, General
Texas A&M University - Mays Business School
2009 : 2011
BBA
International Business
Texas Tech University
1995 : 1999
Worldwide Express
Vice President Information Security
Lead IT security controls, mechanisms, policies, practices, and procedures to protect the confidentiality and integrity of customer data and to avoid and resolve information security concerns across our SaaS products. Advise executives and business leaders concerning all information security matters. Ensure compliance with data privacy laws (GDPR) and security standards (FFIEC, PCI DSS, NIST CSF, SOC 2) as mandated by regulatory agencies and our financial services customers. Ensure staff, contractors, and managed service providers are continuously directing their efforts toward improving our security posture and defending against threat actors.
2020 : 2023
Wolters Kluwer
Security Director & CISO
Directed enterprise-wide information security and IT risk management. Supported the organization’s business objectives, compliance and audit requirements, and strategic goals. I served as a senior advisor to executive leadership on IT security direction, strategy, and vision. In addition, I developed and implemented a comprehensive information security program to address information security risks, vulnerabilities, and program control. I managed the IT security and risk management budget. I also interfaced with all business functions to define, guide, and mentor processes and behaviors. Actively promoted a culture of security across the organization.
I contributed expertise into enterprise architecture, including private and public cloud architectures that are available to enhance cyber-threat detection, analysis, containment, and response. I supervised all incident response activities, which include planning, detecting, implementing, responding to intrusions. Also, I led the staff to identify, develop, implement, and maintain security processes, practices, and policies to reduce risks, respond to incidents, and limit exposure and liability in multiple areas including, financial, information, personnel, physical, and reputation.
2018 : 2020
Hanger, Inc.
Chief Information Security Officer
Established the first security and compliance program for the business. Responsible for all information security matters, including data protection and privacy, identity and access management, penetration testing, secure network architecture, vulnerability assessments, and web application security. Researched and implemented standards and safeguards to protect against conversion, destruction, disclosure, disruption, misappropriation, or modification of customer data. Successfully obtained first SOC 2 Type 2 certification for the organization.
Worked with Engineering and Development teams to promote secure coding practices, identify risks early in the SDLC, and mitigate issues before software deployment. Performed investigations of security incidents related to non-compliance with internal policy standards and external regulations. Advised executives and business leaders concerning all information security matters.
2016 : 2018
Wolters Kluwer
Security Director & CISO
I spearheaded various activities in the business operation, including project scoping, business development, and delivery of services. I conducted vCISO, PCI DSS ROC, SAQ and gap analyses, NERC CIP, cyber risk assessments, IT internal audits, and other IT GRC services. I performed technology assessments to evaluate existing controls, identify and define issues, analyze evidence, and document processes and procedures.
I ordered information security audits and integrated audits with security considerations, including enterprise security architecture, encryption, information security, mobile device security, network infrastructure security, server/database security, and web application security, I also maintained constant vigilance on emerging digital, cybersecurity, and fraud risks. Interacted with peers to be informed of emerging threats and trends. In addition, I attended events and participated in training to maintain awareness of risks and controls concerning technologies and cybersecurity.
2015 : 2016
Coalfire Systems, Inc.
Director, IT Security Audit (Laid Off)
Skills
Blockchain, Business Continuity, business continuity planning, Business Process, business process improvement, CEH, CISSP, cloud computing, cross-functional team leadership, customer support, Cybersecurity, Cybersecurity Strategy, data center, datacenter consolidation, Data Privacy, Data Security, Disaster Recovery, global operations, Information Security, Information Security Management, Information Technology, infrastructure, integration, IT Audit, itil certified, it operations, it outsourcing, IT Risk, Leadership, Management, management consulting, mba, nerc cip, Operational Strategy, operations management, Outsourcing, pci dss, Process Improvement, Regulatory Compliance, risk management, SaaS, Security Audits, service delivery, SOX, start-ups, Strategy, Team Leadership, U.S. Health Insurance Portability and Accountability Act (HIPAA), product support, customer service, Cross-functional Team, it service management, service desk, enterprise software, program management, pre-sales, professional services, solution architecture, erp
About
Executive IT and business professional specializing in cybersecurity, compliance, and strategic business management. Put into practice and promote a balanced management approach with strong senior leadership. Practice data-driven decision making, technical operations, process development, and risk management. Possess a strong process perspective and specialize in large-scale change enablement, continuous improvement, and cost control. Proactive leader with outstanding credentials, technical expertise, and results-oriented business acumen.
Expertise in:
• Information Security and Data Privacy
• IT Governance Risk and Compliance
• Business Continuity and Disaster Recovery Planning
• Network/Systems Security
• Physical/Environmental Security
• Project/Program Management
• DevSecOps (SaaS)
• Budget and Contract Negotiations
Industry Exposure: Financial Services, Healthcare, Energy, Construction, Telecom/IT/BPO, Software, Retail, and Consulting.
Profile Photo
