Profiles search
Zachary Heater
Cybersecurity Regulatory Compliance Manager
Spokane, WA, United States
Details
Education:
Master of Science - MS
Cybersecurity - Information Assurance
University of South Florida
2019 : 2021
B.S.
Electrical Engineering
Cybersecurity - Information Assurance
University of South Florida
2019 : 2021
B.S.
Electrical Engineering
Experience:
• Worked with clients to ensure that the risk associated critical business processes and data is consistency with industry best practice and supervisory expectations
• Designed, implemented, and maintained effective cyber compliance programs helped clients manage risk against regulatory compliance obligations, as well as control framework commitments as directed by board members and internal stakeholders
• Liaised with regulatory examiners, investigators, and industry leaders to stay ahead of upcoming regulatory changes or supervisory enforcement
• Assessed organizational compliance with supervisory regulations, and helped clients manage cybersecurity risk in a cost-effective, yet strategically defensible manner
2022 : Present
PwC
Cybersecurity Regulatory Compliance Manager
Acted as a senior cybersecurity risk subject matter expert, directing and informing examiners in charge (EICs) on conducting IT examinations within the largest financial firms ($100B+) in the world
• In a supervisory capacity, monitored risk reduction through control implementation to ensure consistency with risk appetites established by financial firms
• Reviewed information security artifacts to identify control gaps and issue supervisory findings where appropriate
• Coordinated with 1st line-of-defense (1LOD) and 2LOD to ensure effective risk mitigation through control implementation at the operational level
• Worked with other federal regulators to perform coordinated IT examinations assess the information security posture of financial firms
• Performed range of practice analysis across the financial industry, assessing the variation of information security techniques and practices within the firms to identify the industry’s top performers and establish leading and lagging security practices
2021 : 2022
Federal Reserve Bank of Chicago
Senior Cybersecurity Risk Management Specialist
• Coordinated with regulators regarding the Credit Union’s compliance with IT/Cybersecurity standards
• Reported monthly to the board of directors regarding the safety and soundness of the information security program. Report includes regulatory compliance, risk exceptions, KPIs, and emerging cybersecurity threats.
• Chair of the Information Security Committee to improve the Credit Union’s Cybersecurity internal controls
• Assessed information security policy and procedures and made 7 recommendations to improve the security posture of the credit unit. The credit union implemented all 7 recommendations.
• Served as the Information Security Officer, communicating information security status and KPIs to a technically diverse audience (e.g. executives, board members, security engineers, and developers) and led key strategic information technology initiatives
• Perform IT risk assessments to ensure the credit union is mitigating risk to reasonable level and is within the board’s risk appetite
2019 : 2021
Numerica Credit Union
Information Security Analyst
• Implemented Secure Software Development Lifecycle (SSDLC) to mitigate 110+ security flaws in critical web applications to improve the security posture of the organization and safeguard sensitive customer data (e.g. PII)
• Maintained servers (RedHat, shell scripting) and databases (MySQL) to ensure compliance with IT standards and security best practices
• Developed back-end web content and structure (PHP, Symfony, Doctrine ORM) to improve the security of customer data
• Redesigned the companies web content (JavaScript, CSS, HTML) and improved customer experience by 65%
• Implemented a process that improved the internal workflow by 34%
• Updated and debugged applications to improve overall experience and functionality as well as ensure reliable communication with database servers
• Led engineering group by directing team efforts and resource allocation to prioritize software update implementation and quickly solve software bugs
2017 : 2019
2nd Sight BioScience
Sr. Software Engineer
• Applied Agile methodologies to develop software in C for embedded control systems for aerospace applications including micro-specific SPI drivers, hardware interface modules, and CAN communication algorithms.
• Led software investigations to characterize and validate CAN communication methods for multi-processor communication networks to ensure compliance with product specifications
• Implemented on-board diagnostic (OBD) software changes in C to guarantee datalink integrity
• Developed model-based component-level diagnostics for diesel and natural gas engines in order to detect component failure conditions, including OBD requirement analysis, design, concept, development, modeling, simulation, verification and validation
• Led technical discussions with engineers and managers to review diagnostic concepts to ensure compliance with regulatory requirements
2014 : 2017
LHP Software
Software Engineer II
• Designed, implemented, and maintained effective cyber compliance programs helped clients manage risk against regulatory compliance obligations, as well as control framework commitments as directed by board members and internal stakeholders
• Liaised with regulatory examiners, investigators, and industry leaders to stay ahead of upcoming regulatory changes or supervisory enforcement
• Assessed organizational compliance with supervisory regulations, and helped clients manage cybersecurity risk in a cost-effective, yet strategically defensible manner
2022 : Present
PwC
Cybersecurity Regulatory Compliance Manager
Acted as a senior cybersecurity risk subject matter expert, directing and informing examiners in charge (EICs) on conducting IT examinations within the largest financial firms ($100B+) in the world
• In a supervisory capacity, monitored risk reduction through control implementation to ensure consistency with risk appetites established by financial firms
• Reviewed information security artifacts to identify control gaps and issue supervisory findings where appropriate
• Coordinated with 1st line-of-defense (1LOD) and 2LOD to ensure effective risk mitigation through control implementation at the operational level
• Worked with other federal regulators to perform coordinated IT examinations assess the information security posture of financial firms
• Performed range of practice analysis across the financial industry, assessing the variation of information security techniques and practices within the firms to identify the industry’s top performers and establish leading and lagging security practices
2021 : 2022
Federal Reserve Bank of Chicago
Senior Cybersecurity Risk Management Specialist
• Coordinated with regulators regarding the Credit Union’s compliance with IT/Cybersecurity standards
• Reported monthly to the board of directors regarding the safety and soundness of the information security program. Report includes regulatory compliance, risk exceptions, KPIs, and emerging cybersecurity threats.
• Chair of the Information Security Committee to improve the Credit Union’s Cybersecurity internal controls
• Assessed information security policy and procedures and made 7 recommendations to improve the security posture of the credit unit. The credit union implemented all 7 recommendations.
• Served as the Information Security Officer, communicating information security status and KPIs to a technically diverse audience (e.g. executives, board members, security engineers, and developers) and led key strategic information technology initiatives
• Perform IT risk assessments to ensure the credit union is mitigating risk to reasonable level and is within the board’s risk appetite
2019 : 2021
Numerica Credit Union
Information Security Analyst
• Implemented Secure Software Development Lifecycle (SSDLC) to mitigate 110+ security flaws in critical web applications to improve the security posture of the organization and safeguard sensitive customer data (e.g. PII)
• Maintained servers (RedHat, shell scripting) and databases (MySQL) to ensure compliance with IT standards and security best practices
• Developed back-end web content and structure (PHP, Symfony, Doctrine ORM) to improve the security of customer data
• Redesigned the companies web content (JavaScript, CSS, HTML) and improved customer experience by 65%
• Implemented a process that improved the internal workflow by 34%
• Updated and debugged applications to improve overall experience and functionality as well as ensure reliable communication with database servers
• Led engineering group by directing team efforts and resource allocation to prioritize software update implementation and quickly solve software bugs
2017 : 2019
2nd Sight BioScience
Sr. Software Engineer
• Applied Agile methodologies to develop software in C for embedded control systems for aerospace applications including micro-specific SPI drivers, hardware interface modules, and CAN communication algorithms.
• Led software investigations to characterize and validate CAN communication methods for multi-processor communication networks to ensure compliance with product specifications
• Implemented on-board diagnostic (OBD) software changes in C to guarantee datalink integrity
• Developed model-based component-level diagnostics for diesel and natural gas engines in order to detect component failure conditions, including OBD requirement analysis, design, concept, development, modeling, simulation, verification and validation
• Led technical discussions with engineers and managers to review diagnostic concepts to ensure compliance with regulatory requirements
2014 : 2017
LHP Software
Software Engineer II
Company:
PwC
Years of Experience:
16
Skills
Algorithm Design, Algorithms, Analysis, C++, Communication Systems, css, Data Analysis, Databases, Data Collection, embedded development, html5, Integration, Java, java development (android programming), javascript, Management, Matlab, mysql, php, PowerPoint, Research, Simulations, symfony framework, C
Profile Photo
